一、Harbor
https://goharbor.io/docs/2.1.0/install-config/harbor-ha-helm/
helm repo add harbor https://helm.goharbor.iohelm fetch harbor/harbor --untar#提前创建pvchelm install harbor harbor/harbor -n harbor -f value.yaml
参考配置 value.yaml
expose:
type: ingress
tls:
certSource: secret
secret:
secretName: "tls-3incloudcn"
notarySecretName: "tls-3incloudcn"
ingress:
hosts:
core: harbor.3incloud.cn
notary: notary.3incloud.cn
externalURL: https://harbor.3incloud.cn
persistence:
enabled: true
resourcePolicy: "keep"
persistentVolumeClaim:
registry:
existingClaim: "harbor-pvc"
storageClass: "-"
subPath: "registry"
chartmuseum:
existingClaim: "harbor-pvc"
storageClass: "-"
subPath: "chartmuseum"
jobservice:
existingClaim: "harbor-pvc"
storageClass: "-"
subPath: "jobservice"
database:
existingClaim: "harbor-pvc"
storageClass: "-"
subPath: "database"
redis:
existingClaim: "harbor-pvc"
storageClass: "-"
subPath: "redis"
trivy:
existingClaim: "harbor-pvc"
storageClass: "-"
subPath: "trivy"
由于Harbor需要的pvc太多,我们这里采用共享卷,以subPath的方式来区分不同的组建,这样便于管理,需要提前准备好harbor-pvc
harbor-pvc.yaml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: harbor-pvc
annotations:
volume.beta.kubernetes.io/storage-class: glusterfs-storage
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 360Gi
二、Jenkins
官方Charts
https://github.com/jenkinsci/helm-charts
示例value.yaml
master:
resources:
requests:
cpu: "4"
memory: "8Gi"
limits:
cpu: "4"
memory: "8Gi"
ingress:
enabled: true
apiVersion: "networking.k8s.io/v1beta1"
annotations:
kubernetes.io/ingress.class: nginx
kubernetes.io/tls-acme: "true"
path: "/"
hostName: jenkins.3incloud.cn
tls:
- secretName: tls-3incloudcn
hosts:
- jenkins.3incloud.cn
prometheus:
enabled: true
serviceMonitorAdditionalLabels:
release: g-kube-prometheus-stack
persistence:
size: 80Gi
agent:
image: "harbor.3incloud.cn/jenkins/jnlp"
tag: "4.3-4"
resources:
requests:
cpu: "2"
memory: "2048Mi"
limits:
cpu: "2"
memory: "2048Mi"
volumes:
- type: HostPath
hostPath: /var/run/docker.sock
mountPath: /var/run/docker.sock
command: ''
args: ''
其它安装细节见在Kubernetes上使用Jenkins
三、Mariadb
https://github.com/bitnami/charts/tree/master/bitnami/mariadb
mysql优化:https://linux.cn/article-5730-1.html
auth:
rootPassword: "<Password>"
primary:
configuration: |-
[mysqld]
skip-name-resolve
explicit_defaults_for_timestamp
basedir=/opt/bitnami/mariadb
plugin_dir=/opt/bitnami/mariadb/plugin
port=3306
socket=/opt/bitnami/mariadb/tmp/mysql.sock
tmpdir=/opt/bitnami/mariadb/tmp
max_allowed_packet=16M
bind-address=0.0.0.0
pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid
log-error=/opt/bitnami/mariadb/logs/mysqld.log
character-set-server=UTF8
collation-server=utf8_general_ci
innodb_buffer_pool_size=24G
max_connections=2000
thread_cache_size=16
skip-name-resolve
query_cache_type = 1
query_cache_limit = 256K
query_cache_min_res_unit = 2k
query_cache_size = 180M
slow-query-log = 1
slow-query-log-file = /opt/bitnami/mariadb/logs/mysql-slow.log
long_query_time = 1
[client]
port=3306
socket=/opt/bitnami/mariadb/tmp/mysql.sock
default-character-set=UTF8
plugin_dir=/opt/bitnami/mariadb/plugin
[manager]
port=3306
socket=/opt/bitnami/mariadb/tmp/mysql.sock
pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid
resources:
limits:
memory: 32Gi
cpu: 16
requests:
memory: 32Gi
cpu: 16
persistence:
enabled: true
storageClass: "glusterfs-storage"
size: 560Gi
service:
type: NodePort
nodePort: "31306"
secondary:
replicaCount: 0
metrics:
enabled: true
serviceMonitor:
enabled: true
interval: 10s
additionalLabels:
release: g-kube-prometheus-stack
helm install dev-mariadb bitnami/mariadb -f dev-mariadb.yaml -n mariadb
NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION
dev-mariadb mariadb 1 2020-10-24 21:30:41.79322314 +0800 CST deployed mariadb-8.0.4 10.5.6
https://grafana.com/grafana/dashboards/7362
四、Redis
五、Minio
helm install prod-minio bitnami/minio -f value-prod.yml -n minio
accessKey:
password: <key>
secretKey:
password: <key>
resources:
limits:
cpu: 2
memory: 4Gi
requests:
cpu: 2
memory: 4Gi
persistence:
size: 128Gi
ingress:
enabled: true
hosts:
- name: minio.3incloud.com
path: /
tls: true
lsHosts:
- minio.3incloud.com
tlsSecret: tls-3incloudcom
若有收获,就点个赞吧
0 人点赞
