├── LICENSE ├── README.md ├── cluster ├── Install.md ├── addCluster.md ├── ratel-service.yaml ├── ratel.yaml └── servers.yaml ├── configmap └── create-configmap.md ├── daemonset ├── create-daemonset.md └── edit-daemonset.md ├── deployment ├── copy-resource.md ├── create-deployment.md └── edit-deployment.md ├── images ├── container-ingress.png ├── container-service.png ├── container.png ├── container2.png ├── copy-dp.png ├── copy-namespace-info.png ├── copy-select.png ├── create-cm-edit.png ├── create-cm-mt.png ├── create-cm-succ.png ├── create-cm.png ├── create-deployment.png ├── create-ingress-from-service-c.png ├── create-ingress-from-service.png ├── create-ingress.png ├── create-service-from-service.png ├── create-service-list-dp.png ├── create-service.png ├── create-sts-metadata-ru.png ├── create-sts-metadata.png ├── createNS.png ├── createSecret.png ├── daemonset-ru.png ├── defaultRqLimit.png ├── deployment-create-error.png ├── deployment-create-succ.png ├── deploymentAffinity.png ├── dockerType.png ├── dplist.png ├── dslist.png ├── edit-container-1.png ├── edit-container-2.png ├── edit-deployment-metadata-1.png ├── edit-deployment-metadata-2.png ├── edit-deployment-metadata-3.png ├── edit-service.png ├── edit-volume-1.png ├── editDeploymentAffinity.png ├── editIngresses.png ├── editRQ.png ├── index.png ├── index2.png ├── kernel-nodeselector-taint.png ├── list-configmap.png ├── list-ingresses.png ├── list-services.png ├── listNS.png ├── login.png ├── nodelist.png ├── opaqueType.png ├── podslist.png ├── projected-volume.png ├── serviceAccountPer.jpg ├── sts-service.png ├── sts-volume-sc.png ├── sts-volume.png ├── stslist.png ├── svclist.png ├── tlsType.png ├── update-cm.png └── volume.png ├── ingress ├── create-ingress.md └── edit-ingress.md ├── namespace ├── copy-resource.md ├── create-namespace.md └── create-rq.md ├── pvpvc └── create-pvpvc.md ├── secret └── create-secret.md ├── service ├── create-service.md └── edit-service.md ├── statefulset ├── create-statefulset.md └── edit-statefulset.md └── users └── users.md /LICENSE: -------------------------------------------------------------------------------- 1 | Apache License 2 | Version 2.0, January 2004 3 | http://www.apache.org/licenses/ 4 | 5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 6 | 7 | 1. Definitions. 8 | 9 | "License" shall mean the terms and conditions for use, reproduction, 10 | and distribution as defined by Sections 1 through 9 of this document. 11 | 12 | "Licensor" shall mean the copyright owner or entity authorized by 13 | the copyright owner that is granting the License. 14 | 15 | "Legal Entity" shall mean the union of the acting entity and all 16 | other entities that control, are controlled by, or are under common 17 | control with that entity. For the purposes of this definition, 18 | "control" means (i) the power, direct or indirect, to cause the 19 | direction or management of such entity, whether by contract or 20 | otherwise, or (ii) ownership of fifty percent (50%) or more of the 21 | outstanding shares, or (iii) beneficial ownership of such entity. 22 | 23 | "You" (or "Your") shall mean an individual or Legal Entity 24 | exercising permissions granted by this License. 25 | 26 | "Source" form shall mean the preferred form for making modifications, 27 | including but not limited to software source code, documentation 28 | source, and configuration files. 29 | 30 | "Object" form shall mean any form resulting from mechanical 31 | transformation or translation of a Source form, including but 32 | not limited to compiled object code, generated documentation, 33 | and conversions to other media types. 34 | 35 | "Work" shall mean the work of authorship, whether in Source or 36 | Object form, made available under the License, as indicated by a 37 | copyright notice that is included in or attached to the work 38 | (an example is provided in the Appendix below). 39 | 40 | "Derivative Works" shall mean any work, whether in Source or Object 41 | form, that is based on (or derived from) the Work and for which the 42 | editorial revisions, annotations, elaborations, or other modifications 43 | represent, as a whole, an original work of authorship. For the purposes 44 | of this License, Derivative Works shall not include works that remain 45 | separable from, or merely link (or bind by name) to the interfaces of, 46 | the Work and Derivative Works thereof. 47 | 48 | "Contribution" shall mean any work of authorship, including 49 | the original version of the Work and any modifications or additions 50 | to that Work or Derivative Works thereof, that is intentionally 51 | submitted to Licensor for inclusion in the Work by the copyright owner 52 | or by an individual or Legal Entity authorized to submit on behalf of 53 | the copyright owner. For the purposes of this definition, "submitted" 54 | means any form of electronic, verbal, or written communication sent 55 | to the Licensor or its representatives, including but not limited to 56 | communication on electronic mailing lists, source code control systems, 57 | and issue tracking systems that are managed by, or on behalf of, the 58 | Licensor for the purpose of discussing and improving the Work, but 59 | excluding communication that is conspicuously marked or otherwise 60 | designated in writing by the copyright owner as "Not a Contribution." 61 | 62 | "Contributor" shall mean Licensor and any individual or Legal Entity 63 | on behalf of whom a Contribution has been received by Licensor and 64 | subsequently incorporated within the Work. 65 | 66 | 2. Grant of Copyright License. Subject to the terms and conditions of 67 | this License, each Contributor hereby grants to You a perpetual, 68 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 69 | copyright license to reproduce, prepare Derivative Works of, 70 | publicly display, publicly perform, sublicense, and distribute the 71 | Work and such Derivative Works in Source or Object form. 72 | 73 | 3. Grant of Patent License. Subject to the terms and conditions of 74 | this License, each Contributor hereby grants to You a perpetual, 75 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 76 | (except as stated in this section) patent license to make, have made, 77 | use, offer to sell, sell, import, and otherwise transfer the Work, 78 | where such license applies only to those patent claims licensable 79 | by such Contributor that are necessarily infringed by their 80 | Contribution(s) alone or by combination of their Contribution(s) 81 | with the Work to which such Contribution(s) was submitted. If You 82 | institute patent litigation against any entity (including a 83 | cross-claim or counterclaim in a lawsuit) alleging that the Work 84 | or a Contribution incorporated within the Work constitutes direct 85 | or contributory patent infringement, then any patent licenses 86 | granted to You under this License for that Work shall terminate 87 | as of the date such litigation is filed. 88 | 89 | 4. Redistribution. You may reproduce and distribute copies of the 90 | Work or Derivative Works thereof in any medium, with or without 91 | modifications, and in Source or Object form, provided that You 92 | meet the following conditions: 93 | 94 | (a) You must give any other recipients of the Work or 95 | Derivative Works a copy of this License; and 96 | 97 | (b) You must cause any modified files to carry prominent notices 98 | stating that You changed the files; and 99 | 100 | (c) You must retain, in the Source form of any Derivative Works 101 | that You distribute, all copyright, patent, trademark, and 102 | attribution notices from the Source form of the Work, 103 | excluding those notices that do not pertain to any part of 104 | the Derivative Works; and 105 | 106 | (d) If the Work includes a "NOTICE" text file as part of its 107 | distribution, then any Derivative Works that You distribute must 108 | include a readable copy of the attribution notices contained 109 | within such NOTICE file, excluding those notices that do not 110 | pertain to any part of the Derivative Works, in at least one 111 | of the following places: within a NOTICE text file distributed 112 | as part of the Derivative Works; within the Source form or 113 | documentation, if provided along with the Derivative Works; or, 114 | within a display generated by the Derivative Works, if and 115 | wherever such third-party notices normally appear. The contents 116 | of the NOTICE file are for informational purposes only and 117 | do not modify the License. You may add Your own attribution 118 | notices within Derivative Works that You distribute, alongside 119 | or as an addendum to the NOTICE text from the Work, provided 120 | that such additional attribution notices cannot be construed 121 | as modifying the License. 122 | 123 | You may add Your own copyright statement to Your modifications and 124 | may provide additional or different license terms and conditions 125 | for use, reproduction, or distribution of Your modifications, or 126 | for any such Derivative Works as a whole, provided Your use, 127 | reproduction, and distribution of the Work otherwise complies with 128 | the conditions stated in this License. 129 | 130 | 5. Submission of Contributions. Unless You explicitly state otherwise, 131 | any Contribution intentionally submitted for inclusion in the Work 132 | by You to the Licensor shall be under the terms and conditions of 133 | this License, without any additional terms or conditions. 134 | Notwithstanding the above, nothing herein shall supersede or modify 135 | the terms of any separate license agreement you may have executed 136 | with Licensor regarding such Contributions. 137 | 138 | 6. Trademarks. This License does not grant permission to use the trade 139 | names, trademarks, service marks, or product names of the Licensor, 140 | except as required for reasonable and customary use in describing the 141 | origin of the Work and reproducing the content of the NOTICE file. 142 | 143 | 7. Disclaimer of Warranty. Unless required by applicable law or 144 | agreed to in writing, Licensor provides the Work (and each 145 | Contributor provides its Contributions) on an "AS IS" BASIS, 146 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 147 | implied, including, without limitation, any warranties or conditions 148 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A 149 | PARTICULAR PURPOSE. You are solely responsible for determining the 150 | appropriateness of using or redistributing the Work and assume any 151 | risks associated with Your exercise of permissions under this License. 152 | 153 | 8. Limitation of Liability. In no event and under no legal theory, 154 | whether in tort (including negligence), contract, or otherwise, 155 | unless required by applicable law (such as deliberate and grossly 156 | negligent acts) or agreed to in writing, shall any Contributor be 157 | liable to You for damages, including any direct, indirect, special, 158 | incidental, or consequential damages of any character arising as a 159 | result of this License or out of the use or inability to use the 160 | Work (including but not limited to damages for loss of goodwill, 161 | work stoppage, computer failure or malfunction, or any and all 162 | other commercial damages or losses), even if such Contributor 163 | has been advised of the possibility of such damages. 164 | 165 | 9. Accepting Warranty or Additional Liability. While redistributing 166 | the Work or Derivative Works thereof, You may choose to offer, 167 | and charge a fee for, acceptance of support, warranty, indemnity, 168 | or other liability obligations and/or rights consistent with this 169 | License. However, in accepting such obligations, You may act only 170 | on Your own behalf and on Your sole responsibility, not on behalf 171 | of any other Contributor, and only if You agree to indemnify, 172 | defend, and hold each Contributor harmless for any liability 173 | incurred by, or claims asserted against, such Contributor by reason 174 | of your accepting any such warranty or additional liability. 175 | 176 | END OF TERMS AND CONDITIONS 177 | 178 | APPENDIX: How to apply the Apache License to your work. 179 | 180 | To apply the Apache License to your work, attach the following 181 | boilerplate notice, with the fields enclosed by brackets "[]" 182 | replaced with your own identifying information. (Don't include 183 | the brackets!) The text should be enclosed in the appropriate 184 | comment syntax for the file format. We also recommend that a 185 | file or class name and description of purpose be included on the 186 | same "printed page" as the copyright notice for easier 187 | identification within third-party archives. 188 | 189 | Copyright [yyyy] [name of copyright owner] 190 | 191 | Licensed under the Apache License, Version 2.0 (the "License"); 192 | you may not use this file except in compliance with the License. 193 | You may obtain a copy of the License at 194 | 195 | http://www.apache.org/licenses/LICENSE-2.0 196 | 197 | Unless required by applicable law or agreed to in writing, software 198 | distributed under the License is distributed on an "AS IS" BASIS, 199 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 200 | See the License for the specific language governing permissions and 201 | limitations under the License. 202 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # 注意:该项目已不再维护,请使用最新版KRM 2 | 3 | 新版地址:https://github.com/dotbalo/krm 4 | 5 | # 超全面、超详细的Kubernetes视频教程,基于最新K8s进行讲解 6 | # 课程具备完善的售后服务,免费更新、免费技术问答、免费岗位推荐 7 | [https://edu.51cto.com/lecturer/11062970.html](https://edu.51cto.com/lecturer/11062970.html) 8 | 9 | 咨询QQ727585266 10 | 11 | 12 | 13 | -------------------------------------------------------------------------------- /cluster/Install.md: -------------------------------------------------------------------------------- 1 | # 注意 2 | ```` 3 | 之前的版本写command和args的时候,格式为: sh,,,-c,,,sleep 36000 4 | 新版写法为: 5 | sh,,, 6 | -c,,, 7 | sleep 36000 8 | 也就是把换行从,,,改成了,,, + 回车,为了兼容deployment的|+ 和 |- 9 | 对应的deployment Command为: 10 | command: 11 | - sh 12 | - -c 13 | - sleep 36000 14 | ```` 15 | 16 | ## 1. 安装Ratel 17 | 18 | ### 1.1 安装说明 19 | 20 | ```` 21 | 集群安装配置需要两类文件: servers.yaml和集群管理的kubeconfig文件 22 | 23 | servers.yaml是ratel的配置文件, 格式如下: 24 | - serverName: 'xxx' 25 | serverAddress: 'https://1.1.1.1:8443' 26 | #serverAdminUser: 'xxx' 27 | #serverAdminPassword: 'xxx#' 28 | serverAdminToken: 'null' 29 | serverDashboardUrl: "https://k8s.xxx.com.cn/#" 30 | production: 'false' 31 | kubeConfigPath: "/mnt/xxx.config" 32 | harborConfig: "HarborUrl, HarborUsername, HarborPassword, HarborEmail" 33 | 其中管理的方式有两种(Token暂不支持): 34 | 账号密码和kubeconfig形式, 只需配置一种即可, kubeconfig优先级高 35 | 36 | 参数解析: 37 | serverName: 集群别名 38 | serverAddress: Kubernetes APIServer地址 39 | serverAdminUser: Kubernetes管理员账号(需要配置basic auth) 40 | serverAdminPassword: Kubernetes管理员密码 41 | serverAdminToken: Kubernetes管理员Token // 暂不支持 42 | serverDashboardUrl: Kubernetes官方dashboard地址,1.x版本需要添加/#!,2.x需要添加/# 43 | kubeConfigPath: Kubernetes kube.config路径(绝对路径,这个路径不是宿主机的本地路径,而是1.2小节secret的挂载路径,一般可以不改/mnt) 44 | harborConfig: 对于多集群管理的情况下,可能会存在不同的harbor仓库,配置此参数可以在拷贝资源的时候自动替换harbor配置 45 | kubeConfigPath 通过secret挂载到容器的/mnt目录或者其他目录 46 | 47 | 本文档是将Ratel安装在Kubernetes集群,如果没有Kubernetes集群,可以参考本人写的另一篇文章,CentOS 8二进制高可用安装Kubernetes集群: https://www.cnblogs.com/dukuan/p/11780729.html 48 | ```` 49 | 50 | ### 1.2 创建Secret 51 | 52 | ```` 53 | 假设配置两个集群,对应的kubeconfig是test1.config和test2.config 54 | ratel配置文件servers.yaml内容如下: 55 | - serverName: 'test1' 56 | serverAddress: 'https://1.1.1.1:8443' 57 | #serverAdminUser: 'xxx' 58 | #serverAdminPassword: 'xxx#' 59 | serverAdminToken: 'null' 60 | serverDashboardUrl: "https://k8s.test1.com.cn/#" 61 | production: 'false' 62 | kubeConfigPath: "/mnt/test1.config" 63 | harborConfig: "HarborUrl, HarborUsername, HarborPassword, HarborEmail" 64 | - serverName: 'test2' 65 | serverAddress: 'https://1.1.1.2:8443' 66 | #serverAdminUser: 'xxx' 67 | #serverAdminPassword: 'xxx#' 68 | serverAdminToken: 'null' 69 | serverDashboardUrl: "https://k8s.test2.com.cn/#!" 70 | production: 'false' 71 | kubeConfigPath: "/mnt/test2.config" 72 | harborConfig: "HarborUrl, HarborUsername, HarborPassword, HarborEmail" 73 | 创建Secret: 74 | kubectl create secret generic ratel-config --from-file=test1.config --from-file=test2.config --from-file=servers.yaml -n kube-system 75 | ```` 76 | 77 | ### 1.3 创建RBAC 78 | ```` 79 | 创建权限管理namespace 80 | kubectl create ns kube-users 81 | 82 | 然后添加如下的ClusterroleBinding 83 | vim ratel-rbac.yaml 84 | 85 | apiVersion: v1 86 | items: 87 | - apiVersion: rbac.authorization.k8s.io/v1 88 | kind: ClusterRole 89 | metadata: 90 | annotations: 91 | rbac.authorization.kubernetes.io/autoupdate: "true" 92 | labels: 93 | kubernetes.io/bootstrapping: rbac-defaults 94 | rbac.authorization.k8s.io/aggregate-to-edit: "true" 95 | name: ratel-namespace-readonly 96 | rules: 97 | - apiGroups: 98 | - "" 99 | resources: 100 | - namespaces 101 | verbs: 102 | - get 103 | - list 104 | - watch 105 | - apiGroups: 106 | - metrics.k8s.io 107 | resources: 108 | - pods 109 | verbs: 110 | - get 111 | - list 112 | - watch 113 | - apiVersion: rbac.authorization.k8s.io/v1 114 | kind: ClusterRole 115 | metadata: 116 | name: ratel-pod-delete 117 | rules: 118 | - apiGroups: 119 | - "" 120 | resources: 121 | - pods 122 | verbs: 123 | - get 124 | - list 125 | - delete 126 | - apiVersion: rbac.authorization.k8s.io/v1 127 | kind: ClusterRole 128 | metadata: 129 | name: ratel-pod-exec 130 | rules: 131 | - apiGroups: 132 | - "" 133 | resources: 134 | - pods 135 | - pods/log 136 | verbs: 137 | - get 138 | - list 139 | - apiGroups: 140 | - "" 141 | resources: 142 | - pods/exec 143 | verbs: 144 | - create 145 | - apiVersion: rbac.authorization.k8s.io/v1 146 | kind: ClusterRole 147 | metadata: 148 | annotations: 149 | rbac.authorization.kubernetes.io/autoupdate: "true" 150 | name: ratel-resource-edit 151 | rules: 152 | - apiGroups: 153 | - "" 154 | resources: 155 | - configmaps 156 | - persistentvolumeclaims 157 | - services 158 | - services/proxy 159 | verbs: 160 | - patch 161 | - update 162 | - apiGroups: 163 | - apps 164 | resources: 165 | - daemonsets 166 | - deployments 167 | - deployments/rollback 168 | - deployments/scale 169 | - statefulsets 170 | - statefulsets/scale 171 | verbs: 172 | - patch 173 | - update 174 | - apiGroups: 175 | - autoscaling 176 | resources: 177 | - horizontalpodautoscalers 178 | verbs: 179 | - patch 180 | - update 181 | - apiGroups: 182 | - batch 183 | resources: 184 | - cronjobs 185 | - jobs 186 | verbs: 187 | - patch 188 | - update 189 | - apiGroups: 190 | - extensions 191 | resources: 192 | - daemonsets 193 | - deployments 194 | - deployments/rollback 195 | - deployments/scale 196 | - ingresses 197 | - networkpolicies 198 | verbs: 199 | - patch 200 | - update 201 | - apiGroups: 202 | - networking.k8s.io 203 | resources: 204 | - ingresses 205 | - networkpolicies 206 | verbs: 207 | - patch 208 | - update 209 | - apiVersion: rbac.authorization.k8s.io/v1 210 | kind: ClusterRole 211 | metadata: 212 | name: ratel-resource-readonly 213 | rules: 214 | - apiGroups: 215 | - "" 216 | resources: 217 | - configmaps 218 | - endpoints 219 | - persistentvolumeclaims 220 | - pods 221 | - replicationcontrollers 222 | - replicationcontrollers/scale 223 | - serviceaccounts 224 | - services 225 | verbs: 226 | - get 227 | - list 228 | - watch 229 | - apiGroups: 230 | - "" 231 | resources: 232 | - bindings 233 | - events 234 | - limitranges 235 | - namespaces/status 236 | - pods/log 237 | - pods/status 238 | - replicationcontrollers/status 239 | - resourcequotas 240 | - resourcequotas/status 241 | verbs: 242 | - get 243 | - list 244 | - watch 245 | - apiGroups: 246 | - "" 247 | resources: 248 | - namespaces 249 | verbs: 250 | - get 251 | - list 252 | - watch 253 | - apiGroups: 254 | - apps 255 | resources: 256 | - controllerrevisions 257 | - daemonsets 258 | - deployments 259 | - deployments/scale 260 | - replicasets 261 | - replicasets/scale 262 | - statefulsets 263 | - statefulsets/scale 264 | verbs: 265 | - get 266 | - list 267 | - watch 268 | - apiGroups: 269 | - autoscaling 270 | resources: 271 | - horizontalpodautoscalers 272 | verbs: 273 | - get 274 | - list 275 | - watch 276 | - apiGroups: 277 | - batch 278 | resources: 279 | - cronjobs 280 | - jobs 281 | verbs: 282 | - get 283 | - list 284 | - watch 285 | - apiGroups: 286 | - extensions 287 | resources: 288 | - daemonsets 289 | - deployments 290 | - deployments/scale 291 | - ingresses 292 | - networkpolicies 293 | - replicasets 294 | - replicasets/scale 295 | - replicationcontrollers/scale 296 | verbs: 297 | - get 298 | - list 299 | - watch 300 | - apiGroups: 301 | - policy 302 | resources: 303 | - poddisruptionbudgets 304 | verbs: 305 | - get 306 | - list 307 | - watch 308 | - apiGroups: 309 | - networking.k8s.io 310 | resources: 311 | - networkpolicies 312 | - ingresses 313 | verbs: 314 | - get 315 | - list 316 | - watch 317 | - apiGroups: 318 | - metrics.k8s.io 319 | resources: 320 | - pods 321 | verbs: 322 | - get 323 | - list 324 | - watch 325 | kind: List 326 | metadata: 327 | resourceVersion: "" 328 | selfLink: "" 329 | 330 | kubectl create -f ratel-rbac.yaml 331 | 332 | vim ratel-rbac-binding.yaml 333 | apiVersion: rbac.authorization.k8s.io/v1 334 | kind: ClusterRoleBinding 335 | metadata: 336 | name: ratel-namespace-readonly-sa 337 | roleRef: 338 | apiGroup: rbac.authorization.k8s.io 339 | kind: ClusterRole 340 | name: ratel-namespace-readonly 341 | subjects: 342 | - apiGroup: rbac.authorization.k8s.io 343 | kind: Group 344 | name: system:serviceaccounts:kube-users 345 | 346 | kubectl create -f ratel-rbac-binding.yaml 347 | 348 | 349 | ```` 350 | 351 | ### 1.4 部署ratel 352 | 353 | ```` 354 | ratel的部署文件内容如下: 355 | apiVersion: apps/v1 356 | kind: Deployment 357 | metadata: 358 | labels: 359 | app: ratel 360 | name: ratel 361 | namespace: kube-system 362 | spec: 363 | replicas: 1 364 | selector: 365 | matchLabels: 366 | app: ratel 367 | strategy: 368 | rollingUpdate: 369 | maxSurge: 1 370 | maxUnavailable: 0 371 | type: RollingUpdate 372 | template: 373 | metadata: 374 | creationTimestamp: null 375 | labels: 376 | app: ratel 377 | spec: 378 | containers: 379 | - command: 380 | - sh 381 | - -c 382 | - ./ratel -c /mnt/servers.yaml 383 | env: 384 | - name: TZ 385 | value: Asia/Shanghai 386 | - name: LANG 387 | value: C.UTF-8 388 | - name: ProRunMode 389 | value: prod 390 | - name: ADMIN_USERNAME 391 | value: admin 392 | - name: ADMIN_PASSWORD 393 | value: ratel_password 394 | image: registry.cn-beijing.aliyuncs.com/dotbalo/ratel:latest 395 | imagePullPolicy: Always 396 | livenessProbe: 397 | failureThreshold: 2 398 | initialDelaySeconds: 10 399 | periodSeconds: 60 400 | successThreshold: 1 401 | tcpSocket: 402 | port: 8888 403 | timeoutSeconds: 2 404 | name: ratel 405 | ports: 406 | - containerPort: 8888 407 | name: web 408 | protocol: TCP 409 | readinessProbe: 410 | failureThreshold: 2 411 | initialDelaySeconds: 10 412 | periodSeconds: 60 413 | successThreshold: 1 414 | tcpSocket: 415 | port: 8888 416 | timeoutSeconds: 2 417 | resources: 418 | limits: 419 | cpu: 500m 420 | memory: 512Mi 421 | requests: 422 | cpu: 500m 423 | memory: 512Mi 424 | volumeMounts: 425 | - mountPath: /mnt 426 | name: ratel-config 427 | dnsPolicy: ClusterFirst 428 | imagePullSecrets: 429 | - name: myregistrykey 430 | restartPolicy: Always 431 | schedulerName: default-scheduler 432 | securityContext: {} 433 | terminationGracePeriodSeconds: 30 434 | volumes: 435 | - name: ratel-config 436 | secret: 437 | defaultMode: 420 438 | secretName: ratel-config 439 | 440 | 需要更改的内容如下: 441 | ProRunMode: 区别在于dev模式打印的是debug日志, 其他模式是info级别的日志, 实际使用时应该配置为非dev 442 | ADMIN_USERNAME: ratel自己的管理员账号 443 | ADMIN_PASSWORD: ratel自己的管理员密码 444 | 实际使用时账号密码应满足复杂性要求,因为ratel可以直接操作所有配置的资源。 445 | 其他无需配置, 端口配置暂不支持。 446 | ```` 447 | 448 | ### 1.5 Service和Ingress配置 449 | 450 | #### 注意:如果没有安装ingress controller,需要把type: ClusterIP改成type: NodePort,然后通过主机IP+Port进行访问 451 | ```` 452 | 创建ratel Service的文件如下: 453 | apiVersion: v1 454 | kind: Service 455 | metadata: 456 | labels: 457 | app: ratel 458 | name: ratel 459 | namespace: kube-system 460 | spec: 461 | ports: 462 | - name: container-1-web-1 463 | port: 8888 464 | protocol: TCP 465 | targetPort: 8888 466 | selector: 467 | app: ratel 468 | type: ClusterIP 469 | 470 | 创建ratel Ingress: 471 | apiVersion: extensions/v1beta1 472 | kind: Ingress 473 | metadata: 474 | name: ratel 475 | namespace: kube-system 476 | spec: 477 | rules: 478 | - host: krm.test.com 479 | http: 480 | paths: 481 | - backend: 482 | serviceName: ratel 483 | servicePort: 8888 484 | path: / 485 | ```` 486 | 487 | ### 1.6 访问ratel 488 | 489 | #### 注意:如果没有安装ingress controller,需要把type: ClusterIP改成type: NodePort,然后通过主机IP+Port进行访问 490 | ```` 491 | 通过Ingress配置的krm.test.com/ratel访问,ratel登录页如下: 492 | ```` 493 | ![login](https://github.com/dotbalo/ratel-doc/blob/master/images/login.png) 494 | 495 | ```` 496 | ratel首页如下: 497 | ```` 498 | 499 | ![index](https://github.com/dotbalo/ratel-doc/blob/master/images/index.png) 500 | ![index2](https://github.com/dotbalo/ratel-doc/blob/master/images/index2.png) 501 | 502 | ### 1.7 资源列表 503 | 504 | ```` 505 | Node列表及配置 506 | 开启驱逐是配置了一个NoExecute的Taint,禁止调度室配置了一个NoSchedule的Taint,并非强制性的。 507 | ```` 508 | 509 | ![nodeList](https://github.com/dotbalo/ratel-doc/blob/master/images/nodelist.png) 510 | 511 | ```` 512 | Deployment StatefulSet DaemonSet列表 513 | 可以直接进行删除、更新(不更新任何内容触发更新)、编辑、添加Service,自动配置Service端口 514 | 点击副本数可以直接进行扩容 515 | ```` 516 | 517 | ![stslist](https://github.com/dotbalo/ratel-doc/blob/master/images/stslist.png) 518 | 519 | ![dslist](https://github.com/dotbalo/ratel-doc/blob/master/images/dslist.png) 520 | 521 | ![dplist](https://github.com/dotbalo/ratel-doc/blob/master/images/dplist.png) 522 | 523 | ```` 524 | Service列表,可以针对指定Service添加域名,自动配置端口 525 | ```` 526 | 527 | ![svclist](https://github.com/dotbalo/ratel-doc/blob/master/images/svclist.png) 528 | 529 | ```` 530 | Pod列表,如果状态不是Running,可以将鼠标放在状态上即可查看出错原因 531 | ```` 532 | 533 | ![podslist](https://github.com/dotbalo/ratel-doc/blob/master/images/podslist.png) 534 | 535 | 536 | -------------------------------------------------------------------------------- /cluster/addCluster.md: -------------------------------------------------------------------------------- 1 | ## 2. 添加集群 2 | 3 | ```` 4 | 安装Ratel以后,如果需要添加集群,可以直接替换servers.yaml,等Kubernetes集群的Secret更新后,Ratel会自动更新集群配置。 5 | 6 | 比如添加test3集群: 7 | 之前的servers.yaml如下: 8 | - serverName: 'test1' 9 | serverAddress: 'https://1.1.1.1:8443' 10 | #serverAdminUser: 'xxx' 11 | #serverAdminPassword: 'xxx#' 12 | serverAdminToken: 'null' 13 | serverDashboardUrl: "https://k8s.test1.com.cn" 14 | production: 'false' 15 | kubeConfigPath: "/mnt/test1.config" 16 | harborConfig: "HarborUrl, HarborUsername, HarborPassword, HarborEmail" 17 | - serverName: 'test2' 18 | serverAddress: 'https://1.1.1.1:8443' 19 | #serverAdminUser: 'xxx' 20 | #serverAdminPassword: 'xxx#' 21 | serverAdminToken: 'null' 22 | serverDashboardUrl: "https://k8s.test2.com.cn" 23 | production: 'false' 24 | kubeConfigPath: "/mnt/test2.config" 25 | harborConfig: "HarborUrl, HarborUsername, HarborPassword, HarborEmail" 26 | 添加test3集群后如下: 27 | - serverName: 'test1' 28 | serverAddress: 'https://1.1.1.1:8443' 29 | #serverAdminUser: 'xxx' 30 | #serverAdminPassword: 'xxx#' 31 | serverAdminToken: 'null' 32 | serverDashboardUrl: "https://k8s.test1.com.cn" 33 | production: 'false' 34 | kubeConfigPath: "/mnt/test1.config" 35 | harborConfig: "HarborUrl, HarborUsername, HarborPassword, HarborEmail" 36 | - serverName: 'test2' 37 | serverAddress: 'https://1.1.1.2:8443' 38 | #serverAdminUser: 'xxx' 39 | #serverAdminPassword: 'xxx#' 40 | serverAdminToken: 'null' 41 | serverDashboardUrl: "https://k8s.test2.com.cn" 42 | production: 'false' 43 | kubeConfigPath: "/mnt/test2.config" 44 | harborConfig: "HarborUrl, HarborUsername, HarborPassword, HarborEmail" 45 | - serverName: 'test3' 46 | serverAddress: 'https://1.1.1.3:8443' 47 | #serverAdminUser: 'xxx' 48 | #serverAdminPassword: 'xxx#' 49 | serverAdminToken: 'null' 50 | serverDashboardUrl: "https://k8s.test3.com.cn" 51 | production: 'false' 52 | kubeConfigPath: "/mnt/test3.config" 53 | harborConfig: "HarborUrl, HarborUsername, HarborPassword, HarborEmail" 54 | 55 | 之后热更新原有的Secret: 56 | kubectl create secret generic ratel-config --from-file=servers.yaml --from-file=test1.config --from-file=test2.config --from-file=test3.config -n kube-system --dr-run -o yaml | kubectl replace -f - 57 | 58 | 也可以使用Ratel直接编辑该Secret 59 | 60 | 待Kubernetes集群更新Secret后,Ratel会自动加载配置,无需重启。 61 | ```` 62 | 63 | ### 2.1 添加权限控制 64 | ```` 65 | 创建权限管理namespace 66 | kubectl create ns kube-users 67 | 68 | 然后添加如下的ClusterroleBinding 69 | vim ratel-rbac.yaml 70 | 71 | apiVersion: v1 72 | items: 73 | - apiVersion: rbac.authorization.k8s.io/v1 74 | kind: ClusterRole 75 | metadata: 76 | annotations: 77 | rbac.authorization.kubernetes.io/autoupdate: "true" 78 | labels: 79 | kubernetes.io/bootstrapping: rbac-defaults 80 | rbac.authorization.k8s.io/aggregate-to-edit: "true" 81 | name: ratel-namespace-readonly 82 | rules: 83 | - apiGroups: 84 | - "" 85 | resources: 86 | - namespaces 87 | verbs: 88 | - get 89 | - list 90 | - watch 91 | - apiGroups: 92 | - metrics.k8s.io 93 | resources: 94 | - pods 95 | verbs: 96 | - get 97 | - list 98 | - watch 99 | - apiVersion: rbac.authorization.k8s.io/v1 100 | kind: ClusterRole 101 | metadata: 102 | name: ratel-pod-delete 103 | rules: 104 | - apiGroups: 105 | - "" 106 | resources: 107 | - pods 108 | verbs: 109 | - get 110 | - list 111 | - delete 112 | - apiVersion: rbac.authorization.k8s.io/v1 113 | kind: ClusterRole 114 | metadata: 115 | name: ratel-pod-exec 116 | rules: 117 | - apiGroups: 118 | - "" 119 | resources: 120 | - pods 121 | - pods/log 122 | verbs: 123 | - get 124 | - list 125 | - apiGroups: 126 | - "" 127 | resources: 128 | - pods/exec 129 | verbs: 130 | - create 131 | - apiVersion: rbac.authorization.k8s.io/v1 132 | kind: ClusterRole 133 | metadata: 134 | annotations: 135 | rbac.authorization.kubernetes.io/autoupdate: "true" 136 | name: ratel-resource-edit 137 | rules: 138 | - apiGroups: 139 | - "" 140 | resources: 141 | - configmaps 142 | - persistentvolumeclaims 143 | - services 144 | - services/proxy 145 | verbs: 146 | - patch 147 | - update 148 | - apiGroups: 149 | - apps 150 | resources: 151 | - daemonsets 152 | - deployments 153 | - deployments/rollback 154 | - deployments/scale 155 | - statefulsets 156 | - statefulsets/scale 157 | verbs: 158 | - patch 159 | - update 160 | - apiGroups: 161 | - autoscaling 162 | resources: 163 | - horizontalpodautoscalers 164 | verbs: 165 | - patch 166 | - update 167 | - apiGroups: 168 | - batch 169 | resources: 170 | - cronjobs 171 | - jobs 172 | verbs: 173 | - patch 174 | - update 175 | - apiGroups: 176 | - extensions 177 | resources: 178 | - daemonsets 179 | - deployments 180 | - deployments/rollback 181 | - deployments/scale 182 | - ingresses 183 | verbs: 184 | - patch 185 | - update 186 | - apiVersion: rbac.authorization.k8s.io/v1 187 | kind: ClusterRole 188 | metadata: 189 | name: ratel-resource-readonly 190 | rules: 191 | - apiGroups: 192 | - "" 193 | resources: 194 | - configmaps 195 | - endpoints 196 | - persistentvolumeclaims 197 | - pods 198 | - replicationcontrollers 199 | - replicationcontrollers/scale 200 | - serviceaccounts 201 | - services 202 | verbs: 203 | - get 204 | - list 205 | - watch 206 | - apiGroups: 207 | - "" 208 | resources: 209 | - bindings 210 | - events 211 | - limitranges 212 | - namespaces/status 213 | - pods/log 214 | - pods/status 215 | - replicationcontrollers/status 216 | - resourcequotas 217 | - resourcequotas/status 218 | verbs: 219 | - get 220 | - list 221 | - watch 222 | - apiGroups: 223 | - "" 224 | resources: 225 | - namespaces 226 | verbs: 227 | - get 228 | - list 229 | - watch 230 | - apiGroups: 231 | - apps 232 | resources: 233 | - controllerrevisions 234 | - daemonsets 235 | - deployments 236 | - deployments/scale 237 | - replicasets 238 | - replicasets/scale 239 | - statefulsets 240 | - statefulsets/scale 241 | verbs: 242 | - get 243 | - list 244 | - watch 245 | - apiGroups: 246 | - autoscaling 247 | resources: 248 | - horizontalpodautoscalers 249 | verbs: 250 | - get 251 | - list 252 | - watch 253 | - apiGroups: 254 | - batch 255 | resources: 256 | - cronjobs 257 | - jobs 258 | verbs: 259 | - get 260 | - list 261 | - watch 262 | - apiGroups: 263 | - extensions 264 | resources: 265 | - daemonsets 266 | - deployments 267 | - deployments/scale 268 | - ingresses 269 | - networkpolicies 270 | - replicasets 271 | - replicasets/scale 272 | - replicationcontrollers/scale 273 | verbs: 274 | - get 275 | - list 276 | - watch 277 | - apiGroups: 278 | - policy 279 | resources: 280 | - poddisruptionbudgets 281 | verbs: 282 | - get 283 | - list 284 | - watch 285 | - apiGroups: 286 | - networking.k8s.io 287 | resources: 288 | - networkpolicies 289 | verbs: 290 | - get 291 | - list 292 | - watch 293 | - apiGroups: 294 | - metrics.k8s.io 295 | resources: 296 | - pods 297 | verbs: 298 | - get 299 | - list 300 | - watch 301 | kind: List 302 | metadata: 303 | resourceVersion: "" 304 | selfLink: "" 305 | 306 | kubectl create -f ratel-rbac.yaml 307 | 308 | vim ratel-rbac-binding.yaml 309 | apiVersion: rbac.authorization.k8s.io/v1 310 | kind: ClusterRoleBinding 311 | metadata: 312 | name: ratel-namespace-readonly-sa 313 | roleRef: 314 | apiGroup: rbac.authorization.k8s.io 315 | kind: ClusterRole 316 | name: ratel-namespace-readonly 317 | subjects: 318 | - apiGroup: rbac.authorization.k8s.io 319 | kind: Group 320 | name: system:serviceaccounts:kube-users 321 | 322 | kubectl create -f ratel-rbac-binding.yaml 323 | ```` 324 | -------------------------------------------------------------------------------- /cluster/ratel-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | labels: 5 | app: ratel 6 | name: ratel 7 | namespace: kube-system 8 | spec: 9 | ports: 10 | - name: container-1-web-1 11 | port: 8888 12 | protocol: TCP 13 | targetPort: 8888 14 | selector: 15 | app: ratel 16 | type: ClusterIP 17 | -------------------------------------------------------------------------------- /cluster/ratel.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | labels: 5 | app: ratel 6 | name: ratel 7 | namespace: kube-system 8 | spec: 9 | replicas: 1 10 | selector: 11 | matchLabels: 12 | app: ratel 13 | strategy: 14 | rollingUpdate: 15 | maxSurge: 1 16 | maxUnavailable: 0 17 | type: RollingUpdate 18 | template: 19 | metadata: 20 | creationTimestamp: null 21 | labels: 22 | app: ratel 23 | spec: 24 | containers: 25 | - command: 26 | - sh 27 | - -c 28 | - ./ratel -c /mnt/servers.yaml 29 | env: 30 | - name: TZ 31 | value: Asia/Shanghai 32 | - name: LANG 33 | value: C.UTF-8 34 | - name: ProRunMode 35 | value: prod 36 | - name: ADMIN_USERNAME 37 | value: admin 38 | - name: ADMIN_PASSWORD 39 | value: ratel_password 40 | image: dotbalo/ratel:latest 41 | imagePullPolicy: Always 42 | livenessProbe: 43 | failureThreshold: 2 44 | initialDelaySeconds: 10 45 | periodSeconds: 60 46 | successThreshold: 1 47 | tcpSocket: 48 | port: 8888 49 | timeoutSeconds: 2 50 | name: ratel 51 | ports: 52 | - containerPort: 8888 53 | name: web 54 | protocol: TCP 55 | readinessProbe: 56 | failureThreshold: 2 57 | initialDelaySeconds: 10 58 | periodSeconds: 60 59 | successThreshold: 1 60 | tcpSocket: 61 | port: 8888 62 | timeoutSeconds: 2 63 | resources: 64 | limits: 65 | cpu: 1000m 66 | memory: 520Mi 67 | requests: 68 | cpu: 100m 69 | memory: 100Mi 70 | volumeMounts: 71 | - mountPath: /mnt 72 | name: ratel-config 73 | dnsPolicy: ClusterFirst 74 | imagePullSecrets: 75 | - name: myregistrykey 76 | restartPolicy: Always 77 | schedulerName: default-scheduler 78 | securityContext: {} 79 | terminationGracePeriodSeconds: 30 80 | volumes: 81 | - name: ratel-config 82 | secret: 83 | defaultMode: 420 84 | secretName: ratel-config 85 | -------------------------------------------------------------------------------- /cluster/servers.yaml: -------------------------------------------------------------------------------- 1 | - serverName: 'test1' 2 | serverAddress: 'https://1.1.1.1:8443' 3 | #serverAdminUser: 'xxx' 4 | #serverAdminPassword: 'xxx#' 5 | serverAdminToken: 'null' 6 | serverDashboardUrl: "https://k8s.test1.com.cn" 7 | production: 'false' 8 | kubeConfigPath: "/mnt/test1.config" 9 | - serverName: 'test2' 10 | serverAddress: 'https://1.1.1.2:8443' 11 | #serverAdminUser: 'xxx' 12 | #serverAdminPassword: 'xxx#' 13 | serverAdminToken: 'null' 14 | serverDashboardUrl: "https://k8s.test2.com.cn" 15 | production: 'false' 16 | kubeConfigPath: "/mnt/test2.config" -------------------------------------------------------------------------------- /configmap/create-configmap.md: -------------------------------------------------------------------------------- 1 | ## 6. 创建ConfigMap 2 | 3 | ### 6.1 创建ConfigMap 4 | 5 | ```` 6 | 创建ConfigMap比较简单,选择集群、Namespace,然后填写ConfigMap名称及数据信息即可,如图所示 7 | ```` 8 | 9 | ![create-cm-mt](https://github.com/dotbalo/ratel-doc/blob/master/images/create-cm-mt.png) 10 | 11 | ```` 12 | 创建完成后的界面如下 13 | ```` 14 | 15 | ![create-cm-succ](https://github.com/dotbalo/ratel-doc/blob/master/images/create-cm-succ.png) 16 | 17 | 18 | ```` 19 | 可以直接点击查看详情进入编辑页面 20 | ```` 21 | 22 | ![create-cm-edit](https://github.com/dotbalo/ratel-doc/blob/master/images/create-cm-edit.png) 23 | 24 | 25 | ### 6.2 查看ConfigMap列表 26 | 27 | ```` 28 | 可以查看不同的集群下的不同的namespace下的ConfigMap,并且可以直接进行编辑 29 | ```` 30 | 31 | ![list-cm](https://github.com/dotbalo/ratel-doc/blob/master/images/list-configmap.png) 32 | -------------------------------------------------------------------------------- /daemonset/create-daemonset.md: -------------------------------------------------------------------------------- 1 | ## 5. 创建DaemonSet 2 | 3 | ### 5.1 Metadata配置 4 | 5 | ```` 6 | Metadata配置和Deployment大致相同,主要是DaemonSet的更新策略有所变化,更新策略有RollingUpdate和OnDelete两种, 7 | 并且RollingUpdate没有maxSurge参数,如下图1所示。 8 | 9 | DaemonSet没有replicas参数 10 | 11 | ```` 12 | 13 | ![create-ds-ru](https://github.com/dotbalo/ratel-doc/blob/master/images/daemonset-ru.png) 14 | 15 | 16 | ### 5.2 其他配置 17 | 18 | ```` 19 | DaemonSet其他配合和Deployment相同 20 | ```` 21 | -------------------------------------------------------------------------------- /daemonset/edit-daemonset.md: -------------------------------------------------------------------------------- 1 | ## 2.6 编辑DaemonSet 2 | 3 | ### 2.6.1 基本说明 4 | 5 | ```` 6 | 对于DaemonSet的编辑和Deployment类似,按需更改即可。 7 | ```` 8 | -------------------------------------------------------------------------------- /deployment/copy-resource.md: -------------------------------------------------------------------------------- 1 | ## 4.1 资源复制 2 | 3 | ### 4.1.1 基本说明 4 | 5 | ```` 6 | 资源复制可以一键复制Service、Deployment、StatefulSet、DaemonSet、ConfigMap至其他集群或其他Namespace中, 7 | 复制过程可以进行自定义更改,资源复制功能使用方法类似,本次以Deployment为例。 8 | ```` 9 | 10 | ### 4.1.2 选择需要的Deployment 11 | 12 | ```` 13 | 点击Deployment选项卡 --> 查看 --> 点击复制 14 | ```` 15 | 16 | ![copy-select](https://github.com/dotbalo/ratel-doc/blob/master/images/copy-select.png) 17 | 18 | ```` 19 | 点击复制后的页面和创建、编辑类似,重新选择集群、Namespace后,可以直接创建资源,也可以自定义后创建。 20 | ```` 21 | 22 | ![copy-deployment](https://github.com/dotbalo/ratel-doc/blob/master/images/copy-dp.png) -------------------------------------------------------------------------------- /deployment/create-deployment.md: -------------------------------------------------------------------------------- 1 | ## 3. 创建Deployment 2 | 3 | ### 3.1 Metadata配置 4 | 5 | ```` 6 | Metadata配置页面如下(登录后单击Deployment-->创建): 7 | ```` 8 | 9 | ![deploymentMetadata](https://github.com/dotbalo/ratel-doc/blob/master/images/create-deployment.png) 10 | ![deploymentMetadataKNT](https://github.com/dotbalo/ratel-doc/blob/master/images/kernel-nodeselector-taint.png) 11 | ![deploymentAffinity](https://github.com/dotbalo/ratel-doc/blob/master/images/deploymentAffinity.png) 12 | 13 | ```` 14 | Metadata并非Deployment yaml文件中的metadata,此处放置的是一些Deployment的通用配置 15 | 填写说明: 16 | 选择集群: 选择之前配置的集群, 按serverName区分,选择集群后,会自动弹出Namespace的选择框。 17 | Namespace: 当前Deployment需要创建在哪个Namespace,Namespace的选择框支持搜索功能。 18 | 尽量部署至不同宿主机: 此选项相当于添加了一个Pod的Affinity的软策略,基于selector实现。 19 | 更新策略: Deployment的更新策略,此处和DaemonSet和StatefulSet更新策略不一致。 20 | 副本数: Pod的个数,可以使用鼠标滚轮或者直接键入的方式更改。 21 | 私有仓库Secret: 用于私有仓库镜像下载的账号密码,需要提前创建,点击刷新会自动获取集群的docker registry类型的secret。 22 | Labels: Labels是Deployment的label标签,当属于Deployment名字时,会自动填写一个Labels和Selector,可以按需修改、添加和删除。 23 | Selectors: Selectors是Pod的Labels和Deployment的Selector,按需修改、添加和删除。 24 | HostAliases: HostAliases是hosts文件配置,按需修改、添加和删除。 25 | 26 | NodeSelector: 节点选择器,按需修改、添加和删除。 27 | 内核配置: Pod中的内核配置,如上图的第二个图,需要kubelet允许内核配置,按需修改、添加和删除。 28 | Taint: 如上图的第二个图,容忍配置,,按需修改、添加和删除。 29 | Affinity: 如上图的第三个图,亲和力配置,目前支持一键式添加、编辑节点亲和力,将容器按照规则部署至指定节点 30 | 其他参数按需修改。 31 | 32 | 【为了保证填入数据对的准确性和完整性,填写下一个选项时,必须单击Next,不可以直接按第一个图片的视图选项,所有的均填写完毕后可以直接点击视图选项】 33 | ```` 34 | 35 | ### 3.2 Volume配置 36 | 37 | ![volume](https://github.com/dotbalo/ratel-doc/blob/master/images/volume.png) 38 | ![stsVolume](https://github.com/dotbalo/ratel-doc/blob/master/images/sts-volume.png) 39 | ![projectedVolume](https://github.com/dotbalo/ratel-doc/blob/master/images/projected-volume.png) 40 | 41 | ```` 42 | 如上图1所示,目前所支持的Volume配置有HostPath、Secret、ConfigMap、EmptyDir、PVC。 43 | 如上图2所示,目前StatefulSet的Volume配置多了一个StorageClass配置。 44 | 如上图3所示,Ratel支持一键式Projected类型的volume配置 45 | 上述的Secret、ConfigMap、PVC、StorageClass无需手动输入,单击刷新后即可自动自动获取到当前集群的相关信息。 46 | 其中StorageClass可以直接拖动如图2的申请空间大小来限制申请的动态卷的大小。 47 | 48 | 另外提供了额外的Projected Volume,可以按需配置。 49 | ```` 50 | 51 | ### 3.3 Container配置 52 | 53 | ![container](https://github.com/dotbalo/ratel-doc/blob/master/images/container.png) 54 | ![container2](https://github.com/dotbalo/ratel-doc/blob/master/images/container2.png) 55 | 56 | ```` 57 | Container配置目前几乎支持所有常见配置,Container的名称会在Deployment名称键入后自动填写一个默认的,可以按需修改。 58 | 点击如图1所示的添加按钮,可以配置多个Container,按需添加、修改和删除。 59 | 启动命令和启动参数按需修改,三个逗号加上回车分隔(为了兼容deployment的|+ 和 |-)。 60 | 比如: 61 | sh,,, 62 | -c,,, 63 | sleep 36000 64 | 对应的deployment Command为: 65 | command: 66 | - sh 67 | - -c 68 | - sleep 36000 69 | 70 | 集群的CPU和内存资源按需配置,直接拖动即可。 71 | 72 | 健康检查按需配置,目前支持httpGet、tcpSocket、exec方式。 73 | 74 | preStop和postStart按需配置。 75 | 76 | SecurityContext按需配置。 77 | 78 | 高权限运行是添加privilege=true参数至Container。 79 | 80 | 容器端口按需配置和添加,目前支持三种协议配置。 81 | 82 | 容器环境变量如图2所示,支持三种方式的容器变量配置,按需添加、修改和删除。 83 | 字符变量: key value变量,不能留空。 84 | EnvFrom: 从ConfigMap和Secret中获取变量配置。 85 | ValueFrom: 目前支持FieldRef、ConfigMapRef、SecretRef和ResourceFieldRef配置。 86 | 87 | 文件挂载配置: 88 | 文件挂载配置必须先添加Volume配置,否则无法创建文件挂载。 89 | Volume名称自动获取创建Volume。 90 | 91 | ```` 92 | 93 | ### 3.4 InitContainer配置 94 | 95 | ```` 96 | Init Container和Container的配置大致相同,按需添加和删除。 97 | ```` 98 | 99 | ### 3.5 Service和Ingress配置 100 | 101 | ![container-service](https://github.com/dotbalo/ratel-doc/blob/master/images/container-service.png) 102 | ![container-ingress](https://github.com/dotbalo/ratel-doc/blob/master/images/container-ingress.png) 103 | 104 | ```` 105 | 创建Deployment、DaemonSet和StatefulSet的页面,嵌入了简单的Service和Ingress配置。 106 | 如图1所示,在配置完Container后,如果需要添加Service(默认不添加),在开启service配置后,会根据container的端口配置自动生成Service的配置,可以按需修改、添加和删除。 107 | 此页面Service仅支持ClusterIP和NodePort两种类型。 108 | 109 | 如图2所示,在配置完Service后,如果需要添加Ingress(默认不添加),在开启Ingress后,会根据Service配置默认生成一个Ingress配置,可以按需修改、添加和删除。 110 | 如需开启https,需要提前添加tls类型的域名证书,点击刷新后即可自动读取当前集群的当前Namespace的tls类型的证书列表,无tls类型的证书无法开启https。 111 | 去除前缀的意思是: 访问www.test1.com/a/test.html 会自动变成www.test1.com/test.html。 112 | 113 | ```` 114 | 115 | ### 3.6 创建资源 116 | 117 | ```` 118 | 所有信息填写完毕后,会弹出创建按钮,点击创建即可在对于的集群的对应的namespace中创建对应的资源。 119 | 此时可以点击不同的视图进行编辑相关信息。 120 | 121 | 创建成功的页面如图: 122 | ```` 123 | 124 | ![container-create-succ](https://github.com/dotbalo/ratel-doc/blob/master/images/deployment-create-succ.png) 125 | 126 | ```` 127 | 创建失败的页面如图: 128 | 此时会打印具体的错误信息,更正后再次创建即可 129 | ```` 130 | 131 | ![container-create-succ](https://github.com/dotbalo/ratel-doc/blob/master/images/deployment-create-error.png) 132 | -------------------------------------------------------------------------------- /deployment/edit-deployment.md: -------------------------------------------------------------------------------- 1 | ## 2.5. 编辑Deployment 2 | 3 | ### 2.5.1 基本说明 4 | 5 | ```` 6 | 目前Ratel已经实现在线编辑功能,无需通过yaml文件即可完成编辑。 7 | 目前支持的编辑项并非所有选项,其中支持编辑的选项为覆盖编辑,暂不支持的编辑项不会被覆盖。 8 | 编辑Deployment的Metadata页面如下: 9 | 之后可以直接按需修改相关配置即可 10 | ```` 11 | 12 | ![editdeploymentMetadata1](https://github.com/dotbalo/ratel-doc/blob/master/images/edit-deployment-metadata-1.png) 13 | ![editdeploymentMetadata2](https://github.com/dotbalo/ratel-doc/blob/master/images/edit-deployment-metadata-2.png) 14 | ![editdeploymentMetadata3](https://github.com/dotbalo/ratel-doc/blob/master/images/edit-deployment-metadata-3.png) 15 | ![editdeploymentAffinity](https://github.com/dotbalo/ratel-doc/blob/master/images/editDeploymentAffinity.png) 16 | 17 | 18 | ### 2.5.2 Volume编辑 19 | 20 | ![editVolume-1](https://github.com/dotbalo/ratel-doc/blob/master/images/edit-volume-1.png) 21 | 22 | ```` 23 | 如上图1所示,编辑Deployment、StatefulSet(storageClass暂不支持更改)或者DaemonSet时, 24 | Ratel会自动读取相关Volume和Projected Volume配置。 25 | 可以进行编辑、添加或删除。 26 | 27 | ```` 28 | 29 | ### 3.3 Container编辑 30 | 31 | ![editContainer1](https://github.com/dotbalo/ratel-doc/blob/master/images/edit-container-1.png) 32 | ![container2](https://github.com/dotbalo/ratel-doc/blob/master/images/edit-container-2.png) 33 | 34 | ```` 35 | 对于Container的在线编辑为覆盖更新,如果编辑页面没有需要更改的参数,需谨慎操作,目前支持大部分常用参数更改, 36 | 如果没有包含你要更改的参数,不要进行更改,否则会覆盖之前的Container配置,有更改需求可以在本项目下提需求支持。 37 | 38 | ```` 39 | 40 | ### 3.4 InitContainer编辑 41 | 42 | ```` 43 | Init Container和Container的配置大致相同,按需添加和删除。 44 | ```` 45 | 46 | -------------------------------------------------------------------------------- /images/container-ingress.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/container-ingress.png -------------------------------------------------------------------------------- /images/container-service.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/container-service.png -------------------------------------------------------------------------------- /images/container.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/container.png -------------------------------------------------------------------------------- /images/container2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/container2.png -------------------------------------------------------------------------------- /images/copy-dp.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/copy-dp.png -------------------------------------------------------------------------------- /images/copy-namespace-info.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/copy-namespace-info.png -------------------------------------------------------------------------------- /images/copy-select.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/copy-select.png -------------------------------------------------------------------------------- /images/create-cm-edit.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/create-cm-edit.png -------------------------------------------------------------------------------- /images/create-cm-mt.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/create-cm-mt.png -------------------------------------------------------------------------------- /images/create-cm-succ.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/create-cm-succ.png -------------------------------------------------------------------------------- /images/create-cm.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/create-cm.png -------------------------------------------------------------------------------- /images/create-deployment.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/create-deployment.png -------------------------------------------------------------------------------- /images/create-ingress-from-service-c.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/create-ingress-from-service-c.png -------------------------------------------------------------------------------- /images/create-ingress-from-service.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/create-ingress-from-service.png -------------------------------------------------------------------------------- /images/create-ingress.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/create-ingress.png -------------------------------------------------------------------------------- /images/create-service-from-service.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/create-service-from-service.png -------------------------------------------------------------------------------- /images/create-service-list-dp.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/create-service-list-dp.png -------------------------------------------------------------------------------- /images/create-service.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/create-service.png -------------------------------------------------------------------------------- /images/create-sts-metadata-ru.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/create-sts-metadata-ru.png -------------------------------------------------------------------------------- /images/create-sts-metadata.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/create-sts-metadata.png -------------------------------------------------------------------------------- /images/createNS.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/createNS.png -------------------------------------------------------------------------------- /images/createSecret.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/createSecret.png -------------------------------------------------------------------------------- /images/daemonset-ru.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/daemonset-ru.png -------------------------------------------------------------------------------- /images/defaultRqLimit.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/defaultRqLimit.png -------------------------------------------------------------------------------- /images/deployment-create-error.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/deployment-create-error.png -------------------------------------------------------------------------------- /images/deployment-create-succ.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/deployment-create-succ.png -------------------------------------------------------------------------------- /images/deploymentAffinity.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/deploymentAffinity.png -------------------------------------------------------------------------------- /images/dockerType.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/dockerType.png -------------------------------------------------------------------------------- /images/dplist.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/dplist.png -------------------------------------------------------------------------------- /images/dslist.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/dslist.png -------------------------------------------------------------------------------- /images/edit-container-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/edit-container-1.png -------------------------------------------------------------------------------- /images/edit-container-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/edit-container-2.png -------------------------------------------------------------------------------- /images/edit-deployment-metadata-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/edit-deployment-metadata-1.png -------------------------------------------------------------------------------- /images/edit-deployment-metadata-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/edit-deployment-metadata-2.png -------------------------------------------------------------------------------- /images/edit-deployment-metadata-3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/edit-deployment-metadata-3.png -------------------------------------------------------------------------------- /images/edit-service.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/edit-service.png -------------------------------------------------------------------------------- /images/edit-volume-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/edit-volume-1.png -------------------------------------------------------------------------------- /images/editDeploymentAffinity.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/editDeploymentAffinity.png -------------------------------------------------------------------------------- /images/editIngresses.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/editIngresses.png -------------------------------------------------------------------------------- /images/editRQ.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/editRQ.png -------------------------------------------------------------------------------- /images/index.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/index.png -------------------------------------------------------------------------------- /images/index2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/index2.png -------------------------------------------------------------------------------- /images/kernel-nodeselector-taint.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/kernel-nodeselector-taint.png -------------------------------------------------------------------------------- /images/list-configmap.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/list-configmap.png -------------------------------------------------------------------------------- /images/list-ingresses.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/list-ingresses.png -------------------------------------------------------------------------------- /images/list-services.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/list-services.png -------------------------------------------------------------------------------- /images/listNS.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/listNS.png -------------------------------------------------------------------------------- /images/login.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/login.png -------------------------------------------------------------------------------- /images/nodelist.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/nodelist.png -------------------------------------------------------------------------------- /images/opaqueType.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/opaqueType.png -------------------------------------------------------------------------------- /images/podslist.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/podslist.png -------------------------------------------------------------------------------- /images/projected-volume.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/projected-volume.png -------------------------------------------------------------------------------- /images/serviceAccountPer.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/serviceAccountPer.jpg -------------------------------------------------------------------------------- /images/sts-service.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/sts-service.png -------------------------------------------------------------------------------- /images/sts-volume-sc.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/sts-volume-sc.png -------------------------------------------------------------------------------- /images/sts-volume.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/sts-volume.png -------------------------------------------------------------------------------- /images/stslist.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/stslist.png -------------------------------------------------------------------------------- /images/svclist.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/svclist.png -------------------------------------------------------------------------------- /images/tlsType.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/tlsType.png -------------------------------------------------------------------------------- /images/update-cm.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/update-cm.png -------------------------------------------------------------------------------- /images/volume.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dotbalo/ratel-doc/cd137871cdd5f38b4b49d4711f62e31aa0011116/images/volume.png -------------------------------------------------------------------------------- /ingress/create-ingress.md: -------------------------------------------------------------------------------- 1 | ## 2.6 创建Ingress(目前仅支持ingress nginx) 2 | 3 | ### 2.6.1 基本说明 4 | 5 | ```` 6 | 创建Ingress和创建Service类型,可以从Service列表中创建,也可以直接在创建Ingress列表中创建。 7 | 在Service列表中选择Service创建,一个Ingress只能绑定一个Service,直接创建Ingress可以绑定同一个Namespace的多个Service。 8 | ```` 9 | 10 | ### 2.6.2 从Service列表创建 11 | 12 | ```` 13 | 点击Service选项卡的查看 --> 点击添加路由,如图所示: 14 | ```` 15 | 16 | ![listSvc](https://github.com/dotbalo/ratel-doc/blob/master/images/create-ingress-from-service.png) 17 | 18 | ```` 19 | 之后可以添加对应的域名绑定至service的对应端口 20 | ```` 21 | 22 | ![createIngress](https://github.com/dotbalo/ratel-doc/blob/master/images/create-ingress-from-service-c.png) 23 | 24 | ```` 25 | 可以选择性的添加Ingress的注释、Labels。 26 | 域名可以选择性添加多个域名,也可以开启HTTPS(必须添加TLS类型的secret) 27 | 去除前缀的意思是将xxx.com/abc/1 代理到 xxx.com/1(开启去除前缀后,会创建一个名称为xxx-strip-path的ingress,和不去除前缀的ingress分开) 28 | ```` 29 | 30 | ### 2.6.3 直接创建Ingress 31 | 32 | ```` 33 | 相对于上一个创建方式,直接创建Ingress可以绑定多个Service,点击Ingress选项卡 --> 创建,如下图所示 34 | ```` 35 | 36 | ![createIngress](https://github.com/dotbalo/ratel-doc/blob/master/images/create-ingress.png) 37 | 38 | ```` 39 | 选择对应的Kubernetes集群、Namespace和Service(多选),之后可以生成对应的ingress列表,配置方式和上述方式一致,如图 40 | ```` 41 | 42 | 43 | -------------------------------------------------------------------------------- /ingress/edit-ingress.md: -------------------------------------------------------------------------------- 1 | ## 3.5 编辑Ingress(仅支持ingress nginx) 2 | 3 | ### 3.5.1 说明 4 | 5 | ```` 6 | 选择对应的ingress,可以直接进行编辑,如图所示 7 | ```` 8 | 9 | ![listIngresses](https://github.com/dotbalo/ratel-doc/blob/master/images/list-ingresses.png) 10 | 11 | ![editIngresses](https://github.com/dotbalo/ratel-doc/blob/master/images/editIngresses.png) 12 | 13 | -------------------------------------------------------------------------------- /namespace/copy-resource.md: -------------------------------------------------------------------------------- 1 | ## 4.2 Namespace复制 2 | 3 | ### 4.2.1 说明 4 | 5 | ```` 6 | Ratel提供一键式复制整个Namespace,一般用于新建环境,或者跨集群迁移一个namespace的所有实例。 7 | 目前支持几乎所有常用类型资源的复制 8 | ```` 9 | 10 | ![copyNamespaceInfo](https://github.com/dotbalo/ratel-doc/blob/master/images/copy-namespace-info.png) 11 | 12 | ```` 13 | 点击对应的资源类型,可以选择迁移指定的资源或者所有资源 14 | 15 | 注意: 无Selector的Service迁移后需要手动更改Endpoint的目标端口和IP 16 | PV和PVC的迁移需要注意正确性 17 | 勾选自动替换harbor地址,用于多集群不同harbor的场景,可以将harbor配置换成对应集群的harbor配置。 18 | 会替换dockerjson类型的Secret和Deployment、StatefulSet、DaemonSet的镜像地址 19 | ```` -------------------------------------------------------------------------------- /namespace/create-namespace.md: -------------------------------------------------------------------------------- 1 | ## 2.8 创建Namespace 2 | 3 | ### 2.8.1 说明 4 | 5 | ```` 6 | 点击Namespaces选项卡 -- 创建,即可创建namespace 7 | 可以选择性进行资源限制,资源限制创建的是ResourceQuota,如图所示 8 | ```` 9 | 10 | ![createNS](https://github.com/dotbalo/ratel-doc/blob/master/images/createNS.png) 11 | 12 | 13 | ```` 14 | 也可以选择性的配置默认的资源请求和限制 15 | ```` 16 | 17 | ![defaultRqLimit](https://github.com/dotbalo/ratel-doc/blob/master/images/defaultRqLimit.png) 18 | -------------------------------------------------------------------------------- /namespace/create-rq.md: -------------------------------------------------------------------------------- 1 | ## 3.6 创建ResourceQuota 2 | 3 | ### 3.6.1 说明 4 | 5 | ```` 6 | 创建资源配额可以在创建namespace时进行创建,也可以在namespace的列表页进行添加,如图所示 7 | ```` 8 | 9 | ![listNS](https://github.com/dotbalo/ratel-doc/blob/master/images/listNS.png) 10 | 11 | ### 3.6.2 创建和编辑 12 | 13 | ```` 14 | 创建资源配额,按需填写对应的资源限制即可,单位按需配置。 15 | 对于ResourceQuota的编辑,因为一个namespace可以同时存在ResourceQuota,所以需要点击namespaces选项卡下面的资源配额管理, 16 | 然后进行选择性配置,如图所示: 17 | ```` 18 | 19 | ![editRQ](https://github.com/dotbalo/ratel-doc/blob/master/images/editRQ.png) 20 | 21 | -------------------------------------------------------------------------------- /pvpvc/create-pvpvc.md: -------------------------------------------------------------------------------- 1 | ## 2.9 创建PV PVC 2 | 3 | ### 2.9.1 说明 4 | 5 | ```` 6 | 填写对应资源即可。目前仅支持NFS类型的PV 7 | ```` 8 | 9 | 10 | 11 | -------------------------------------------------------------------------------- /secret/create-secret.md: -------------------------------------------------------------------------------- 1 | ## 2.7 创建Secret 2 | 3 | ### 2.7.1 说明 4 | 5 | ```` 6 | 目前支持创建三种最常用的Secret类型,dockerconfigjson、Opaque、tls,创建后自动加密 7 | 各类型如下: 8 | ```` 9 | 10 | ![opaqueType](https://github.com/dotbalo/ratel-doc/blob/master/images/opaqueType.png) 11 | 12 | ![dockerType](https://github.com/dotbalo/ratel-doc/blob/master/images/dockerType.png) 13 | 14 | ![tlsType](https://github.com/dotbalo/ratel-doc/blob/master/images/tlsType.png) 15 | 16 | ### 2.7.2 创建和更新 17 | 18 | ```` 19 | 选择对应的类型,然后输入相关信息即可创建, 更新Secret类似。 20 | ```` -------------------------------------------------------------------------------- /service/create-service.md: -------------------------------------------------------------------------------- 1 | ## 2.5 创建Service 2 | 3 | ### 2.5.1 基本说明 4 | 5 | ```` 6 | 创建Service可以从资源列表中创建,也可以直接在创建Service的页面创建。 7 | 目前可以将Service绑定至Deployment、StatefulSet、DaemonSet, 8 | 选择对应的资源,可以自动生成端口列表,避免了手动创建的出错。 9 | ```` 10 | 11 | ### 2.5.2 从资源列表创建Service 12 | 13 | ```` 14 | 不同资源类型创建Service的方式相同,本次以Deployment创建为例,其他资源创建类似。 15 | ```` 16 | 17 | #### 2.5.2.1 查看Deployment列表 18 | 19 | ```` 20 | 点击Deployment --> 查看,如下图所示: 21 | ```` 22 | 23 | ![listDP](https://github.com/dotbalo/ratel-doc/blob/master/images/create-service-list-dp.png) 24 | 25 | ```` 26 | 点击【添加Service】按钮后如下图所示,目前仅支持ClusterIP、NodePort、None三种类型的Service,其他类型资源创建Service步骤一样 27 | ```` 28 | 29 | ![createService](https://github.com/dotbalo/ratel-doc/blob/master/images/create-service.png) 30 | 31 | 32 | ### 2.5.3 直接创建Service 33 | 34 | ```` 35 | 可以直接从Service选项卡直接创建Service,点击Service --> 创建Service,如下图所示, 36 | 可以通过选择不同的资源类型,和不同的资源进行创建,选择后对应的资源端口列表自动生成。 37 | ```` 38 | 39 | ![createServiceFromService](https://github.com/dotbalo/ratel-doc/blob/master/images/create-service-from-service.png) -------------------------------------------------------------------------------- /service/edit-service.md: -------------------------------------------------------------------------------- 1 | ## 3.4 编辑Service 2 | 3 | ### 3.4.1 4 | 5 | ```` 6 | Service的在线编辑,可以修改Service的基本信息:Service端口、容器端口、Service类型、端口名称、Labels、Selector等。 7 | 8 | 点击Service选项卡的查看 --> 找到对应集群对应Namespace的Service列表,然后点击编辑,如下图所示: 9 | ```` 10 | 11 | ![listService](https://github.com/dotbalo/ratel-doc/blob/master/images/list-services.png) 12 | 13 | ```` 14 | 点击编辑后,可以修改对应的信息,如下图所示: 15 | ```` 16 | 17 | ![editService](https://github.com/dotbalo/ratel-doc/blob/master/images/list-services.png) -------------------------------------------------------------------------------- /statefulset/create-statefulset.md: -------------------------------------------------------------------------------- 1 | ## 4. 创建StatefulSet 2 | 3 | ### 4.1 Metadata配置 4 | 5 | ```` 6 | Metadata配置和Deployment大致相同,主要是StatefulSet的更新策略有所变化,更新策略有RollingUpdate和OnDelete两种, 7 | 并且RollingUpdate采用的是Partition 8 | 如下图所示: 9 | ```` 10 | 11 | ![create-sts-metadata](https://github.com/dotbalo/ratel-doc/blob/master/images/create-sts-metadata.png) 12 | 13 | ![create-sts-metadata-2](https://github.com/dotbalo/ratel-doc/blob/master/images/create-sts-metadata-ru.png) 14 | 15 | 16 | ### 4.2 Volume配置 17 | 18 | ```` 19 | Volume配置和Deployment的Volume配置也大致相同,区别在于StatefulSet多了一个StorageClass类型的Volume,如图所示: 20 | ```` 21 | 22 | ![create-sts-volume-sc](https://github.com/dotbalo/ratel-doc/blob/master/images/sts-volume-sc.png) 23 | 24 | ### 4.3 Container和InitContainer 25 | 26 | ```` 27 | Container和InitContainer配置和Deployment相同 28 | ```` 29 | 30 | ### 4.4 Service配置 31 | 32 | ```` 33 | Service配置比Deployment多了一个使用先有Service配置,点击刷新即可获取当前集群当前namespace的Service列表, 34 | 也可以创建新的Service,创建StatefulSet必须有Service,如下图所示: 35 | ```` 36 | 37 | ![create-sts-svc](https://github.com/dotbalo/ratel-doc/blob/master/images/sts-service.png) -------------------------------------------------------------------------------- /statefulset/edit-statefulset.md: -------------------------------------------------------------------------------- 1 | ## 2.7 编辑StatefulSet 2 | 3 | ### 2.7.1 基本说明 4 | 5 | ```` 6 | 编辑StatefulSet和Deployment类似,按需修改即可。 7 | ```` 8 | 9 | -------------------------------------------------------------------------------- /users/users.md: -------------------------------------------------------------------------------- 1 | ## 5.1 账号管理 2 | 3 | ### 5.1.1 基于Basic账号管理(k8s 1.19+已经废弃) 4 | 5 | ```` 6 | 参考链接:https://www.cnblogs.com/dukuan/p/11976406.html 7 | ```` 8 | 9 | ### 5.1.2 基于ServiceAccount(推荐) 10 | 11 | ```` 12 | 基于ServiceAccount是推荐的账号管理方式,为了方便开发及测试登录k8s的Dashboard,进行相关操作,目前仅支持如下权限配置 13 | ```` 14 | 15 | ![serviceAccountPer](https://github.com/dotbalo/ratel-doc/blob/master/images/serviceAccountPer.jpg) 16 | 17 | ```` 18 | 和基本认证区别是需要提前创建名为kube-users的namespace:kubectl create ns kube-users 19 | 然后添加如下的ClusterroleBinding 20 | vim ratel-rbac.yaml 21 | 22 | apiVersion: v1 23 | items: 24 | - apiVersion: rbac.authorization.k8s.io/v1 25 | kind: ClusterRole 26 | metadata: 27 | annotations: 28 | rbac.authorization.kubernetes.io/autoupdate: "true" 29 | labels: 30 | kubernetes.io/bootstrapping: rbac-defaults 31 | rbac.authorization.k8s.io/aggregate-to-edit: "true" 32 | name: ratel-namespace-readonly 33 | rules: 34 | - apiGroups: 35 | - "" 36 | resources: 37 | - namespaces 38 | verbs: 39 | - get 40 | - list 41 | - watch 42 | - apiGroups: 43 | - metrics.k8s.io 44 | resources: 45 | - pods 46 | verbs: 47 | - get 48 | - list 49 | - watch 50 | - apiVersion: rbac.authorization.k8s.io/v1 51 | kind: ClusterRole 52 | metadata: 53 | name: ratel-pod-delete 54 | rules: 55 | - apiGroups: 56 | - "" 57 | resources: 58 | - pods 59 | verbs: 60 | - get 61 | - list 62 | - delete 63 | - apiVersion: rbac.authorization.k8s.io/v1 64 | kind: ClusterRole 65 | metadata: 66 | name: ratel-pod-exec 67 | rules: 68 | - apiGroups: 69 | - "" 70 | resources: 71 | - pods 72 | - pods/log 73 | verbs: 74 | - get 75 | - list 76 | - apiGroups: 77 | - "" 78 | resources: 79 | - pods/exec 80 | verbs: 81 | - create 82 | - apiVersion: rbac.authorization.k8s.io/v1 83 | kind: ClusterRole 84 | metadata: 85 | annotations: 86 | rbac.authorization.kubernetes.io/autoupdate: "true" 87 | name: ratel-resource-edit 88 | rules: 89 | - apiGroups: 90 | - "" 91 | resources: 92 | - configmaps 93 | - persistentvolumeclaims 94 | - services 95 | - services/proxy 96 | verbs: 97 | - patch 98 | - update 99 | - apiGroups: 100 | - apps 101 | resources: 102 | - daemonsets 103 | - deployments 104 | - deployments/rollback 105 | - deployments/scale 106 | - statefulsets 107 | - statefulsets/scale 108 | verbs: 109 | - patch 110 | - update 111 | - apiGroups: 112 | - autoscaling 113 | resources: 114 | - horizontalpodautoscalers 115 | verbs: 116 | - patch 117 | - update 118 | - apiGroups: 119 | - batch 120 | resources: 121 | - cronjobs 122 | - jobs 123 | verbs: 124 | - patch 125 | - update 126 | - apiGroups: 127 | - extensions 128 | resources: 129 | - daemonsets 130 | - deployments 131 | - deployments/rollback 132 | - deployments/scale 133 | - ingresses 134 | verbs: 135 | - patch 136 | - update 137 | - apiVersion: rbac.authorization.k8s.io/v1 138 | kind: ClusterRole 139 | metadata: 140 | name: ratel-resource-readonly 141 | rules: 142 | - apiGroups: 143 | - "" 144 | resources: 145 | - configmaps 146 | - endpoints 147 | - persistentvolumeclaims 148 | - pods 149 | - replicationcontrollers 150 | - replicationcontrollers/scale 151 | - serviceaccounts 152 | - services 153 | verbs: 154 | - get 155 | - list 156 | - watch 157 | - apiGroups: 158 | - "" 159 | resources: 160 | - bindings 161 | - events 162 | - limitranges 163 | - namespaces/status 164 | - pods/log 165 | - pods/status 166 | - replicationcontrollers/status 167 | - resourcequotas 168 | - resourcequotas/status 169 | verbs: 170 | - get 171 | - list 172 | - watch 173 | - apiGroups: 174 | - "" 175 | resources: 176 | - namespaces 177 | verbs: 178 | - get 179 | - list 180 | - watch 181 | - apiGroups: 182 | - apps 183 | resources: 184 | - controllerrevisions 185 | - daemonsets 186 | - deployments 187 | - deployments/scale 188 | - replicasets 189 | - replicasets/scale 190 | - statefulsets 191 | - statefulsets/scale 192 | verbs: 193 | - get 194 | - list 195 | - watch 196 | - apiGroups: 197 | - autoscaling 198 | resources: 199 | - horizontalpodautoscalers 200 | verbs: 201 | - get 202 | - list 203 | - watch 204 | - apiGroups: 205 | - batch 206 | resources: 207 | - cronjobs 208 | - jobs 209 | verbs: 210 | - get 211 | - list 212 | - watch 213 | - apiGroups: 214 | - extensions 215 | resources: 216 | - daemonsets 217 | - deployments 218 | - deployments/scale 219 | - ingresses 220 | - networkpolicies 221 | - replicasets 222 | - replicasets/scale 223 | - replicationcontrollers/scale 224 | verbs: 225 | - get 226 | - list 227 | - watch 228 | - apiGroups: 229 | - policy 230 | resources: 231 | - poddisruptionbudgets 232 | verbs: 233 | - get 234 | - list 235 | - watch 236 | - apiGroups: 237 | - networking.k8s.io 238 | resources: 239 | - networkpolicies 240 | verbs: 241 | - get 242 | - list 243 | - watch 244 | - apiGroups: 245 | - metrics.k8s.io 246 | resources: 247 | - pods 248 | verbs: 249 | - get 250 | - list 251 | - watch 252 | kind: List 253 | metadata: 254 | resourceVersion: "" 255 | selfLink: "" 256 | 257 | kubectl create -f ratel-rbac.yaml 258 | ```` 259 | --------------------------------------------------------------------------------