docs: 认证授权服务部署文档
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/0.authx-service/0.authx-service-base.yaml b/deploy-manifests/k8s-rancher/1.authx-service/0.authx-service/0.authx-service-base.yaml
new file mode 100644
index 0000000..5eb183f
--- /dev/null
+++ b/deploy-manifests/k8s-rancher/1.authx-service/0.authx-service/0.authx-service-base.yaml
@@ -0,0 +1,16 @@
+# 0.authx-service-base.yaml
+
+####################################################
+# supwisdom harbor private docker registry
+####################################################
+---
+apiVersion: v1
+kind: Secret
+type: kubernetes.io/dockerconfigjson
+metadata:
+ namespace: authx-service
+ name: harbor-registry
+data:
+ # 修改harbor仓库配置,并使用 base64 工具进行编码
+ # {"auths":{"harbor.supwisdom.com":{"password":"PWMgP85qiLFC","username":"rancher.devops"}}}
+ .dockerconfigjson: eyJhdXRocyI6eyJoYXJib3Iuc3Vwd2lzZG9tLmNvbSI6eyJwYXNzd29yZCI6IlBXTWdQODVxaUxGQyIsInVzZXJuYW1lIjoicmFuY2hlci5kZXZvcHMifX19
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/0.authx-service/1.authx-service-mysql.yaml b/deploy-manifests/k8s-rancher/1.authx-service/0.authx-service/1.authx-service-mysql.yaml
new file mode 100644
index 0000000..c773724
--- /dev/null
+++ b/deploy-manifests/k8s-rancher/1.authx-service/0.authx-service/1.authx-service-mysql.yaml
@@ -0,0 +1,32 @@
+# 0.0.1.authx-service-mysql.yaml
+
+####################################################
+# mysql-server
+# 外部 MySQL 的服务地址映射
+####################################################
+---
+apiVersion: v1
+kind: Service
+metadata:
+ namespace: authx-service
+ name: mysql-server
+spec:
+ ports:
+ - name: tcp-mysql
+ port: 3306
+ protocol: TCP
+ targetPort: 3306
+---
+kind: Endpoints
+apiVersion: v1
+metadata:
+ namespace: authx-service
+ name: mysql-server
+subsets:
+ - addresses:
+ # 修改实际MySQL服务器的IP地址
+ - ip: 172.30.104.82
+ ports:
+ - name: tcp-mysql
+ port: 3306
+ protocol: TCP
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/0.authx-service/2.authx-service-minio.yaml b/deploy-manifests/k8s-rancher/1.authx-service/0.authx-service/2.authx-service-minio.yaml
new file mode 100644
index 0000000..f955295
--- /dev/null
+++ b/deploy-manifests/k8s-rancher/1.authx-service/0.authx-service/2.authx-service-minio.yaml
@@ -0,0 +1,114 @@
+# 2.authx-service-minio.yaml
+
+####################################################
+# minio
+# 文件服务器,对象存储
+####################################################
+
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+ name: minio-data-pvc
+ namespace: authx-service
+spec:
+ accessModes:
+ - ReadWriteMany
+ # 根据情况修改
+ storageClassName: nfs-client
+ resources:
+ requests:
+ storage: 50Gi
+
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: minio-env-secret
+ namespace: authx-service
+type: Opaque
+data:
+ # 修改 access_key,并使用 base64 工具进行编码
+ # 默认值:1y8N@8R@a_2u
+ MINIO_ACCESS_KEY: MXk4TkA4UkBhXzJ1
+ # 修改 secret_key,并使用 base64 工具进行编码
+ # 默认至:8pxlIe9#lN7Q
+ MINIO_SECRET_KEY: OHB4bEllOSNsTjdR
+
+
+---
+apiVersion: v1
+kind: Service
+metadata:
+ namespace: authx-service
+ name: minio-svc
+ labels:
+ app: minio
+spec:
+ ports:
+ - port: 9000
+ targetPort: http
+ protocol: TCP
+ name: http
+ selector:
+ app: minio
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ namespace: authx-service
+ name: minio
+spec:
+ selector:
+ matchLabels:
+ app: minio
+ replicas: 1
+ template:
+ metadata:
+ labels:
+ app: minio
+ spec:
+ containers:
+ - name: minio
+ image: minio/minio:RELEASE.2020-04-23T00-58-49Z
+ imagePullPolicy: Always
+ args:
+ - "server"
+ - "/data"
+ ports:
+ - containerPort: 9000
+ name: http
+ envFrom:
+ - secretRef:
+ name: minio-env-secret
+ volumeMounts:
+ - mountPath: /data
+ name: minio-data
+ resources:
+ requests:
+ memory: "256Mi"
+ limits:
+ memory: "256Mi"
+ volumes:
+ - name: minio-data
+ persistentVolumeClaim:
+ claimName: minio-data-pvc
+
+
+# 该 ingress 配置可选,主要用于实施调试用
+# ---
+# apiVersion: extensions/v1beta1
+# kind: Ingress
+# metadata:
+# name: minio-ingress
+# namespace: authx-service
+# spec:
+# rules:
+# # 修改为学校的根域名
+# - host: minio.paas.xxx.edu.cn
+# http:
+# paths:
+# - path: /
+# backend:
+# serviceName: minio-svc
+# servicePort: http
+
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/0.authx-service/8.echo-server.yaml b/deploy-manifests/k8s-rancher/1.authx-service/0.authx-service/8.echo-server.yaml
new file mode 100644
index 0000000..0c2de7e
--- /dev/null
+++ b/deploy-manifests/k8s-rancher/1.authx-service/0.authx-service/8.echo-server.yaml
@@ -0,0 +1,58 @@
+# 8.echo-server.yaml
+
+# 用于环境测试
+
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: echo-server
+ namespace: default
+ labels:
+ run: echo-server
+spec:
+ type: ClusterIP
+ ports:
+ - port: 80
+ targetPort: 8080
+ protocol: TCP
+ name: http
+ selector:
+ run: echo-server
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: echo-server
+ namespace: default
+spec:
+ selector:
+ matchLabels:
+ run: echo-server
+ replicas: 1
+ template:
+ metadata:
+ labels:
+ run: echo-server
+ spec:
+ containers:
+ - name: echo-server
+ # 若使用了学校搭设的私有仓库,请修改
+ image: inanimate/echo-server:latest
+ ports:
+ - containerPort: 8080
+---
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+ name: echo-server-ingress
+ namespace: default
+spec:
+ rules:
+ # **修改** 学校的根域名
+ - host: echo.paas.xxx.edu.cn
+ http:
+ paths:
+ - backend:
+ serviceName: echo-server
+ servicePort: 80
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/0.authx-service/9.poa-api-docs-installer.yaml b/deploy-manifests/k8s-rancher/1.authx-service/0.authx-service/9.poa-api-docs-installer.yaml
new file mode 100644
index 0000000..ae05525
--- /dev/null
+++ b/deploy-manifests/k8s-rancher/1.authx-service/0.authx-service/9.poa-api-docs-installer.yaml
@@ -0,0 +1,45 @@
+# 10.9.poa-api-docs-installer.yaml
+
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ namespace: authx-service
+ name: poa-api-docs-installer-env
+data:
+ ##
+ # 平台OpenAPI的外网访问地址,
+ # **修改** 学校的根域名
+ POA_SERVER_URL: http://poa.paas.xxx.edu.cn
+
+
+---
+apiVersion: batch/v1
+kind: Job
+metadata:
+ namespace: authx-service
+ name: poa-api-docs-installer
+spec:
+ completions: 1
+ parallelism: 1
+ template:
+ metadata:
+ labels:
+ app: poa-api-docs-installer
+ spec:
+ restartPolicy: Never
+ containers:
+ - name: poa-api-docs-installer
+ # 若使用了学校搭设的私有仓库,请修改
+ image: harbor.supwisdom.com/authx-service/poa-api-docs-installer:1.0.0-SNAPSHOT
+ imagePullPolicy: Always
+ envFrom:
+ - configMapRef:
+ name: poa-api-docs-installer-env
+ resources:
+ requests:
+ memory: "256Mi"
+ limits:
+ memory: "256Mi"
+ imagePullSecrets:
+ - name: harbor-registry