jack/Deploy-Laboratory
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: 按 doc_id 重组 ansible/files 与验证框架

Browse Source 
- ansible/files 改为与文档 XX-YY 对齐的目录结构,更新相关 playbook 路径
- 新增 scripts/verify.sh 与 ansible/playbooks/verify/*.yml,移除单体 verify-matrix.yml
- 补充 docs/00-02 矩阵状态、00-05 验证框架与流程、00-04 环境与 ylc65 工作机说明
- 增加 k3s 存储准备、Longhorn、local-path 等 playbook 与辅助脚本

Made-with: Cursor
This commit is contained in:
jack
2026-03-26 07:01:14 +08:00
parent a67788de56
commit 8c43761962
192 changed files with 4006 additions and 320 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
docs/03-03-k3s-traefik-dashboard-acme.md
View File

@@ -20,7 +20,7 @@ kubectl -n kube-system create secret generic cloudflare-api-token \
> 说明Traefik 的 `HelmChartConfig` 只能有一份Dashboard 与 ACME 需合并在同一文件中。**ACME 配置基于 03-03 实机验证**(递归 DNS、propagation 等待、ping、PROXY protocol、nodeSelector
创建 `traefik-dashboard-acme.yaml`,推荐放入 K3s manifests 目录(路径同 03-02。**唯一真源**(已含 **`persistence`local-path+ ACME + Dashboard + IngressRoute**,证书落盘 `/data/acme.json`[`traefik-dashboard-acme.yaml`](../ansible/files/traefik-dashboard-acme/traefik-dashboard-acme.yaml);复制后替换 `<YOUR_REAL_EMAIL>` 等占位符,或在仓库根执行 `kubectl apply -f ansible/files/traefik-dashboard-acme/traefik-dashboard-acme.yaml`。细节见 `03-05-k3s-local-path-pvc.md`
创建 `traefik-dashboard-acme.yaml`,推荐放入 K3s manifests 目录(路径同 03-02。**唯一真源**(已含 **`persistence`local-path+ ACME + Dashboard + IngressRoute**,证书落盘 `/data/acme.json`[`traefik-dashboard-acme.yaml`](../ansible/files/03-03-traefik-dashboard-acme/traefik-dashboard-acme.yaml);复制后替换 `<YOUR_REAL_EMAIL>` 等占位符,或在仓库根执行 `kubectl apply -f ansible/files/03-03-traefik-dashboard-acme/traefik-dashboard-acme.yaml`。细节见 `03-05-k3s-local-path-pvc.md`
> 将 `<YOUR_REAL_EMAIL>` 替换为你的邮箱。正式上线前删除 `caserver` 该行即切回生产 Let's Encrypt。**ACME 排障**DNS 解析错误、证书解析器不存在等)见 `03-02-k3s-traefik-acme.md` 中「常见问题」与「排查」小节。
@@ -76,12 +76,12 @@ kubectl -n kube-system logs deploy/traefik --tail=100 | grep -i acme
> 本节给出一个**完整、独立**的 Tomcat 示例:包含 Deployment + Service + Ingress三段 YAML域名为 `test05.jackadam.top`。前提是已经按本页前文配置并成功加载了 ACME`traefik-acme.yaml` 或 `traefik-dashboard-acme.yaml`)。
1. **唯一真源**[`ansible/files/traefik-dashboard-acme/tomcat-acme.yaml`](../ansible/files/traefik-dashboard-acme/tomcat-acme.yaml)。将其中域名改成你实际解析到集群入口 IP 的 FQDN。
1. **唯一真源**[`ansible/files/03-03-traefik-dashboard-acme/tomcat-acme.yaml`](../ansible/files/03-03-traefik-dashboard-acme/tomcat-acme.yaml)。将其中域名改成你实际解析到集群入口 IP 的 FQDN。
2. 应用并查看 ACME 日志 + 访问验证:
```bash
kubectl apply -f ansible/files/traefik-dashboard-acme/tomcat-acme.yaml
kubectl apply -f ansible/files/03-03-traefik-dashboard-acme/tomcat-acme.yaml
# 查看 ACME 相关日志(证书申请、签发情况)
kubectl -n kube-system logs deploy/traefik --tail=200 | grep -i acme || true