From 4cb4d11de1755e41f8a84fe699c564a814775e35 Mon Sep 17 00:00:00 2001 From: =?utf8?q?=E5=88=98=E6=B4=AA=E9=9D=92?= Date: Tue, 18 May 2021 10:32:39 +0800 Subject: [PATCH] =?utf8?q?chore:=20=E6=95=B4=E7=90=86=E7=94=A8=E6=88=B7?= =?utf8?q?=E6=8E=88=E6=9D=83V1.2=20k8s=E9=83=A8=E7=BD=B2=E8=84=9A=E6=9C=AC?= MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit --- .../k8s-rancher/1.authx-service/10.0.init.sql | 65 ------- .../0.user-data-service-base.yaml | 174 +++++++++--------- .../1.user-data-service-env.yaml | 3 +- .../4.2.user-data-service-goa.yaml | 2 +- .../4.3.user-data-service-biz.yaml | 2 + .../5.user-data-service-datax-job.yaml | 2 +- .../0.user-authorization-service-base.yaml | 138 +++++++------- .../1.user-authorization-service-env.yaml | 3 +- .../5.user-authorization-datax-job.yaml | 104 +++++------ .../4.0.cas-server-installer.yaml | 2 +- .../4.cas-server/4.2.cas-server-sa-api.yaml | 2 +- .../4.3.cas-server-security-engine.yaml | 2 +- .../4.cas-server/4.4.cas-server-uidws.yaml | 2 +- .../4.5.cas-server-site-webapp.yaml | 2 +- .../4.6.cas-server-site-scheme.yaml | 2 +- .../4.cas-server/5.cas-server-datax-job.yaml | 4 +- .../4.0.token-server-installer.yaml | 2 +- .../5.token-server/4.1.token-server.yaml | 2 +- .../9.api-docs-installer.yaml | 17 +- .../4.4.personal-security-center-bff.yaml | 2 +- .../4.5.personal-security-center-zuul.yaml | 2 +- .../9.jobs-server/0.jobs-server-base.yaml | 164 ++++++++--------- .../9.jobs-server/1.jobs-server-env.yaml | 3 +- 23 files changed, 316 insertions(+), 385 deletions(-) rename deploy-manifests/k8s-rancher/1.authx-service/{0.authx-service => 5.token-server}/9.api-docs-installer.yaml (65%) diff --git a/deploy-manifests/k8s-rancher/1.authx-service/10.0.init.sql b/deploy-manifests/k8s-rancher/1.authx-service/10.0.init.sql index d545bcd..aecad36 100644 --- a/deploy-manifests/k8s-rancher/1.authx-service/10.0.init.sql +++ b/deploy-manifests/k8s-rancher/1.authx-service/10.0.init.sql @@ -67,68 +67,3 @@ update TB_CONFIG set CONFIG_VALUE='树维信息' where ID='59'; -- casServer.con update TB_CONFIG set CONFIG_VALUE='' where ID='61'; -- casServer.config.copyrightContent update TB_CONFIG set CONFIG_VALUE='' where ID='62'; -- casServer.config.copyrightContentM - -use user; - --- **配置 身份对应的帐号 须自动关联的 用户组** - -/* - -IDENTITY_TYPE - -1 admin 系统用户 - -T01 T01 教职工 - -S01 S01 本科生 -S02 S02 研究生 -S03 S03 非学历生 - -P01 P01 聘用人员 -P02 P02 外聘教师 -P99 P99 在职/企业博士后 - - -GROUP - -11 teacher 教职工用户组 -12 student 本科生用户组 -13 graduate 研究生用户组 -14 fellow 校友用户组 - -16 admin 管理人员用户组 -17 retire 退休用户组 - -010883e0ac5e11eaaaee297ae5eef932 bsh 在职/企业博士后 - -23f87450ac5e11eaaaee297ae5eef932 wpjs 外聘教师 -f1e42c20ac5d11eaaaee297ae5eef932 pyry 聘用人员 - -ffa610e0ac6111eaaaee297ae5eef932 fxls 非学历生用户组 - -*/ - - -insert into TB_B_IDENTITY_TYPE_GROUP_INITIAL (ID, DELETED, ADD_ACCOUNT, IDENTITY_TYPE_ID, GROUP_ID) -values ('1', 0, 'init', 'T01', '11'); - -insert into TB_B_IDENTITY_TYPE_GROUP_INITIAL (ID, DELETED, ADD_ACCOUNT, IDENTITY_TYPE_ID, GROUP_ID) -values ('2', 0, 'init', 'S01', '12'); - -insert into TB_B_IDENTITY_TYPE_GROUP_INITIAL (ID, DELETED, ADD_ACCOUNT, IDENTITY_TYPE_ID, GROUP_ID) -values ('3', 0, 'init', 'S02', '13'); - -insert into TB_B_IDENTITY_TYPE_GROUP_INITIAL (ID, DELETED, ADD_ACCOUNT, IDENTITY_TYPE_ID, GROUP_ID) -values ('4', 0, 'init', 'S03', 'ffa610e0ac6111eaaaee297ae5eef932'); - -insert into TB_B_IDENTITY_TYPE_GROUP_INITIAL (ID, DELETED, ADD_ACCOUNT, IDENTITY_TYPE_ID, GROUP_ID) -values ('5', 0, 'init', 'P01', 'f1e42c20ac5d11eaaaee297ae5eef932'); - -insert into TB_B_IDENTITY_TYPE_GROUP_INITIAL (ID, DELETED, ADD_ACCOUNT, IDENTITY_TYPE_ID, GROUP_ID) -values ('6', 0, 'init', 'P02', '23f87450ac5e11eaaaee297ae5eef932'); - -insert into TB_B_IDENTITY_TYPE_GROUP_INITIAL (ID, DELETED, ADD_ACCOUNT, IDENTITY_TYPE_ID, GROUP_ID) -values ('7', 0, 'init', 'P99', '010883e0ac5e11eaaaee297ae5eef932'); - -commit; - diff --git a/deploy-manifests/k8s-rancher/1.authx-service/2.user-data-service/0.user-data-service-base.yaml b/deploy-manifests/k8s-rancher/1.authx-service/2.user-data-service/0.user-data-service-base.yaml index 10e2c6c..a9d74c3 100644 --- a/deploy-manifests/k8s-rancher/1.authx-service/2.user-data-service/0.user-data-service-base.yaml +++ b/deploy-manifests/k8s-rancher/1.authx-service/2.user-data-service/0.user-data-service-base.yaml @@ -166,90 +166,90 @@ spec: -#################################################### -# rabbitmq-server -#################################################### ---- -apiVersion: v1 -kind: Secret -metadata: - labels: - app: rabbitmq - release: rabbitmq-server - name: rabbitmq-server - namespace: user-data-service -type: Opaque -data: - RABBITMQ_USERNAME: Z3Vlc3Q= - RABBITMQ_PASSWORD: Z3Vlc3Q= ---- -apiVersion: v1 -kind: Service -metadata: - name: rabbitmq-server - namespace: user-data-service - labels: - app: rabbitmq-server -spec: - ports: - - port: 5672 - targetPort: tcp-1 - protocol: TCP - name: tcp-1 - - port: 15672 - targetPort: tcp-2 - protocol: TCP - name: tcp-2 - selector: - app: rabbitmq-server ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: rabbitmq-server - namespace: user-data-service -spec: - selector: - matchLabels: - app: rabbitmq-server - replicas: 1 - template: - metadata: - labels: - app: rabbitmq-server - annotations: - sidecar.istio.io/inject: "false" - spec: - containers: - - name: rabbitmq-server - env: - - name: RABBITMQ_VM_MEMORY_HIGH_WATERMARK - value: "0.6" - - name: RABBITMQ_DEFAULT_USER - valueFrom: - secretKeyRef: - name: rabbitmq-server - key: RABBITMQ_USERNAME - - name: RABBITMQ_DEFAULT_PASS - valueFrom: - secretKeyRef: - name: rabbitmq-server - key: RABBITMQ_PASSWORD - # 若使用了学校搭设的私有仓库,请修改 - image: rabbitmq:management - # 若使用了学校搭设的私有仓库,请修改 为 Always - imagePullPolicy: IfNotPresent - # imagePullPolicy: Always - ports: - - containerPort: 5672 - name: tcp-1 - - containerPort: 15672 - name: tcp-2 - resources: - requests: - memory: "1024Mi" - limits: - memory: "1024Mi" - # 若使用了学校搭设的私有仓库,请增加以下配置(取消注释即可) - # imagePullSecrets: - # - name: harbor-registry +# #################################################### +# # rabbitmq-server +# #################################################### +# --- +# apiVersion: v1 +# kind: Secret +# metadata: +# labels: +# app: rabbitmq +# release: rabbitmq-server +# name: rabbitmq-server +# namespace: user-data-service +# type: Opaque +# data: +# RABBITMQ_USERNAME: Z3Vlc3Q= +# RABBITMQ_PASSWORD: Z3Vlc3Q= +# --- +# apiVersion: v1 +# kind: Service +# metadata: +# name: rabbitmq-server +# namespace: user-data-service +# labels: +# app: rabbitmq-server +# spec: +# ports: +# - port: 5672 +# targetPort: tcp-1 +# protocol: TCP +# name: tcp-1 +# - port: 15672 +# targetPort: tcp-2 +# protocol: TCP +# name: tcp-2 +# selector: +# app: rabbitmq-server +# --- +# apiVersion: apps/v1 +# kind: Deployment +# metadata: +# name: rabbitmq-server +# namespace: user-data-service +# spec: +# selector: +# matchLabels: +# app: rabbitmq-server +# replicas: 1 +# template: +# metadata: +# labels: +# app: rabbitmq-server +# annotations: +# sidecar.istio.io/inject: "false" +# spec: +# containers: +# - name: rabbitmq-server +# env: +# - name: RABBITMQ_VM_MEMORY_HIGH_WATERMARK +# value: "0.6" +# - name: RABBITMQ_DEFAULT_USER +# valueFrom: +# secretKeyRef: +# name: rabbitmq-server +# key: RABBITMQ_USERNAME +# - name: RABBITMQ_DEFAULT_PASS +# valueFrom: +# secretKeyRef: +# name: rabbitmq-server +# key: RABBITMQ_PASSWORD +# # 若使用了学校搭设的私有仓库,请修改 +# image: rabbitmq:management +# # 若使用了学校搭设的私有仓库,请修改 为 Always +# imagePullPolicy: IfNotPresent +# # imagePullPolicy: Always +# ports: +# - containerPort: 5672 +# name: tcp-1 +# - containerPort: 15672 +# name: tcp-2 +# resources: +# requests: +# memory: "1024Mi" +# limits: +# memory: "1024Mi" +# # 若使用了学校搭设的私有仓库,请增加以下配置(取消注释即可) +# # imagePullSecrets: +# # - name: harbor-registry diff --git a/deploy-manifests/k8s-rancher/1.authx-service/2.user-data-service/1.user-data-service-env.yaml b/deploy-manifests/k8s-rancher/1.authx-service/2.user-data-service/1.user-data-service-env.yaml index 4077154..0f7e6e2 100644 --- a/deploy-manifests/k8s-rancher/1.authx-service/2.user-data-service/1.user-data-service-env.yaml +++ b/deploy-manifests/k8s-rancher/1.authx-service/2.user-data-service/1.user-data-service-env.yaml @@ -46,7 +46,8 @@ metadata: name: rabbitmq-env-secret type: Opaque data: - SPRING_RABBITMQ_HOST: cmFiYml0bXEtc2VydmVy + # rabbitmq-server.authx-service.svc.cluster.local + SPRING_RABBITMQ_HOST: cmFiYml0bXEtc2VydmVyLmF1dGh4LXNlcnZpY2Uuc3ZjLmNsdXN0ZXIubG9jYWw= SPRING_RABBITMQ_PORT: NTY3Mg== SPRING_RABBITMQ_USERNAME: Z3Vlc3Q= SPRING_RABBITMQ_PASSWORD: Z3Vlc3Q= diff --git a/deploy-manifests/k8s-rancher/1.authx-service/2.user-data-service/4.2.user-data-service-goa.yaml b/deploy-manifests/k8s-rancher/1.authx-service/2.user-data-service/4.2.user-data-service-goa.yaml index b084b83..b9ee81d 100644 --- a/deploy-manifests/k8s-rancher/1.authx-service/2.user-data-service/4.2.user-data-service-goa.yaml +++ b/deploy-manifests/k8s-rancher/1.authx-service/2.user-data-service/4.2.user-data-service-goa.yaml @@ -39,7 +39,7 @@ data: # 推送数据到 jobs-server 的配置 JOBS_RABBITMQ_ENABLED: "false" - JOBS_RABBITMQ_HOST: rabbitmq-server.jobs-server.svc.cluster.local + JOBS_RABBITMQ_HOST: rabbitmq-server.authx-service.svc.cluster.local JOBS_RABBITMQ_PORT: "5672" JOBS_RABBITMQ_USERNAME: guest JOBS_RABBITMQ_PASSWORD: guest diff --git a/deploy-manifests/k8s-rancher/1.authx-service/2.user-data-service/4.3.user-data-service-biz.yaml b/deploy-manifests/k8s-rancher/1.authx-service/2.user-data-service/4.3.user-data-service-biz.yaml index 430cbf0..0c18a15 100644 --- a/deploy-manifests/k8s-rancher/1.authx-service/2.user-data-service/4.3.user-data-service-biz.yaml +++ b/deploy-manifests/k8s-rancher/1.authx-service/2.user-data-service/4.3.user-data-service-biz.yaml @@ -108,6 +108,8 @@ spec: name: jvm-env - secretRef: name: datasource-env-secret + - secretRef: + name: rabbitmq-env-secret - configMapRef: name: user-data-service-biz-env resources: diff --git a/deploy-manifests/k8s-rancher/1.authx-service/2.user-data-service/5.user-data-service-datax-job.yaml b/deploy-manifests/k8s-rancher/1.authx-service/2.user-data-service/5.user-data-service-datax-job.yaml index 3a749a4..c8243c8 100644 --- a/deploy-manifests/k8s-rancher/1.authx-service/2.user-data-service/5.user-data-service-datax-job.yaml +++ b/deploy-manifests/k8s-rancher/1.authx-service/2.user-data-service/5.user-data-service-datax-job.yaml @@ -24,7 +24,7 @@ metadata: name: user-data-service-datax-job namespace: user-data-service spec: - schedule: "10 */1 * * *" + schedule: "30 */4 * * *" jobTemplate: metadata: labels: diff --git a/deploy-manifests/k8s-rancher/1.authx-service/3.user-authorization-service/0.user-authorization-service-base.yaml b/deploy-manifests/k8s-rancher/1.authx-service/3.user-authorization-service/0.user-authorization-service-base.yaml index 11e1c72..68bb04c 100644 --- a/deploy-manifests/k8s-rancher/1.authx-service/3.user-authorization-service/0.user-authorization-service-base.yaml +++ b/deploy-manifests/k8s-rancher/1.authx-service/3.user-authorization-service/0.user-authorization-service-base.yaml @@ -17,72 +17,72 @@ data: -#################################################### -# rabbitmq-server -#################################################### ---- -apiVersion: v1 -kind: Secret -metadata: - labels: - app: rabbitmq - release: rabbitmq-server - name: rabbitmq-server - namespace: user-data-service -type: Opaque -data: - RABBITMQ_USERNAME: Z3Vlc3Q= - RABBITMQ_PASSWORD: Z3Vlc3Q= ---- -apiVersion: v1 -kind: Service -metadata: - name: rabbitmq-server - namespace: user-data-service - labels: - app: rabbitmq-server -spec: - ports: - - port: 5672 - targetPort: tcp-1 - protocol: TCP - name: tcp-1 - - port: 15672 - targetPort: tcp-2 - protocol: TCP - name: tcp-2 - selector: - app: rabbitmq-server ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: rabbitmq-server - namespace: user-data-service -spec: - selector: - matchLabels: - app: rabbitmq-server - replicas: 1 - template: - metadata: - labels: - app: rabbitmq-server - annotations: - sidecar.istio.io/inject: "false" - spec: - containers: - - name: rabbitmq-server - # 若使用了学校搭设的私有仓库,请修改 - image: rabbitmq:management - # 若使用了学校搭设的私有仓库,请修改 为 Always - imagePullPolicy: IfNotPresent - # imagePullPolicy: Always - ports: - - containerPort: 5672 - name: tcp-1 - - containerPort: 15672 - name: tcp-2 - # 若使用了学校搭设的私有仓库,请增加以下配置(取消注释即可) - # imagePullSecrets: - # - name: harbor-registry +# #################################################### +# # rabbitmq-server +# #################################################### +# --- +# apiVersion: v1 +# kind: Secret +# metadata: +# labels: +# app: rabbitmq +# release: rabbitmq-server +# name: rabbitmq-server +# namespace: user-data-service +# type: Opaque +# data: +# RABBITMQ_USERNAME: Z3Vlc3Q= +# RABBITMQ_PASSWORD: Z3Vlc3Q= +# --- +# apiVersion: v1 +# kind: Service +# metadata: +# name: rabbitmq-server +# namespace: user-data-service +# labels: +# app: rabbitmq-server +# spec: +# ports: +# - port: 5672 +# targetPort: tcp-1 +# protocol: TCP +# name: tcp-1 +# - port: 15672 +# targetPort: tcp-2 +# protocol: TCP +# name: tcp-2 +# selector: +# app: rabbitmq-server +# --- +# apiVersion: apps/v1 +# kind: Deployment +# metadata: +# name: rabbitmq-server +# namespace: user-data-service +# spec: +# selector: +# matchLabels: +# app: rabbitmq-server +# replicas: 1 +# template: +# metadata: +# labels: +# app: rabbitmq-server +# annotations: +# sidecar.istio.io/inject: "false" +# spec: +# containers: +# - name: rabbitmq-server +# # 若使用了学校搭设的私有仓库,请修改 +# image: rabbitmq:management +# # 若使用了学校搭设的私有仓库,请修改 为 Always +# imagePullPolicy: IfNotPresent +# # imagePullPolicy: Always +# ports: +# - containerPort: 5672 +# name: tcp-1 +# - containerPort: 15672 +# name: tcp-2 +# # 若使用了学校搭设的私有仓库,请增加以下配置(取消注释即可) +# # imagePullSecrets: +# # - name: harbor-registry diff --git a/deploy-manifests/k8s-rancher/1.authx-service/3.user-authorization-service/1.user-authorization-service-env.yaml b/deploy-manifests/k8s-rancher/1.authx-service/3.user-authorization-service/1.user-authorization-service-env.yaml index 5fa1bee..0017035 100644 --- a/deploy-manifests/k8s-rancher/1.authx-service/3.user-authorization-service/1.user-authorization-service-env.yaml +++ b/deploy-manifests/k8s-rancher/1.authx-service/3.user-authorization-service/1.user-authorization-service-env.yaml @@ -33,7 +33,8 @@ metadata: namespace: user-authorization-service type: Opaque data: - SPRING_RABBITMQ_HOST: cmFiYml0bXEtc2VydmVy + # rabbitmq-server.authx-service.svc.cluster.local + SPRING_RABBITMQ_HOST: cmFiYml0bXEtc2VydmVyLmF1dGh4LXNlcnZpY2Uuc3ZjLmNsdXN0ZXIubG9jYWw= SPRING_RABBITMQ_PORT: NTY3Mg== SPRING_RABBITMQ_USERNAME: Z3Vlc3Q= SPRING_RABBITMQ_PASSWORD: Z3Vlc3Q= diff --git a/deploy-manifests/k8s-rancher/1.authx-service/3.user-authorization-service/5.user-authorization-datax-job.yaml b/deploy-manifests/k8s-rancher/1.authx-service/3.user-authorization-service/5.user-authorization-datax-job.yaml index eee8e92..028f79e 100644 --- a/deploy-manifests/k8s-rancher/1.authx-service/3.user-authorization-service/5.user-authorization-datax-job.yaml +++ b/deploy-manifests/k8s-rancher/1.authx-service/3.user-authorization-service/5.user-authorization-datax-job.yaml @@ -1,58 +1,56 @@ # user-authorization-datax-job.yaml -# 废弃,改由消息队列进行数据同步 -# --- -# apiVersion: v1 -# kind: ConfigMap -# metadata: -# namespace: user-authorization-service -# name: user-authorization-datax-job-env -# data: -# JOB_USER2AUTHZ_MYSQLREADER8_USERNAME: "user" -# # 修改为实际的数据库密码 -# JOB_USER2AUTHZ_MYSQLREADER8_PASSWORD: "kingstar" -# JOB_USER2AUTHZ_MYSQLREADER8_JDBC_URL: "jdbc:mysql://mysql-server.authx-service.svc.cluster.local:3306/user?serverTimezone=Asia/Shanghai" +--- +apiVersion: v1 +kind: ConfigMap +metadata: + namespace: user-authorization-service + name: user-authorization-datax-job-env +data: + JOB_USER2AUTHZ_MYSQLREADER8_USERNAME: "user" + # 修改为实际的数据库密码 + JOB_USER2AUTHZ_MYSQLREADER8_PASSWORD: "kingstar" + JOB_USER2AUTHZ_MYSQLREADER8_JDBC_URL: "jdbc:mysql://mysql-server.authx-service.svc.cluster.local:3306/user?serverTimezone=Asia/Shanghai" -# JOB_USER2AUTHZ_MYSQLWRITER8_USERNAME: "user_authz" -# # 修改为实际的数据库密码 -# JOB_USER2AUTHZ_MYSQLWRITER8_PASSWORD: "kingstar" -# JOB_USER2AUTHZ_MYSQLWRITER8_JDBC_URL: "jdbc:mysql://mysql-server.authx-service.svc.cluster.local:3306/user_authz?serverTimezone=Asia/Shanghai" + JOB_USER2AUTHZ_MYSQLWRITER8_USERNAME: "user_authz" + # 修改为实际的数据库密码 + JOB_USER2AUTHZ_MYSQLWRITER8_PASSWORD: "kingstar" + JOB_USER2AUTHZ_MYSQLWRITER8_JDBC_URL: "jdbc:mysql://mysql-server.authx-service.svc.cluster.local:3306/user_authz?serverTimezone=Asia/Shanghai" - -# --- -# apiVersion: batch/v1beta1 -# kind: CronJob -# metadata: -# name: user-authorization-datax-job -# namespace: user-authorization-service -# spec: -# schedule: "*/10 * * * *" -# jobTemplate: -# metadata: -# labels: -# app: user-authorization-datax-job -# spec: -# completions: 1 -# parallelism: 1 -# template: -# metadata: -# labels: -# app: user-authorization-datax-job -# spec: -# restartPolicy: Never -# containers: -# - name: user-authorization-datax-job -# # 若使用了学校搭设的私有仓库,请修改 -# image: harbor.supwisdom.com/user-authorization-service/user-authorization-datax-job:1.2.0-SNAPSHOT -# imagePullPolicy: Always -# envFrom: -# - configMapRef: -# name: user-authorization-datax-job-env -# # resources: -# # requests: -# # memory: "400Mi" -# # limits: -# # memory: "400Mi" -# imagePullSecrets: -# - name: harbor-registry +--- +apiVersion: batch/v1beta1 +kind: CronJob +metadata: + name: user-authorization-datax-job + namespace: user-authorization-service +spec: + schedule: "30 */4 * * *" + jobTemplate: + metadata: + labels: + app: user-authorization-datax-job + spec: + completions: 1 + parallelism: 1 + template: + metadata: + labels: + app: user-authorization-datax-job + spec: + restartPolicy: Never + containers: + - name: user-authorization-datax-job + # 若使用了学校搭设的私有仓库,请修改 + image: harbor.supwisdom.com/user-authorization-service/user-authorization-datax-job:1.2.0-SNAPSHOT + imagePullPolicy: Always + envFrom: + - configMapRef: + name: user-authorization-datax-job-env + # resources: + # requests: + # memory: "400Mi" + # limits: + # memory: "400Mi" + imagePullSecrets: + - name: harbor-registry diff --git a/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.0.cas-server-installer.yaml b/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.0.cas-server-installer.yaml index 9a21d97..da84302 100644 --- a/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.0.cas-server-installer.yaml +++ b/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.0.cas-server-installer.yaml @@ -28,7 +28,7 @@ spec: containers: - name: cas-server-installer # 若使用了学校搭设的私有仓库,请修改 - image: harbor.supwisdom.com/cas-server/cas-server-installer:1.1.10-RELEASE + image: harbor.supwisdom.com/cas-server/cas-server-installer:1.2.0-SNAPSHOT imagePullPolicy: Always envFrom: - configMapRef: diff --git a/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.2.cas-server-sa-api.yaml b/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.2.cas-server-sa-api.yaml index a753beb..fa3ddbe 100644 --- a/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.2.cas-server-sa-api.yaml +++ b/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.2.cas-server-sa-api.yaml @@ -95,7 +95,7 @@ spec: containers: - name: cas-server-sa-api # 若使用了学校搭设的私有仓库,请修改 - image: harbor.supwisdom.com/cas-server/cas-server-sa-api:1.1.10-RELEASE + image: harbor.supwisdom.com/cas-server/cas-server-sa-api:1.2.0-SNAPSHOT imagePullPolicy: Always ports: - containerPort: 8080 diff --git a/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.3.cas-server-security-engine.yaml b/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.3.cas-server-security-engine.yaml index 6185328..76ce2e5 100644 --- a/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.3.cas-server-security-engine.yaml +++ b/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.3.cas-server-security-engine.yaml @@ -62,7 +62,7 @@ spec: containers: - name: cas-server-security-engine # 若使用了学校搭设的私有仓库,请修改 - image: harbor.supwisdom.com/cas-server/cas-server-security-engine:1.1.10-RELEASE + image: harbor.supwisdom.com/cas-server/cas-server-security-engine:1.2.0-SNAPSHOT imagePullPolicy: Always ports: - containerPort: 6060 diff --git a/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.4.cas-server-uidws.yaml b/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.4.cas-server-uidws.yaml index 2dc6367..ae12ab2 100644 --- a/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.4.cas-server-uidws.yaml +++ b/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.4.cas-server-uidws.yaml @@ -81,7 +81,7 @@ spec: spec: containers: - name: cas-server-uidws - image: harbor.supwisdom.com/cas-server/cas-server-uidws:1.1.10-RELEASE + image: harbor.supwisdom.com/cas-server/cas-server-uidws:1.2.0-SNAPSHOT imagePullPolicy: Always ports: - containerPort: 8080 diff --git a/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.5.cas-server-site-webapp.yaml b/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.5.cas-server-site-webapp.yaml index 8d144f2..34beff4 100644 --- a/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.5.cas-server-site-webapp.yaml +++ b/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.5.cas-server-site-webapp.yaml @@ -220,7 +220,7 @@ spec: containers: - name: cas-server-site-webapp # 若使用了学校搭设的私有仓库,请修改 - image: harbor.supwisdom.com/cas-server/cas-server-site-webapp:1.1.10-RELEASE + image: harbor.supwisdom.com/cas-server/cas-server-site-webapp:1.2.0-SNAPSHOT imagePullPolicy: Always ports: - containerPort: 8080 diff --git a/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.6.cas-server-site-scheme.yaml b/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.6.cas-server-site-scheme.yaml index 05313aa..5ea231e 100644 --- a/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.6.cas-server-site-scheme.yaml +++ b/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.6.cas-server-site-scheme.yaml @@ -95,7 +95,7 @@ spec: memory: "256Mi" - name: cas-server-site-scheme-generator # 根据情况修改镜像地址 - image: harbor.supwisdom.com/cas-server/cas-server-site-scheme:1.1.10-RELEASE + image: harbor.supwisdom.com/cas-server/cas-server-site-scheme:1.2.0-SNAPSHOT imagePullPolicy: Always envFrom: - configMapRef: diff --git a/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/5.cas-server-datax-job.yaml b/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/5.cas-server-datax-job.yaml index db3ac9a..448d3d2 100644 --- a/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/5.cas-server-datax-job.yaml +++ b/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/5.cas-server-datax-job.yaml @@ -25,7 +25,7 @@ metadata: namespace: cas-server name: cas-server-datax-job spec: - schedule: "*/5 * * * *" + schedule: "5 */2 * * *" jobTemplate: metadata: labels: @@ -42,7 +42,7 @@ spec: containers: - name: cas-server-datax-job # 若使用了学校搭设的私有仓库,请修改 - image: harbor.supwisdom.com/cas-server/cas-server-datax-job:1.1.10-RELEASE + image: harbor.supwisdom.com/cas-server/cas-server-datax-job:1.2.0-SNAPSHOT imagePullPolicy: Always envFrom: - configMapRef: diff --git a/deploy-manifests/k8s-rancher/1.authx-service/5.token-server/4.0.token-server-installer.yaml b/deploy-manifests/k8s-rancher/1.authx-service/5.token-server/4.0.token-server-installer.yaml index 3f1d04c..7892b01 100644 --- a/deploy-manifests/k8s-rancher/1.authx-service/5.token-server/4.0.token-server-installer.yaml +++ b/deploy-manifests/k8s-rancher/1.authx-service/5.token-server/4.0.token-server-installer.yaml @@ -28,7 +28,7 @@ spec: containers: - name: token-server-installer # 若使用了学校搭设的私有仓库,请修改 - image: harbor.supwisdom.com/token-server/token-server-installer:1.0.8-RELEASE + image: harbor.supwisdom.com/token-server/token-server-installer:1.2.0-SNAPSHOT imagePullPolicy: Always envFrom: - configMapRef: diff --git a/deploy-manifests/k8s-rancher/1.authx-service/5.token-server/4.1.token-server.yaml b/deploy-manifests/k8s-rancher/1.authx-service/5.token-server/4.1.token-server.yaml index cecffd7..e0005b7 100644 --- a/deploy-manifests/k8s-rancher/1.authx-service/5.token-server/4.1.token-server.yaml +++ b/deploy-manifests/k8s-rancher/1.authx-service/5.token-server/4.1.token-server.yaml @@ -148,7 +148,7 @@ spec: containers: - name: token-server # 若使用了学校搭设的私有仓库,请 **修改** - image: harbor.supwisdom.com/token-server/token-server:1.0.8-RELEASE + image: harbor.supwisdom.com/token-server/token-server:1.2.0-SNAPSHOT imagePullPolicy: Always ports: - containerPort: 8080 diff --git a/deploy-manifests/k8s-rancher/1.authx-service/0.authx-service/9.api-docs-installer.yaml b/deploy-manifests/k8s-rancher/1.authx-service/5.token-server/9.api-docs-installer.yaml similarity index 65% rename from deploy-manifests/k8s-rancher/1.authx-service/0.authx-service/9.api-docs-installer.yaml rename to deploy-manifests/k8s-rancher/1.authx-service/5.token-server/9.api-docs-installer.yaml index 37b3d84..0c988e1 100644 --- a/deploy-manifests/k8s-rancher/1.authx-service/0.authx-service/9.api-docs-installer.yaml +++ b/deploy-manifests/k8s-rancher/1.authx-service/5.token-server/9.api-docs-installer.yaml @@ -6,16 +6,14 @@ apiVersion: v1 kind: ConfigMap metadata: - namespace: authx-service + namespace: token-server name: api-docs-installer-env data: ## # 平台OpenAPI的外网访问地址, # **修改** 学校的根域名 - POA_SERVER_URL: https://poa.dev.supwisdom.com - - # **修改** poa-sa 服务的k8s内部地址 - POA_SA_SERVER_URL: http://poa-sa-svc.poa.svc.cluster.local:8443 + POA_SERVER_URL: http://poa.paas.newcapec.cn + POA_SA_SERVER_URL: http://poa-sa.paas.newcapec.cn TOKEN_API_SERVER_URL: http://token-server-svc.token-server.svc.cluster.local:8080 @@ -24,7 +22,7 @@ data: apiVersion: batch/v1 kind: Job metadata: - namespace: authx-service + namespace: token-server name: api-docs-installer spec: completions: 1 @@ -38,15 +36,10 @@ spec: containers: - name: api-docs-installer # 若使用了学校搭设的私有仓库,请修改 - image: harbor.supwisdom.com/authx-service/api-docs-installer:1.2.0-SNAPSHOT + image: harbor.supwisdom.com/token-server/api-docs-installer:1.2.0-SNAPSHOT imagePullPolicy: Always envFrom: - configMapRef: name: api-docs-installer-env - # resources: - # requests: - # memory: "256Mi" - # limits: - # memory: "256Mi" imagePullSecrets: - name: harbor-registry diff --git a/deploy-manifests/k8s-rancher/1.authx-service/6.personal-security-center/4.4.personal-security-center-bff.yaml b/deploy-manifests/k8s-rancher/1.authx-service/6.personal-security-center/4.4.personal-security-center-bff.yaml index 72798ff..75f651a 100644 --- a/deploy-manifests/k8s-rancher/1.authx-service/6.personal-security-center/4.4.personal-security-center-bff.yaml +++ b/deploy-manifests/k8s-rancher/1.authx-service/6.personal-security-center/4.4.personal-security-center-bff.yaml @@ -213,7 +213,7 @@ spec: containers: - name: personal-security-center-bff # 若使用了学校搭设的私有仓库,请修改 - image: harbor.supwisdom.com/personal-security-center/personal-security-bff:1.0.12-RELEASE + image: harbor.supwisdom.com/personal-security-center/personal-security-bff:1.2.0-SNAPSHOT imagePullPolicy: Always ports: - containerPort: 8080 diff --git a/deploy-manifests/k8s-rancher/1.authx-service/6.personal-security-center/4.5.personal-security-center-zuul.yaml b/deploy-manifests/k8s-rancher/1.authx-service/6.personal-security-center/4.5.personal-security-center-zuul.yaml index a81ea37..07b7481 100644 --- a/deploy-manifests/k8s-rancher/1.authx-service/6.personal-security-center/4.5.personal-security-center-zuul.yaml +++ b/deploy-manifests/k8s-rancher/1.authx-service/6.personal-security-center/4.5.personal-security-center-zuul.yaml @@ -152,7 +152,7 @@ spec: containers: - name: personal-security-center-zuul # 若使用了学校搭设的私有仓库,请修改 - image: harbor.supwisdom.com/personal-security-center/personal-security-zuul:1.0.12-RELEASE + image: harbor.supwisdom.com/personal-security-center/personal-security-zuul:1.2.0-SNAPSHOT imagePullPolicy: Always ports: - containerPort: 8080 diff --git a/deploy-manifests/k8s-rancher/1.authx-service/9.jobs-server/0.jobs-server-base.yaml b/deploy-manifests/k8s-rancher/1.authx-service/9.jobs-server/0.jobs-server-base.yaml index 73b9740..dcf76b5 100644 --- a/deploy-manifests/k8s-rancher/1.authx-service/9.jobs-server/0.jobs-server-base.yaml +++ b/deploy-manifests/k8s-rancher/1.authx-service/9.jobs-server/0.jobs-server-base.yaml @@ -16,88 +16,88 @@ data: .dockerconfigjson: eyJhdXRocyI6eyJoYXJib3Iuc3Vwd2lzZG9tLmNvbSI6eyJwYXNzd29yZCI6IlBXTWdQODVxaUxGQyIsInVzZXJuYW1lIjoicmFuY2hlci5kZXZvcHMifX19 -#################################################### -# rabbitmq-server -#################################################### +# #################################################### +# # rabbitmq-server +# #################################################### ---- -apiVersion: v1 -kind: Secret -metadata: - labels: - app: rabbitmq - release: rabbitmq-server - name: rabbitmq-server - namespace: jobs-server -type: Opaque -data: - RABBITMQ_USERNAME: Z3Vlc3Q= - RABBITMQ_PASSWORD: Z3Vlc3Q= +# --- +# apiVersion: v1 +# kind: Secret +# metadata: +# labels: +# app: rabbitmq +# release: rabbitmq-server +# name: rabbitmq-server +# namespace: jobs-server +# type: Opaque +# data: +# RABBITMQ_USERNAME: Z3Vlc3Q= +# RABBITMQ_PASSWORD: Z3Vlc3Q= ---- -apiVersion: v1 -kind: Service -metadata: - name: rabbitmq-server - namespace: jobs-server - labels: - app: rabbitmq-server -spec: - ports: - - port: 5672 - targetPort: tcp-1 - protocol: TCP - name: tcp-1 - - port: 15672 - targetPort: tcp-2 - protocol: TCP - name: tcp-2 - selector: - app: rabbitmq-server ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: rabbitmq-server - namespace: jobs-server -spec: - selector: - matchLabels: - app: rabbitmq-server - replicas: 1 - template: - metadata: - labels: - app: rabbitmq-server - annotations: - sidecar.istio.io/inject: "false" - spec: - containers: - - name: rabbitmq-server - env: - - name: RABBITMQ_VM_MEMORY_HIGH_WATERMARK - value: "0.6" - - name: RABBITMQ_DEFAULT_USER - valueFrom: - secretKeyRef: - name: rabbitmq-server - key: RABBITMQ_USERNAME - - name: RABBITMQ_DEFAULT_PASS - valueFrom: - secretKeyRef: - name: rabbitmq-server - key: RABBITMQ_PASSWORD - # 若使用了学校搭设的私有仓库,请修改 - image: rabbitmq:management - # 若使用了学校搭设的私有仓库,请修改 为 Always - imagePullPolicy: IfNotPresent - # imagePullPolicy: Always - ports: - - containerPort: 5672 - name: tcp-1 - - containerPort: 15672 - name: tcp-2 - # 若使用了学校搭设的私有仓库,请增加以下配置(取消注释即可) - # imagePullSecrets: - # - name: harbor-registry +# --- +# apiVersion: v1 +# kind: Service +# metadata: +# name: rabbitmq-server +# namespace: jobs-server +# labels: +# app: rabbitmq-server +# spec: +# ports: +# - port: 5672 +# targetPort: tcp-1 +# protocol: TCP +# name: tcp-1 +# - port: 15672 +# targetPort: tcp-2 +# protocol: TCP +# name: tcp-2 +# selector: +# app: rabbitmq-server +# --- +# apiVersion: apps/v1 +# kind: Deployment +# metadata: +# name: rabbitmq-server +# namespace: jobs-server +# spec: +# selector: +# matchLabels: +# app: rabbitmq-server +# replicas: 1 +# template: +# metadata: +# labels: +# app: rabbitmq-server +# annotations: +# sidecar.istio.io/inject: "false" +# spec: +# containers: +# - name: rabbitmq-server +# env: +# - name: RABBITMQ_VM_MEMORY_HIGH_WATERMARK +# value: "0.6" +# - name: RABBITMQ_DEFAULT_USER +# valueFrom: +# secretKeyRef: +# name: rabbitmq-server +# key: RABBITMQ_USERNAME +# - name: RABBITMQ_DEFAULT_PASS +# valueFrom: +# secretKeyRef: +# name: rabbitmq-server +# key: RABBITMQ_PASSWORD +# # 若使用了学校搭设的私有仓库,请修改 +# image: rabbitmq:management +# # 若使用了学校搭设的私有仓库,请修改 为 Always +# imagePullPolicy: IfNotPresent +# # imagePullPolicy: Always +# ports: +# - containerPort: 5672 +# name: tcp-1 +# - containerPort: 15672 +# name: tcp-2 +# # 若使用了学校搭设的私有仓库,请增加以下配置(取消注释即可) +# # imagePullSecrets: +# # - name: harbor-registry diff --git a/deploy-manifests/k8s-rancher/1.authx-service/9.jobs-server/1.jobs-server-env.yaml b/deploy-manifests/k8s-rancher/1.authx-service/9.jobs-server/1.jobs-server-env.yaml index 7ac9df8..10ece22 100644 --- a/deploy-manifests/k8s-rancher/1.authx-service/9.jobs-server/1.jobs-server-env.yaml +++ b/deploy-manifests/k8s-rancher/1.authx-service/9.jobs-server/1.jobs-server-env.yaml @@ -17,7 +17,8 @@ metadata: name: rabbitmq-env-secret type: Opaque data: - SPRING_RABBITMQ_HOST: cmFiYml0bXEtc2VydmVy + # rabbitmq-server.authx-service.svc.cluster.local + SPRING_RABBITMQ_HOST: cmFiYml0bXEtc2VydmVyLmF1dGh4LXNlcnZpY2Uuc3ZjLmNsdXN0ZXIubG9jYWw= SPRING_RABBITMQ_PORT: NTY3Mg== SPRING_RABBITMQ_USERNAME: Z3Vlc3Q= SPRING_RABBITMQ_PASSWORD: Z3Vlc3Q= -- 2.17.1