chore: 清理调试脚本并收敛到 Ansible 流程
移除已废弃的调试/验证脚本与空目录,统一文档与脚本说明到 ansible-playbook 的部署方式,避免失效引用和误用路径。 Made-with: Cursor
This commit is contained in:
@@ -1,98 +1,98 @@
|
||||
# 03-02 TLS: M2 控制节点 + IngressRoute,路径 /(根路径),域名 test02.jackadam.top
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: nginx-m2-html
|
||||
namespace: default
|
||||
data:
|
||||
index.html: |
|
||||
apiVersion: v1 # ConfigMap 使用的 API 版本
|
||||
kind: ConfigMap # 配置资源类型:ConfigMap
|
||||
metadata: # ConfigMap 标识信息
|
||||
name: nginx-m2-html # ConfigMap 名称
|
||||
namespace: default # 命名空间
|
||||
data: # ConfigMap 数据区
|
||||
index.html: | # HTML 内容:挂载到 nginx 网页目录(内部内容行不改动)
|
||||
<!DOCTYPE html>
|
||||
<html><head><meta charset="utf-8"><title>M2</title></head>
|
||||
<body><h1>M2</h1><p>控制节点 + IngressRoute</p></body></html>
|
||||
default.conf: |
|
||||
default.conf: | # nginx 配置:通过 subPath 挂载到 conf.d/default.conf(内部内容行不改动)
|
||||
server { listen 80; server_name localhost; root /usr/share/nginx/html; index index.html; location / { add_header X-Backend "M2"; try_files $uri $uri/ /index.html; } }
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: nginx-m2
|
||||
namespace: default
|
||||
labels:
|
||||
app: nginx-m2
|
||||
matrix: "03-02-m2"
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: nginx-m2
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: nginx-m2
|
||||
spec:
|
||||
nodeSelector:
|
||||
kubernetes.io/hostname: ylc61
|
||||
volumes:
|
||||
- name: html
|
||||
configMap:
|
||||
name: nginx-m2-html
|
||||
containers:
|
||||
- name: nginx
|
||||
image: nginx:alpine
|
||||
ports:
|
||||
- containerPort: 80
|
||||
volumeMounts:
|
||||
- name: html
|
||||
mountPath: /usr/share/nginx/html/index.html
|
||||
subPath: index.html
|
||||
readOnly: true
|
||||
- name: html
|
||||
mountPath: /etc/nginx/conf.d/default.conf
|
||||
subPath: default.conf
|
||||
readOnly: true
|
||||
apiVersion: apps/v1 # Deployment 使用的 API 版本
|
||||
kind: Deployment # 工作负载:Deployment
|
||||
metadata: # Deployment 标识信息
|
||||
name: nginx-m2 # Deployment 名称
|
||||
namespace: default # 部署命名空间
|
||||
labels: # 标签
|
||||
app: nginx-m2 # 应用标签
|
||||
matrix: "03-02-m2" # 矩阵编号标签
|
||||
spec: # Deployment 期望状态
|
||||
replicas: 1 # 副本数
|
||||
selector: # 选择器
|
||||
matchLabels: # 标签匹配集合(用于选中模板 Pod)
|
||||
app: nginx-m2 # 必须与 template.labels 对齐
|
||||
template: # Pod 模板
|
||||
metadata: # Pod 元信息
|
||||
labels: # Pod 标签
|
||||
app: nginx-m2 # Pod 标签
|
||||
spec: # Pod 规范
|
||||
nodeSelector: # 固定到指定主机
|
||||
kubernetes.io/hostname: ylc61 # 控制节点主机名
|
||||
volumes: # 卷定义
|
||||
- name: html # 卷名
|
||||
configMap: # 卷来源
|
||||
name: nginx-m2-html # ConfigMap 名称
|
||||
containers: # 容器列表
|
||||
- name: nginx # 容器名
|
||||
image: nginx:alpine # nginx 镜像
|
||||
ports: # 容器端口
|
||||
- containerPort: 80 # HTTP 端口
|
||||
volumeMounts: # 容器挂载
|
||||
- name: html # 引用卷
|
||||
mountPath: /usr/share/nginx/html/index.html # 网页首页
|
||||
subPath: index.html # ConfigMap 的 key
|
||||
readOnly: true # 只读
|
||||
- name: html # 仍引用同一卷
|
||||
mountPath: /etc/nginx/conf.d/default.conf # nginx 配置文件
|
||||
subPath: default.conf # ConfigMap 的 key
|
||||
readOnly: true # 只读
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: nginx-m2
|
||||
namespace: default
|
||||
spec:
|
||||
selector:
|
||||
app: nginx-m2
|
||||
ports:
|
||||
- port: 80
|
||||
targetPort: 80
|
||||
apiVersion: v1 # Service 使用的 API 版本
|
||||
kind: Service # 网络抽象:把 Pod 暴露为稳定入口
|
||||
metadata: # Service 标识
|
||||
name: nginx-m2 # Service 名称
|
||||
namespace: default # 命名空间
|
||||
spec: # Service 期望状态
|
||||
selector: # Service 选择器
|
||||
app: nginx-m2 # 选中后端 Pod
|
||||
ports: # Service 端口
|
||||
- port: 80 # Service 端口
|
||||
targetPort: 80 # 转发端口
|
||||
---
|
||||
apiVersion: traefik.io/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
name: nginx-m2
|
||||
namespace: default
|
||||
spec:
|
||||
entryPoints:
|
||||
- websecure
|
||||
routes:
|
||||
- match: Host(`test02.jackadam.top`)
|
||||
kind: Rule
|
||||
services:
|
||||
- name: nginx-m2
|
||||
port: 80
|
||||
tls:
|
||||
certResolver: cloudflare
|
||||
apiVersion: traefik.io/v1alpha1 # IngressRoute API 版本
|
||||
kind: IngressRoute # Traefik 路由 CRD
|
||||
metadata: # IngressRoute 标识
|
||||
name: nginx-m2 # 资源名称
|
||||
namespace: default # 命名空间
|
||||
spec: # 规则
|
||||
entryPoints: # 入口点
|
||||
- websecure # 使用 HTTPS entrypoint
|
||||
routes: # 路由列表
|
||||
- match: Host(`test02.jackadam.top`) # 域名匹配
|
||||
kind: Rule # 规则类型
|
||||
services: # 后端服务
|
||||
- name: nginx-m2 # 后端 Service
|
||||
port: 80 # 后端端口
|
||||
tls: # TLS 配置
|
||||
certResolver: cloudflare # 使用 cloudflare certResolver
|
||||
---
|
||||
# 03-02 HTTP-only:M2 路由(仅 web,无 TLS),与 nginx-m2 共用 Service
|
||||
apiVersion: traefik.io/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
name: nginx-m2-http
|
||||
namespace: default
|
||||
spec:
|
||||
entryPoints:
|
||||
- web
|
||||
routes:
|
||||
- match: Host(`test02.jackadam.top`)
|
||||
kind: Rule
|
||||
services:
|
||||
- name: nginx-m2
|
||||
port: 80
|
||||
apiVersion: traefik.io/v1alpha1 # IngressRoute API 版本
|
||||
kind: IngressRoute # Traefik 路由资源
|
||||
metadata: # 标识
|
||||
name: nginx-m2-http # 名称
|
||||
namespace: default # 命名空间
|
||||
spec: # 规则
|
||||
entryPoints: # 入口点列表
|
||||
- web # 使用 HTTP entrypoint
|
||||
routes: # 路由列表
|
||||
- match: Host(`test02.jackadam.top`) # 域名匹配
|
||||
kind: Rule # 规则类型
|
||||
services: # 后端服务
|
||||
- name: nginx-m2 # 后端 Service
|
||||
port: 80 # 端口
|
||||
|
||||
Reference in New Issue
Block a user