Compare commits
70 Commits
feat/codin
...
feat/setti
| Author | SHA1 | Date | |
|---|---|---|---|
|
754425670e | ||
|
|
d8a69a146c | ||
|
|
7c134bbb1d | ||
|
|
39dbad4ec9 | ||
|
|
6c1539d65b | ||
|
|
a3038f1edb | ||
|
|
a2c7b16382 | ||
|
|
ac598f66fc | ||
|
|
6a8cb38940 | ||
|
|
1c1e7dfdf4 | ||
|
|
21199571ca | ||
|
|
f5da7693a9 | ||
|
|
668fb373bc | ||
|
|
99a20ca23f | ||
|
|
07478c96d6 | ||
|
|
6d6f5c248c | ||
|
|
8f3507fd86 | ||
|
|
108c1392e3 | ||
|
|
5cd37a477d | ||
|
|
b137f96517 | ||
|
|
dc4d5666d8 | ||
|
|
b3cb83de9f | ||
|
|
862cfc4625 | ||
|
|
fa5ca7432c | ||
|
|
427bff8b45 | ||
|
|
b8a3c66003 | ||
|
|
92bf361698 | ||
|
|
de1cee0000 | ||
|
|
cac1978874 | ||
|
|
1083b417b1 | ||
|
|
d9824a7deb | ||
|
|
0aa59ab731 | ||
|
|
28edc29240 | ||
|
|
ef77bff611 | ||
|
|
0667481fcf | ||
|
|
e16ed5ea64 | ||
|
|
93d1237a43 | ||
|
|
42ff86e0af | ||
|
|
814dce3dec | ||
|
|
bfa43257ff | ||
|
|
e1c9e9ad20 | ||
|
|
1b62d2ae31 | ||
|
|
51f32c993f | ||
|
|
59749c8b7f | ||
|
|
23816103c9 | ||
|
|
62489d4ba4 | ||
|
|
e0803fa6e0 | ||
|
|
366b81cf46 | ||
|
|
f7b21a42c7 | ||
|
|
62ad10d8d8 | ||
|
|
d9cef165ac | ||
|
|
7e4b82fff6 | ||
|
|
64c92e5103 | ||
|
|
0b7da9bf7a | ||
|
|
c1d5c4e98c | ||
|
|
ae95f1e607 | ||
|
|
d772842f4b | ||
|
|
8f7584f719 | ||
|
|
c0f8b391c6 | ||
|
|
3ff2d30b48 | ||
|
|
0a8f0c558d | ||
|
|
d59eb5856e | ||
|
|
e90df6cd78 | ||
|
|
04e3fcd71b | ||
|
|
e74726c5ec | ||
|
|
e6478aa77c | ||
|
|
bba3083752 | ||
|
|
5b6973a6ab | ||
|
|
99185c4729 | ||
|
|
bd631167f5 |
@@ -16,7 +16,7 @@ data:
|
||||
key: AWS_SECRET_ACCESS_KEY
|
||||
name: argo-workflow-log-fakes3
|
||||
bucket: mongo-backup
|
||||
endpoint: workflow-archivelog-s3.user-system-mmchong2021:4568
|
||||
endpoint: tapr-s3-svc:4568
|
||||
insecure: true
|
||||
persistence:
|
||||
connectionPool:
|
||||
|
||||
@@ -66,7 +66,7 @@ spec:
|
||||
|
||||
containers:
|
||||
- name: edge-desktop
|
||||
image: beclab/desktop:v0.2.57
|
||||
image: beclab/desktop:v0.2.59
|
||||
imagePullPolicy: IfNotPresent
|
||||
securityContext:
|
||||
runAsNonRoot: false
|
||||
@@ -78,7 +78,7 @@ spec:
|
||||
value: http://bfl.{{ .Release.Namespace }}:8080
|
||||
|
||||
- name: desktop-server
|
||||
image: beclab/desktop-server:v0.2.57
|
||||
image: beclab/desktop-server:v0.2.59
|
||||
imagePullPolicy: IfNotPresent
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
|
||||
@@ -43,8 +43,8 @@ spec:
|
||||
labels:
|
||||
app: files
|
||||
annotations:
|
||||
# instrumentation.opentelemetry.io/inject-nginx: "olares-instrumentation"
|
||||
# instrumentation.opentelemetry.io/inject-nginx-container-names: "nginx"
|
||||
instrumentation.opentelemetry.io/inject-nginx: "olares-instrumentation"
|
||||
instrumentation.opentelemetry.io/inject-nginx-container-names: "nginx"
|
||||
instrumentation.opentelemetry.io/inject-go: "olares-instrumentation"
|
||||
instrumentation.opentelemetry.io/go-container-names: "gateway,files,uploader"
|
||||
instrumentation.opentelemetry.io/otel-go-auto-target-exe: "/filebrowser"
|
||||
@@ -73,6 +73,28 @@ spec:
|
||||
- -c
|
||||
- |
|
||||
chown -R 1000:1000 /appdata; chown -R 1000:1000 /appcache; chown -R 1000:1000 /data
|
||||
- name: init-container
|
||||
image: 'postgres:16.0-alpine3.18'
|
||||
command:
|
||||
- sh
|
||||
- '-c'
|
||||
- >-
|
||||
echo -e "Checking for the availability of PostgreSQL Server
|
||||
deployment"; until psql -h $PGHOST -p $PGPORT -U $PGUSER -d $PGDB1
|
||||
-c "SELECT 1"; do sleep 1; printf "-"; done; sleep 5; echo -e " >>
|
||||
PostgreSQL DB Server has started";
|
||||
env:
|
||||
- name: PGHOST
|
||||
value: citus-headless.os-system
|
||||
- name: PGPORT
|
||||
value: '5432'
|
||||
- name: PGUSER
|
||||
value: files_os_system
|
||||
- name: PGPASSWORD
|
||||
value: {{ $files_postgres_password | b64dec }}
|
||||
- name: PGDB1
|
||||
value: os_system_files
|
||||
|
||||
containers:
|
||||
- name: gateway
|
||||
image: beclab/appdata-gateway:0.1.18
|
||||
@@ -84,7 +106,7 @@ spec:
|
||||
- containerPort: 8080
|
||||
env:
|
||||
- name: FILES_SERVER_TAG
|
||||
value: 'beclab/files-server:v0.2.67'
|
||||
value: 'beclab/files-server:v0.2.69'
|
||||
- name: NAMESPACE
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
@@ -120,7 +142,7 @@ spec:
|
||||
{{ end }}
|
||||
|
||||
- name: files
|
||||
image: beclab/files-server:v0.2.67
|
||||
image: beclab/files-server:v0.2.69
|
||||
imagePullPolicy: IfNotPresent
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
@@ -281,7 +303,7 @@ spec:
|
||||
runAsUser: 0
|
||||
privileged: true
|
||||
- name: nginx
|
||||
image: 'nginx:stable-alpine3.17-slim'
|
||||
image: 'beclab/docker-nginx-headers-more:ubuntu-v0.1.0'
|
||||
securityContext:
|
||||
runAsNonRoot: false
|
||||
runAsUser: 0
|
||||
@@ -412,7 +434,7 @@ spec:
|
||||
name: check-nats
|
||||
containers:
|
||||
- name: files
|
||||
image: beclab/files-server:v0.2.67
|
||||
image: beclab/files-server:v0.2.69
|
||||
imagePullPolicy: IfNotPresent
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
|
||||
@@ -114,9 +114,11 @@ spec:
|
||||
io.bytetrade.app: "true"
|
||||
annotations:
|
||||
# support nginx 1.24.3 1.25.3
|
||||
# instrumentation.opentelemetry.io/inject-nginx: "olares-instrumentation"
|
||||
# instrumentation.opentelemetry.io/inject-nginx-container-names: "files-frontend"
|
||||
# instrumentation.opentelemetry.io/otel-go-auto-target-exe: "drive"
|
||||
instrumentation.opentelemetry.io/inject-nginx: "olares-instrumentation"
|
||||
instrumentation.opentelemetry.io/inject-nginx-container-names: "files-frontend"
|
||||
instrumentation.opentelemetry.io/inject-go: "olares-instrumentation"
|
||||
instrumentation.opentelemetry.io/go-container-names: "driver-server"
|
||||
instrumentation.opentelemetry.io/otel-go-auto-target-exe: "drive"
|
||||
spec:
|
||||
serviceAccountName: bytetrade-controller
|
||||
securityContext:
|
||||
@@ -204,6 +206,20 @@ spec:
|
||||
value: "{{ $pg_password | b64dec }}"
|
||||
- name: PGDB
|
||||
value: user_space_{{ .Values.bfl.username }}_cloud_drive_integration
|
||||
- name: files-frontend-init
|
||||
image: beclab/files-frontend:v1.3.61
|
||||
imagePullPolicy: IfNotPresent
|
||||
volumeMounts:
|
||||
- name: app
|
||||
mountPath: /cp_app
|
||||
- name: nginx-confd
|
||||
mountPath: /confd
|
||||
command:
|
||||
- sh
|
||||
- -c
|
||||
- |
|
||||
cp -rf /app/* /cp_app/. && cp -rf /etc/nginx/conf.d/* /confd/.
|
||||
|
||||
containers:
|
||||
# - name: gateway
|
||||
# image: beclab/appdata-gateway:0.1.12
|
||||
@@ -302,7 +318,7 @@ spec:
|
||||
# - /filebrowser
|
||||
# - --noauth
|
||||
- name: files-frontend
|
||||
image: beclab/files-frontend:v1.3.50
|
||||
image: beclab/docker-nginx-headers-more:ubuntu-v0.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
securityContext:
|
||||
runAsNonRoot: false
|
||||
@@ -323,6 +339,10 @@ spec:
|
||||
volumeMounts:
|
||||
- name: userspace-dir
|
||||
mountPath: /data
|
||||
- name: app
|
||||
mountPath: /app
|
||||
- name: nginx-confd
|
||||
mountPath: /etc/nginx/conf.d
|
||||
- name: drive-server
|
||||
image: beclab/drive:v0.0.72
|
||||
imagePullPolicy: IfNotPresent
|
||||
@@ -469,6 +489,10 @@ spec:
|
||||
items:
|
||||
- key: envoy.yaml
|
||||
path: envoy.yaml
|
||||
- name: app
|
||||
emptyDir: {}
|
||||
- name: nginx-confd
|
||||
emptyDir: {}
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -177,7 +177,7 @@ spec:
|
||||
value: os_system_knowledge
|
||||
containers:
|
||||
- name: knowledge
|
||||
image: "beclab/knowledge-base-api:v0.12.1"
|
||||
image: "beclab/knowledge-base-api:v0.12.5"
|
||||
imagePullPolicy: IfNotPresent
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
@@ -209,6 +209,8 @@ spec:
|
||||
value: os_system_knowledge
|
||||
- name: DOWNLOAD_URL
|
||||
value: http://download-svc.os-system:3080
|
||||
- name: YTDLP_DOWNLOAD_URL
|
||||
value: http://download-svc.os-system:3082
|
||||
- name: NATS_HOST
|
||||
value: nats
|
||||
- name: NATS_PORT
|
||||
@@ -283,8 +285,8 @@ spec:
|
||||
- name: sync
|
||||
image: "beclab/recommend-sync:v0.12.0"
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
runAsUser: 1000
|
||||
runAsUser: 0
|
||||
runAsNonRoot: false
|
||||
env:
|
||||
- name: USERSPACE_DIRECTORY
|
||||
value: /data
|
||||
@@ -309,7 +311,7 @@ spec:
|
||||
mountPath: /data
|
||||
|
||||
- name: crawler
|
||||
image: "beclab/recommend-crawler:v0.12.0"
|
||||
image: "beclab/recommend-crawler:v0.12.1"
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
runAsUser: 1000
|
||||
@@ -518,7 +520,7 @@ spec:
|
||||
cpu: "1"
|
||||
memory: 300Mi
|
||||
- name: yt-dlp
|
||||
image: "beclab/yt-dlp:v0.12.0"
|
||||
image: "beclab/yt-dlp:v0.12.2"
|
||||
imagePullPolicy: IfNotPresent
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
@@ -564,7 +566,7 @@ spec:
|
||||
cpu: "1"
|
||||
memory: 300Mi
|
||||
- name: download-spider
|
||||
image: "beclab/download-spider:v0.12.0"
|
||||
image: "beclab/download-spider:v0.12.2"
|
||||
imagePullPolicy: IfNotPresent
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
|
||||
@@ -43,6 +43,12 @@ spec:
|
||||
labels:
|
||||
app: appstore
|
||||
io.bytetrade.app: "true"
|
||||
annotations:
|
||||
instrumentation.opentelemetry.io/inject-go: "olares-instrumentation"
|
||||
instrumentation.opentelemetry.io/go-container-names: "appstore-backend"
|
||||
instrumentation.opentelemetry.io/otel-go-auto-target-exe: "/opt/app/market"
|
||||
instrumentation.opentelemetry.io/inject-nginx: "olares-instrumentation"
|
||||
instrumentation.opentelemetry.io/inject-nginx-container-names: "appstore"
|
||||
spec:
|
||||
priorityClassName: "system-cluster-critical"
|
||||
initContainers:
|
||||
@@ -84,14 +90,33 @@ spec:
|
||||
fieldRef:
|
||||
apiVersion: v1
|
||||
fieldPath: status.podIP
|
||||
- name: nginx-init
|
||||
image: beclab/market-frontend:v0.3.11
|
||||
imagePullPolicy: IfNotPresent
|
||||
volumeMounts:
|
||||
- name: app
|
||||
mountPath: /cp_app
|
||||
- name: nginx-confd
|
||||
mountPath: /confd
|
||||
command:
|
||||
- sh
|
||||
- -c
|
||||
- |
|
||||
cp -rf /app/* /cp_app/. && cp -rf /etc/nginx/conf.d/* /confd/.
|
||||
containers:
|
||||
- name: appstore
|
||||
image: beclab/market-frontend:v0.3.9
|
||||
image: beclab/docker-nginx-headers-more:ubuntu-v0.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
ports:
|
||||
- containerPort: 80
|
||||
volumeMounts:
|
||||
- name: app
|
||||
mountPath: /app
|
||||
- name: nginx-confd
|
||||
mountPath: /etc/nginx/conf.d
|
||||
|
||||
- name: appstore-backend
|
||||
image: beclab/market-backend:v0.3.9
|
||||
image: beclab/market-backend:v0.3.11
|
||||
imagePullPolicy: IfNotPresent
|
||||
ports:
|
||||
- containerPort: 81
|
||||
@@ -194,6 +219,10 @@ spec:
|
||||
hostPath:
|
||||
path: '{{ .Values.userspace.appData}}/appstore/data'
|
||||
type: DirectoryOrCreate
|
||||
- name: app
|
||||
emptyDir: {}
|
||||
- name: nginx-confd
|
||||
emptyDir: {}
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
|
||||
|
||||
{{- $namespace := printf "%s%s" "os-system" -}}
|
||||
{{- $namespace := printf "%s" "os-system" -}}
|
||||
{{- $notifications_secret := (lookup "v1" "Secret" $namespace "notifications-secrets") -}}
|
||||
|
||||
{{- $pg_password := "" -}}
|
||||
@@ -83,6 +83,23 @@ spec:
|
||||
permission:
|
||||
pub: allow
|
||||
sub: allow
|
||||
- export:
|
||||
- appName: lldap
|
||||
pub: allow
|
||||
sub: allow
|
||||
- appName: vault-server
|
||||
pub: deny
|
||||
sub: allow
|
||||
- appName: seahub
|
||||
pub: deny
|
||||
sub: allow
|
||||
- appName: knowledge
|
||||
pub: deny
|
||||
sub: allow
|
||||
name: system.users
|
||||
permission:
|
||||
pub: allow
|
||||
sub: allow
|
||||
user: os-system-notifications
|
||||
|
||||
---
|
||||
@@ -131,7 +148,7 @@ spec:
|
||||
value: os_system_notifications
|
||||
containers:
|
||||
- name: notifications-api
|
||||
image: beclab/notifications-api:v1.12.2
|
||||
image: beclab/notifications-api:v1.12.3
|
||||
imagePullPolicy: IfNotPresent
|
||||
ports:
|
||||
- containerPort: 3010
|
||||
@@ -160,6 +177,8 @@ spec:
|
||||
name: notifications-secrets
|
||||
- name: NATS_SUBJECT
|
||||
value: "terminus.{{ .Release.Namespace }}.system.notification"
|
||||
- name: NATS_SUBJECT_SYSTEM_USERS
|
||||
value: "terminus.{{ .Release.Namespace }}.system.users"
|
||||
|
||||
livenessProbe:
|
||||
tcpSocket:
|
||||
|
||||
@@ -196,7 +196,7 @@ spec:
|
||||
-A PROXY_OUTBOUND -p tcp --dport 6379 -j RETURN
|
||||
-A PROXY_OUTBOUND -p tcp --dport 27017 -j RETURN
|
||||
-A PROXY_OUTBOUND -p tcp --dport 443 -j RETURN
|
||||
|
||||
-A PROXY_OUTBOUND -p tcp --dport 8080 -j RETURN
|
||||
|
||||
-A PROXY_OUTBOUND -d ${POD_IP}/32 -j RETURN
|
||||
|
||||
@@ -249,7 +249,7 @@ spec:
|
||||
|
||||
containers:
|
||||
- name: studio
|
||||
image: beclab/studio-server:v0.1.48
|
||||
image: beclab/studio-server:v0.1.50
|
||||
imagePullPolicy: IfNotPresent
|
||||
args:
|
||||
- server
|
||||
@@ -380,8 +380,8 @@ spec:
|
||||
cpu: "50m"
|
||||
memory: 100Mi
|
||||
limits:
|
||||
cpu: "0.5"
|
||||
memory: 256Mi
|
||||
cpu: 1000m
|
||||
memory: 512Mi
|
||||
volumeMounts:
|
||||
- name: storage-volume
|
||||
mountPath: /storage
|
||||
@@ -448,7 +448,7 @@ data:
|
||||
prefix: "/"
|
||||
route:
|
||||
cluster: original_dst
|
||||
timeout: 180s
|
||||
timeout: 1800s
|
||||
http_protocol_options:
|
||||
accept_http_10: true
|
||||
http_filters:
|
||||
@@ -491,7 +491,7 @@ data:
|
||||
prefix: "/"
|
||||
route:
|
||||
cluster: original_dst
|
||||
timeout: 180s
|
||||
timeout: 1800s
|
||||
typed_per_filter_config:
|
||||
envoy.filters.http.lua:
|
||||
"@type": type.googleapis.com/envoy.extensions.filters.http.lua.v3.LuaPerRoute
|
||||
|
||||
@@ -149,11 +149,11 @@ spec:
|
||||
labels:
|
||||
app: system-frontend
|
||||
io.bytetrade.app: "true"
|
||||
# annotations:
|
||||
# instrumentation.opentelemetry.io/inject-nodejs: "olares-instrumentation"
|
||||
# instrumentation.opentelemetry.io/nodejs-container-names: "settings-server"
|
||||
# instrumentation.opentelemetry.io/inject-nginx: "olares-instrumentation"
|
||||
# instrumentation.opentelemetry.io/inject-nginx-container-names: "system-frontend"
|
||||
annotations:
|
||||
instrumentation.opentelemetry.io/inject-nodejs: "olares-instrumentation"
|
||||
instrumentation.opentelemetry.io/nodejs-container-names: "settings-server"
|
||||
instrumentation.opentelemetry.io/inject-nginx: "olares-instrumentation"
|
||||
instrumentation.opentelemetry.io/inject-nginx-container-names: "system-frontend"
|
||||
spec:
|
||||
priorityClassName: "system-cluster-critical"
|
||||
initContainers:
|
||||
@@ -208,7 +208,7 @@ spec:
|
||||
- mountPath: /www
|
||||
name: www-dir
|
||||
- name: control-hub-init
|
||||
image: beclab/admin-console-frontend-v1:v0.5.5
|
||||
image: beclab/admin-console-frontend-v1:v0.5.8
|
||||
imagePullPolicy: IfNotPresent
|
||||
command:
|
||||
- /bin/sh
|
||||
@@ -220,7 +220,7 @@ spec:
|
||||
- mountPath: /www
|
||||
name: www-dir
|
||||
- name: profile-editor-init
|
||||
image: beclab/profile-editor:v0.2.1
|
||||
image: beclab/profile-editor:v0.2.21
|
||||
imagePullPolicy: IfNotPresent
|
||||
command:
|
||||
- /bin/sh
|
||||
@@ -232,7 +232,7 @@ spec:
|
||||
- mountPath: /www
|
||||
name: www-dir
|
||||
- name: profile-preview-init
|
||||
image: beclab/profile-preview:v0.2.1
|
||||
image: beclab/profile-preview:v0.2.21
|
||||
imagePullPolicy: IfNotPresent
|
||||
command:
|
||||
- /bin/sh
|
||||
@@ -244,7 +244,7 @@ spec:
|
||||
- mountPath: /www
|
||||
name: www-dir
|
||||
- name: wise-init
|
||||
image: beclab/wise:v1.3.50
|
||||
image: beclab/wise:v1.3.55
|
||||
imagePullPolicy: IfNotPresent
|
||||
command:
|
||||
- /bin/sh
|
||||
@@ -256,7 +256,7 @@ spec:
|
||||
- mountPath: /www
|
||||
name: www-dir
|
||||
- name: settings-init
|
||||
image: beclab/settings:v0.2.18
|
||||
image: beclab/settings:v1.3.62
|
||||
imagePullPolicy: IfNotPresent
|
||||
command:
|
||||
- /bin/sh
|
||||
@@ -268,7 +268,7 @@ spec:
|
||||
- mountPath: /www
|
||||
name: www-dir
|
||||
- name: studio-init
|
||||
image: beclab/studio:v0.2.9
|
||||
image: beclab/studio:v0.2.16
|
||||
imagePullPolicy: IfNotPresent
|
||||
command:
|
||||
- /bin/sh
|
||||
@@ -305,7 +305,7 @@ spec:
|
||||
- -c
|
||||
- /etc/envoy/envoy.yaml
|
||||
- name: system-frontend
|
||||
image: beclab/docker-nginx-headers-more:v0.1.0
|
||||
image: beclab/docker-nginx-headers-more:ubuntu-v0.1.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
ports:
|
||||
- containerPort: 81
|
||||
@@ -385,7 +385,7 @@ spec:
|
||||
terminationMessagePath: /dev/termination-log
|
||||
terminationMessagePolicy: File
|
||||
- name: settings-server
|
||||
image: beclab/settings-server:v0.2.18
|
||||
image: beclab/settings-server:v0.2.23
|
||||
imagePullPolicy: IfNotPresent
|
||||
ports:
|
||||
- containerPort: 3000
|
||||
@@ -673,6 +673,16 @@ metadata:
|
||||
namespace: user-system-{{ .Values.bfl.username }}
|
||||
spec:
|
||||
callbacks:
|
||||
- filters:
|
||||
type:
|
||||
- backup-state-event
|
||||
op: Create
|
||||
uri: /api/event/backup_state_event
|
||||
- filters:
|
||||
type:
|
||||
- restore-state-event
|
||||
op: Create
|
||||
uri: /api/event/restore_state_event
|
||||
- filters:
|
||||
type:
|
||||
- app-installation-event
|
||||
@@ -1283,6 +1293,10 @@ data:
|
||||
server infisical-service:8080;
|
||||
}
|
||||
|
||||
upstream BackupServer {
|
||||
server backup-server.os-system:8082;
|
||||
}
|
||||
|
||||
server {
|
||||
listen 86;
|
||||
|
||||
@@ -1340,6 +1354,31 @@ data:
|
||||
proxy_set_header X-Forwarded-Host $host;
|
||||
}
|
||||
|
||||
location /apis/backup {
|
||||
proxy_pass http://backup-server.os-system:8082;
|
||||
add_header Accept "application/json, text/plain, */*";
|
||||
add_header Content-Type "application/json; charset=utf-8";
|
||||
}
|
||||
|
||||
location /api/resources {
|
||||
proxy_pass http://files-service.os-system:80;
|
||||
# rewrite ^/server(.*)$ $1 break;
|
||||
|
||||
# Add original-request-related headers
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Host $host;
|
||||
|
||||
add_header Accept-Ranges bytes;
|
||||
|
||||
client_body_timeout 600s;
|
||||
client_max_body_size 4000M;
|
||||
proxy_request_buffering off;
|
||||
keepalive_timeout 750s;
|
||||
proxy_read_timeout 600s;
|
||||
proxy_send_timeout 600s;
|
||||
}
|
||||
|
||||
location /drive {
|
||||
proxy_pass http://127.0.0.1:8080;
|
||||
|
||||
|
||||
@@ -83,7 +83,7 @@ spec:
|
||||
value: os_system_vault
|
||||
containers:
|
||||
- name: vault-server
|
||||
image: beclab/vault-server:v1.3.50
|
||||
image: beclab/vault-server:v1.3.55
|
||||
imagePullPolicy: IfNotPresent
|
||||
ports:
|
||||
- containerPort: 3000
|
||||
@@ -114,7 +114,7 @@ spec:
|
||||
- name: vault-attach
|
||||
mountPath: /padloc/packages/server/attachments
|
||||
- name: vault-admin
|
||||
image: beclab/vault-admin:v1.3.50
|
||||
image: beclab/vault-admin:v1.3.55
|
||||
imagePullPolicy: IfNotPresent
|
||||
ports:
|
||||
- containerPort: 3010
|
||||
|
||||
@@ -88,13 +88,13 @@ spec:
|
||||
|
||||
containers:
|
||||
- name: vault-frontend
|
||||
image: beclab/vault-frontend:v1.3.50
|
||||
image: beclab/vault-frontend:v1.3.55
|
||||
imagePullPolicy: IfNotPresent
|
||||
ports:
|
||||
- containerPort: 80
|
||||
|
||||
- name: notification-server
|
||||
image: beclab/vault-notification:v1.3.50
|
||||
image: beclab/vault-notification:v1.3.55
|
||||
imagePullPolicy: IfNotPresent
|
||||
ports:
|
||||
- containerPort: 3010
|
||||
|
||||
@@ -61,7 +61,7 @@ spec:
|
||||
|
||||
containers:
|
||||
- name: wizard
|
||||
image: beclab/wizard:v0.5.12
|
||||
image: beclab/wizard:v1.3.57
|
||||
imagePullPolicy: IfNotPresent
|
||||
ports:
|
||||
- containerPort: 80
|
||||
|
||||
@@ -48,7 +48,7 @@ if (-Not (Test-Path $CLI_PROGRAM_PATH)) {
|
||||
New-Item -Path $CLI_PROGRAM_PATH -ItemType Directory
|
||||
}
|
||||
|
||||
$CLI_VERSION = "0.2.28"
|
||||
$CLI_VERSION = "0.2.35"
|
||||
$CLI_FILE = "olares-cli-v{0}_windows_{1}.tar.gz" -f $CLI_VERSION, $arch
|
||||
$CLI_URL = "{0}/{1}" -f $downloadUrl, $CLI_FILE
|
||||
$CLI_PATH = "{0}{1}" -f $CLI_PROGRAM_PATH, $CLI_FILE
|
||||
@@ -82,6 +82,6 @@ if ($download -eq 1) {
|
||||
Start-Sleep -Seconds 3
|
||||
Write-Host ("Preparing to start the installation of Olares {0}. Depending on your network conditions, this process may take several minutes." -f $version)
|
||||
|
||||
$command = "{0}\olares-cli.exe olares install --version {1}" -f $CLI_PROGRAM_PATH, $version
|
||||
$command = "{0}\olares-cli.exe install --version {1}" -f $CLI_PROGRAM_PATH, $version
|
||||
Start-Process cmd -ArgumentList '/k',$command -Wait -Verb RunAs
|
||||
|
||||
|
||||
@@ -74,7 +74,7 @@ if [ -z ${cdn_url} ]; then
|
||||
cdn_url="https://dc3p1870nn3cj.cloudfront.net"
|
||||
fi
|
||||
|
||||
CLI_VERSION="0.2.28"
|
||||
CLI_VERSION="0.2.35"
|
||||
CLI_FILE="olares-cli-v${CLI_VERSION}_linux_${ARCH}.tar.gz"
|
||||
if [[ x"$os_type" == x"Darwin" ]]; then
|
||||
CLI_FILE="olares-cli-v${CLI_VERSION}_darwin_${ARCH}.tar.gz"
|
||||
@@ -137,7 +137,7 @@ else
|
||||
echo ""
|
||||
else
|
||||
echo "building local release ..."
|
||||
$sh_c "$INSTALL_OLARES_CLI olares release $PARAMS $CDN"
|
||||
$sh_c "$INSTALL_OLARES_CLI release $PARAMS $CDN"
|
||||
if [[ $? -ne 0 ]]; then
|
||||
echo "error: failed to build local release"
|
||||
exit 1
|
||||
@@ -146,13 +146,13 @@ else
|
||||
else
|
||||
echo "running system prechecks ..."
|
||||
echo ""
|
||||
$sh_c "$INSTALL_OLARES_CLI olares precheck $PARAMS"
|
||||
$sh_c "$INSTALL_OLARES_CLI precheck $PARAMS"
|
||||
if [[ $? -ne 0 ]]; then
|
||||
exit 1
|
||||
fi
|
||||
echo "downloading installation wizard..."
|
||||
echo ""
|
||||
$sh_c "$INSTALL_OLARES_CLI olares download wizard $PARAMS $KUBE_PARAM $CDN"
|
||||
$sh_c "$INSTALL_OLARES_CLI download wizard $PARAMS $KUBE_PARAM $CDN"
|
||||
if [[ $? -ne 0 ]]; then
|
||||
echo "error: failed to download installation wizard"
|
||||
exit 1
|
||||
@@ -161,7 +161,7 @@ else
|
||||
|
||||
echo "downloading installation packages..."
|
||||
echo ""
|
||||
$sh_c "$INSTALL_OLARES_CLI olares download component $PARAMS $KUBE_PARAM $CDN"
|
||||
$sh_c "$INSTALL_OLARES_CLI download component $PARAMS $KUBE_PARAM $CDN"
|
||||
if [[ $? -ne 0 ]]; then
|
||||
echo "error: failed to download installation packages"
|
||||
exit 1
|
||||
@@ -173,7 +173,7 @@ else
|
||||
if [ x"$REGISTRY_MIRRORS" != x"" ]; then
|
||||
extra="--registry-mirrors $REGISTRY_MIRRORS"
|
||||
fi
|
||||
$sh_c "$INSTALL_OLARES_CLI olares prepare $PARAMS $KUBE_PARAM $extra"
|
||||
$sh_c "$INSTALL_OLARES_CLI prepare $PARAMS $KUBE_PARAM $extra"
|
||||
if [[ $? -ne 0 ]]; then
|
||||
echo "error: failed to prepare installation environment"
|
||||
exit 1
|
||||
@@ -198,7 +198,7 @@ if [[ "$JUICEFS" == "1" ]]; then
|
||||
else
|
||||
echo "checking storage config ..."
|
||||
fi
|
||||
$sh_c "$INSTALL_OLARES_CLI olares install storage $PARAMS"
|
||||
$sh_c "$INSTALL_OLARES_CLI install storage $PARAMS"
|
||||
if [[ $? -ne 0 ]]; then
|
||||
exit 1
|
||||
fi
|
||||
@@ -221,7 +221,7 @@ if [[ -n "$ZRAM_SWAP_PRIORITY" ]]; then
|
||||
fi
|
||||
echo "installing Olares..."
|
||||
echo ""
|
||||
$sh_c "$INSTALL_OLARES_CLI olares install $PARAMS $KUBE_PARAM $fsflag $swapflag"
|
||||
$sh_c "$INSTALL_OLARES_CLI install $PARAMS $KUBE_PARAM $fsflag $swapflag"
|
||||
|
||||
if [[ $? -ne 0 ]]; then
|
||||
echo "error: failed to install Olares"
|
||||
|
||||
@@ -157,7 +157,7 @@ fi
|
||||
|
||||
set_master_host_ssh_options
|
||||
|
||||
CLI_VERSION="0.2.28"
|
||||
CLI_VERSION="0.2.35"
|
||||
CLI_FILE="olares-cli-v${CLI_VERSION}_linux_${ARCH}.tar.gz"
|
||||
|
||||
if command_exists olares-cli && [[ "$(olares-cli -v | awk '{print $3}')" == "$CLI_VERSION" ]]; then
|
||||
@@ -211,14 +211,14 @@ if [[ -f $BASE_DIR/.prepared ]]; then
|
||||
else
|
||||
echo "running system prechecks ..."
|
||||
echo ""
|
||||
$sh_c "$INSTALL_OLARES_CLI olares precheck $PARAMS"
|
||||
$sh_c "$INSTALL_OLARES_CLI precheck $PARAMS"
|
||||
if [[ $? -ne 0 ]]; then
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo "downloading installation wizard..."
|
||||
echo ""
|
||||
$sh_c "$INSTALL_OLARES_CLI olares download wizard $PARAMS $CDN"
|
||||
$sh_c "$INSTALL_OLARES_CLI download wizard $PARAMS $CDN"
|
||||
if [[ $? -ne 0 ]]; then
|
||||
echo "error: failed to download installation wizard"
|
||||
exit 1
|
||||
@@ -226,7 +226,7 @@ else
|
||||
|
||||
echo "downloading installation packages..."
|
||||
echo ""
|
||||
$sh_c "$INSTALL_OLARES_CLI olares download component $PARAMS $CDN"
|
||||
$sh_c "$INSTALL_OLARES_CLI download component $PARAMS $CDN"
|
||||
if [[ $? -ne 0 ]]; then
|
||||
echo "error: failed to download installation packages"
|
||||
exit 1
|
||||
@@ -238,7 +238,7 @@ else
|
||||
if [ x"$REGISTRY_MIRRORS" != x"" ]; then
|
||||
extra="--registry-mirrors $REGISTRY_MIRRORS"
|
||||
fi
|
||||
$sh_c "$INSTALL_OLARES_CLI olares prepare $PARAMS $extra"
|
||||
$sh_c "$INSTALL_OLARES_CLI prepare $PARAMS $extra"
|
||||
if [[ $? -ne 0 ]]; then
|
||||
echo "error: failed to prepare installation environment"
|
||||
exit 1
|
||||
|
||||
@@ -1,2 +1,2 @@
|
||||
upgrade:
|
||||
minVersion: 1.12.0-0000000
|
||||
minVersion: 1.12.0-1
|
||||
|
||||
@@ -20,5 +20,7 @@ metadata:
|
||||
spec:
|
||||
email: "{{.Values.user.email}}"
|
||||
initialPassword: "{{ .Values.user.password }}"
|
||||
groups:
|
||||
- lldap_admin
|
||||
status:
|
||||
state: Active
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
olaresd-v1.12.0-rc.1.tar.gz,pkg/components,https://dc3p1870nn3cj.cloudfront.net/olaresd-v1.12.0-rc.1-linux-amd64.tar.gz,https://dc3p1870nn3cj.cloudfront.net/olaresd-v1.12.0-rc.1-linux-arm64.tar.gz,olaresd
|
||||
olaresd-v1.12.0-rc.10.tar.gz,pkg/components,https://dc3p1870nn3cj.cloudfront.net/olaresd-v1.12.0-rc.10-linux-amd64.tar.gz,https://dc3p1870nn3cj.cloudfront.net/olaresd-v1.12.0-rc.10-linux-arm64.tar.gz,olaresd
|
||||
socat-1.7.3.2.tar.gz,pkg/components,https://src.fedoraproject.org/lookaside/pkgs/socat/socat-1.7.3.2.tar.gz/sha512/540658b2a3d1b87673196282e5c62b97681bd0f1d1e4759ff9d72909d11060235ee9e9521a973603c1b00376436a9444248e5fbc0ffac65f8edb9c9bc28e7972/socat-1.7.3.2.tar.gz,https://src.fedoraproject.org/lookaside/pkgs/socat/socat-1.7.3.2.tar.gz/sha512/540658b2a3d1b87673196282e5c62b97681bd0f1d1e4759ff9d72909d11060235ee9e9521a973603c1b00376436a9444248e5fbc0ffac65f8edb9c9bc28e7972/socat-1.7.3.2.tar.gz,socat
|
||||
conntrack-tools-1.4.1.tar.gz,pkg/components,https://github.com/fqrouter/conntrack-tools/archive/refs/tags/conntrack-tools-1.4.1.tar.gz,https://github.com/fqrouter/conntrack-tools/archive/refs/tags/conntrack-tools-1.4.1.tar.gz,conntrack-tools
|
||||
minio.RELEASE.2023-05-04T21-44-30Z,pkg/components,https://dl.min.io/server/minio/release/linux-amd64/archive/minio.RELEASE.2023-05-04T21-44-30Z,https://dl.min.io/server/minio/release/linux-arm64/archive/minio.RELEASE.2023-05-04T21-44-30Z,minio
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
beclab/ks-apiserver:0.0.9
|
||||
beclab/ks-controller-manager:0.0.9
|
||||
beclab/ks-apiserver:0.0.11
|
||||
beclab/ks-controller-manager:0.0.11
|
||||
beclab/kube-state-metrics:v2.3.0-ext.1
|
||||
calico/cni:v3.29.2
|
||||
calico/kube-controllers:v3.29.2
|
||||
@@ -18,7 +18,7 @@ kubesphere/prometheus-operator:v0.55.1
|
||||
openebs/linux-utils:3.3.0
|
||||
openebs/provisioner-localpv:3.3.0
|
||||
beclab/percona-server-mongodb-operator:1.15.2
|
||||
prom/node-exporter:v1.3.1
|
||||
beclab/node-exporter:0.0.1
|
||||
prom/prometheus:v2.34.0
|
||||
quay.io/argoproj/argocli:v3.5.0
|
||||
quay.io/argoproj/argoexec:v3.5.0
|
||||
@@ -36,9 +36,12 @@ beclab/reverse-proxy:v0.1.8
|
||||
beclab/upgrade-job:0.1.7
|
||||
bytetrade/envoy:v1.25.11.1
|
||||
liangjw/kube-webhook-certgen:v1.1.1
|
||||
beclab/hami:v2.5.1
|
||||
beclab/hami:v2.5.2
|
||||
alpine:3.14
|
||||
mirrorgooglecontainers/defaultbackend-amd64:1.4
|
||||
projecthami/hami-webui-fe-oss:v1.0.5
|
||||
projecthami/hami-webui-be-oss:v1.0.5
|
||||
nvidia/dcgm-exporter:4.1.1-4.0.4-ubuntu22.04
|
||||
ghcr.io/open-telemetry/opentelemetry-go-instrumentation/autoinstrumentation-go:v0.20.0
|
||||
bytetrade/autoinstrumentation-apache-httpd:1.0.4-fix1
|
||||
ghcr.io/open-telemetry/opentelemetry-operator/autoinstrumentation-nodejs:0.40.0
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
cni-plugins-v1.6.2.tgz,pkg/cni/v1.6.2,https://github.com/containernetworking/plugins/releases/download/v1.6.2/cni-plugins-linux-amd64-v1.6.2.tgz,https://github.com/containernetworking/plugins/releases/download/v1.6.2/cni-plugins-linux-arm-v1.6.2.tgz,cni-plugins
|
||||
containerd-1.6.4.tar.gz,pkg/containerd/1.6.4,https://github.com/containerd/containerd/releases/download/v1.6.4/containerd-1.6.4-linux-amd64.tar.gz,https://github.com/containerd/containerd/releases/download/v1.6.4/containerd-1.6.4-linux-arm64.tar.gz,containerd
|
||||
containerd-1.6.36.tar.gz,pkg/containerd/1.6.36,https://github.com/containerd/containerd/releases/download/v1.6.36/containerd-1.6.36-linux-amd64.tar.gz,https://github.com/containerd/containerd/releases/download/v1.6.36/containerd-1.6.36-linux-arm64.tar.gz,containerd
|
||||
crictl-v1.32.0.tar.gz,pkg/crictl/v1.32.0,https://github.com/kubernetes-sigs/cri-tools/releases/download/v1.32.0/crictl-v1.32.0-linux-amd64.tar.gz,https://github.com/kubernetes-sigs/cri-tools/releases/download/v1.32.0/crictl-v1.32.0-linux-arm64.tar.gz,crictl
|
||||
etcd-v3.5.18.tar.gz,pkg/etcd/v3.5.18,https://github.com/coreos/etcd/releases/download/v3.5.18/etcd-v3.5.18-linux-amd64.tar.gz,https://github.com/coreos/etcd/releases/download/v3.5.18/etcd-v3.5.18-linux-arm64.tar.gz,etcd
|
||||
helm-v3.9.0.tar.gz,pkg/helm/v3.9.0,https://get.helm.sh/helm-v3.17.1-linux-amd64.tar.gz,https://get.helm.sh/helm-v3.17.1-linux-arm.tar.gz,helm
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
nameOverride: ""
|
||||
fullnameOverride: ""
|
||||
imagePullSecrets: []
|
||||
version: "v2.5.1"
|
||||
version: "v2.5.2"
|
||||
|
||||
# Nvidia GPU Parameters
|
||||
resourceName: "nvidia.com/gpu"
|
||||
|
||||
@@ -143,7 +143,7 @@ spec:
|
||||
priorityClassName: "system-cluster-critical"
|
||||
containers:
|
||||
- name: app-service
|
||||
image: beclab/app-service:0.3.25
|
||||
image: beclab/app-service:0.3.29
|
||||
imagePullPolicy: IfNotPresent
|
||||
securityContext:
|
||||
runAsUser: 0
|
||||
@@ -361,7 +361,7 @@ spec:
|
||||
hostNetwork: true
|
||||
containers:
|
||||
- name: image-service
|
||||
image: beclab/image-service:0.3.21
|
||||
image: beclab/image-service:0.3.28
|
||||
imagePullPolicy: IfNotPresent
|
||||
securityContext:
|
||||
runAsUser: 0
|
||||
|
||||
@@ -80,6 +80,9 @@ spec:
|
||||
additionalProperties:
|
||||
type: string
|
||||
type: object
|
||||
createAt:
|
||||
format: date-time
|
||||
type: string
|
||||
deleted:
|
||||
type: boolean
|
||||
extra:
|
||||
@@ -101,6 +104,7 @@ spec:
|
||||
type: integer
|
||||
required:
|
||||
- backupType
|
||||
- createAt
|
||||
- deleted
|
||||
- location
|
||||
- name
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
|
||||
|
||||
{{ $backupVersion := "0.3.17" }}
|
||||
{{ $backupVersion := "0.3.29" }}
|
||||
{{ $backup_server_rootpath := printf "%s%s" .Values.rootPath "/rootfs/backup-server" }}
|
||||
|
||||
---
|
||||
@@ -35,11 +35,18 @@ spec:
|
||||
- name: rootfs
|
||||
hostPath:
|
||||
path: '{{ .Values.rootPath }}/rootfs'
|
||||
- name: shares
|
||||
hostPath:
|
||||
path: '{{ .Values.rootPath }}/share'
|
||||
serviceAccountName: os-internal
|
||||
containers:
|
||||
- name: api
|
||||
image: beclab/backup-server:v{{ $backupVersion }}
|
||||
imagePullPolicy: IfNotPresent
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
privileged: true
|
||||
runAsUser: 0
|
||||
command:
|
||||
- /backup-server
|
||||
- apiserver
|
||||
@@ -65,10 +72,15 @@ spec:
|
||||
volumeMounts:
|
||||
- mountPath: /rootfs
|
||||
name: rootfs
|
||||
- mountPath: /shares
|
||||
mountPropagation: Bidirectional
|
||||
name: shares
|
||||
- name: controller
|
||||
image: beclab/backup-server:v{{ $backupVersion }}
|
||||
imagePullPolicy: IfNotPresent
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
privileged: true
|
||||
runAsUser: 0
|
||||
command:
|
||||
- /backup-server
|
||||
@@ -94,6 +106,9 @@ spec:
|
||||
volumeMounts:
|
||||
- mountPath: /rootfs
|
||||
name: rootfs
|
||||
- mountPath: /shares
|
||||
mountPropagation: Bidirectional
|
||||
name: shares
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
|
||||
@@ -200,11 +200,11 @@ spec:
|
||||
labels:
|
||||
tier: bfl
|
||||
annotations:
|
||||
# instrumentation.opentelemetry.io/inject-go: "olares-instrumentation"
|
||||
# instrumentation.opentelemetry.io/go-container-names: "api"
|
||||
# instrumentation.opentelemetry.io/otel-go-auto-target-exe: "/bfl-api"
|
||||
# instrumentation.opentelemetry.io/inject-nginx: "olares-instrumentation"
|
||||
# instrumentation.opentelemetry.io/inject-nginx-container-names: "ingress"
|
||||
instrumentation.opentelemetry.io/inject-go: "olares-instrumentation"
|
||||
instrumentation.opentelemetry.io/go-container-names: "api"
|
||||
instrumentation.opentelemetry.io/otel-go-auto-target-exe: "/bfl-api"
|
||||
instrumentation.opentelemetry.io/inject-nginx: "olares-instrumentation"
|
||||
instrumentation.opentelemetry.io/inject-nginx-container-names: "ingress"
|
||||
spec:
|
||||
{{ if .Values.bfl.admin_user }}
|
||||
affinity:
|
||||
@@ -249,7 +249,7 @@ spec:
|
||||
|
||||
containers:
|
||||
- name: api
|
||||
image: beclab/bfl:v0.4.3
|
||||
image: beclab/bfl:v0.4.5
|
||||
imagePullPolicy: IfNotPresent
|
||||
securityContext:
|
||||
runAsUser: 1000
|
||||
@@ -306,7 +306,7 @@ spec:
|
||||
apiVersion: v1
|
||||
fieldPath: spec.nodeName
|
||||
- name: ingress
|
||||
image: beclab/bfl-ingress:v0.3.2
|
||||
image: beclab/bfl-ingress:v0.3.5
|
||||
imagePullPolicy: IfNotPresent
|
||||
volumeMounts:
|
||||
- name: ngxlog
|
||||
|
||||
@@ -5,6 +5,10 @@ kind: Instrumentation
|
||||
metadata:
|
||||
name: olares-instrumentation
|
||||
namespace: {{ .Release.Namespace }}
|
||||
annotations:
|
||||
"helm.sh/hook": "pre-install,pre-upgrade"
|
||||
"helm.sh/hook-weight": "-10"
|
||||
"helm.sh/hook-delete-policy": "before-hook-creation"
|
||||
spec:
|
||||
exporter:
|
||||
endpoint: https://jaeger-storage-instance-collector.os-system:4317
|
||||
@@ -20,30 +24,46 @@ spec:
|
||||
- name: OTEL_EXPORTER_OTLP_ENDPOINT
|
||||
value: http://jaeger-storage-instance-collector.os-system:4318
|
||||
- name: OTEL_EXPORTER_OTLP_PROTOCOL
|
||||
value: http/protobuf
|
||||
value: http/json
|
||||
- name: OTEL_TRACES_SAMPLER_ARG
|
||||
value: "1.0"
|
||||
dotnet:
|
||||
env:
|
||||
- name: OTEL_EXPORTER_OTLP_ENDPOINT
|
||||
value: http://jaeger-storage-instance-collector.os-system:4318
|
||||
- name: OTEL_EXPORTER_OTLP_PROTOCOL
|
||||
value: http/protobuf
|
||||
value: http/json
|
||||
- name: OTEL_TRACES_SAMPLER_ARG
|
||||
value: "1.0"
|
||||
nodejs:
|
||||
env:
|
||||
- name: OTEL_EXPORTER_OTLP_ENDPOINT
|
||||
value: http://jaeger-storage-instance-collector.os-system:4318
|
||||
- name: OTEL_EXPORTER_OTLP_PROTOCOL
|
||||
value: http/protobuf
|
||||
value: http/json
|
||||
- name: OTEL_TRACES_SAMPLER_ARG
|
||||
value: "1.0"
|
||||
nginx:
|
||||
image: bytetrade/autoinstrumentation-apache-httpd:1.0.4-fix1
|
||||
env:
|
||||
- name: OTEL_EXPORTER_OTLP_ENDPOINT
|
||||
value: https://jaeger-storage-instance-collector.os-system:4317
|
||||
value: http://jaeger-storage-instance-collector.os-system:4318
|
||||
- name: OTEL_EXPORTER_OTLP_PROTOCOL
|
||||
value: http/json
|
||||
- name: OTEL_TRACES_SAMPLER_ARG
|
||||
value: "1.0"
|
||||
go:
|
||||
image: ghcr.io/open-telemetry/opentelemetry-go-instrumentation/autoinstrumentation-go:v0.20.0
|
||||
env:
|
||||
- name: OTEL_EXPORTER_OTLP_ENDPOINT
|
||||
value: http://jaeger-storage-instance-collector.os-system:4318
|
||||
- name: OTEL_EXPORTER_OTLP_PROTOCOL
|
||||
value: http/protobuf
|
||||
|
||||
- name: OTEL_TRACES_SAMPLER_ARG
|
||||
value: "1.0"
|
||||
resourceRequirements:
|
||||
limits:
|
||||
memory: 256Mi
|
||||
|
||||
---
|
||||
apiVersion: opentelemetry.io/v1alpha1
|
||||
@@ -51,6 +71,11 @@ kind: Instrumentation
|
||||
metadata:
|
||||
name: olares-instrumentation
|
||||
namespace: user-system-{{ .Values.bfl.username }}
|
||||
annotations:
|
||||
"helm.sh/hook": "pre-install,pre-upgrade"
|
||||
"helm.sh/hook-weight": "-10"
|
||||
"helm.sh/hook-delete-policy": "before-hook-creation"
|
||||
|
||||
spec:
|
||||
exporter:
|
||||
endpoint: https://jaeger-storage-instance-collector.os-system:4317
|
||||
@@ -66,27 +91,44 @@ spec:
|
||||
- name: OTEL_EXPORTER_OTLP_ENDPOINT
|
||||
value: http://jaeger-storage-instance-collector.os-system:4318
|
||||
- name: OTEL_EXPORTER_OTLP_PROTOCOL
|
||||
value: http/protobuf
|
||||
value: http/json
|
||||
- name: OTEL_TRACES_SAMPLER_ARG
|
||||
value: "1.0"
|
||||
dotnet:
|
||||
env:
|
||||
- name: OTEL_EXPORTER_OTLP_ENDPOINT
|
||||
value: http://jaeger-storage-instance-collector.os-system:4318
|
||||
- name: OTEL_EXPORTER_OTLP_PROTOCOL
|
||||
value: http/protobuf
|
||||
value: http/json
|
||||
- name: OTEL_TRACES_SAMPLER_ARG
|
||||
value: "1.0"
|
||||
nodejs:
|
||||
env:
|
||||
- name: OTEL_EXPORTER_OTLP_ENDPOINT
|
||||
value: http://jaeger-storage-instance-collector.os-system:4318
|
||||
value: http://jaeger-storage-instance-collector.os-system:4318
|
||||
- name: OTEL_EXPORTER_OTLP_PROTOCOL
|
||||
value: http/protobuf
|
||||
value: http/json
|
||||
- name: OTEL_TRACES_SAMPLER_ARG
|
||||
value: "1.0"
|
||||
nginx:
|
||||
image: bytetrade/autoinstrumentation-apache-httpd:1.0.4-fix1
|
||||
env:
|
||||
- name: OTEL_EXPORTER_OTLP_ENDPOINT
|
||||
value: https://jaeger-storage-instance-collector.os-system:4317
|
||||
value: http://jaeger-storage-instance-collector.os-system:4318
|
||||
- name: OTEL_EXPORTER_OTLP_PROTOCOL
|
||||
value: http/json
|
||||
- name: OTEL_TRACES_SAMPLER_ARG
|
||||
value: "1.0"
|
||||
go:
|
||||
image: ghcr.io/open-telemetry/opentelemetry-go-instrumentation/autoinstrumentation-go:v0.20.0
|
||||
env:
|
||||
- name: OTEL_EXPORTER_OTLP_ENDPOINT
|
||||
value: http://jaeger-storage-instance-collector.os-system:4318
|
||||
- name: OTEL_EXPORTER_OTLP_PROTOCOL
|
||||
value: http/protobuf
|
||||
- name: OTEL_TRACES_SAMPLER_ARG
|
||||
value: "1.0"
|
||||
resourceRequirements:
|
||||
limits:
|
||||
memory: 256Mi
|
||||
|
||||
@@ -41,13 +41,17 @@ spec:
|
||||
metadata:
|
||||
labels:
|
||||
app: systemserver
|
||||
annotations:
|
||||
instrumentation.opentelemetry.io/go-container-names: system-server
|
||||
instrumentation.opentelemetry.io/inject-go: olares-instrumentation
|
||||
instrumentation.opentelemetry.io/otel-go-auto-target-exe: /system-server
|
||||
spec:
|
||||
serviceAccountName: bytetrade-sys-ops
|
||||
serviceAccount: bytetrade-sys-ops
|
||||
priorityClassName: "system-cluster-critical"
|
||||
containers:
|
||||
- name: system-server
|
||||
image: beclab/system-server:0.1.21
|
||||
image: beclab/system-server:0.1.22
|
||||
imagePullPolicy: IfNotPresent
|
||||
ports:
|
||||
- containerPort: 80
|
||||
@@ -319,4 +323,4 @@ metadata:
|
||||
name: systemserver-proxy-configs
|
||||
namespace: user-system-{{ .Values.bfl.username }}
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -83,6 +83,13 @@ spec:
|
||||
perm:
|
||||
- pub
|
||||
- sub
|
||||
- appName: notifications
|
||||
appNamespace: {{ .Release.Namespace }}
|
||||
subjects:
|
||||
- name: system.users
|
||||
perm:
|
||||
- pub
|
||||
- sub
|
||||
user: os-system-lldap
|
||||
|
||||
---
|
||||
@@ -164,8 +171,10 @@ spec:
|
||||
name: lldap-pg-secrets
|
||||
- name: NATS_SUBJECT
|
||||
value: "terminus.{{ .Release.Namespace }}.system.notification"
|
||||
- name: NATS_SUBJECT_SYSTEM_USERS
|
||||
value: "terminus.{{ .Release.Namespace }}.system.users"
|
||||
|
||||
image: beclab/lldap:0.0.1
|
||||
image: beclab/lldap:0.0.2
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: lldap
|
||||
ports:
|
||||
|
||||
@@ -76,7 +76,7 @@ spec:
|
||||
runAsUser: 0
|
||||
containers:
|
||||
- name: tapr-sysevent
|
||||
image: beclab/sys-event:0.2.4
|
||||
image: beclab/sys-event:0.2.5
|
||||
imagePullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: APP_RANDOM_KEY
|
||||
|
||||
@@ -389,10 +389,21 @@ spec:
|
||||
image: owncloudci/wait-for:latest
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: check-redis
|
||||
|
||||
- name: setsysctl
|
||||
image: 'busybox:1.28'
|
||||
command:
|
||||
- sh
|
||||
- '-c'
|
||||
- |
|
||||
sysctl -w net.core.somaxconn=65535
|
||||
sysctl -w net.ipv4.ip_local_port_range="1024 65535"
|
||||
sysctl -w net.ipv4.tcp_tw_reuse=1
|
||||
sysctl -w fs.file-max=1048576
|
||||
securityContext:
|
||||
privileged: true
|
||||
containers:
|
||||
- name: authelia
|
||||
image: beclab/auth:0.2.4
|
||||
image: beclab/auth:0.2.6
|
||||
imagePullPolicy: IfNotPresent
|
||||
ports:
|
||||
- containerPort: 9091
|
||||
|
||||
@@ -28,7 +28,7 @@ spec:
|
||||
name: check-auth
|
||||
containers:
|
||||
- name: auth-front
|
||||
image: beclab/login:v0.1.40
|
||||
image: beclab/login:v1.3.57
|
||||
imagePullPolicy: IfNotPresent
|
||||
ports:
|
||||
- containerPort: 80
|
||||
|
||||
@@ -8,6 +8,12 @@
|
||||
{{ $pg_password = randAlphaNum 16 | b64enc }}
|
||||
{{- end -}}
|
||||
|
||||
{{ $user := (lookup "iam.kubesphere.io/v1alpha2" "User" "" .Values.bfl.username) }}
|
||||
{{- $role := "" -}}
|
||||
{{- if $user -}}
|
||||
{{ $role = (index $user "metadata" "annotations" "bytetrade.io/owner-role") }}
|
||||
{{- end -}}
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
@@ -283,6 +289,12 @@ spec:
|
||||
value: $(NODE_IP)/32
|
||||
- name: TS_EXTRA_ARGS
|
||||
value: "--login-server http://headscale-server-svc:8080"
|
||||
{{- if eq $role "platform-admin" }}
|
||||
- name: TS_USERSPACE
|
||||
value: "false"
|
||||
- name: TS_DEBUG_FIREWALL_MODE
|
||||
value: nftables
|
||||
{{- end }}
|
||||
- name: TS_KUBE_SECRET
|
||||
volumes:
|
||||
- name: config
|
||||
|
||||
@@ -843,7 +843,10 @@ webhooks:
|
||||
apiVersion: opentelemetry.io/v1beta1
|
||||
kind: OpenTelemetryCollector
|
||||
metadata:
|
||||
name: jaeger-storage-instance
|
||||
annotations:
|
||||
"helm.sh/hook": post-install
|
||||
"helm.sh/hook-weight": "5"
|
||||
name: jaeger-storage-instance
|
||||
namespace: os-system
|
||||
labels:
|
||||
applications.app.bytetrade.io/author: bytetrade.io
|
||||
@@ -862,6 +865,9 @@ spec:
|
||||
volumeMounts:
|
||||
- name: storage
|
||||
mountPath: /data
|
||||
|
||||
securityContext:
|
||||
runAsUser: 1000
|
||||
|
||||
ports:
|
||||
- name: jaeger
|
||||
@@ -931,6 +937,9 @@ spec:
|
||||
apiVersion: opentelemetry.io/v1alpha1
|
||||
kind: Instrumentation
|
||||
metadata:
|
||||
annotations:
|
||||
"helm.sh/hook": post-install
|
||||
"helm.sh/hook-weight": "5"
|
||||
name: olares-instrumentation
|
||||
namespace: os-system
|
||||
spec:
|
||||
@@ -948,27 +957,44 @@ spec:
|
||||
- name: OTEL_EXPORTER_OTLP_ENDPOINT
|
||||
value: http://jaeger-storage-instance-collector.os-system:4318
|
||||
- name: OTEL_EXPORTER_OTLP_PROTOCOL
|
||||
value: http/protobuf
|
||||
value: http/json
|
||||
- name: OTEL_TRACES_SAMPLER_ARG
|
||||
value: "1.0"
|
||||
dotnet:
|
||||
env:
|
||||
- name: OTEL_EXPORTER_OTLP_ENDPOINT
|
||||
value: http://jaeger-storage-instance-collector.os-system:4318
|
||||
- name: OTEL_EXPORTER_OTLP_PROTOCOL
|
||||
value: http/protobuf
|
||||
value: http/json
|
||||
- name: OTEL_TRACES_SAMPLER_ARG
|
||||
value: "1.0"
|
||||
nodejs:
|
||||
env:
|
||||
- name: OTEL_EXPORTER_OTLP_ENDPOINT
|
||||
value: http://jaeger-storage-instance-collector.os-system:4318
|
||||
- name: OTEL_EXPORTER_OTLP_PROTOCOL
|
||||
value: http/protobuf
|
||||
value: http/json
|
||||
- name: OTEL_TRACES_SAMPLER_ARG
|
||||
value: "1.0"
|
||||
nginx:
|
||||
image: bytetrade/autoinstrumentation-apache-httpd:1.0.4-fix1
|
||||
env:
|
||||
- name: OTEL_EXPORTER_OTLP_ENDPOINT
|
||||
value: https://jaeger-storage-instance-collector.os-system:4317
|
||||
value: http://jaeger-storage-instance-collector.os-system:4318
|
||||
- name: OTEL_EXPORTER_OTLP_PROTOCOL
|
||||
value: http/json
|
||||
- name: OTEL_TRACES_SAMPLER_ARG
|
||||
value: "1.0"
|
||||
go:
|
||||
image: ghcr.io/open-telemetry/opentelemetry-go-instrumentation/autoinstrumentation-go:v0.20.0
|
||||
env:
|
||||
- name: OTEL_EXPORTER_OTLP_ENDPOINT
|
||||
value: http://jaeger-storage-instance-collector.os-system:4318
|
||||
- name: OTEL_EXPORTER_OTLP_PROTOCOL
|
||||
value: http/protobuf
|
||||
- name: OTEL_TRACES_SAMPLER_ARG
|
||||
value: "1.0"
|
||||
resourceRequirements:
|
||||
limits:
|
||||
memory: 256Mi
|
||||
|
||||
|
||||
@@ -1,23 +0,0 @@
|
||||
# Patterns to ignore when building packages.
|
||||
# This supports shell glob matching, relative path matching, and
|
||||
# negation (prefixed with !). Only one pattern per line.
|
||||
.DS_Store
|
||||
# Common VCS dirs
|
||||
.git/
|
||||
.gitignore
|
||||
.bzr/
|
||||
.bzrignore
|
||||
.hg/
|
||||
.hgignore
|
||||
.svn/
|
||||
# Common backup files
|
||||
*.swp
|
||||
*.bak
|
||||
*.tmp
|
||||
*.orig
|
||||
*~
|
||||
# Various IDEs
|
||||
.project
|
||||
.idea/
|
||||
*.tmproj
|
||||
.vscode/
|
||||
@@ -1,26 +0,0 @@
|
||||
apiVersion: v2
|
||||
name: opentelemetry
|
||||
description: A Helm chart for Kubernetes
|
||||
maintainers:
|
||||
- name: bytetrade
|
||||
|
||||
# A chart can be either an 'application' or a 'library' chart.
|
||||
#
|
||||
# Application charts are a collection of templates that can be packaged into versioned archives
|
||||
# to be deployed.
|
||||
#
|
||||
# Library charts provide useful utilities or functions for the chart developer. They're included as
|
||||
# a dependency of application charts to inject those utilities and functions into the rendering
|
||||
# pipeline. Library charts do not define any templates and therefore cannot be deployed.
|
||||
type: application
|
||||
|
||||
# This is the chart version. This version number should be incremented each time you make changes
|
||||
# to the chart and its templates, including the app version.
|
||||
# Versions are expected to follow Semantic Versioning (https://semver.org/)
|
||||
version: 0.0.1
|
||||
|
||||
# This is the version number of the application being deployed. This version number should be
|
||||
# incremented each time you make changes to the application. Versions are not expected to
|
||||
# follow Semantic Versioning. They should reflect the version the application is using.
|
||||
# It is recommended to use it with quotes.
|
||||
appVersion: "0.118.0"
|
||||
@@ -1,62 +0,0 @@
|
||||
{{/*
|
||||
Expand the name of the chart.
|
||||
*/}}
|
||||
{{- define "seafile.name" -}}
|
||||
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Create a default fully qualified app name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
If release name contains chart name it will be used as a full name.
|
||||
*/}}
|
||||
{{- define "seafile.fullname" -}}
|
||||
{{- if .Values.fullnameOverride }}
|
||||
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
|
||||
{{- else }}
|
||||
{{- $name := default .Chart.Name .Values.nameOverride }}
|
||||
{{- if contains $name .Release.Name }}
|
||||
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
|
||||
{{- else }}
|
||||
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Create chart name and version as used by the chart label.
|
||||
*/}}
|
||||
{{- define "seafile.chart" -}}
|
||||
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Common labels
|
||||
*/}}
|
||||
{{- define "seafile.labels" -}}
|
||||
helm.sh/chart: {{ include "seafile.chart" . }}
|
||||
{{ include "seafile.selectorLabels" . }}
|
||||
{{- if .Chart.AppVersion }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
|
||||
{{- end }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Selector labels
|
||||
*/}}
|
||||
{{- define "seafile.selectorLabels" -}}
|
||||
app.kubernetes.io/name: {{ include "seafile.name" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Create the name of the service account to use
|
||||
*/}}
|
||||
{{- define "seafile.serviceAccountName" -}}
|
||||
{{- if .Values.serviceAccount.create }}
|
||||
{{- default (include "seafile.fullname" .) .Values.serviceAccount.name }}
|
||||
{{- else }}
|
||||
{{- default "default" .Values.serviceAccount.name }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
@@ -1,7 +0,0 @@
|
||||
bfl:
|
||||
nodeport: 30883
|
||||
nodeport_ingress_http: 30083
|
||||
nodeport_ingress_https: 30082
|
||||
username: 'test'
|
||||
url: 'test'
|
||||
nodeName: test
|
||||
Reference in New Issue
Block a user