From: 刘洪青 <hongqing.liu@supwisdom.com>
Date: Tue, 21 Sep 2021 11:02:35 +0000 (+0800)
Subject: chore: 认证授权服务升级文档（V1.3-V1.4）
X-Git-Url: https://source.supwisdom.com/gerrit/gitweb?a=commitdiff_plain;h=95e88a62ebb88310b418635518c5c714e3784ab0;p=institute%2Fdeploy-authx-service.git

chore: 认证授权服务升级文档（V1.3-V1.4）
---

diff --git "a/deploy-manifests/k8s-rancher/0.1.4.\350\256\244\350\257\201\346\216\210\346\235\203\346\234\215\345\212\241\345\215\207\347\272\247\346\226\207\346\241\243\357\274\210V1.3-V1.4\357\274\211.md" "b/deploy-manifests/k8s-rancher/0.1.4.\350\256\244\350\257\201\346\216\210\346\235\203\346\234\215\345\212\241\345\215\207\347\272\247\346\226\207\346\241\243\357\274\210V1.3-V1.4\357\274\211.md"
new file mode 100644
index 0000000..fbcb3ac
--- /dev/null
+++ "b/deploy-manifests/k8s-rancher/0.1.4.\350\256\244\350\257\201\346\216\210\346\235\203\346\234\215\345\212\241\345\215\207\347\272\247\346\226\207\346\241\243\357\274\210V1.3-V1.4\357\274\211.md"
@@ -0,0 +1,155 @@
+
+# è®¤è¯æææå¡åçº§ææ¡£ï¼V1.3 ~ V1.4ï¼
+
+
+## é¨ç½²åæ´è¯´æ
+
+å¯¹æ¬æ¬¡åçº§è¿è¡çç®è¦è¯´æï¼å·ä½çåçº§æ­¥éª¤ï¼è¯¦è§ **åçº§è¯´æ**
+
+1. æ°æ®åºç¨æ·åæ´
+
+æ°å¢ï¼authx_log
+ï¼å¯éï¼ç§»é¤ï¼agent_service
+
+2. éååæ´
+
+æ°å¢ï¼authx-log
+æ°å¢ï¼attest-server
+
+3. åååæ´
+
+ï¼å¯éï¼æ°å¢ï¼åå authx-serviceï¼å° personal-security-centerãsecurity-centerãä»¥å authx-management åå¹¶
+ï¼å¯éï¼åºå¼ï¼åå personal-security-centerï¼åå¹¶è³ åå authx-service
+ï¼å¯éï¼åºå¼ï¼åå security-centerï¼åå¹¶è³ åå authx-service
+ï¼å¯éï¼è¿ç§»ï¼ååå authx-management æå¨ åå admin-platform ååä¸ï¼ç°åå¹¶è³ authx-service
+ï¼å¯éï¼åºå¼ï¼åå tokenï¼åå¹¶è³ åå cas
+
+4. Context Path åæ´
+
+ï¼å¯éï¼åæ´ï¼personal-security-center-zuulï¼context path æ´æ°ä¸º /personal
+ï¼å¯éï¼åæ´ï¼token-serverï¼context path æ´æ°ä¸º /token
+
+5. è®¿é®å°ååæ´
+
+ï¼å¯éï¼åæ´ï¼ç¨æ·è®¤è¯ææç®¡çåç«¯UIï¼`https://admin-platform.paas.xxx.edu.cn/authx-management` åæ´ä¸º `https://authx-service.paas.xxx.edu.cn/authx-management`
+ï¼å¯éï¼åæ´ï¼å®å¨ä¸­å¿åç«¯APIï¼`https://personal-security-center.paas.xxx.edu.cn` åæ´ä¸º `https://authx-service.paas.xxx.edu.cn/personal`
+ï¼å¯éï¼åæ´ï¼Token è®¤è¯ï¼`https://token.paas.xxx.edu.cn` åæ´ä¸º `https://cas.pass.xxx.edu.cn/token`
+
+6. é¨ç½²yaml åæ´
+
+æ°å¢ï¼7.attest-server
+æ°å¢ï¼8.authx-log
+
+æ°å¢ï¼0.authx-serviceï¼4.4.authx-service-bff.yamlï¼ConfigMap å¢å  æ¥å¿æå¡ç¸å³éç½® `AUTHX_LOG_*`
+
+æ°å¢ï¼1.thirdparty-agent-serviceï¼4.2.thirdparty-agent-service.yamlï¼ConfigMap å¢å  äººè¸æå¡å¯¹æ¥éç½® `FACE_*`
+
+æ°å¢ï¼2.user-data-serviceï¼4.1.user-data-service-poa.yamlï¼ConfigMap å¢å  æ¥å¿æå¡ç¸å³éç½® `AUTHX_LOG_*`
+æ°å¢ï¼2.user-data-serviceï¼4.2.user-data-service-goa.yamlï¼ConfigMap å¢å  æ¥å¿æå¡ç¸å³éç½® `AUTHX_LOG_*`
+æ°å¢ï¼2.user-data-serviceï¼4.3.user-data-service-biz.yamlï¼ConfigMap å¢å  æ¥å¿æå¡ç¸å³éç½® `AUTHX_LOG_*`
+
+æ°å¢ï¼3.user-authorization-serviceï¼4.1.user-authorization-poa.yamlï¼ConfigMap å¢å  æ¥å¿æå¡ç¸å³éç½® `AUTHX_LOG_*`
+æ°å¢ï¼3.user-authorization-serviceï¼4.2.user-authorization-sa.yamlï¼ConfigMap å¢å  æ¥å¿æå¡ç¸å³éç½® `AUTHX_LOG_*`
+
+æ°å¢ï¼4.cas-serverï¼4.2.cas-server-sa-api.yamlï¼ConfigMap å¢å  æ¥å¿æå¡ç¸å³éç½® `AUTHX_LOG_*`
+æ°å¢ï¼4.cas-serverï¼4.5.cas-server-site-webapp.yamlï¼ConfigMap å¢å  æ¥å¿æå¡ç¸å³éç½® `AUTHX_LOG_*`
+
+æ°å¢ï¼5.token-serverï¼4.1.token-server.yamlï¼ConfigMap å¢å  æ¥å¿æå¡ç¸å³éç½® `AUTHX_LOG_*`
+åæ´ï¼5.token-serverï¼4.1.token-server.yamlï¼ConfigMap ä¿®æ¹ å° `SPRING_RABBITMQ_*` è°æ´ä¸º `USER_RABBITMQ_*`
+ï¼å¯éï¼æ°å¢ï¼5.token-serverï¼4.1.token-server.yamlï¼ConfigMap å¢å  context path éç½® `SERVER_SERVLET_CONTEXT_PATH: /token`
+ï¼å¯éï¼åæ´ï¼5.token-serverï¼4.1.token-server.yamlï¼ConfigMap ä¿®æ¹ `TOKEN_SERVER_PREFIX: https://cas.paas.xxx.edu.cn/token`
+
+æ°å¢ï¼6.personal-security-centerï¼4.4.personal-security-center-bff.yamlï¼ConfigMap å¢å  æ¥å¿æå¡ç¸å³éç½® `AUTHX_LOG_*`
+ï¼å¯éï¼æ°å¢ï¼6.personal-security-centerï¼4.5.personal-security-center-zuul.yamlï¼ConfigMap å¢å  context path éç½® `SERVER_SERVLET_CONTEXT_PATH: /personal`
+ï¼å¯éï¼åæ´ï¼6.personal-security-centerï¼4.4.personal-security-center-bff.yamlï¼ConfigMap ä¿®æ¹ `PERSONAL_SECURITY_CENTER_SERVER_PREFIX: https://authx-service.paas.xxx.edu.cn/personal`
+ï¼å¯éï¼åæ´ï¼6.personal-security-centerï¼4.5.personal-security-center-zuul.yamlï¼ConfigMap ä¿®æ¹ `APP_SERVER_HOST_URL: https://authx-service.paas.xxx.edu.cn/personal`
+ï¼å¯éï¼åæ´ï¼6.personal-security-centerï¼4.5.personal-security-center-zuul.yamlï¼ConfigMap ä¿®æ¹ `APPLICATION_INDEX_REDIRECT_URI: https://authx-service.paas.xxx.edu.cn`
+ï¼å¯éï¼åæ´ï¼6.personal-security-centerï¼4.9.security-center-ui.yamlï¼ConfigMap ä¿®æ¹ `MAIN_SERVER: https://authx-service.paas.xxx.edu.cn`
+ï¼å¯éï¼åæ´ï¼6.personal-security-centerï¼4.9.security-center-ui.yamlï¼ConfigMap ä¿®æ¹ `PERSONAL_CENTER_API: https://authx-service.paas.xxx.edu.cn/personal`
+
+
+## åçº§è¯´æ
+
+1. å° å·¥ä½è´è½½ ä¸çæå¡ åçº§å° 1.4.x çæ¬ï¼æ³¨æï¼åæ§è¡ `*-installer`ï¼
+
+2. é¨ç½² 7.attest-server
+
+3. é¨ç½² 8.authx-log
+
+4. ConfigMap å¢å  æ¥å¿æå¡ç¸å³éç½® `AUTHX_LOG_*`
+   åæ¬ï¼
+   authx-service-bff
+   user-data-service-poa
+   user-data-service-goa
+   user-data-service-biz
+   user-authorization-poa
+   user-authorization-sa
+   cas-server-sa-api
+   cas-server-site-webapp
+   token-server
+   personal-security-center-bff
+
+5. token-serverï¼ConfigMap å¢å  `USER_RABBITMQ_*`
+
+6. ï¼å¯éï¼è°æ´ authx-management-ingress ç host ä¸º authx-service.paas.xxx.edu.cn
+
+7. ï¼å¯éï¼å 6 ä¸èµ·ä¿®æ¹ï¼ä¿®æ¹ ConfigMap admin-platform/admin-platform-spa-env ä¸çéç½®é¡¹ `CAS_SERVER_SPA_URL`, `USER_SERVER_SPA_URL`, `AUTH_SERVER_SPA_URL`
+
+  ```
+  CAS_SERVER_SPA_URL: https://authx-service.paas.xxx.edu.cn/authx-management/cas-server
+  USER_SERVER_SPA_URL: https://authx-service.paas.xxx.edu.cn/authx-management/user-server
+  AUTH_SERVER_SPA_URL: https://authx-service.paas.xxx.edu.cn/authx-management/auth-server
+  ```
+
+8. ï¼å¯éï¼token-serverï¼ConfigMap å¢å  context path éç½® `SERVER_SERVLET_CONTEXT_PATH: /token`
+9. ï¼å¯éï¼å 8 ä¸èµ·ä¿®æ¹ï¼è°æ´ token-server-ingress ä¸ token-server-svc å¯¹åºç path ä¸º /token
+
+10. ï¼å¯éï¼è°æ´ token-server-ingress ç host ä¸º cas.paas.xxx.edu.cnï¼è°æ´ host åï¼å¿é¡»å¢å  context path éç½®ï¼å³ 8ã9ï¼
+
+  æ³¨ï¼
+  è¥ ä¿®æ¹äº token-server ç context pathãæ è°æ´äºhostï¼åé¡»è°æ´ è¶çº§APP çéç½®
+
+11. ï¼å¯éï¼ä¿®æ¹ token-server ç ConfigMap
+
+  `TOKEN_SERVER_PREFIX: https://cas.paas.xxx.edu.cn/token`
+  æ³¨ï¼
+  è¥ context path æªéç½®ï¼åä¸ä¿®æ¹ï¼
+  è¥ host æªè°æ´ï¼åä¿®æ¹ä¸º `https://token.paas.xxx.edu.cn/token`
+
+12. ï¼å¯éï¼personal-security-center-zuulï¼ConfigMap å¢å  context path éç½® `SERVER_SERVLET_CONTEXT_PATH: /personal`
+13. ï¼å¯éï¼å 12 ä¸èµ·ä¿®æ¹ï¼è°æ´ personal-security-center-ingress ä¸ personal-security-center-zuul-svc å¯¹åºç path ä¸º /personal
+
+14. ï¼å¯éï¼è°æ´ personal-security-center-ingress ç host ä¸º authx-service.paas.xxx.edu.cnï¼è°æ´ host åï¼å¿é¡»å¢å  context path éç½®ï¼å³ 12ã13ï¼
+
+  æ³¨ï¼
+  è¥ ä¿®æ¹äº personal-security-center-zuul ç context pathãæ è°æ´äºhostï¼åé¡»è°æ´ è¶çº§APP çéç½®ãé¨æ·ä¸ªäººä¸­å¿ çéç½®
+
+15. ï¼å¯éï¼è°æ´ security-center-ingress ç host ä¸º authx-service.paas.xxx.edu.cn
+
+14. ï¼å¯éï¼ä¿®æ¹ personal-security-center-zuul ç ConfigMap
+
+  `PERSONAL_SECURITY_CENTER_SERVER_PREFIX: https://authx-service.paas.xxx.edu.cn/personal`
+  æ³¨ï¼
+  è¥ context path æªéç½®ï¼åä¸ä¿®æ¹ï¼
+  è¥ host æªè°æ´ï¼åä¿®æ¹ä¸º `https://personal-security-center.paas.xxx.edu.cn/personal`
+
+  `APP_SERVER_HOST_URL: https://authx-service.paas.xxx.edu.cn/personal`
+  æ³¨ï¼
+  è¥ context path æªéç½®ï¼åä¸ä¿®æ¹ï¼
+  è¥ host æªè°æ´ï¼åä¿®æ¹ä¸º `https://personal-security-center.paas.xxx.edu.cn/personal`
+
+  `APPLICATION_INDEX_REDIRECT_URI: https://authx-service.paas.xxx.edu.cn` ï¼è¥ host æªè°æ´ï¼åä¸ä¿®æ¹ï¼
+
+
+15. ï¼å¯éï¼ä¿®æ¹ security-center-ui ç ConfigMap
+
+  `MAIN_SERVER: https://authx-service.paas.xxx.edu.cn` ï¼è¥ host æªè°æ´ï¼åä¸ä¿®æ¹ï¼
+
+  `PERSONAL_CENTER_API: https://authx-service.paas.xxx.edu.cn/personal`
+  æ³¨ï¼
+  è¥ context path æªéç½®ï¼åä¸ä¿®æ¹ï¼
+  è¥ host æªè°æ´ï¼åä¿®æ¹ä¸º `https://personal-security-center.paas.xxx.edu.cn/personal`
+
+
+
+