diff --git a/LICENSE b/LICENSE index 23cb790..f288702 100644 --- a/LICENSE +++ b/LICENSE @@ -1,281 +1,622 @@ GNU GENERAL PUBLIC LICENSE - Version 2, June 1991 + Version 3, 29 June 2007 - Copyright (C) 1989, 1991 Free Software Foundation, Inc., - 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + Copyright (C) 2007 Free Software Foundation, Inc. Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble - The licenses for most software are designed to take away your -freedom to share and change it. By contrast, the GNU General Public -License is intended to guarantee your freedom to share and change free -software--to make sure the software is free for all its users. This -General Public License applies to most of the Free Software -Foundation's software and to any other program whose authors commit to -using it. (Some other Free Software Foundation software is covered by -the GNU Lesser General Public License instead.) You can apply it to + The GNU General Public License is a free, copyleft license for +software and other kinds of works. + + The licenses for most software and other practical works are designed +to take away your freedom to share and change the works. By contrast, +the GNU General Public License is intended to guarantee your freedom to +share and change all versions of a program--to make sure it remains free +software for all its users. We, the Free Software Foundation, use the +GNU General Public License for most of our software; it applies also to +any other work released this way by its authors. You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for -this service if you wish), that you receive source code or can get it -if you want it, that you can change the software or use pieces of it -in new free programs; and that you know you can do these things. +them if you wish), that you receive source code or can get it if you +want it, that you can change the software or use pieces of it in new +free programs, and that you know you can do these things. - To protect your rights, we need to make restrictions that forbid -anyone to deny you these rights or to ask you to surrender the rights. -These restrictions translate to certain responsibilities for you if you -distribute copies of the software, or if you modify it. + To protect your rights, we need to prevent others from denying you +these rights or asking you to surrender the rights. Therefore, you have +certain responsibilities if you distribute copies of the software, or if +you modify it: responsibilities to respect the freedom of others. For example, if you distribute copies of such a program, whether -gratis or for a fee, you must give the recipients all the rights that -you have. You must make sure that they, too, receive or can get the -source code. And you must show them these terms so they know their -rights. - - We protect your rights with two steps: (1) copyright the software, and -(2) offer you this license which gives you legal permission to copy, -distribute and/or modify the software. - - Also, for each author's protection and ours, we want to make certain -that everyone understands that there is no warranty for this free -software. If the software is modified by someone else and passed on, we -want its recipients to know that what they have is not the original, so -that any problems introduced by others will not reflect on the original -authors' reputations. - - Finally, any free program is threatened constantly by software -patents. We wish to avoid the danger that redistributors of a free -program will individually obtain patent licenses, in effect making the -program proprietary. To prevent this, we have made it clear that any -patent must be licensed for everyone's free use or not licensed at all. +gratis or for a fee, you must pass on to the recipients the same +freedoms that you received. You must make sure that they, too, receive +or can get the source code. And you must show them these terms so they +know their rights. + + Developers that use the GNU GPL protect your rights with two steps: +(1) assert copyright on the software, and (2) offer you this License +giving you legal permission to copy, distribute and/or modify it. + + For the developers' and authors' protection, the GPL clearly explains +that there is no warranty for this free software. For both users' and +authors' sake, the GPL requires that modified versions be marked as +changed, so that their problems will not be attributed erroneously to +authors of previous versions. + + Some devices are designed to deny users access to install or run +modified versions of the software inside them, although the manufacturer +can do so. This is fundamentally incompatible with the aim of +protecting users' freedom to change the software. The systematic +pattern of such abuse occurs in the area of products for individuals to +use, which is precisely where it is most unacceptable. Therefore, we +have designed this version of the GPL to prohibit the practice for those +products. If such problems arise substantially in other domains, we +stand ready to extend this provision to those domains in future versions +of the GPL, as needed to protect the freedom of users. + + Finally, every program is threatened constantly by software patents. +States should not allow patents to restrict development and use of +software on general-purpose computers, but in those that do, we wish to +avoid the special danger that patents applied to a free program could +make it effectively proprietary. To prevent this, the GPL assures that +patents cannot be used to render the program non-free. The precise terms and conditions for copying, distribution and modification follow. - GNU GENERAL PUBLIC LICENSE - TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION - - 0. This License applies to any program or other work which contains -a notice placed by the copyright holder saying it may be distributed -under the terms of this General Public License. The "Program", below, -refers to any such program or work, and a "work based on the Program" -means either the Program or any derivative work under copyright law: -that is to say, a work containing the Program or a portion of it, -either verbatim or with modifications and/or translated into another -language. (Hereinafter, translation is included without limitation in -the term "modification".) Each licensee is addressed as "you". - -Activities other than copying, distribution and modification are not -covered by this License; they are outside its scope. The act of -running the Program is not restricted, and the output from the Program -is covered only if its contents constitute a work based on the -Program (independent of having been made by running the Program). -Whether that is true depends on what the Program does. - - 1. You may copy and distribute verbatim copies of the Program's -source code as you receive it, in any medium, provided that you -conspicuously and appropriately publish on each copy an appropriate -copyright notice and disclaimer of warranty; keep intact all the -notices that refer to this License and to the absence of any warranty; -and give any other recipients of the Program a copy of this License -along with the Program. - -You may charge a fee for the physical act of transferring a copy, and -you may at your option offer warranty protection in exchange for a fee. - - 2. You may modify your copy or copies of the Program or any portion -of it, thus forming a work based on the Program, and copy and -distribute such modifications or work under the terms of Section 1 -above, provided that you also meet all of these conditions: - - a) You must cause the modified files to carry prominent notices - stating that you changed the files and the date of any change. - - b) You must cause any work that you distribute or publish, that in - whole or in part contains or is derived from the Program or any - part thereof, to be licensed as a whole at no charge to all third - parties under the terms of this License. - - c) If the modified program normally reads commands interactively - when run, you must cause it, when started running for such - interactive use in the most ordinary way, to print or display an - announcement including an appropriate copyright notice and a - notice that there is no warranty (or else, saying that you provide - a warranty) and that users may redistribute the program under - these conditions, and telling the user how to view a copy of this - License. (Exception: if the Program itself is interactive but - does not normally print such an announcement, your work based on - the Program is not required to print an announcement.) - -These requirements apply to the modified work as a whole. If -identifiable sections of that work are not derived from the Program, -and can be reasonably considered independent and separate works in -themselves, then this License, and its terms, do not apply to those -sections when you distribute them as separate works. But when you -distribute the same sections as part of a whole which is a work based -on the Program, the distribution of the whole must be on the terms of -this License, whose permissions for other licensees extend to the -entire whole, and thus to each and every part regardless of who wrote it. - -Thus, it is not the intent of this section to claim rights or contest -your rights to work written entirely by you; rather, the intent is to -exercise the right to control the distribution of derivative or -collective works based on the Program. - -In addition, mere aggregation of another work not based on the Program -with the Program (or with a work based on the Program) on a volume of -a storage or distribution medium does not bring the other work under -the scope of this License. - - 3. You may copy and distribute the Program (or a work based on it, -under Section 2) in object code or executable form under the terms of -Sections 1 and 2 above provided that you also do one of the following: - - a) Accompany it with the complete corresponding machine-readable - source code, which must be distributed under the terms of Sections - 1 and 2 above on a medium customarily used for software interchange; or, - - b) Accompany it with a written offer, valid for at least three - years, to give any third party, for a charge no more than your - cost of physically performing source distribution, a complete - machine-readable copy of the corresponding source code, to be - distributed under the terms of Sections 1 and 2 above on a medium - customarily used for software interchange; or, - - c) Accompany it with the information you received as to the offer - to distribute corresponding source code. (This alternative is - allowed only for noncommercial distribution and only if you - received the program in object code or executable form with such - an offer, in accord with Subsection b above.) - -The source code for a work means the preferred form of the work for -making modifications to it. For an executable work, complete source -code means all the source code for all modules it contains, plus any -associated interface definition files, plus the scripts used to -control compilation and installation of the executable. However, as a -special exception, the source code distributed need not include -anything that is normally distributed (in either source or binary -form) with the major components (compiler, kernel, and so on) of the -operating system on which the executable runs, unless that component -itself accompanies the executable. - -If distribution of executable or object code is made by offering -access to copy from a designated place, then offering equivalent -access to copy the source code from the same place counts as -distribution of the source code, even though third parties are not -compelled to copy the source along with the object code. - - 4. You may not copy, modify, sublicense, or distribute the Program -except as expressly provided under this License. Any attempt -otherwise to copy, modify, sublicense or distribute the Program is -void, and will automatically terminate your rights under this License. -However, parties who have received copies, or rights, from you under -this License will not have their licenses terminated so long as such -parties remain in full compliance. - - 5. You are not required to accept this License, since you have not -signed it. However, nothing else grants you permission to modify or -distribute the Program or its derivative works. These actions are -prohibited by law if you do not accept this License. Therefore, by -modifying or distributing the Program (or any work based on the -Program), you indicate your acceptance of this License to do so, and -all its terms and conditions for copying, distributing or modifying -the Program or works based on it. - - 6. Each time you redistribute the Program (or any work based on the -Program), the recipient automatically receives a license from the -original licensor to copy, distribute or modify the Program subject to -these terms and conditions. You may not impose any further -restrictions on the recipients' exercise of the rights granted herein. -You are not responsible for enforcing compliance by third parties to + TERMS AND CONDITIONS + + 0. Definitions. + + "This License" refers to version 3 of the GNU General Public License. + + "Copyright" also means copyright-like laws that apply to other kinds of +works, such as semiconductor masks. + + "The Program" refers to any copyrightable work licensed under this +License. Each licensee is addressed as "you". "Licensees" and +"recipients" may be individuals or organizations. + + To "modify" a work means to copy from or adapt all or part of the work +in a fashion requiring copyright permission, other than the making of an +exact copy. The resulting work is called a "modified version" of the +earlier work or a work "based on" the earlier work. + + A "covered work" means either the unmodified Program or a work based +on the Program. + + To "propagate" a work means to do anything with it that, without +permission, would make you directly or secondarily liable for +infringement under applicable copyright law, except executing it on a +computer or modifying a private copy. Propagation includes copying, +distribution (with or without modification), making available to the +public, and in some countries other activities as well. + + To "convey" a work means any kind of propagation that enables other +parties to make or receive copies. Mere interaction with a user through +a computer network, with no transfer of a copy, is not conveying. + + An interactive user interface displays "Appropriate Legal Notices" +to the extent that it includes a convenient and prominently visible +feature that (1) displays an appropriate copyright notice, and (2) +tells the user that there is no warranty for the work (except to the +extent that warranties are provided), that licensees may convey the +work under this License, and how to view a copy of this License. If +the interface presents a list of user commands or options, such as a +menu, a prominent item in the list meets this criterion. + + 1. Source Code. + + The "source code" for a work means the preferred form of the work +for making modifications to it. "Object code" means any non-source +form of a work. + + A "Standard Interface" means an interface that either is an official +standard defined by a recognized standards body, or, in the case of +interfaces specified for a particular programming language, one that +is widely used among developers working in that language. + + The "System Libraries" of an executable work include anything, other +than the work as a whole, that (a) is included in the normal form of +packaging a Major Component, but which is not part of that Major +Component, and (b) serves only to enable use of the work with that +Major Component, or to implement a Standard Interface for which an +implementation is available to the public in source code form. A +"Major Component", in this context, means a major essential component +(kernel, window system, and so on) of the specific operating system +(if any) on which the executable work runs, or a compiler used to +produce the work, or an object code interpreter used to run it. + + The "Corresponding Source" for a work in object code form means all +the source code needed to generate, install, and (for an executable +work) run the object code and to modify the work, including scripts to +control those activities. However, it does not include the work's +System Libraries, or general-purpose tools or generally available free +programs which are used unmodified in performing those activities but +which are not part of the work. For example, Corresponding Source +includes interface definition files associated with source files for +the work, and the source code for shared libraries and dynamically +linked subprograms that the work is specifically designed to require, +such as by intimate data communication or control flow between those +subprograms and other parts of the work. + + The Corresponding Source need not include anything that users +can regenerate automatically from other parts of the Corresponding +Source. + + The Corresponding Source for a work in source code form is that +same work. + + 2. Basic Permissions. + + All rights granted under this License are granted for the term of +copyright on the Program, and are irrevocable provided the stated +conditions are met. This License explicitly affirms your unlimited +permission to run the unmodified Program. The output from running a +covered work is covered by this License only if the output, given its +content, constitutes a covered work. This License acknowledges your +rights of fair use or other equivalent, as provided by copyright law. + + You may make, run and propagate covered works that you do not +convey, without conditions so long as your license otherwise remains +in force. You may convey covered works to others for the sole purpose +of having them make modifications exclusively for you, or provide you +with facilities for running those works, provided that you comply with +the terms of this License in conveying all material for which you do +not control copyright. Those thus making or running the covered works +for you must do so exclusively on your behalf, under your direction +and control, on terms that prohibit them from making any copies of +your copyrighted material outside their relationship with you. + + Conveying under any other circumstances is permitted solely under +the conditions stated below. Sublicensing is not allowed; section 10 +makes it unnecessary. + + 3. Protecting Users' Legal Rights From Anti-Circumvention Law. + + No covered work shall be deemed part of an effective technological +measure under any applicable law fulfilling obligations under article +11 of the WIPO copyright treaty adopted on 20 December 1996, or +similar laws prohibiting or restricting circumvention of such +measures. + + When you convey a covered work, you waive any legal power to forbid +circumvention of technological measures to the extent such circumvention +is effected by exercising rights under this License with respect to +the covered work, and you disclaim any intention to limit operation or +modification of the work as a means of enforcing, against the work's +users, your or third parties' legal rights to forbid circumvention of +technological measures. + + 4. Conveying Verbatim Copies. + + You may convey verbatim copies of the Program's source code as you +receive it, in any medium, provided that you conspicuously and +appropriately publish on each copy an appropriate copyright notice; +keep intact all notices stating that this License and any +non-permissive terms added in accord with section 7 apply to the code; +keep intact all notices of the absence of any warranty; and give all +recipients a copy of this License along with the Program. + + You may charge any price or no price for each copy that you convey, +and you may offer support or warranty protection for a fee. + + 5. Conveying Modified Source Versions. + + You may convey a work based on the Program, or the modifications to +produce it from the Program, in the form of source code under the +terms of section 4, provided that you also meet all of these conditions: + + a) The work must carry prominent notices stating that you modified + it, and giving a relevant date. + + b) The work must carry prominent notices stating that it is + released under this License and any conditions added under section + 7. This requirement modifies the requirement in section 4 to + "keep intact all notices". + + c) You must license the entire work, as a whole, under this + License to anyone who comes into possession of a copy. This + License will therefore apply, along with any applicable section 7 + additional terms, to the whole of the work, and all its parts, + regardless of how they are packaged. This License gives no + permission to license the work in any other way, but it does not + invalidate such permission if you have separately received it. + + d) If the work has interactive user interfaces, each must display + Appropriate Legal Notices; however, if the Program has interactive + interfaces that do not display Appropriate Legal Notices, your + work need not make them do so. + + A compilation of a covered work with other separate and independent +works, which are not by their nature extensions of the covered work, +and which are not combined with it such as to form a larger program, +in or on a volume of a storage or distribution medium, is called an +"aggregate" if the compilation and its resulting copyright are not +used to limit the access or legal rights of the compilation's users +beyond what the individual works permit. Inclusion of a covered work +in an aggregate does not cause this License to apply to the other +parts of the aggregate. + + 6. Conveying Non-Source Forms. + + You may convey a covered work in object code form under the terms +of sections 4 and 5, provided that you also convey the +machine-readable Corresponding Source under the terms of this License, +in one of these ways: + + a) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by the + Corresponding Source fixed on a durable physical medium + customarily used for software interchange. + + b) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by a + written offer, valid for at least three years and valid for as + long as you offer spare parts or customer support for that product + model, to give anyone who possesses the object code either (1) a + copy of the Corresponding Source for all the software in the + product that is covered by this License, on a durable physical + medium customarily used for software interchange, for a price no + more than your reasonable cost of physically performing this + conveying of source, or (2) access to copy the + Corresponding Source from a network server at no charge. + + c) Convey individual copies of the object code with a copy of the + written offer to provide the Corresponding Source. This + alternative is allowed only occasionally and noncommercially, and + only if you received the object code with such an offer, in accord + with subsection 6b. + + d) Convey the object code by offering access from a designated + place (gratis or for a charge), and offer equivalent access to the + Corresponding Source in the same way through the same place at no + further charge. You need not require recipients to copy the + Corresponding Source along with the object code. If the place to + copy the object code is a network server, the Corresponding Source + may be on a different server (operated by you or a third party) + that supports equivalent copying facilities, provided you maintain + clear directions next to the object code saying where to find the + Corresponding Source. Regardless of what server hosts the + Corresponding Source, you remain obligated to ensure that it is + available for as long as needed to satisfy these requirements. + + e) Convey the object code using peer-to-peer transmission, provided + you inform other peers where the object code and Corresponding + Source of the work are being offered to the general public at no + charge under subsection 6d. + + A separable portion of the object code, whose source code is excluded +from the Corresponding Source as a System Library, need not be +included in conveying the object code work. + + A "User Product" is either (1) a "consumer product", which means any +tangible personal property which is normally used for personal, family, +or household purposes, or (2) anything designed or sold for incorporation +into a dwelling. In determining whether a product is a consumer product, +doubtful cases shall be resolved in favor of coverage. For a particular +product received by a particular user, "normally used" refers to a +typical or common use of that class of product, regardless of the status +of the particular user or of the way in which the particular user +actually uses, or expects or is expected to use, the product. A product +is a consumer product regardless of whether the product has substantial +commercial, industrial or non-consumer uses, unless such uses represent +the only significant mode of use of the product. + + "Installation Information" for a User Product means any methods, +procedures, authorization keys, or other information required to install +and execute modified versions of a covered work in that User Product from +a modified version of its Corresponding Source. The information must +suffice to ensure that the continued functioning of the modified object +code is in no case prevented or interfered with solely because +modification has been made. + + If you convey an object code work under this section in, or with, or +specifically for use in, a User Product, and the conveying occurs as +part of a transaction in which the right of possession and use of the +User Product is transferred to the recipient in perpetuity or for a +fixed term (regardless of how the transaction is characterized), the +Corresponding Source conveyed under this section must be accompanied +by the Installation Information. But this requirement does not apply +if neither you nor any third party retains the ability to install +modified object code on the User Product (for example, the work has +been installed in ROM). + + The requirement to provide Installation Information does not include a +requirement to continue to provide support service, warranty, or updates +for a work that has been modified or installed by the recipient, or for +the User Product in which it has been modified or installed. Access to a +network may be denied when the modification itself materially and +adversely affects the operation of the network or violates the rules and +protocols for communication across the network. + + Corresponding Source conveyed, and Installation Information provided, +in accord with this section must be in a format that is publicly +documented (and with an implementation available to the public in +source code form), and must require no special password or key for +unpacking, reading or copying. + + 7. Additional Terms. + + "Additional permissions" are terms that supplement the terms of this +License by making exceptions from one or more of its conditions. +Additional permissions that are applicable to the entire Program shall +be treated as though they were included in this License, to the extent +that they are valid under applicable law. If additional permissions +apply only to part of the Program, that part may be used separately +under those permissions, but the entire Program remains governed by +this License without regard to the additional permissions. + + When you convey a copy of a covered work, you may at your option +remove any additional permissions from that copy, or from any part of +it. (Additional permissions may be written to require their own +removal in certain cases when you modify the work.) You may place +additional permissions on material, added by you to a covered work, +for which you have or can give appropriate copyright permission. + + Notwithstanding any other provision of this License, for material you +add to a covered work, you may (if authorized by the copyright holders of +that material) supplement the terms of this License with terms: + + a) Disclaiming warranty or limiting liability differently from the + terms of sections 15 and 16 of this License; or + + b) Requiring preservation of specified reasonable legal notices or + author attributions in that material or in the Appropriate Legal + Notices displayed by works containing it; or + + c) Prohibiting misrepresentation of the origin of that material, or + requiring that modified versions of such material be marked in + reasonable ways as different from the original version; or + + d) Limiting the use for publicity purposes of names of licensors or + authors of the material; or + + e) Declining to grant rights under trademark law for use of some + trade names, trademarks, or service marks; or + + f) Requiring indemnification of licensors and authors of that + material by anyone who conveys the material (or modified versions of + it) with contractual assumptions of liability to the recipient, for + any liability that these contractual assumptions directly impose on + those licensors and authors. + + All other non-permissive additional terms are considered "further +restrictions" within the meaning of section 10. If the Program as you +received it, or any part of it, contains a notice stating that it is +governed by this License along with a term that is a further +restriction, you may remove that term. If a license document contains +a further restriction but permits relicensing or conveying under this +License, you may add to a covered work material governed by the terms +of that license document, provided that the further restriction does +not survive such relicensing or conveying. + + If you add terms to a covered work in accord with this section, you +must place, in the relevant source files, a statement of the +additional terms that apply to those files, or a notice indicating +where to find the applicable terms. + + Additional terms, permissive or non-permissive, may be stated in the +form of a separately written license, or stated as exceptions; +the above requirements apply either way. + + 8. Termination. + + You may not propagate or modify a covered work except as expressly +provided under this License. Any attempt otherwise to propagate or +modify it is void, and will automatically terminate your rights under +this License (including any patent licenses granted under the third +paragraph of section 11). + + However, if you cease all violation of this License, then your +license from a particular copyright holder is reinstated (a) +provisionally, unless and until the copyright holder explicitly and +finally terminates your license, and (b) permanently, if the copyright +holder fails to notify you of the violation by some reasonable means +prior to 60 days after the cessation. + + Moreover, your license from a particular copyright holder is +reinstated permanently if the copyright holder notifies you of the +violation by some reasonable means, this is the first time you have +received notice of violation of this License (for any work) from that +copyright holder, and you cure the violation prior to 30 days after +your receipt of the notice. + + Termination of your rights under this section does not terminate the +licenses of parties who have received copies or rights from you under +this License. If your rights have been terminated and not permanently +reinstated, you do not qualify to receive new licenses for the same +material under section 10. + + 9. Acceptance Not Required for Having Copies. + + You are not required to accept this License in order to receive or +run a copy of the Program. Ancillary propagation of a covered work +occurring solely as a consequence of using peer-to-peer transmission +to receive a copy likewise does not require acceptance. However, +nothing other than this License grants you permission to propagate or +modify any covered work. These actions infringe copyright if you do +not accept this License. Therefore, by modifying or propagating a +covered work, you indicate your acceptance of this License to do so. + + 10. Automatic Licensing of Downstream Recipients. + + Each time you convey a covered work, the recipient automatically +receives a license from the original licensors, to run, modify and +propagate that work, subject to this License. You are not responsible +for enforcing compliance by third parties with this License. + + An "entity transaction" is a transaction transferring control of an +organization, or substantially all assets of one, or subdividing an +organization, or merging organizations. If propagation of a covered +work results from an entity transaction, each party to that +transaction who receives a copy of the work also receives whatever +licenses to the work the party's predecessor in interest had or could +give under the previous paragraph, plus a right to possession of the +Corresponding Source of the work from the predecessor in interest, if +the predecessor has it or can get it with reasonable efforts. + + You may not impose any further restrictions on the exercise of the +rights granted or affirmed under this License. For example, you may +not impose a license fee, royalty, or other charge for exercise of +rights granted under this License, and you may not initiate litigation +(including a cross-claim or counterclaim in a lawsuit) alleging that +any patent claim is infringed by making, using, selling, offering for +sale, or importing the Program or any portion of it. + + 11. Patents. + + A "contributor" is a copyright holder who authorizes use under this +License of the Program or a work on which the Program is based. The +work thus licensed is called the contributor's "contributor version". + + A contributor's "essential patent claims" are all patent claims +owned or controlled by the contributor, whether already acquired or +hereafter acquired, that would be infringed by some manner, permitted +by this License, of making, using, or selling its contributor version, +but do not include claims that would be infringed only as a +consequence of further modification of the contributor version. For +purposes of this definition, "control" includes the right to grant +patent sublicenses in a manner consistent with the requirements of this License. - 7. If, as a consequence of a court judgment or allegation of patent -infringement or for any other reason (not limited to patent issues), -conditions are imposed on you (whether by court order, agreement or + Each contributor grants you a non-exclusive, worldwide, royalty-free +patent license under the contributor's essential patent claims, to +make, use, sell, offer for sale, import and otherwise run, modify and +propagate the contents of its contributor version. + + In the following three paragraphs, a "patent license" is any express +agreement or commitment, however denominated, not to enforce a patent +(such as an express permission to practice a patent or covenant not to +sue for patent infringement). To "grant" such a patent license to a +party means to make such an agreement or commitment not to enforce a +patent against the party. + + If you convey a covered work, knowingly relying on a patent license, +and the Corresponding Source of the work is not available for anyone +to copy, free of charge and under the terms of this License, through a +publicly available network server or other readily accessible means, +then you must either (1) cause the Corresponding Source to be so +available, or (2) arrange to deprive yourself of the benefit of the +patent license for this particular work, or (3) arrange, in a manner +consistent with the requirements of this License, to extend the patent +license to downstream recipients. "Knowingly relying" means you have +actual knowledge that, but for the patent license, your conveying the +covered work in a country, or your recipient's use of the covered work +in a country, would infringe one or more identifiable patents in that +country that you have reason to believe are valid. + + If, pursuant to or in connection with a single transaction or +arrangement, you convey, or propagate by procuring conveyance of, a +covered work, and grant a patent license to some of the parties +receiving the covered work authorizing them to use, propagate, modify +or convey a specific copy of the covered work, then the patent license +you grant is automatically extended to all recipients of the covered +work and works based on it. + + A patent license is "discriminatory" if it does not include within +the scope of its coverage, prohibits the exercise of, or is +conditioned on the non-exercise of one or more of the rights that are +specifically granted under this License. You may not convey a covered +work if you are a party to an arrangement with a third party that is +in the business of distributing software, under which you make payment +to the third party based on the extent of your activity of conveying +the work, and under which the third party grants, to any of the +parties who would receive the covered work from you, a discriminatory +patent license (a) in connection with copies of the covered work +conveyed by you (or copies made from those copies), or (b) primarily +for and in connection with specific products or compilations that +contain the covered work, unless you entered into that arrangement, +or that patent license was granted, prior to 28 March 2007. + + Nothing in this License shall be construed as excluding or limiting +any implied license or other defenses to infringement that may +otherwise be available to you under applicable patent law. + + 12. No Surrender of Others' Freedom. + + If conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not -excuse you from the conditions of this License. If you cannot -distribute so as to satisfy simultaneously your obligations under this -License and any other pertinent obligations, then as a consequence you -may not distribute the Program at all. For example, if a patent -license would not permit royalty-free redistribution of the Program by -all those who receive copies directly or indirectly through you, then -the only way you could satisfy both it and this License would be to -refrain entirely from distribution of the Program. - -If any portion of this section is held invalid or unenforceable under -any particular circumstance, the balance of the section is intended to -apply and the section as a whole is intended to apply in other -circumstances. - -It is not the purpose of this section to induce you to infringe any -patents or other property right claims or to contest validity of any -such claims; this section has the sole purpose of protecting the -integrity of the free software distribution system, which is -implemented by public license practices. Many people have made -generous contributions to the wide range of software distributed -through that system in reliance on consistent application of that -system; it is up to the author/donor to decide if he or she is willing -to distribute software through any other system and a licensee cannot -impose that choice. - -This section is intended to make thoroughly clear what is believed to -be a consequence of the rest of this License. - - 8. If the distribution and/or use of the Program is restricted in -certain countries either by patents or by copyrighted interfaces, the -original copyright holder who places the Program under this License -may add an explicit geographical distribution limitation excluding -those countries, so that distribution is permitted only in or among -countries not thus excluded. In such case, this License incorporates -the limitation as if written in the body of this License. - - 9. The Free Software Foundation may publish revised and/or new versions -of the General Public License from time to time. Such new versions will +excuse you from the conditions of this License. If you cannot convey a +covered work so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you may +not convey it at all. For example, if you agree to terms that obligate you +to collect a royalty for further conveying from those to whom you convey +the Program, the only way you could satisfy both those terms and this +License would be to refrain entirely from conveying the Program. + + 13. Use with the GNU Affero General Public License. + + Notwithstanding any other provision of this License, you have +permission to link or combine any covered work with a work licensed +under version 3 of the GNU Affero General Public License into a single +combined work, and to convey the resulting work. The terms of this +License will continue to apply to the part which is the covered work, +but the special requirements of the GNU Affero General Public License, +section 13, concerning interaction through a network will apply to the +combination as such. + + 14. Revised Versions of this License. + + The Free Software Foundation may publish revised and/or new versions of +the GNU General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. -Each version is given a distinguishing version number. If the Program -specifies a version number of this License which applies to it and "any -later version", you have the option of following the terms and conditions -either of that version or of any later version published by the Free -Software Foundation. If the Program does not specify a version number of -this License, you may choose any version ever published by the Free Software -Foundation. - - 10. If you wish to incorporate parts of the Program into other free -programs whose distribution conditions are different, write to the author -to ask for permission. For software which is copyrighted by the Free -Software Foundation, write to the Free Software Foundation; we sometimes -make exceptions for this. Our decision will be guided by the two goals -of preserving the free status of all derivatives of our free software and -of promoting the sharing and reuse of software generally. - - NO WARRANTY - - 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY -FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN -OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES -PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED -OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS -TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE -PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, -REPAIR OR CORRECTION. - - 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING -WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR -REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, -INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING -OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED -TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY -YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER -PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE -POSSIBILITY OF SUCH DAMAGES. + Each version is given a distinguishing version number. If the +Program specifies that a certain numbered version of the GNU General +Public License "or any later version" applies to it, you have the +option of following the terms and conditions either of that numbered +version or of any later version published by the Free Software +Foundation. If the Program does not specify a version number of the +GNU General Public License, you may choose any version ever published +by the Free Software Foundation. + + If the Program specifies that a proxy can decide which future +versions of the GNU General Public License can be used, that proxy's +public statement of acceptance of a version permanently authorizes you +to choose that version for the Program. + + Later license versions may give you additional or different +permissions. However, no additional obligations are imposed on any +author or copyright holder as a result of your choosing to follow a +later version. + + 15. Disclaimer of Warranty. + + THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY +APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT +HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY +OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, +THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM +IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF +ALL NECESSARY SERVICING, REPAIR OR CORRECTION. + + 16. Limitation of Liability. + + IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS +THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY +GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE +USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF +DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD +PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), +EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF +SUCH DAMAGES. + + 17. Interpretation of Sections 15 and 16. + + If the disclaimer of warranty and limitation of liability provided +above cannot be given local legal effect according to their terms, +reviewing courts shall apply local law that most closely approximates +an absolute waiver of all civil liability in connection with the +Program, unless a warranty or assumption of liability accompanies a +copy of the Program in return for a fee. END OF TERMS AND CONDITIONS @@ -287,15 +628,15 @@ free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively -convey the exclusion of warranty; and each file should have at least +state the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. - {description} - Copyright (C) {year} {fullname} + + Copyright (C) - This program is free software; you can redistribute it and/or modify + This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or + the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, @@ -303,37 +644,31 @@ the "copyright" line and a pointer to where the full notice is found. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - You should have received a copy of the GNU General Public License along - with this program; if not, write to the Free Software Foundation, Inc., - 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + You should have received a copy of the GNU General Public License + along with this program. If not, see . Also add information on how to contact you by electronic and paper mail. -If the program is interactive, make it output a short notice like this -when it starts in an interactive mode: + If the program does terminal interaction, make it output a short +notice like this when it starts in an interactive mode: - Gnomovision version 69, Copyright (C) year name of author - Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + Copyright (C) + This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate -parts of the General Public License. Of course, the commands you use may -be called something other than `show w' and `show c'; they could even be -mouse-clicks or menu items--whatever suits your program. - -You should also get your employer (if you work as a programmer) or your -school, if any, to sign a "copyright disclaimer" for the program, if -necessary. Here is a sample; alter the names: - - Yoyodyne, Inc., hereby disclaims all copyright interest in the program - `Gnomovision' (which makes passes at compilers) written by James Hacker. - - {signature of Ty Coon}, 1 April 1989 - Ty Coon, President of Vice - -This General Public License does not permit incorporating your program into -proprietary programs. If your program is a subroutine library, you may -consider it more useful to permit linking proprietary applications with the -library. If this is what you want to do, use the GNU Lesser General -Public License instead of this License. +parts of the General Public License. Of course, your program's commands +might be different; for a GUI interface, you would use an "about box". + + You should also get your employer (if you work as a programmer) or school, +if any, to sign a "copyright disclaimer" for the program, if necessary. +For more information on this, and how to apply and follow the GNU GPL, see +. + + The GNU General Public License does not permit incorporating your program +into proprietary programs. If your program is a subroutine library, you +may consider it more useful to permit linking proprietary applications with +the library. If this is what you want to do, use the GNU Lesser General +Public License instead of this License. But first, please read +. diff --git a/README.md b/README.md index aefa820..9e41694 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,55 @@ -# KubeOperator Docs 3.0 +[![Python3](https://img.shields.io/badge/python-3.8-green.svg?style=plastic)](https://www.python.org/) -# 安装 -`$ pip install mkdocs` +本仓库保存了 [KubeOperator 项目]() 的 [官方文档](https://kubeoperator.io/docs/),该文档使用 [MkDocs]() 文档框架下的 [Material for MkDocs]() 主题进行构建。 -# 运行 -`$ mkdocs serve` \ No newline at end of file +## 本地开发 + +### 克隆本仓库 +```bash +git clone https://github.com/KubeOperator/docs.git +``` + +### 安装依赖 +```bash +cd docs +pip install -r requirements/requirements.txt +``` + +### 修改文档内容 + +本文档的文档结构定义在 `mkdocs.yml` 文件中,文档的具体内容均在 `docs` 目录中。 + +文档内容使用 markdown 语法编写,若要添加新的文档,需要先在 `mkdocs.yml` 文件中的 `nav` 部分增加对应章节导航。 + +### 本地调试文档 +```bash +mkdocs serve +``` +执行上述命令后,可通过 `http://127.0.0.1:8000` 地址查看生成的文档内容,当修改文档后,页面内容会自动更新。 + +### 构建文档 +```bash +mkdocs build +``` + +执行上述命令后,会在 `site` 目录下生成文档站点的静态文件,将目录中的内容复制到任意 HTTP 服务器上即可完成文档的部署。 + +## 问题反馈 + +如果您发现文档中存在错误,或对文档内容存在疑问,请提交 GitHub Issue 到 [KubeOperator 项目的主仓库](https://github.com/KubeOperator/KubeOperator/issues) + +## 帮助完善文档 + +### Fork 文档仓库 +点击仓库右上角的 `fork` 按钮,复制本仓库到自己的 github 账号。 + +### 克隆 fork 后的仓库 +```bash +git clone https://github.com/your-github-account/docs.git +``` + +### 本地修改并调试 + +### Push 修改内容到 GitHub 仓库 + +### 提交 Pull Request 到本仓库 diff --git a/docs/about/changelog.md b/docs/about/changelog.md index 4a4e8ce..1cda051 100644 --- a/docs/about/changelog.md +++ b/docs/about/changelog.md @@ -1,102 +1,673 @@ # 更新日志 -## 版本说明 +## v3.16.4 +------------------------ +2023年01月12日 + +!!! success "Bug 修复" + - fix(安全漏洞): 修复了 kubeconfig 文件下载接口在未经授权的情况下可访问的问题([CVE-2023-22480](https://github.com/KubeOperator/KubeOperator/security/advisories/GHSA-jxgp-jgh3-8jc8)) + +!!! summary "组件更新" + - KubePi: v1.6.4 + +## v3.16.3 +------------------------ +2023年01月05日 + +!!! summary "功能优化" + - 组件列表支持安装 MetalLB + - 创建单 master 集群支持自定义 apiserver 端口 + - 优化集群 livez 接口调用方式 + +!!! success "Bug 修复" + - 修复了 KubePi JwtSigKey 硬编码的问题([CVE-2023-22463](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22463)) + - 修复了创建 OpenStack 可用区失败的问题 + - 修复了部署机存在 License 僵尸进程的问题 + - 修复了 Velero 恢复过程有可能失败的问题 + - 修复了多次绑定 KubePi 账号导致访问失败的问题 + +!!! summary "组件更新" + - Kubernetes: v1.22.16 + - KubePi: v1.6.3 + +## v3.16.2 +------------------------ +2022年08月29日 + +!!! summary "功能优化" + - 支持添加 https 协议 Minio 备份账号 + - 自动模式创建可用区,支持选择 vsphere 分布式交换机 + - 优化集群 api 请求连接方式 + - 优化部分页面服务不可用等提示信息 + - 优化并统一部分列表页和详情页显示信息 + - 合并删除导入集群和卸载自建集群两种系统消息类型 + +!!! success "Bug 修复" + - 修复了容器网络选择 cilium,新增 worker 节点失败的问题 + - 修复了部分 K8s 版本安装 npd 提示权限不足的问题 + - 修复了 ETCD 备份文件相差 8 小时的问题 + - 修复了删除 Velero 备份账号未删除相关 CRD 的问题 + - 修复了离线环境下打开登录页面加载慢的问题 + - 修复了 server 服务容器部分日志重复打印的问题 + - 修复了 etcd 备份行内删除按钮失效的问题 + - 修复了部分页面中英文切换后列表字段显示不全的问题 + - 修复了添加集群时,架构信息首次未校验的问题 + - 修复了导入外部集群后,安装工具提示未能找到可用主节点的问题 + +## v3.16.1 +------------------------ +2022年08月09日 + +!!! summary "功能优化" + - 优化了企业版 License 到期提醒机制 + +!!! success "Bug 修复" + - 修复了离线环境创建 v1.22 版本 K8s 集群时,coredns 镜像版本错误的问题 + - 修复了 arm64 离线包中 nexus3 镜像架构错误的问题 + +## v3.16.0 +------------------------ +2022年08月01日 + +!!! info "支持 k8s 版本" + 支持的 k8s 版本是 1.22.12 + +!!! info "新增功能" + - 支持消息中心 + - 支持启用、禁用组件 + - 支持查看集群任务列表 + - 支持证书和 kubeconfig 文件导入集群 + - 支持批量修改主机凭据和端口 + - 支持自定义 etcd 配置 + - 支持自定义 CgroupDriver + - 支持导入已有存储提供商 + +!!! summary "功能优化" + - LDAP 导入用户支持编辑用户角色 + - 用户列表、备份列表支持授权操作 + - 配置文件密钥取消多级加密 + - 点击任务状态时直接显示任务日志 + - 限制 Velero 支持的备份账号类型 + - 支持创建多个同类型存储提供商 + - 创建存储提供商支持自定义 Namespace + - 优化部分集群相关内核参数 + - 优化 Database migrations + - 优化集群已启用工具的同步逻辑 + - 集群卸载脚本清理集群相关文件和目录 + - 系统只支持同时执行一种集群级任务 + - 集群及节点删除时需要输入校验信息来确认删除 + - 删除集群或节点后增加手动重启主机等提示信息 + - 应用商店中应用启用时默认不开启持久化存储 + - 创建 vSphere CSI 时,自动获取集群相关的 Datacenter 和 Folder 等信息 + - 集群运行时选择 Docker 时,支持是否开启 Remote API 和 registry-mirrors + +!!! summary "组件更新" + - kubernetes: v1.22.12 + - kubepi: v1.6.1 + - vsphere-csi-driver: v2.5.1 + - prometheus: v2.34.0 + - nginx-ingress: v1.2.1 + - gitlab: v15.0.3 + - istio: v1.11.8 + - nginx: v1.23.1 + - mysql-server: v8.0.29 + - webkubectl: v2.10.6 + - nexus: v3.40.1 + +## v3.15.1 +------------------------ +2022年06月24日 + +!!! info "支持 k8s 版本" + 支持的 k8s 版本是 1.22.10 + +!!! info "新增功能" + - LDAP 增加测试连接、测试登录、重置等功能 + - LDAP 增加连接超时时间和搜索分页数量限制 + +!!! summary "功能优化" + - 支持修改已绑定到集群的主机凭据、端口等信息 + - 集群概览页增加集群名称和具体监控指标数值等信息 + - 创建集群、添加节点选择主机时显示主机 IP 等信息 + - 默认工具版本升级(适用于导入非 KubeOperator 创建的集群) + - 项目和集群管理员分配 Dashboard 用户增加已连接标识 + - 主机、仓库、用户列表等部分功能优化 + +!!! success "Bug 修复" + - 修复了获取集群监控数据异常以及 prometheus 跳转失败的问题 + - 修复了部分 ubuntu 主机由于时间同步异常导致集群初始化失败的问题 + - 修复了部分麒麟 v10 服务器由于 rsyslog 服务缺失导致集群初始化失败的问题 + +!!! summary "组件更新" + - kubernetes: v1.22.10 + - kubepi: v1.5.3 + +## v3.15.0 +------------------------ +2022年06月02日 + +!!! info "支持 k8s 版本" + 支持的 k8s 版本是 1.22.8 + +!!! info "新增功能" + - 支持 LDAP 对接 + - 支持集群健康评分 + - 支持 openEuler 操作系统 + - 自动模式下,可用区支持自定义模版 + - 支持创建 rook-cephfs 存储类 + - 支持创建 external-cephfs 存储提供商及存储类 + +!!! summary "功能优化" + - 支持为项目管理员和集群管理员分配 Dashboard 用户 + - 导入 KubeOperator 自建集群增加仓库类型选项 + - 导入 KubeOperator 自建集群增加存储提供商同步功能 + - 添加仓库时,支持连接可用性校验 + - 支持自定义 DnsDomain 选项 + - 优化任务中断后,集群扩缩容等任务状态显示 + - 优化 ntp 界面样式 + - 部分密码框支持回显 + - 优化部分表单重复校验的问题 + - 支持查看未就绪状态存储提供商创建日志 + - cni 插件选择 calico 时,集群节点支持 calicoctl + - 自动模式创建可用区,增加模版上传重试功能 + - 自动模式创建可用区,限制虚拟机网络可选类型 + +!!! success "Bug 修复" + - 修复了节点扩容时,未判断主机类型的问题 + - 修复了 Loki 日志筛选选项加载错误的问题 + - 修复导入 ip 命名规则集群时,集群名称为空的问题 + - 修复了 glusterfs 存储提供商创建失败的问题 + - 修复了 aarch64 base 仓库部分依赖缓存失败的问题 + - 修复了在线安装脚本获取最新版本失败的问题 + - 修复了由于部署机没有安装 docker-compose 导致 docker 重复安装的问题 + - 修复了 cri 为 containerd 时,额外安装 cni 不可用的问题 + - 修复了多 master 集群节点以 ip 命名时,选择 vip 模式创建失败的问题 + - 修复了 arm64 集群 cis 扫描执行失败的问题 + - 修复了由于集群名称一样,导致 Dashboard 连接不上新集群的问题 + +!!! summary "组件更新" + - kubepi: v1.5.2 + - kubernetes: v1.22.8 + - rook: v1.9.0 + - nexus: v3.38.1 + - kube-bench: v0.6.8 + +## v3.14.0 +------------------------ +2022年03月31日 + +!!! info "支持 k8s 版本" + 支持的 k8s 版本是 1.22.6、v1.20.14 + +!!! info "新增功能" + - 支持 velero 备份恢复 + - 适配 kubernetes 最新版本为 v1.22.6 + - 手动模式创建集群支持使用主机名作为 kubernetes 集群节点名称 + - 添加主机时支持录入弹性 IP,启用工具时支持启用弹性 IP + - 支持已创建集群开启 GPU 套件功能 + +!!! summary "功能优化" + - 创建集群取消针对 worker 节点的限制,支持创建单节点集群 + - 集群概览页展示集群详细信息 + - 已创建存储提供商支持查看详情信息 + - 导入 KubeOperator 自建集群,支持手动选择集群节点命名规则 + +!!! success "Bug 修复" + - 修复了创建 vsphere 虚拟机时多选 datastore 报错的问题 + - 修复了集群卸载后没有删除 KubePi 内集群信息的问题 + - 修复了工具栏启用 logging 时,修改索引前缀不生效的问题 + +!!! summary "组件更新" + - kubernetes: v1.22.6、1.20.14 + - istio: 1.11.8 + - coredns: 1.8.4 + - etcd: v3.5.2 + - docker: 20.10.12 + - containerd: 1.6.0 + - helm: v3.8.0 + - calico: v3.21.4 + - flannel: v0.15.1 + - nginx-ingress: v1.1.1 + - traefik-ingress: v2.6.1 + - crictl: v1.23.0 + - runc: 1.1 + +## v3.13.0 +------------------------ +2022年01月19日 + +!!! info "支持 k8s 版本" + 支持的 k8s 版本是 1.20.12、v1.18.20 + +!!! info "新增功能" + - 支持银河麒麟操作系统v10 + - 集群支持 HostName 和 IP 两种命名方式 + - 自动模式创建可用区支持选择资源池 + +!!! summary "功能优化" + - 重构集群监控功能 + +!!! success "Bug 修复" + - 修复了由于 flannel 资源配置过小,导致 pod 频繁重启的问题 + - 修复了由于 ansible 缓存导致集群节点配置信息修改后不生效的问题 + +!!! summary "组件更新" + - KubePi: v1.4.0 + - Grafana: v8.3.1 + - Kubeapps: v2.4.2 + - Prometheus: v2.31.1 + +## v3.12.0 +------------------------ +2021年12月09日 + +!!! info "支持 k8s 版本" + 支持的 k8s 版本是 1.20.12、v1.18.20 + +!!! info "新增功能" + - 集群列表集成 KubePi Dashboard + - 工具列表支持 OPA Gatekeeper + +!!! summary "功能优化" + - 界面设置功能优化(X-Pack) + - CIS 扫描功能重构 + - 用户列表增加重置密码功能 + - 集群导入取消 kubernetes 版本限制 + - 初始化集群选择主机时默认主机名排序 + - 集群 worker 节点扩容,增加初始化存储提供商步骤 + - 自动模式创建可用区后定时刷新可用区状态 + +!!! success "Bug 修复" + - 修复了自动模式创建虚拟机失败一直显示等待程序执行的问题 + - 修复了由于 datastore 名称不符合规范导致服务器创建失败的问题 + - 修复了 kubeconfig 文件 apiserver 默认地址不正确的问题 + - 修复了系统设置中邮箱密码明文显示的问题 + - 修复了创建虚拟机配置没有校验名称重复的问题 + +!!! summary "组件更新" + - K8s: v1.20.12 + - KubePi: v1.3.0 + +## v3.11.2 +------------------------ +2021年11月11日 + +!!! info "支持 k8s 版本" + 支持的 k8s 版本是 1.20.10、v1.18.20 + +!!! summary "功能优化" + - [KubePi](https://github.com/KubeOperator/KubePi) 可视化管理面板版本升级至 v1.2.0 + - 集群扩容步骤拆分为多个可执行任务 + - 实时查看集群备份、恢复的任务日志 + - 创建集群支持多个 ntp server + - 格式化集群创建、升级等操作时的错误信息显示 + - 增加 sftp 类型备份账号默认端口 + +!!! success "Bug 修复" + - 修复了主机列表 、集群列表、节点列表刷新导致勾选失效的问题 -!!! warning "" - KubeOperator 版本号命名规则为: v大版本.功能版本.Bug修复版本 +## v3.11.1 +------------------------ +2021年10月24日 + +!!! info "支持 k8s 版本" + 支持的 k8s 版本是 1.20.10、v1.18.20 + +!!! summary "功能优化" + - KubePi 可视化管理面板版本升级至 v1.1.0 + +!!! success "Bug 修复" + - 修复了添加主机时,大内存主机获取不到内存的问题 + - 修复了导入 KubeOperator 自建集群 APIServer 与 HAProxy 端口不一致的问题 + +## v3.11.0 +------------------------ +2021年10月14日 + +!!! info "支持 k8s 版本" + 支持的 k8s 版本是 1.20.10、v1.18.20 + +!!! info "新增功能" + - 导入 KubeOperator 自建集群支持扩缩容、升级等 Day2 操作 + - 工具列表增加 [KubePi](https://github.com/KubeOperator/KubePi) 仪表盘工具 + +!!! summary "功能优化" + - 初始化集群时,支持设置 master 节点是否可调度 + - 支持工具状态及 chart 仓库同步 + - 支持 Prometheus 工具启用后跳转 + - 工具列表增加详情信息展示 + - 添加存储类时,支持自定义回收策略 + - 集群、主机等列表页支持自定义排序 + - 主机列表页增加凭据信息(默认隐藏) + - 创建 vcenter 可用区时,资源类型支持选择主机 + - 创建可用区时,自定义模版支持自定义凭据和端口 + - 部署计划、可用区和区域列表默认按照名称排序 + - 系统设置添加仓库时,支持设置 nexus 仓库密码 + - 运行时选择 docker 时,默认支持 live-restore + - 添加集群配置预览时,手动集群节点超出后隐藏显示 + - 集群评分功能优化(polaris 版本升级至 v4.1.0) + - 批量删除存储提供商时,增加状态判断 + - 集群 API 健康检查增加待解决状态 + - 集群删除逻辑优化 + +!!! success "Bug 修复" + - 修复了 Webkubectl 弹出时显示 token 错误的问题 + - 修复了提交类按钮双击导致重复提交的问题 + - 修复了 openstack 集群创建可用区时,虚拟机没有创建在指定服务器的问题 + - 修复了发生网络闪断后,kobe 服务中锁未释放的问题 + - 修复了 Ubuntu 主机 kubectl 命令没有自动补全的问题 + - 修复了导入集群没有发送消息的问题 + - 修复了导入集群删除后,消息详情没有获取到集群名称的问题 + - 修复了区域、消息中心高级搜索报错的问题 + +!!! summary "组件更新" + - K8s: v1.20.10 + - metrics-server: v0.5.0 + - harbor: v2.3.1 + - jenkins: v2.289.3 + +## v3.10.1 +------------------------ +2021年8月19日 + +!!! info "支持 k8s 版本" + 支持的 k8s 版本是 1.20.8、v1.18.20 + +!!! summary "功能优化" + - 健康检查增加代理IP检测 + +!!! success "Bug 修复" + - 修复了 service cidr 修改后创建集群没有生效的问题 + - 修复了使用中的仓库可以被删除的问题 + - 修复了项目管理员切换项目异常的问题 + - 修复了导入集群删除后没有接收到站内信的问题 + +## v3.10.0 +------------------------ +2021年8月12日 + +!!! info "支持 k8s 版本" + 支持的 k8s 版本是 1.20.8、v1.18.20 + +!!! info "新增功能" + - 集群高可用部署支持 VIP + - 集群节点扩容支持实时查看日志和错误重试 + - 集群节点支持强制删除 + +!!! summary "功能优化" + - 支持修改非绑定状态的主机 + - 支持自定义 NodePort 端口范围和地址 + - 创建集群时支持设置 service CIDR + - 集群节点扩容时同步设置 dns 缓存 + - 集群节点添加、删除时同步刷新节点 hosts 记录 + - Prometheus 服务类型修改为 NodePort + - 导入集群支持设置架构信息 + - 实时同步集群状态 + - 集群备份逻辑优化 + - 集群诊断功能优化 + - 集群备份功能优化 + - 集群强制删除功能优化 + +!!! success "Bug 修复" + - 修复了导入集群使用集群评分功能异常的问题 + - 修复了集群节点没有根据名称排序的问题 + - 修复部分编辑页面刷新后定位错误的问题 + +## v3.9.0 +------------------------ +2021年7月8日 + +!!! info "支持 k8s 版本" + 支持的 k8s 版本是 1.20.8、v1.18.20 + +!!! info "新增功能" + - 集群节点操作系统支持 Ubuntu 18.04/20.04 + - 支持非 root 用户安装 K8s 集群 + - 支持自定义 Nexus 仓库端口 + +!!! summary "功能优化" + - 升级 Docker 版本至 20.10.7 + - 针对多网卡主机,Calico 多网络支持 IP 网段设置 + - 优化主机、部署计划和备份账号授权逻辑 + - 项目管理员、集群管理员登录时集群列表取消项目显示 + - 删除项目权限绑定时,增加集群是否已绑定的判断 + - 优化主机名、用户名校验逻辑 + +!!! success "Bug 修复" + - 修复了集群创建和扩容时,没有校验主机架构的问题 + - 修复了集群管理员的部分权限问题 + - 修复了驱散集群节点后获取不到集群版本的问题 + - 修复了启用工具时,可以选择已经被驱散的节点的问题 + - 修复了主机批量导入校验报错的问题 + - 修复了集群删除时资源未能成功解绑的问题 + +## v3.8.0 +------------------------ +2021年6月10日 + +!!! info "支持 k8s 版本" + 支持的 k8s 版本是 1.20.6、v1.18.18 -!!! info "例如" - * v3.0.1 是 v3.0.0 之后的Bug修复版本 - * v3.1.0 是 v3.0.0 之后的功能版本 - * 像其它优秀开源项目一样,KubeOperator 将每月发布一个功能版本,并同时维护 3 个功能版本。比如: +!!! info "新增功能" + - 支持 k8s v1.20.6 版本 + - 持久卷支持添加 nfs + - 支持 gpu operator + - 集群扩容操作支持添加 gpu 主机 + - 集群健康检查增加节点数量同步 + - 启用 docker-registry 增加登录认证(admin/kubeoperator) + - server 日志支持输出到控制台并存储到文件 + +!!! summary "功能优化" + - 支持直接跳转 nexus 仓库 + - 补全了绑定、解绑集群资源等操作日志 + - 去掉正常主机状态同步任务的日志打印 + - 优化了持久卷表单国际化显示 + - 优化删除持久卷的提示信息 + - 集群监控支持自定义时间搜索 + - 根据集群版本动态匹配 dashboard 和 coredns 版本 + - 点击集群详情、创建部署计划时增加了是否存在仓库的判断 + +!!! success "Bug 修复" + - 解决存储提供商状态为失败时还能添加存储类的问题 + - 解决了添加 local volume 持久卷失败的问题 + - 解决了监控界面数据被覆盖的问题 + - 解决了项目管理员添加集群时默认项目显示错误的问题 + - 解决了集群升级任务中断后,重启服务状态仍然处于升级中的问题 + - 解决了创建集群时,容器网络设置不能恢复默认值的问题 + - 解决了 dns 缓存 与 Traefik 同时启用导致集群创建失败的问题 + - 解决了修改凭据明文显示的问题 + - 解决了仓库高级搜索页地址选项显示错误的问题 + - 解决了添加集群时,概览页面缺少部分信息的问题 + - 解决了项目管理员高级搜索结果匹配错误的问题 + +!!! summary "组件更新" + - k8s: v1.20.6 + - calico: v3.18.4 + - traefik: v2.4.8 + - helm: v3.6.0 + - dashboard: v2.2.0 + - argo-cd: v2.0.3 + +## v3.7.2 +------------------------ +2021年5月23日 + +!!! info "支持 k8s 版本" + 支持的 k8s 版本是 1.20.4、v1.18.18 + +!!! success "Bug 修复" + 修复了 yum 仓库中部分 rpm 包缺失的问题 + +## v3.7.1 +------------------------ +2021年5月21日 + +!!! info "支持 k8s 版本" + 支持的 k8s 版本是 1.20.4、v1.18.18 + +!!! success "Bug 修复" + - 解决了 v3.6.0 之前版本升级后,仓库信息无法编辑的问题 + - 解决了集群添加节点失败失败后,节点页面一直 loading 的问题 + - 解决了集群定时备份失败的问题 + - 解决了集群监控页面选择节点异常的问题 + - 解决了导入集群可以添加存储提供商的问题 + - 解决了集群导入、升级页面回退按钮缺失的问题 + +## v3.7.0 +------------------------ +2021年5月13日 + +!!! info "支持 k8s 版本" + 支持的 k8s 版本是 1.20.4、v1.18.18 + +!!! info "特别说明" + - 使用 Vue 重构前端工程 Neeko,实现前后端分离 + - 优化、添加部分API + - 优化权限管理模型 + +!!! summary "组件更新" + - k8s: v1.20.4、v1.18.18 + - docker: 19.03.15 + +## v3.6.2 +------------------------ +2021年4月13日 + +!!! info "支持 k8s 版本" + 支持的 k8s 版本是 1.20.4 -!!! info "例如" - * 在 v3.3 发布前,我们会同时维护 v3.0、v3.1、v3.2 - * 在 v3.3 发布后,我们会同时维护 v3.1、v3.2、v3.3;v3.0 会停止维护 +!!! success "Bug 修复" + - 解决了 vSphere 可用区创建失败的问题 + - 解决了离线包中 Grafana 镜像缺失的问题 + +## v3.6.1 +------------------------ +2021年4月8日 + +!!! info "支持 k8s 版本" + 支持的 k8s 版本是 1.20.4 + +!!! info "新增功能" + - 网络插件支持 Cilium + - 持久化存储支持 Cinder CSI + - 持久化存储支持 GlusterFS + - 集群支持开启 NodeLocal DNS Cache + +!!! summary "功能优化" + - 优化了 K8s 集群不能跨大版本升级的提示信息 + +!!! success "Bug 修复" + - 解决了在没有设置仓库的前提下,主机可以添加成功的问题 + +## v3.6.0 +------------------------ +2021年3月11日 + +!!! info "支持 k8s 版本" + 支持的 k8s 版本是 1.20.4 + +!!! info "新增功能" + - 支持 k8s v1.20 版本 + - 支持 amd64 和 arm64 混合集群部署 + - arm64 架构支持 containerd 集成 + - vSphere CSI 插件集成 + - 集群监控页面重构 + +!!! summary "功能优化" + - 主机列表支持批量刷新 + - 主机列表同步主机信息定时任务优化 + - 根据 CIDR 动态计算可支持的集群节点数量 + - 存储提供商删除操作同步删除集群中创建资源 + - 存储提供商状态同步 + - 版本管理详情页关联工具和持久化存储版本 + - 集群概览信息优化 + +!!! success "Bug 修复" + - 解决了 OpenStack 环境中虚机创建失败的问题 ## v3.5.2 ------------------------ 2021年2月7日 !!! info "支持 k8s 版本" -支持的 k8s 版本是 1.18.15 + 支持的 k8s 版本是 1.18.15 !!! summary "功能优化" -- 删除存储类操作添加到系统日志; + - 删除存储类操作添加到系统日志 !!! success "Bug 修复" -- 解决了删除存储类失败的问题; + - 解决了删除存储类失败的问题 ## v3.5.1 ------------------------ 2021年2月5日 !!! info "支持 k8s 版本" -支持的 k8s 版本是 1.18.15 + 支持的 k8s 版本是 1.18.15 !!! info "新增功能" -- 支持集群工具升级; -- 支持多级加密; -- 集群部署支持自定义配置 yum 仓库; + - 支持集群工具升级 + - 支持多级加密 + - 集群部署支持自定义配置 yum 仓库 !!! summary "功能优化" -- 支持集群强制删除; -- 支持存储卷和存储类删除; -- 主机批量导入功能优化; -- 集群添加节点功能优化; -- 创建存储类功能优化; -- 创建存储提供商任务状态实时同步; -- 网络插件安装提示信息国际化; -- 调用 kubernetes api 等操作添加到系统日志; -- 配置文件中密文存储工作密钥和密码; + - 支持集群强制删除 + - 支持存储卷和存储类删除 + - 主机批量导入功能优化 + - 集群添加节点功能优化 + - 创建存储类功能优化 + - 创建存储提供商任务状态实时同步 + - 网络插件安装提示信息国际化 + - 调用 kubernetes api 等操作添加到系统日志 + - 配置文件中密文存储工作密钥和密码 ## v3.5.0 ------------------------ 2021年1月15日 !!! info "支持 k8s 版本" -支持的 k8s 版本是 1.18.14 和 1.18.12 + 支持的 k8s 版本是 1.18.14 和 1.18.12 !!! info "新增功能" -- 支持集群异常状态诊断及修复; -- 支持 Istio v1.8.0; -- 自动模式创建主机支持 IP 池; -- 支持自定义 Ansible 任务超时时间和并发参数; -- 版本管理支持上传 K8s 离线包; -- 支持 Grafana。 + - 支持集群异常状态诊断及修复 + - 支持 Istio v1.8.0 + - 自动模式创建主机支持 IP 池 + - 支持自定义 Ansible 任务超时时间和并发参数 + - 版本管理支持上传 K8s 离线包 + - 支持 Grafana !!! summary "功能优化" -- 优化 K8s 集群的升级流程; -- 优化 K8s 集群创建时的选项; -- 优化用户密码加密方式; -- 优化集群 Namespace 的删除操作; -- 优化集群安装、升级时错误信息的显示; -- vSphere 模版支持多磁盘; -- 创建可用区时,vSphere Datastore 支持多选。 + - 优化 K8s 集群的升级流程 + - 优化 K8s 集群创建时的选项 + - 优化用户密码加密方式 + - 优化集群 Namespace 的删除操作 + - 优化集群安装、升级时错误信息的显示 + - vSphere 模版支持多磁盘 + - 创建可用区时,vSphere Datastore 支持多选 !!! summary "组件更新" -- k8s: v1.18.14 -- etcd: v3.4.14 -- containerd: 1.4.3 + - k8s: v1.18.14 + - etcd: v3.4.14 + - containerd: 1.4.3 ## v3.4.2 ------------------------ 2020年12月28日 !!! info "支持 k8s 版本" -支持的 k8s 版本是 1.18.10 和 1.18.12 + 支持的 k8s 版本是 1.18.10 和 1.18.12 !!! info "功能优化" -- 手动模式卸载集群时支持重试、查看日志; -- 优化新增用户密码强度校验; -- 优化 ansible 任务执行脚本; -- 支持 PasswordAuthentication 为 no 的 ssh 认证方式; + - 手动模式卸载集群时支持重试、查看日志 + - 优化新增用户密码强度校验 + - 优化 ansible 任务执行脚本 + - 支持 PasswordAuthentication 为 no 的 ssh 认证方式 !!! success "Bug 修复" -- 解决了集群节点操作系统为 CentOS7.4 时,集群安装失败的问题; -- 解决了 FusionCompute 创建虚机失败的问题; -- 解决了 ssh 到安装有 helm3 的 master 节点提示 Warning 信息的问题; -- 解决了 arm64 离线包缺失 registry 镜像的问题; + - 解决了集群节点操作系统为 CentOS7.4 时,集群安装失败的问题 + - 解决了 FusionCompute 创建虚机失败的问题 + - 解决了 ssh 到安装有 helm3 的 master 节点提示 Warning 信息的问题 + - 解决了 arm64 离线包缺失 registry 镜像的问题 ## v3.4.1 ------------------------ @@ -106,12 +677,12 @@ 支持的 k8s 版本是 1.18.10 和 1.18.12 !!! info "新增功能" - - 用户可自定义配置执行任务超时时间; - - 优化了容器运行时 systemd 参数配置; + - 用户可自定义配置执行任务超时时间 + - 优化了容器运行时 systemd 参数配置 !!! success "Bug 修复" - - 解决了多集群管理任务同步失败的问题; - - 解决了用户登录前后 ksessionid 未改变等安全问题; + - 解决了多集群管理任务同步失败的问题 + - 解决了用户登录前后 ksessionid 未改变等安全问题 ## v3.4.0 ------------------------ @@ -121,31 +692,31 @@ 支持的 k8s 版本是 1.18.10 和 1.18.12 !!! info "新增功能" - - 多集群管理(X-Pack); - - GPU 支持; - - 系统操作日志; - - 集群日志支持 Loki; - - 集群备份支持 SFTP; - - 批量导入主机; - - 忘记密码; - - FusionCompute 支持默认模版; - - 应用商店增加 Kuboard、TensorFlow; + - 多集群管理(X-Pack) + - GPU 支持 + - 系统操作日志 + - 集群日志支持 Loki + - 集群备份支持 SFTP + - 批量导入主机 + - 忘记密码 + - FusionCompute 支持默认模版 + - 应用商店增加 Kuboard、TensorFlow !!! summary "功能优化" - - 主机、备份账号页面可以直接授权到项目; - - arm64 集群支持 chartmuseum; - - 启用工具支持选择 namespace 和 node 节点; - - 手动模式状态为 Failed 的集群,删除操作时触发集群卸载脚本; - - 集群日志终端增加停止、开启按钮; - - 格式化显示创建集群错误信息; - - 优化集群脚本默认并发数量; - - 优化日期控件; - - 优化用户密码、用户邮箱等敏感数据显示方式; - - 上传文件控件国际化; - - 优化工具部署超时时间; - - 工具卸载时状态重置为销毁中; - - 优化文档、Rest Api等页面跳转方式; - - 优化集群创建时默认网络参数; + - 主机、备份账号页面可以直接授权到项目 + - arm64 集群支持 chartmuseum + - 启用工具支持选择 namespace 和 node 节点 + - 手动模式状态为 Failed 的集群,删除操作时触发集群卸载脚本 + - 集群日志终端增加停止、开启按钮 + - 格式化显示创建集群错误信息 + - 优化集群脚本默认并发数量 + - 优化日期控件 + - 优化用户密码、用户邮箱等敏感数据显示方式 + - 上传文件控件国际化 + - 优化工具部署超时时间 + - 工具卸载时状态重置为销毁中 + - 优化文档、Rest Api等页面跳转方式 + - 优化集群创建时默认网络参数 !!! summary "组件更新" - k8s: v1.18.10, v1.18.12 diff --git a/docs/about/contact.md b/docs/about/contact.md deleted file mode 100644 index cda87c1..0000000 --- a/docs/about/contact.md +++ /dev/null @@ -1,25 +0,0 @@ -## 技术咨询 - -!!! warning "" - - [点击提交技术咨询][jinshuju] - - [点击提交 Github Issue][issue] - -## 微信群 - -![wechat-group](../img/wechat-group.png) - -## 项目地址 - -- [KubeOperator][KubeOperator] ![KubeOperator stars][KubeOperator stars] - -## 联系方式 - -!!! warning "" - - 官网: http://www.kubeoperator.io - - 邮箱: support@fit2cloud.com - - 电话: 400-052-0755 - -[jinshuju]: https://jinshuju.net/f/QrZJpt -[issue]: https://github.com/KubeOperator/KubeOperator/issues -[KubeOperator]: https://github.com/KubeOperator/KubeOperator -[KubeOperator stars]: https://img.shields.io/github/stars/KubeOperator/KubeOperator.svg diff --git a/docs/concept.md b/docs/concept.md index ea93bbe..4396b5b 100644 --- a/docs/concept.md +++ b/docs/concept.md @@ -2,32 +2,31 @@ ## 部署模式 !!! warning "" - * 手动模式: 用户需要自己准备物理机或虚拟机,存储可选择 NFS 持久化存储,外部 ceph 存储等 - * 自动模式: 用户只需要绑定云平台(比如 VMware)账号信息,KubeOperator 会根据预先定义的部署计划来自动创建主机实现一键自动化部署 + - 手动模式: 用户需要自己准备物理机或虚拟机,存储可选择 NFS 持久化存储,外部 ceph 存储等 + - 自动模式: 用户只需要绑定云平台(比如 [VMware][VMware])账号信息,[KubeOperator][KubeOperator] 会根据预先定义的部署计划来自动创建主机实现一键自动化部署 ## 部署计划 !!! warning "" - 自动部署模式下,部署计划定 义了 Kubernetes 集群的部署细节,包括其部署模型、集群所在的区域、可用区、节点大小类型等 + 自动部署模式下,部署计划定义了 [Kubernetes][Kubernetes] 集群的部署细节,包括其部署模型、集群所在的区域、可用区、节点大小类型等 ## 区域和可用区 ![region-zone](img/ko-region.png) !!! warning "" - 区域(Region)和可用区(AZ)这两个术语来自公有云。每个区域完全独立。每个可用区完全隔离,但同一个区域内的可用区之间使用低时延链路相连。区域和可用区之间的关系如下图所示 !!! warning "" - 对于公有云厂商提供的托管 Kubernetes 服务,master 节点由公有云厂商托管并维护,其 3 个master 节点会分布在同个区域下面的 3 个不同可用区上面,实现真正的高可用 + 对于公有云厂商提供的托管 [Kubernetes][Kubernetes] 服务,master 节点由公有云厂商托管并维护,其 3 个master 节点会分布在同个区域下面的 3 个不同可用区上面,实现真正的高可用 !!! warning "" - KubeOperator 借鉴公有云厂商的思路和概念,并应用到 VMware、Openstack 和 FusionCompute 等私有云平台上面。例如,在 VMware 云平台下,区域对应为 Datacenter,可用区对应于 cluster,或者 cluster 下面的 resource pool + [KubeOperator][KubeOperator] 借鉴公有云厂商的思路和概念,并应用到 [VMware][VMware]、[OpenStack][OpenStack] 和 [FusionCompute][FusionCompute] 等私有云平台上面。例如,在 [VMware][VMware] 云平台下,区域对应为 Datacenter,可用区对应于 cluster,或者 cluster 下面的 resource pool !!! warning "注意事项" - * 如果用户只有一个 vSphere 集群,那么可以在集群下面建立三个 resource pool,每个resource pool 对应于一个可用区 - * 如果用户有三个 vSphere 集群,那么每个集群对应于一个可用区 - * vSAN 集群不能被多个 vSphere 集群共享,所以 3 个 vSphere 集群,持久化存储仅支持集中存储。 [具体请参考此文档](https://docs.vmware.com/en/VMware-Enterprise-PKS/1.5/vmware-enterprise-pks-15/GUID-vsphere-persistent-storage.html) + - 如果用户只有一个 vSphere 集群,那么可以在集群下面建立三个 resource pool,每个resource pool 对应于一个可用区 + - 如果用户有三个 vSphere 集群,那么每个集群对应于一个可用区 + - vSAN 集群不能被多个 vSphere 集群共享,所以 3 个 vSphere 集群,持久化存储仅支持集中存储。 [具体请参考此文档](https://docs.vmware.com/en/VMware-Enterprise-PKS/1.5/vmware-enterprise-pks-15/GUID-vsphere-persistent-storage.html) ## 权限模型 @@ -40,20 +39,31 @@ 默认的 admin 账号可以创建系统管理员 !!! warning "" - * 管理集群,安装、卸载、升级、扩容、缩容、备份、恢复等等所有集群相关操作 - * 管理用户,添加系统管理员和普通用户 - * 管理项目,创建新项目,给项目创建集群、指定项目管理员、授权资源等 - * 管理资源,添加集群所需主机、部署计划等 - * 系统设置,设置添加凭据、添加备份账号等 + - 管理集群,安装、卸载、升级、扩容、缩容、备份、恢复等等所有集群相关操作 + - 管理用户,添加系统管理员和普通用户 + - 管理项目,创建新项目,给项目创建集群、指定项目管理员和集群管理员、授权资源等 + - 管理版本,启用、禁用 k8s 版本、查看版本详情等 + - 管理资源,添加集群所需主机、部署计划、备份账号等 + - 系统设置,设置添加仓库、凭据、NTP、邮箱、License等 + - 查看系统日志 ### 项目管理员 !!! warning "" - * 管理集群,安装、卸载、升级、扩容、缩容、备份、恢复等等所有集群相关操作 - * 管理成员,可以指定普通用户(非系统管理员)给某个项目为项目管理员和集群管理员 - * 授权资源,创建集群所需资源,包括主机,部署计划和备份账号 + - 管理集群,安装、卸载、升级、扩容、缩容、备份、恢复等所有集群相关操作 + - 查看版本,查看版本详情 + - 查看资源,查看集群所需主机、部署计划、备份账号等 + - 查看项目,查看项目管理员和集群管理员、已授权资源等 + - 查看系统日志 ### 集群管理员 !!! warning "" - * 管理集群,安装、卸载、升级、扩容、缩容、备份、恢复等等所有集群相关操作 \ No newline at end of file + - 管理集群,查看集群概览、监控、日志、事件、添加工具、启用CSI扫描等相关操作 + - 查看系统日志 + +[KubeOperator]:https://kubeoperator.io +[Kubernetes]:https://kubernetes.io +[VMware]:https://www.vmware.com +[OpenStack]:https://www.openstack.org +[FusionCompute]:https://support.huawei.com/enterprise/zh/cloud-computing/fusioncompute-pid-8576912 diff --git a/docs/css/extra.css b/docs/css/extra.css index b5ecf48..260d4c5 100644 --- a/docs/css/extra.css +++ b/docs/css/extra.css @@ -1,10 +1,9 @@ -.md-header { - background-color: #FB6454; - top: 48px; +:root > * { + --md-primary-fg-color: #fc6554; } -.md-footer { - background-color: #FB6454; +.md-header { + top: 48px; } .md-footer-nav__link { @@ -77,3 +76,21 @@ .progress-0plus .progress-bar { background-color: #f50057; } + +.md-nav__source { + background-color: #fc6554; +} + +.md-grid { + margin-left: 1rem; + margin-right: auto; + max-width: initial; +} + +.md-top { + margin-top: 2rem; +} + +.md-nav--primary .md-nav__title .md-logo { + display: none; +} diff --git a/docs/dev/dev_manual.md b/docs/dev/dev_manual.md new file mode 100644 index 0000000..0cdabc8 --- /dev/null +++ b/docs/dev/dev_manual.md @@ -0,0 +1,209 @@ +## 项目结构 + +### 后端 +``` +. +├── Dockerfile.amd64 # 构建容器镜像使用的 dockerfile +├── Makefile # 编译文件 +├── LICENSE +├── README.md +├── ROADMAP.md +├── go.mod +├── pkg # 主目录 +├── locales # 后端 i18n 翻译目录 +├── docs # REST Api 文档目录 +├── migration # 数据库变更文件目录 +``` + +### 前端 +``` +. +├── Dockerfile # 构建容器镜像使用的 dockerfile +├── LICENSE +├── README.md +├── package.json # 包管理文件 +├── src # 主目录 +``` + +## 配置开发环境 + +### 后端 + +!!! warning "" + - KubeOperator 后端使用 iris 框架,并使用 Go mod 作为项目管理工具 + - 开发环境 Golang 版本 >= 1.14 + +#### 初始化配置 + +##### 数据库初始化 + +!!! warning "" + KubeOperator 使用 MySQL 数据库,推荐使用 MySQL 5.7 版本。同时 KubeOperator 对数据库部分配置项有要求,请参考下附的数据库配置,修改开发环境中的数据库配置文件 + + !!! warning "" + + ```mysql + [mysqld] + datadir=/var/lib/mysql + + default-storage-engine=INNODB + character_set_server=UTF8MB4 + table_open_cache=128 + max_connections=2000 + max_connect_errors=6000 + innodb_file_per_table=1 + innodb_buffer_pool_size=1G + max_allowed_packet=64M + transaction_isolation=READ-COMMITTED + innodb_flush_method=O_DIRECT + innodb_lock_wait_timeout=1800 + innodb_flush_log_at_trx_commit=0 + sync_binlog=0 + sql_mode=STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_ENGINE_SUBSTITUTION + skip-name-resolve + user=mysql + + [mysql] + default-character-set=utf8 + + [mysql.server] + default-character-set=utf8 + ``` + + 请参考文档中的建库语句创建 KubeOperator 使用的数据库,server 服务启动时会自动在配置的库中创建所需的表结构及初始化数据。 + + !!! warning "" + + ```mysql + CREATE DATABASE `ko` /*!40100 DEFAULT CHARACTER SET utf8mb4 */ + ``` + +##### KubeOperator 配置文件 + +!!! warning "" + KubeOperator 会默认加载该路径下的配置文件 /etc/ko/app.yaml,请参考下列配置创建对应目录及配置文件 + + !!! warning "" + + ```yaml + bind: + host: 0.0.0.0 + port: 8080 + logging: + level: info + out_put: fileAndStd + max_age: 2592000 + rotation: 86400 + # 数据库配置 + db: + # mysql 服务地址,按需修改 + host: mysql + port: 3306 + user: root + # 明文密码:KubeOperator123@mysql + password: U08BAQEBAQHNm6g24wOpMgv34sNpwR5aBVdvFeSE9+6bydHO/WZLvZXlX9rxiY4V + name: ko + max_open_conns: 200 + max_idle_conns: 10 + jwt: + secret: iXDgDaEYBzIzustW + exp: 480 + job: + timeout: 60 + # kobe 组件配置 + kobe: + # kobe 服务地址,按需修改 + host: kobe + port: 8080 + # kotf 组件配置 + kotf: + # kotf 服务地址,按需修改 + host: kotf + port: 8080 + webkubectl: + host: webkubectl + port: 8080 + kubepi: + host: kubepi + port: 80 + cron: + enable: true + encrypt: + multilevel: + enable: true + secret: WjgBAQEBAQG1bkw4r7ZuaKD1klBxrT+zrRk8KWl+7LE0dli3h+a8gl6er0u8Ks1w + parts: + - dP3hT7dBQhygBCYW + - YIi2czL9wv4tQEZD + ``` + +#### 运行后端服务 + +!!! warning "" + 主目录运行 + + ``` + go run main.go + ``` + +### 前端 + +!!! warning "" + - [neeko](https://github.com/KubeOperator/neeko) 前端使用了 Vue.js 作为前端框架,ElementUI 作为 UI 框架,并使用 npm 作为包管理工具 + - 开发者请先下载 Node.js 作为运行环境(推荐版本:v14.x) + +#### 运行步骤 + +!!! warning "" + 部署运行好 KubeOperator API 服务器(前置条件) + + ```bash + 1. 安装依赖 + $ npm install + + 2. 运行 + $ npm run serve + ``` + +### 组件 + +!!! warning "" + [kobe](https://github.com/KubeOperator/kobe) 和 [kotf](https://github.com/KubeOperator/kotf) 为 grpc 协议组件,使用 protobuf 生成 + +#### 配置文件 + +##### kobe + +!!! warning "" + kobe 会默认加载该路径下的配置文件 /etc/kobe/app.yaml,请参考下列配置创建对应目录及配置文件 + + ```yaml + server: + host: 0.0.0.0 + port: 8080 + app: + worker: 10 + queue: 2000 + + ansible: + timeout: 10 + forks: 20 + ``` + +##### kotf + +!!! warning "" + kotf 会默认加载该路径下的配置文件 /etc/kotf/app.yaml,请参考下列配置创建对应目录及配置文件 + + ``` + server: + host: 0.0.0.0 + port: 8080 + ``` + +#### 组件启动 + +!!! warning "" + ```bash + go run cmd/server/*.go + ``` \ No newline at end of file diff --git a/docs/dev/rest_api.md b/docs/dev/rest_api.md index 19432a0..e4045f9 100644 --- a/docs/dev/rest_api.md +++ b/docs/dev/rest_api.md @@ -1,5 +1,5 @@ -!!! info "点击帮助,查看 REST API 文档" +!!! warning "点击帮助,查看 API 文档" ![api_swagger](../img/dev/swagger-1.png) diff --git a/docs/enterprise.md b/docs/enterprise.md deleted file mode 100644 index fd38242..0000000 --- a/docs/enterprise.md +++ /dev/null @@ -1,4 +0,0 @@ - -- [申请企业版试用](https://jinshuju.net/f/qc6g44) - -> 注: 企业版支持离线安装,申请通过后会提供高速下载链接 \ No newline at end of file diff --git a/docs/faq.md b/docs/faq.md index b195eee..6c5abfc 100644 --- a/docs/faq.md +++ b/docs/faq.md @@ -1,174 +1,191 @@ -### 01-KubeOperator 的定位是什么? +### KubeOperator 的定位 -!!! question "" - KubeOperator 是一个开源的轻量级 Kubernetes 发行版。与 OpenShift 等重量级 PaaS 平台相比,KubeOperator 只专注于解决一个问题,就是帮助企业规划(Day 0)、部署(Day 1)、运营(Day 2)生产级别的 Kubernetes 集群,并且做到极致 +!!! warning "" + KubeOperator 是一个开源的轻量级 Kubernetes 发行版。与 OpenShift 等重量级 PaaS 平台相比,KubeOperator 只专注于解决一个问题,就是帮助企业规划(Day 0)、部署(Day 1)、运营(Day 2)生产级别的 Kubernetes 集群,并且做到极致。 ![what-is-ko](img/faq/what-is-ko.png) -!!! question "" - 云原生正在快速兴起,三个互相关联的领域在同步进化: +!!! warning "" + 云原生正在快速兴起,三个互相关联的领域在同步进化: - 基础设施方面: 从 物理资源 到 虚拟化资源 到 容器化( Kubernetes )资源 的演进 - 开发模式方面: 从 瀑布模型 到 敏捷开发 到 DevOps 的演进 - 应用架构方面: 从 单体架构 到 多层次架构 到 微服务 的演进 -### 开源版和企业版的区别? +### 与其他工具的区别 -!!! question "" - * 和同属飞致云旗下的 JumpServer 开源堡垒机一样,KubeOperator 的核心功能全部开源,坚持按月发布新版本,永久免费使用 - * 相比 KubeOperator 开源版,KubeOperator 企业版提供面向企业级应用场景的 X-Pack 增强包,以及高等级的原厂企业级支持服务,有效助力企业构建并运营生产级别的 K8s 集群 - - !!! info "X-Pack" - * 自定义 Logo 和 配色 - * 对接 LDAP - * 增加消息中心 - * 支持邮箱、钉钉、企业微信告警 - * 集群健康评估 - * 对接 F5 - * 多集群配置管理 - -### 02-KubeOperator 与 Kubespray 等部署工具的区别是什么? - -!!! question "" - KubeOperator 不仅提供 Day 1 部署功能,还提供 Day 2 的 K8s 集群升级、扩容、监控、检查、备份恢复等功能 - -![overview](img/faq/overview.png) - -!!! question "" - KubeOperator 不仅支持安装程序本身,还提供了一组工具来监视 Kubernetes 集群的持续运行。KubeOperator 的优势包括: - - - 提供可视化的 Web UI,大大降低部署和管理 Kubernetes 的门槛; - - 提供离线的、经过全面验证和测试的安装包; - - 与 VMware、Openstack 和 FusionCompute 等云平台紧密对接,能够实现一键虚机自动创建和部署(基于 Terraform 和 Ansible); - - KubeOperator 会提供经过充分验证的成熟企业级存储和网络方案。 - -### 03-Kubernetes 集群应该部署在物理机上面,还是 IaaS 平台上面? +=== "差异" + !!! warning "" + KubeOperator 不仅提供 Day 1 部署功能,还提供 Day 2 的 K8s 集群升级、扩容、监控、检查、备份恢复等功能 -!!! question "" - 总的来说,企业有两种方案选择: + ![overview](img/faq/overview.png) - - 基于物理机部署大的 Kubernetes 集群: 通过 namespace 实现租户的隔离; - - 基于 IaaS 平台之上部署多个 Kubernetes 集群: 为每个租户分配独立的 Kubernetes 集群。 +=== "优势" + !!! warning "" + KubeOperator 的优势包括: -!!! question "" - 这两种方案各有好处,在 Kubernetes 采纳初期,使用第二种方案更为理性,因为: + - 提供可视化的 Web UI,大大降低部署和管理 Kubernetes 的门槛; + - 提供离线的、经过全面验证和测试的安装包; + - 与 VMware、Openstack 和 FusionCompute 等云平台紧密对接,能够实现一键虚机自动创建和部署(基于 Terraform 和 Ansible); + - KubeOperator 会提供经过充分验证的成熟企业级存储和网络方案。 - - 如果是单一大集群,升级会影响所有租户,风险比较大; - - IaaS 平台上有成熟的、基于软件定义的存储和网络方案,落地更容易和灵活; - - KubeOperator 与 VMware、Openstack和 FusionCompute 等 IaaS 方案紧密集成,可以实现全栈的自动化,集群交付快,伸缩快。 +### Kubernetes 集群方案 -### 04-KubeOperator 是否使用二进制方式部署 Kubernetes? +!!! warning "" + - 基于物理机部署大的 Kubernetes 集群: 通过 namespace 实现租户的隔离 + - 基于 IaaS 平台之上部署多个 Kubernetes 集群: 为每个租户分配独立的 Kubernetes 集群 + !!! warning "" + 这两种方案各有好处,在 Kubernetes 采纳初期,使用第二种方案更为理性,因为: + + - 如果是单一大集群,升级会影响所有租户,风险比较大; + - IaaS 平台上有成熟的、基于软件定义的存储和网络方案,落地更容易和灵活; + - KubeOperator 与 VMware、Openstack 等 IaaS 方案紧密集成,可以实现全栈的自动化,集群交付快,伸缩快。 -!!! question "" - 否。是基于 kubeadm 容器化部署 Kubernetes 集群。 +### KubeOperator 部署方式 -### 05-采用原生 Kubernetes 有什么好处? +!!! warning "" + 基于 kubeadm 容器化部署 Kubernetes 集群 -!!! question "" - 总的来说,相对于发行版,采纳原生 Kubernetes 有两个好处: +### 原生 Kubernetes 的好处 +!!! warning "" + - KubeOperator 已经通过云原生基金会的 [Kubernetes 软件一致性认证](https://landscape.cncf.io)。 - Kubernetes 迭代很快,且只维护最新的三个大版本。如果采纳其他发行版,可能很容易出现和原生版本脱节的情况。 - 由于 Operator 和 Helm 等日趋成熟,很多发行版的功能,比如 CI/ CD, Istio 等都可以通过 addon 方式部署到 Kubernetes 集群里面。Kubernetes 集群及其里面的应用应该是分离的,各自迭代升级。 -### 06-KubeOperator 支持哪些持久化存储? - -!!! question "KubeOperator 支持三类存储" - - nfs: 手动模式和自动模式下的集群都支持 NFS 作为持久化存储 - - local storage: 本地持久化存储 - - external-ceph: 创建成功之后,会在集群中初始化 ceph provisioner 相关 pod - - rook-ceph: 需要指定 ceph 集群所需磁盘(集群所有节点都必须包含指定的磁盘,如sdb,sdc...) - - vsphere: 集群服务器必须在指定 Folder 中(自动模式创建集群默认 Folder 为 kubeoperator),并且服务器名称要和集群 node 节点名称保持一致 - - oceanstor: 参考文档: https://github.com/Huawei/eSDK_K8S_Plugin/tree/master/docs/zh +### KubeOperator 支持的存储 +=== "NFS" !!! warning "" - Static and Dynamic PVs 的支持情况取决于所选择的存储。以 vSphere 平台为例,[各种存储选项可以参考此文章](https://docs.vmware.com/en/VMware-Enterprise-PKS/1.5/vmware-enterprise-pks-15/GUID-vsphere-persistent-storage.html)" - -### 07-KubeOperator 自身重启、升级或者挂掉会影响其创建和管理的 Kubernetes 集群吗? - -!!! question "" - 不会有任何影响。KubeOperator 是一个 100% 旁路系统,其与被管 Kubernetes 集群完全解耦。 - -### 08-重启 KubeOperator 部署的 Kubernetes 集群的节点后,比如 Master 或者 Worker 节点,会自动恢复正常吗? - -!!! question "" - 会自动恢复正常。 - -### 09-KubeOperator 支持的 vSphere 版本是什么? - -!!! question "" - - 如果是手动部署模式 + NFS,支持 vSphere 5.5 及以上版本。 - - 如果是自动模式 + vSAN,支持 vSphere 6.5 及以上版本 - -### 10-KubeOperator 仅支持 CentOS 7.6 Minimal 及以上版本作为 Kubernetes 节点的操作系统吗? - -!!! question "" - 是。KubeOperator 的管理范围包括操作系统,比如操作系统补丁升级,其提供的离线包包括操作系统(自动模式)及其 RPM 包,一个离线包版本代表一个终态,并被充分测试和验证。 + 手动模式和自动模式下的集群都支持 NFS 作为持久化存储 +=== "LocalStorage" !!! warning "" - 注: KubeOperator 不支持 CentOS 8,目前支持的版本是 CentOS 7.4+。 + 本地持久化存储 -### 11-KubeOperator 是否已通过云原生基金会的 Kubernetes 软件一致性认证? +=== "External Ceph" + !!! warning "" + 创建成功之后,会在集群中初始化 ceph provisioner 相关 pod -!!! question "" - 是的。KubeOperator 已经通过认证,[具体请参加此处](https://landscape.cncf.io) +=== "Rook-Ceph" + !!! warning "" + 需要指定 ceph 集群所需磁盘(集群所有节点都必须包含指定的磁盘,如sdb,sdc...) -### 12-KubeOperator 和 Rancher 有什么区别? +=== "vSphere" + !!! warning "" + 集群服务器必须在指定 Folder 中(自动模式创建集群默认 Folder 为 kubeoperator),并且服务器名称要和集群 node 节点名称保持一致 -!!! question "" - Rancher 是完整的容器管理平台,KubeOperator 仅专注于帮助企业规划、部署和运营生产级别的 Kubernetes 集群,和 KubeOperator 有可比性的是 Rancher RKE,而不是 Rancher 全部。 +=== "[OceanStor](https://github.com/Huawei/eSDK_K8S_Plugin/tree/master/docs/zh)" - !!! warning "" - KubeOperator 推荐企业采纳解耦的方式来实现云原生之路,也就是说容器云平台与其之上的 DevOps 平台、微服务治理平台、AI 平台、应用商店等是解耦的。 +!!! warning "Static and Dynamic PVs 的支持情况取决于所选择的存储。以 vSphere 平台为例,[各种存储选项可以参考此文章](https://docs.vmware.com/en/VMware-Enterprise-PKS/1.5/vmware-enterprise-pks-15/GUID-vsphere-persistent-storage.html)" -### 13-是否支持在公有云平台上规划、部署 Kubernetes 集群? +### Kubernetes 软件一致性认证 -!!! question "" -是的。注意事项:仓库 IP 和 主机IP 需要填写内网IP。 +!!! warning "" + 是的。KubeOperator 已经通过认证,具体请参加: https://landscape.cncf.io -### 14-KubeOperator 部署机的推荐配置? +### KubeOperator 部署机的推荐配置 -!!! question "" +!!! warning "" KubeOperator 部署机配置取决于初始化 k8s 集群节点数量,推荐配置参考如下: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
集群节点数量部署机推荐配置
1-52C 4G
6-104C 8G
11-508C 16G
51-10016C 32G
101-20032C 64G
> 20064C 128G
+ +### K8s master 节点的推荐配置 + +!!! warning "" + Kubernetes 集群中 master 节点配置取决于 worker 节点数量,推荐配置参考如下: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
worker 节点数量master 推荐配置
1-51C 4G
6-102C 8G
11-1004C 16G
101-2508C 32G
251-50016C 64G
> 50032C 128G
+ +### KubeOperator 其他说明 + +!!! warning "" + - KubeOperator 自身重启、升级或者挂掉不会影响其创建和管理的 Kubernetes 集群(KubeOperator 是一个 100% 旁路系统,其与被管 Kubernetes 集群完全解耦) + - 重启 Kubernetes 集群节点后,Kubernetes 等服务会自动恢复正常 + +### Harbor 访问故障 + +!!! warning "" + 可以通过 Web UI 访问,但是 docker login 不成功 + +=== "第一步" + !!! warning "" + 开启 TLS,修改 enable = true + ![harbor_tls_enable](./img/faq/harbor-tls.jpg) - | 集群节点数量 | 部署机推荐配置 | - | ---- | ---- | - | 1-5 | 2C 4G | - | 6-10 | 4C 8G | - | 11-50 | 8C 16G | - | 51-100 | 16C 32G | - | 101-200 | 32C 64G | - | > 200 |64C 128G | +=== "第二步" + !!! warning "" + 配置一个固定的 NodePort 端口,端口不要和现有环境冲突即可 + ![harbor_tls_enable](./img/faq/harbor-nodeport.jpg) -### 15-Kubernetes 集群中的 master 节点的推荐配置? +=== "第三步" + !!! warning "" + 修改 externalURL: https://worker:port , 如图: 172.16.10.100是 worker 节点的IP,30003 是第二个步骤中为 NodePort 设置的固定端口 + ![harbor_tls_enable](./img/faq/harbor-externalurl.jpg) -!!! question "" - Kubernetes 集群中 master 节点配置取决于 worker 节点数量,推荐配置参考如下: +!!! warning "" + 点击右上角“部署”按钮,进行部署 - | worker 节点数量 | master 推荐配置 | - | ---- | ---- | - | 1-5 | 2C 4G | - | 6-10 | 4C 8G | - | 11-100 | 8C 16G | - | 101-250 | 16C 32G | - | 251-500 | 32C 64G | - | > 500 | 64C 128G | - -### 16-应用商店部署的 Harbor,可以通过 Web UI 访问,但是 docker login 不成功 - -!!! question "以默认的 NodePort 访问为例:" - - 上传 Harbor 离线应用到应用商店 - - 点击 Harbor 进行部署 - - 部署前对 value.yaml 做以下修改 - 1. 开启 TLS,修改 enable = true - ![harbor_tls_enable](./img/faq/harbor-tls.jpg) - 2. 配置一个固定的 NodePort 端口,端口不要和现有环境冲突即可 - ![harbor_tls_enable](./img/faq/harbor-nodeport.jpg) - 3. 修改 externalURL: https://worker:port , 如图: 172.16.10.100是 worker 节点的IP,30003 是第二个步骤中为 NodePort 设置的固定端口 - ![harbor_tls_enable](./img/faq/harbor-externalurl.jpg) - 4. 点就右上角“部署”按钮,进行部署 - - - 在本地 Docker 客户端配置 daemon.json,使之信任 Harbor 私有仓库 +!!! warning "" + 在本地 Docker 客户端配置 daemon.json,使之信任 Harbor 私有仓库 ```yaml { ... @@ -178,13 +195,15 @@ ... } ``` - - 在本地进行 docker login ,使用正确的用户名和密码进行登录 + +!!! warning "" + 重启 docker 服务后执行 docker login 命令,输入正确的用户名和密码进行登录 ```sh + $ systemctl restart docker $ docker login 172.16.10.100:30003 Username: admin Password: Login Succeeded ``` - !!! warning "" - 注意: 不论你是用 Ingress 还是 ClusterIP 对 Harbor 进行服务暴露,externalURL 一定要和实际访问 Harbor 时的 URL 一致,否则 docker login 认证时将会失败。 +!!! warning "不论用 Ingress 还是 ClusterIP 对 Harbor 进行服务暴露,externalURL 一定要和实际访问 Harbor 时的 URL 一致,否则 docker login 认证时将会失败" diff --git a/docs/guidelines/kubeapps.md b/docs/guidelines/kubeapps.md deleted file mode 100644 index b1357f9..0000000 --- a/docs/guidelines/kubeapps.md +++ /dev/null @@ -1,95 +0,0 @@ -## Kubeapps 使用指南 - -### 什么是 KubeApps ? - -!!! warning "" - Kubeapps 是一个应用商店,可以通过 Web UI 在 Kubernetes 集群中部署和管理应用程序 - -!!! info "主要功能" - * 从 Helm Chart 仓库中浏览并部署 Helm Chart 应用 - * 集群中已有 Helm chart 应用的查看、升级和卸载 - * 支持自定义 Helm Chart 仓库(比如 ChartMuseum 和 JFrog Artifactory 等) - * 基于 Kubernetes RBAC 的身份验证和授权 - -### 安装 KubeApps - -!!! warning "" - * 进入目标集群,在【工具】tab页面点击启用 KubeApps。根据需要自定义存储 - -![kubeapps-2](../img/guidelines/kubeapps/kubeapps-2.png) - -### 使用 KubeApps - -!!! warning "" - * KubeApps 安装完成后,单击 【转到】 按钮,可以安全地访问 KubeApps Dashboard - -![kubeapps-3](../img/guidelines/kubeapps/kubeapps-3.png) - -### 部署应用 - -!!! warning "" - * 在 Dashboard 中的【Catalog】页中可以看到系统默认自带的应用,可选择一个应用程序部署 - -![kubeapps-4](../img/guidelines/kubeapps/kubeapps-4.png) - - -!!! warning "" - * 首选根据用户需要选择一个 namespace,这里选择 kube-operator,然后单击部署应用,可以看到【应用商店】里面目前支持的应用列表。选择 GitLab 应用后,在应用页面右侧单击“Deploy”按钮 - -![gitlab-1](../img/guidelines/kubeapps/gitlab-1.png) - -!!! warning "" - * 系统将提示输入应用程序的名称,还可以看到目前版本,以及 GitLab 应用 YAML 配置文件,用户可根据自身需求修改该配置文件 - -![gitlab-2](../img/guidelines/kubeapps/gitlab-2.png) - -!!! warning "" - * 根据实际情况,自定义存储(storageClass)、Ingress等变量 - -!!! warning "" - * 在最下面点击 “Submit” 按钮,该应用程序将被部署,部署成功后,应用变为就绪状态 - -![gitlab-3](../img/guidelines/kubeapps/gitlab-3.png) - -!!! warning "" - * 要获取 GitLab 用户名和密码, 请参考部署页面的 “Notes” 部分。如果 Service 类型为 Ingress,要将该 URL 添加到本地 hosts 解析 - -### 删除应用 - -!!! warning "" - * 部署完成的应用如果要删除,可以在【Applications】进入 GitLab 应用后,单击右侧 “Delete” 按钮确定即可删除 - -![gitlab-4](../img/guidelines/kubeapps/gitlab-4.png) - -### 添加存储库 - -!!! warning "" - * KubeApps 支持添加外部应用仓库,在【Configuration】下拉菜单“App Repositories“页面,单击“Add App Repository” - -![kubeapps-5](../img/guidelines/kubeapps/kubeapps-5.png) - -### 推送 chart 镜像(离线包安装集群可选) - -!!! warning "" - * 包括 Argo CD、Gitlab、Harbor、Jenkins、Weave Scope 和 Sonarqube 镜像,用户可以根据需要下载并安装 - -!!! warning "" - * 安装包下载链接: https://github.com/KubeOperator/charts/releases - -#### 安装步骤: - -!!! warning "" - ```sh - # 首先登录 kubeoperator 部署机,进入 /tmp (或其他自定义)目录,将离线包拷贝到该目录中 - cd /tmp - - # 解压文件到本目录 - tar zxvf gitlab.tar.gz && cd gitlab - - # 执行 install.sh 文件,将镜像推送到nexus仓库 - /bin/bash install.sh start - - # 选择是否使用外部Docker Image Registry y/n - # 没有外部镜像仓库的情况下,可以选择 "n" 来使用 kubeoperator 部署节点的 nexus 仓库 registry.kubeoperator.io:8083) - # nexus 默认用户名密码为: admin/admin123 - ``` diff --git a/docs/img/components.jpg b/docs/img/components.jpg new file mode 100644 index 0000000..45c18ae Binary files /dev/null and b/docs/img/components.jpg differ diff --git a/docs/img/components.png b/docs/img/components.png deleted file mode 100644 index 8d7a254..0000000 Binary files a/docs/img/components.png and /dev/null differ diff --git a/docs/img/dashboard.png b/docs/img/dashboard.png new file mode 100644 index 0000000..4f7efe0 Binary files /dev/null and b/docs/img/dashboard.png differ diff --git a/docs/img/dev/swagger-1.png b/docs/img/dev/swagger-1.png index 8ea1942..cb49095 100644 Binary files a/docs/img/dev/swagger-1.png and b/docs/img/dev/swagger-1.png differ diff --git a/docs/img/dev/swagger-2.png b/docs/img/dev/swagger-2.png index 8cb8232..3e5144a 100644 Binary files a/docs/img/dev/swagger-2.png and b/docs/img/dev/swagger-2.png differ diff --git a/docs/img/kubeoerator-white.png b/docs/img/kubeoperator-white.png similarity index 100% rename from docs/img/kubeoerator-white.png rename to docs/img/kubeoperator-white.png diff --git a/docs/img/user_manual/backup_account/backup-1.png b/docs/img/user_manual/backup_account/backup-1.png new file mode 100644 index 0000000..10ed67f Binary files /dev/null and b/docs/img/user_manual/backup_account/backup-1.png differ diff --git a/docs/img/user_manual/backup_account/backup-2.png b/docs/img/user_manual/backup_account/backup-2.png new file mode 100644 index 0000000..e7b1032 Binary files /dev/null and b/docs/img/user_manual/backup_account/backup-2.png differ diff --git a/docs/img/user_manual/cluster/cis-scan.png b/docs/img/user_manual/cluster/cis-scan.png index ebc1c32..cf9976b 100644 Binary files a/docs/img/user_manual/cluster/cis-scan.png and b/docs/img/user_manual/cluster/cis-scan.png differ diff --git a/docs/img/user_manual/cluster/cluster-backup-1.png b/docs/img/user_manual/cluster/cluster-backup-1.png index 324412e..968d3ac 100644 Binary files a/docs/img/user_manual/cluster/cluster-backup-1.png and b/docs/img/user_manual/cluster/cluster-backup-1.png differ diff --git a/docs/img/user_manual/cluster/cluster-backup-2.png b/docs/img/user_manual/cluster/cluster-backup-2.png index 3706f0a..114f118 100644 Binary files a/docs/img/user_manual/cluster/cluster-backup-2.png and b/docs/img/user_manual/cluster/cluster-backup-2.png differ diff --git a/docs/img/user_manual/cluster/cluster-diagnosis.png b/docs/img/user_manual/cluster/cluster-diagnosis.png index c899ec2..811dce2 100644 Binary files a/docs/img/user_manual/cluster/cluster-diagnosis.png and b/docs/img/user_manual/cluster/cluster-diagnosis.png differ diff --git a/docs/img/user_manual/cluster/cluster-events.png b/docs/img/user_manual/cluster/cluster-events.png index 845d124..f32b012 100644 Binary files a/docs/img/user_manual/cluster/cluster-events.png and b/docs/img/user_manual/cluster/cluster-events.png differ diff --git a/docs/img/user_manual/cluster/cluster-import.png b/docs/img/user_manual/cluster/cluster-import.png index 5733688..9a27e1e 100644 Binary files a/docs/img/user_manual/cluster/cluster-import.png and b/docs/img/user_manual/cluster/cluster-import.png differ diff --git a/docs/img/user_manual/cluster/cluster-remove.png b/docs/img/user_manual/cluster/cluster-remove.png index 1377052..0be417d 100644 Binary files a/docs/img/user_manual/cluster/cluster-remove.png and b/docs/img/user_manual/cluster/cluster-remove.png differ diff --git a/docs/img/user_manual/cluster/cluster-repair-1.png b/docs/img/user_manual/cluster/cluster-repair-1.png deleted file mode 100644 index 4387139..0000000 Binary files a/docs/img/user_manual/cluster/cluster-repair-1.png and /dev/null differ diff --git a/docs/img/user_manual/cluster/cluster-repair-2.png b/docs/img/user_manual/cluster/cluster-repair-2.png deleted file mode 100644 index 91c69de..0000000 Binary files a/docs/img/user_manual/cluster/cluster-repair-2.png and /dev/null differ diff --git a/docs/img/user_manual/cluster/cluster-upgrade.png b/docs/img/user_manual/cluster/cluster-upgrade.png index 2c3fc7c..25a975b 100644 Binary files a/docs/img/user_manual/cluster/cluster-upgrade.png and b/docs/img/user_manual/cluster/cluster-upgrade.png differ diff --git a/docs/img/user_manual/cluster/deploy-1.png b/docs/img/user_manual/cluster/deploy-1.png index 869751d..c8f4a75 100644 Binary files a/docs/img/user_manual/cluster/deploy-1.png and b/docs/img/user_manual/cluster/deploy-1.png differ diff --git a/docs/img/user_manual/cluster/deploy-2.png b/docs/img/user_manual/cluster/deploy-2.png index db6d259..69bc799 100644 Binary files a/docs/img/user_manual/cluster/deploy-2.png and b/docs/img/user_manual/cluster/deploy-2.png differ diff --git a/docs/img/user_manual/cluster/deploy-3.png b/docs/img/user_manual/cluster/deploy-3.png index fc6345c..98ed2c4 100644 Binary files a/docs/img/user_manual/cluster/deploy-3.png and b/docs/img/user_manual/cluster/deploy-3.png differ diff --git a/docs/img/user_manual/cluster/deploy-4.png b/docs/img/user_manual/cluster/deploy-4.png index 3000460..be8ffac 100644 Binary files a/docs/img/user_manual/cluster/deploy-4.png and b/docs/img/user_manual/cluster/deploy-4.png differ diff --git a/docs/img/user_manual/cluster/deploy-5.png b/docs/img/user_manual/cluster/deploy-5.png index f960073..14b98eb 100644 Binary files a/docs/img/user_manual/cluster/deploy-5.png and b/docs/img/user_manual/cluster/deploy-5.png differ diff --git a/docs/img/user_manual/cluster/deploy-hosts.png b/docs/img/user_manual/cluster/deploy-hosts.png index 757459d..0e3a2da 100644 Binary files a/docs/img/user_manual/cluster/deploy-hosts.png and b/docs/img/user_manual/cluster/deploy-hosts.png differ diff --git a/docs/img/user_manual/cluster/deploy-log.png b/docs/img/user_manual/cluster/deploy-log.png index a78bb90..9d88046 100644 Binary files a/docs/img/user_manual/cluster/deploy-log.png and b/docs/img/user_manual/cluster/deploy-log.png differ diff --git a/docs/img/user_manual/cluster/deploy-plan.png b/docs/img/user_manual/cluster/deploy-plan.png index 26395be..4fdc85b 100644 Binary files a/docs/img/user_manual/cluster/deploy-plan.png and b/docs/img/user_manual/cluster/deploy-plan.png differ diff --git a/docs/img/user_manual/cluster/deploy-review.png b/docs/img/user_manual/cluster/deploy-review.png index 05ea23c..81cbf61 100644 Binary files a/docs/img/user_manual/cluster/deploy-review.png and b/docs/img/user_manual/cluster/deploy-review.png differ diff --git a/docs/img/user_manual/cluster/istio-1.png b/docs/img/user_manual/cluster/istio-1.png index c0fe38c..65b1d77 100644 Binary files a/docs/img/user_manual/cluster/istio-1.png and b/docs/img/user_manual/cluster/istio-1.png differ diff --git a/docs/img/user_manual/cluster/logging-1.png b/docs/img/user_manual/cluster/logging-1.png index 0a1ec43..83ed114 100644 Binary files a/docs/img/user_manual/cluster/logging-1.png and b/docs/img/user_manual/cluster/logging-1.png differ diff --git a/docs/img/user_manual/cluster/monitor-1.png b/docs/img/user_manual/cluster/monitor-1.png index 9d09c88..2dc21d6 100644 Binary files a/docs/img/user_manual/cluster/monitor-1.png and b/docs/img/user_manual/cluster/monitor-1.png differ diff --git a/docs/img/user_manual/cluster/namespace-1.png b/docs/img/user_manual/cluster/namespace-1.png index ef913b4..b9f2d5c 100644 Binary files a/docs/img/user_manual/cluster/namespace-1.png and b/docs/img/user_manual/cluster/namespace-1.png differ diff --git a/docs/img/user_manual/cluster/node-1.png b/docs/img/user_manual/cluster/node-1.png index 4b80b53..da40f1d 100644 Binary files a/docs/img/user_manual/cluster/node-1.png and b/docs/img/user_manual/cluster/node-1.png differ diff --git a/docs/img/user_manual/cluster/node-2.png b/docs/img/user_manual/cluster/node-2.png index 0867c63..44f7b37 100644 Binary files a/docs/img/user_manual/cluster/node-2.png and b/docs/img/user_manual/cluster/node-2.png differ diff --git a/docs/img/user_manual/cluster/node-3.png b/docs/img/user_manual/cluster/node-3.png index 17457fc..f50ab5b 100644 Binary files a/docs/img/user_manual/cluster/node-3.png and b/docs/img/user_manual/cluster/node-3.png differ diff --git a/docs/img/user_manual/cluster/node-4.png b/docs/img/user_manual/cluster/node-4.png index 93fffcf..bf05a2e 100644 Binary files a/docs/img/user_manual/cluster/node-4.png and b/docs/img/user_manual/cluster/node-4.png differ diff --git a/docs/img/user_manual/cluster/node-cordon.png b/docs/img/user_manual/cluster/node-cordon.png new file mode 100644 index 0000000..d48c9ef Binary files /dev/null and b/docs/img/user_manual/cluster/node-cordon.png differ diff --git a/docs/img/user_manual/cluster/node-detail.png b/docs/img/user_manual/cluster/node-detail.png new file mode 100644 index 0000000..61127cc Binary files /dev/null and b/docs/img/user_manual/cluster/node-detail.png differ diff --git a/docs/img/user_manual/cluster/overview-1.png b/docs/img/user_manual/cluster/overview-1.png index 8b23db4..44723fb 100644 Binary files a/docs/img/user_manual/cluster/overview-1.png and b/docs/img/user_manual/cluster/overview-1.png differ diff --git a/docs/img/user_manual/cluster/overview-2.png b/docs/img/user_manual/cluster/overview-2.png index 172e8a3..c00b4fd 100644 Binary files a/docs/img/user_manual/cluster/overview-2.png and b/docs/img/user_manual/cluster/overview-2.png differ diff --git a/docs/img/user_manual/cluster/storage-1.png b/docs/img/user_manual/cluster/storage-1.png index 669c067..45f2d80 100644 Binary files a/docs/img/user_manual/cluster/storage-1.png and b/docs/img/user_manual/cluster/storage-1.png differ diff --git a/docs/img/user_manual/cluster/tools-1.png b/docs/img/user_manual/cluster/tools-1.png index 22b2bca..91ae3ef 100644 Binary files a/docs/img/user_manual/cluster/tools-1.png and b/docs/img/user_manual/cluster/tools-1.png differ diff --git a/docs/img/user_manual/hosts/host-add.png b/docs/img/user_manual/hosts/host-add.png index b77a4ee..c3c6d01 100644 Binary files a/docs/img/user_manual/hosts/host-add.png and b/docs/img/user_manual/hosts/host-add.png differ diff --git a/docs/img/user_manual/hosts/host-authorization.png b/docs/img/user_manual/hosts/host-authorization.png deleted file mode 100644 index 01ed44d..0000000 Binary files a/docs/img/user_manual/hosts/host-authorization.png and /dev/null differ diff --git a/docs/img/user_manual/hosts/host-detail.png b/docs/img/user_manual/hosts/host-detail.png new file mode 100644 index 0000000..e954336 Binary files /dev/null and b/docs/img/user_manual/hosts/host-detail.png differ diff --git a/docs/img/user_manual/hosts/host-edit.png b/docs/img/user_manual/hosts/host-edit.png new file mode 100644 index 0000000..6ed558b Binary files /dev/null and b/docs/img/user_manual/hosts/host-edit.png differ diff --git a/docs/img/user_manual/hosts/host-import-excel.png b/docs/img/user_manual/hosts/host-import-excel.png index 5585657..8811fbe 100644 Binary files a/docs/img/user_manual/hosts/host-import-excel.png and b/docs/img/user_manual/hosts/host-import-excel.png differ diff --git a/docs/img/user_manual/hosts/host-import.png b/docs/img/user_manual/hosts/host-import.png index 3e5e451..954fe53 100644 Binary files a/docs/img/user_manual/hosts/host-import.png and b/docs/img/user_manual/hosts/host-import.png differ diff --git a/docs/img/user_manual/hosts/host-list.png b/docs/img/user_manual/hosts/host-list.png index d64f73a..802abca 100644 Binary files a/docs/img/user_manual/hosts/host-list.png and b/docs/img/user_manual/hosts/host-list.png differ diff --git a/docs/img/user_manual/hosts/host-refresh.png b/docs/img/user_manual/hosts/host-refresh.png index a5f53b9..5ce91c1 100644 Binary files a/docs/img/user_manual/hosts/host-refresh.png and b/docs/img/user_manual/hosts/host-refresh.png differ diff --git a/docs/img/user_manual/plan/custom-templates.png b/docs/img/user_manual/plan/custom-templates.png new file mode 100644 index 0000000..66081a5 Binary files /dev/null and b/docs/img/user_manual/plan/custom-templates.png differ diff --git a/docs/img/user_manual/plan/ip-pool-add.png b/docs/img/user_manual/plan/ip-pool-add.png index 76442c5..44b395f 100644 Binary files a/docs/img/user_manual/plan/ip-pool-add.png and b/docs/img/user_manual/plan/ip-pool-add.png differ diff --git a/docs/img/user_manual/plan/ip-pool-list.png b/docs/img/user_manual/plan/ip-pool-list.png index 9f0e574..c72d65f 100644 Binary files a/docs/img/user_manual/plan/ip-pool-list.png and b/docs/img/user_manual/plan/ip-pool-list.png differ diff --git a/docs/img/user_manual/plan/ip-pool-use.png b/docs/img/user_manual/plan/ip-pool-use.png index 64a5c96..a448438 100644 Binary files a/docs/img/user_manual/plan/ip-pool-use.png and b/docs/img/user_manual/plan/ip-pool-use.png differ diff --git a/docs/img/user_manual/plan/plan-1.png b/docs/img/user_manual/plan/plan-1.png index 382d2ba..e8bd665 100644 Binary files a/docs/img/user_manual/plan/plan-1.png and b/docs/img/user_manual/plan/plan-1.png differ diff --git a/docs/img/user_manual/plan/plan-2.png b/docs/img/user_manual/plan/plan-2.png deleted file mode 100644 index 5576681..0000000 Binary files a/docs/img/user_manual/plan/plan-2.png and /dev/null differ diff --git a/docs/img/user_manual/plan/region-1.png b/docs/img/user_manual/plan/region-1.png index 9b304f1..61c48b0 100644 Binary files a/docs/img/user_manual/plan/region-1.png and b/docs/img/user_manual/plan/region-1.png differ diff --git a/docs/img/user_manual/plan/region-2.png b/docs/img/user_manual/plan/region-2.png deleted file mode 100644 index bf4e857..0000000 Binary files a/docs/img/user_manual/plan/region-2.png and /dev/null differ diff --git a/docs/img/user_manual/plan/region-3.png b/docs/img/user_manual/plan/region-3.png deleted file mode 100644 index 8a1c1a4..0000000 Binary files a/docs/img/user_manual/plan/region-3.png and /dev/null differ diff --git a/docs/img/user_manual/plan/template-fusioncompute.png b/docs/img/user_manual/plan/template-fusioncompute.png new file mode 100644 index 0000000..e769264 Binary files /dev/null and b/docs/img/user_manual/plan/template-fusioncompute.png differ diff --git a/docs/img/user_manual/plan/template-openstack.png b/docs/img/user_manual/plan/template-openstack.png new file mode 100644 index 0000000..ff7bc84 Binary files /dev/null and b/docs/img/user_manual/plan/template-openstack.png differ diff --git a/docs/img/user_manual/plan/template-upload.png b/docs/img/user_manual/plan/template-upload.png new file mode 100644 index 0000000..221f0d7 Binary files /dev/null and b/docs/img/user_manual/plan/template-upload.png differ diff --git a/docs/img/user_manual/plan/template-vsphere.png b/docs/img/user_manual/plan/template-vsphere.png new file mode 100644 index 0000000..8d7a0eb Binary files /dev/null and b/docs/img/user_manual/plan/template-vsphere.png differ diff --git a/docs/img/user_manual/plan/virtual-config-list.png b/docs/img/user_manual/plan/virtual-config-list.png index 259b202..6784542 100644 Binary files a/docs/img/user_manual/plan/virtual-config-list.png and b/docs/img/user_manual/plan/virtual-config-list.png differ diff --git a/docs/img/user_manual/plan/zone-1.png b/docs/img/user_manual/plan/zone-1.png index 4b2606f..c4d3384 100644 Binary files a/docs/img/user_manual/plan/zone-1.png and b/docs/img/user_manual/plan/zone-1.png differ diff --git a/docs/img/user_manual/plan/zone-2.png b/docs/img/user_manual/plan/zone-2.png deleted file mode 100644 index 78dca83..0000000 Binary files a/docs/img/user_manual/plan/zone-2.png and /dev/null differ diff --git a/docs/img/user_manual/plan/zone-3.png b/docs/img/user_manual/plan/zone-3.png deleted file mode 100644 index a58bd70..0000000 Binary files a/docs/img/user_manual/plan/zone-3.png and /dev/null differ diff --git a/docs/img/user_manual/project/project-1.png b/docs/img/user_manual/project/project-1.png deleted file mode 100644 index a218f70..0000000 Binary files a/docs/img/user_manual/project/project-1.png and /dev/null differ diff --git a/docs/img/user_manual/project/project-2.png b/docs/img/user_manual/project/project-2.png deleted file mode 100644 index 498ef34..0000000 Binary files a/docs/img/user_manual/project/project-2.png and /dev/null differ diff --git a/docs/img/user_manual/project/project-3.png b/docs/img/user_manual/project/project-3.png index ce992c3..40eb9e6 100644 Binary files a/docs/img/user_manual/project/project-3.png and b/docs/img/user_manual/project/project-3.png differ diff --git a/docs/img/user_manual/project/project-4.png b/docs/img/user_manual/project/project-4.png deleted file mode 100644 index 34432ca..0000000 Binary files a/docs/img/user_manual/project/project-4.png and /dev/null differ diff --git a/docs/img/user_manual/project/project-5.png b/docs/img/user_manual/project/project-5.png index a88c9f0..5e480ef 100644 Binary files a/docs/img/user_manual/project/project-5.png and b/docs/img/user_manual/project/project-5.png differ diff --git a/docs/img/user_manual/project/project-dashboard.png b/docs/img/user_manual/project/project-dashboard.png new file mode 100644 index 0000000..620a832 Binary files /dev/null and b/docs/img/user_manual/project/project-dashboard.png differ diff --git a/docs/img/user_manual/project/project-list.png b/docs/img/user_manual/project/project-list.png new file mode 100644 index 0000000..dad1540 Binary files /dev/null and b/docs/img/user_manual/project/project-list.png differ diff --git a/docs/img/user_manual/system_log/system-log.png b/docs/img/user_manual/system_log/system-log.png index 90117e3..442975f 100644 Binary files a/docs/img/user_manual/system_log/system-log.png and b/docs/img/user_manual/system_log/system-log.png differ diff --git a/docs/img/user_manual/system_management/backup-1.png b/docs/img/user_manual/system_management/backup-1.png deleted file mode 100644 index 1e4d0ab..0000000 Binary files a/docs/img/user_manual/system_management/backup-1.png and /dev/null differ diff --git a/docs/img/user_manual/system_management/email-1.png b/docs/img/user_manual/system_management/email-1.png deleted file mode 100644 index 0a7c9eb..0000000 Binary files a/docs/img/user_manual/system_management/email-1.png and /dev/null differ diff --git a/docs/img/user_manual/system_management/key-1.png b/docs/img/user_manual/system_management/key-1.png index 98c071f..4b7a743 100644 Binary files a/docs/img/user_manual/system_management/key-1.png and b/docs/img/user_manual/system_management/key-1.png differ diff --git a/docs/img/user_manual/system_management/key-2.png b/docs/img/user_manual/system_management/key-2.png index 4eceb6a..2244d04 100644 Binary files a/docs/img/user_manual/system_management/key-2.png and b/docs/img/user_manual/system_management/key-2.png differ diff --git a/docs/img/user_manual/system_management/license-1.png b/docs/img/user_manual/system_management/license-1.png deleted file mode 100644 index f578087..0000000 Binary files a/docs/img/user_manual/system_management/license-1.png and /dev/null differ diff --git a/docs/img/user_manual/system_management/ntp.png b/docs/img/user_manual/system_management/ntp.png index c7b65c6..581b1d9 100644 Binary files a/docs/img/user_manual/system_management/ntp.png and b/docs/img/user_manual/system_management/ntp.png differ diff --git a/docs/img/user_manual/system_management/registry.png b/docs/img/user_manual/system_management/registry.png index b6d62d1..cda7afa 100644 Binary files a/docs/img/user_manual/system_management/registry.png and b/docs/img/user_manual/system_management/registry.png differ diff --git a/docs/img/user_manual/user_management/user-1.png b/docs/img/user_manual/user_management/user-1.png index 2344df0..c8e2a57 100644 Binary files a/docs/img/user_manual/user_management/user-1.png and b/docs/img/user_manual/user_management/user-1.png differ diff --git a/docs/img/user_manual/user_management/user-2.png b/docs/img/user_manual/user_management/user-2.png deleted file mode 100644 index 2cb90f3..0000000 Binary files a/docs/img/user_manual/user_management/user-2.png and /dev/null differ diff --git a/docs/img/user_manual/user_management/user-3.png b/docs/img/user_manual/user_management/user-3.png deleted file mode 100644 index 5dfab54..0000000 Binary files a/docs/img/user_manual/user_management/user-3.png and /dev/null differ diff --git a/docs/img/user_manual/version/version-1.png b/docs/img/user_manual/version/version-1.png index a3743e3..03a28c1 100644 Binary files a/docs/img/user_manual/version/version-1.png and b/docs/img/user_manual/version/version-1.png differ diff --git a/docs/img/user_manual/version/version-2.png b/docs/img/user_manual/version/version-2.png index 3afaec8..8494977 100644 Binary files a/docs/img/user_manual/version/version-2.png and b/docs/img/user_manual/version/version-2.png differ diff --git a/docs/img/wechat-group.png b/docs/img/wechat-group.png deleted file mode 100644 index cd50828..0000000 Binary files a/docs/img/wechat-group.png and /dev/null differ diff --git a/docs/index.md b/docs/index.md index 765945b..674b8f8 100644 --- a/docs/index.md +++ b/docs/index.md @@ -2,301 +2,24 @@ # 总体介绍 !!! warning "" - KubeOperator 是一个 **开源** 的轻量级 Kubernetes 发行版,专注于帮助企业规划、部署和运营生产级别的 Kubernetes 集群。 + KubeOperator 是一个开源的轻量级 Kubernetes 发行版,专注于帮助企业规划、部署和运营生产级别的 Kubernetes 集群。 - KubeOperator 提供可视化的 Web UI,支持离线环境,支持物理机、VMware、OpenStack 和 FusionCompute 等 IaaS 平台,支持 x86 和 ARM64 架构,支持 GPU,内置应用商店,已通过 CNCF 的 Kubernetes 软件一致性认证。 + KubeOperator 提供可视化的 Web UI,支持离线环境,支持物理机、VMware、OpenStack 和 FusionCompute 等 IaaS 平台,支持 x86_64 和 ARM64 架构,支持 GPU,内置应用商店,已通过 CNCF 的 Kubernetes 软件一致性认证。 - KubeOperator 使用 Terraform 在 IaaS 平台上自动创建主机(用户也可以自行准备主机,比如物理机或者虚机),通过 Ansible 完成自动化部署和变更操作,支持 Kubernetes 集群 从 Day 0 规划,到 Day 1 部署,到 Day 2 运营的全生命周期管理。 + KubeOperator 使用 Terraform 在 IaaS 平台上自动创建主机(用户也可以自行准备主机,比如物理机或者虚机),通过 Ansible 完成自动化部署和变更操作,支持 Kubernetes 集群 从 Day 0 规划,到 Day 1 部署,到 Day 2 运营的全生命周期管理。 + +## 页面展示 + +![!界面展示](./img/dashboard.png) ## 技术优势 !!! warning "" - - 简单易用: 提供可视化的 Web UI,极大降低 Kubernetes 部署和管理门槛,内置 [Webkubectl](https://github.com/KubeOperator/webkubectl) - - 按需创建: 调用云平台 API,一键快速创建和部署 Kubernetes 集群 - - 按需伸缩: 快速伸缩 Kubernetes 集群,优化资源使用效率 - - 按需修补: 快速升级和修补 Kubernetes 集群,并与社区最新版本同步,保证安全性 - - 离线部署: 支持完全离线下的 Kubernetes 集群部署 + + - 按需创建: 调用云平台 API,一键快速创建和部署 [Kubernetes][Kubernetes] 集群 + - 按需伸缩: 快速伸缩 [Kubernetes][Kubernetes] 集群,优化资源使用效率 + - 按需修补: 快速升级和修补 [Kubernetes][Kubernetes] 集群,并与社区最新版本同步,保证安全性 + - 离线部署: 支持完全离线下的 [Kubernetes][Kubernetes] 集群部署 - 自我修复: 通过重建故障节点确保集群可用性 - 全栈监控: 提供从Pod、Node到集群的事件、监控、告警、和日志方案 - Multi-AZ 支持: 将 Master 节点分布在不同的故障域上确保集群高可用 - - 应用商店: 内置 [KubeApps](https://github.com/kubeapps/kubeapps) 应用商店 - - GPU 支持: 支持 GPU 节点,助力运行深度学习等应用 - - -## 功能列表 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Day 0 规划集群模式 - 1 个 Master 节点 n 个 Worker 节点模式:适合开发测试用途 -
3 个 Master 节点 n 个 Worker 节点模式:适合生产用途 -
计算方案 - 独立主机:支持自行准备的虚机、公有云主机和物理机 -
vSphere 平台:支持自动创建主机(使用 Terraform) -
Openstack 平台:支持自动创建主机 (使用 Terraform) -
FusionCompute 平台:支持自动创建主机 (使用 Terraform) -
存储方案 - 独立主机:支持 NFS / Ceph RBD / Rook Ceph / Local Volume -
vSphere 平台:支持 vSphere Datastore (vSAN 及 vSphere 兼容的集中存储) -
Openstack 平台:支持 Openstack Cinder (Ceph 及 Cinder 兼容的集中存储) -
FusionCompute 平台:支持 OceanStor -
网络方案 - 支持 CoreDNS -
支持 Flannel / Calico 网络插件 -
支持 ingress-nginx / traefik -
支持通过 F5 Big IP 对外暴露服务(X-PACK) -
GPU 方案 - 支持 NVIDIA GPU -
操作系统 - 支持 RHEL / CentOS / EulerOS 操作系统 -
容器运行时 - 支持 Docker / Containerd -
Day 1 部署 - 部署 - 支持在线和离线安装模式 -
支持 Kubeadm 部署 -
支持 x86_64 和 arm64 CPU 架构 -
支持可视化方式展示部署过程 -
支持一键自动化部署(使用 Ansible) -
支持已有集群导入 -
Day 2 运营 - 管理 - 支持以项目为核心的分级授权管理 -
支持系统管理员、项目管理员和集群管理员三种角色 -
支持多集群配置管理(X-PACK) -
支持对接 LDAP/AD(X-PACK) -
支持自定义 Logo 和 配色(X-PACK) -
对外开放 REST API -
支持国际化 i18n -
提供 Web Kubectl 界面 -
内置 Helm -
可观察性 - 内置 Prometheus,支持对集群、节点、Pod、Container的全方位监控和告警 -
内置 EFK、Loki 日志方案 -
内置 Grafana 作为监控和日志展示 -
支持消息中心,通过钉钉、微信通知各种集群异常事件(X-PACK) -
升级 - 支持集群升级 -
伸缩 - 支持增加或者减少 Worker 节点 -
备份 - 支持 etcd 定期备份和立即备份 -
恢复 - 支持 etcd 备份策略文件恢复和本地文件恢复 -
安全合规 - 支持集群健康评分(X-PACK) -
支持 CIS 安全扫描 -
应用商店 - 提供 GitLab、Jenkins、Harbor、Argo CD、Sonarqube 等 CI/CD 工具 -
提供 Kuboard、Weave Scope、Redmine 等管理工具 -
提供深度学习AI 应用,比如 TensorFlow -
- -## 支持组件 - -!!! warning "" - * [kubernetes](https://github.com/kubernetes/kubernetes) v1.18.14 - * [etcd](https://github.com/coreos/etcd) v3.4.14 - * [docker](https://www.docker.com/) v19.03.9 - * [containerd](https://containerd.io/) v1.4.3 - -!!! warning "" - * [calico](https://github.com/projectcalico/calico) v3.16.5 - * [flanneld](https://github.com/coreos/flannel) v0.13.0 - -!!! warning "" - * [coredns](https://github.com/coredns/coredns) v1.8.0 - * [helm-v2](https://github.com/helm/helm) v2.17.0 - * [helm-v3](https://github.com/helm/helm) v3.4.1 - * [traefik](https://github.com/containous/traefik) v2.2.1 - * [ingress-nginx](https://github.com/kubernetes/ingress-nginx) v0.33.0 - * [metrics-server](https://github.com/kubernetes-sigs/metrics-server) v0.3.6 - -!!! warning "" - * [istio](https://github.com/istio/istio) 1.8.0 - * [dashboard](https://github.com/kubernetes/dashboard) v2.0.3 - * [kubeapps](https://github.com/kubeapps/kubeapps) v1.10.2 - * [prometheus](https://github.com/prometheus/prometheus) v2.18.1 - * [grafana](https://github.com/grafana/grafana) v7.3.3 - * [loki](https://github.com/grafana/loki) v2.0.0 - * [logging](https://github.com/elastic/elasticsearch) v7.6.2 - * [chartmuseum](https://github.com/helm/chartmuseum) v0.12.0 - * [docker-registry](https://github.com/docker/distribution) v2.7.1 - -!!! warning "" - * [argo-cd](https://github.com/argoproj/argo-cd) v1.7.4 - * [gitlab-ce](https://about.gitlab.com) v9.4.1 - * [harbor](https://github.com/goharbor/harbor) v1.10.2 - * [jenkins](https://github.com/jenkinsci/jenkins) v2.222.1 - * [kuboard](https://github.com/eip-work/kuboard-press) v2.0.5.1 - * [redmine](https://github.com/redmine/redmine) v4.1.1 - * [sonarqube](https://github.com/SonarSource/sonarqube) v7.9.2 - * [tensorflow-serving](https://github.com/tensorflow/serving) v1.14.0 - * [tensorflow-notebook](https://github.com/tensorflow/tensorflow) v1.6.0 - * [weave-scope](https://github.com/weaveworks/scope) v1.12.0 - -## 企业版试用 - -!!! warning "" - - [申请企业版试用](https://jinshuju.net/f/qc6g44) - - 企业版支持离线安装,申请通过后会提供高速下载链接 - -## 更多阅读 - -!!! warning "" - - [干货分享丨KubeOperator如何助力企业运营生产级别的Kubernetes集群?](https://blog.fit2cloud.com/?p=1255) - - [PPT 介绍](https://kubeoperator.io/download/KubeOperator_Intro.pdf) diff --git a/docs/installation/install.md b/docs/installation/install.md index 7d7b1c2..f893eec 100644 --- a/docs/installation/install.md +++ b/docs/installation/install.md @@ -33,7 +33,7 @@ 4 8G 100G - 3 + 1 @@ -78,7 +78,7 @@ ## 软件要求 -=== "kubeoperator 部署机" +=== "KubeOperator 部署机" @@ -129,7 +129,7 @@
-=== "kubernetes 集群节点" +=== "K8s 集群节点" @@ -142,9 +142,17 @@ - + @@ -182,97 +190,67 @@
操作系统CentOS/RHEL 7.4 - 7.9 Minimal
- EulerOS 2.5(x86_64)
- EulerOS 2.8(arm64)		 + + CentOS 7.4 - 7.9
+ RHEL 7.4 - 7.9
+ Ubuntu 20.04 / 18.04
+ Kylin v10
+ openEuler 22.03
+ EulerOS 2.5(x86_64)
+ EulerOS 2.8(aarch64) + + 		cat /etc/redhat-release
- ## 安装说明 === "离线安装" + !!! warning "请自行下载 KubeOperator 最新版本的离线安装包" + - amd64: https://cloud.189.cn/t/yU7BjimqmUry(访问码:rt1t) + - arm64: https://cloud.189.cn/t/eYrQniJRzuU3(访问码:hxz3) - !!! info " 请自行下载 KubeOperator [最新版本的离线安装包](https://github.com/KubeOperator/KubeOperator/releases),并复制到目标机器的 /tmp 目录下" + !!! warning "" ```sh - cd /tmp # 解压安装包 - tar zxvf KubeOperator-release-v3.x.y.tar.gz - # 进入安装包目录 - cd KubeOperator-release-v3.x.y + tar zxvf KubeOperator-release-{{ kubeoperator.version }}-amd64.tar.gz + # arm64 的包名是 KubeOperator-release-{{ kubeoperator.version }}-arm64.tar.gz + cd KubeOperator-release-{{ kubeoperator.version }} # 运行安装脚本 /bin/bash install.sh # 等待安装脚本执行完成后,查看 KubeOperator 状态 koctl status ``` -=== "在线安装" - - !!! info "默认使用 /opt/kubeoperator 目录作为安装目录,配置文件、数据及日志等均存放在该安装目录安装完成后,安装过程中产生的离线文件可删除,目录名: kubeoperator-release-v3.x.y" - ```sh - # 以 root 用户 ssh 登录目标服务器, 执行如下命令 - curl -sSL https://github.com/KubeOperator/KubeOperator/releases/latest/download/quick_start.sh -o quick_start.sh - bash quick_start.sh - ``` - -!!! info "安装完成后,检查服务状态。若有有异常,可以使用 koctl restart 命令进行重新启动" +!!! warning "" ``` [root@kubeoperator ~]# koctl status Name Command State Ports ------------------------------------------------------------------------------------------------------------------------------------------------ - kubeoperator_grafana /run.sh Up (healthy) 3000/tcp - kubeoperator_kobe kobe-server Up (healthy) 8080/tcp + kubeoperator_kobe sh /root/entrypoint.sh Up (healthy) 8080/tcp kubeoperator_kotf kotf-server Up (healthy) 8080/tcp + kubeoperator_kubepi kubepi-server Up (healthy) 80/tcp kubeoperator_mysql /entrypoint.sh mysqld Up (healthy) 3306/tcp, 33060/tcp - kubeoperator_nexus sh -c ${SONATYPE_DIR}/star ... Up 0.0.0.0:8081->8081/tcp, 0.0.0.0:8082->8082/tcp, 0.0.0.0:8083->8083/tcp + kubeoperator_nexus sh -c ${SONATYPE_DIR}/star ... Up (healthy) 0.0.0.0:8081->8081/tcp, 0.0.0.0:8082->8082/tcp, 0.0.0.0:8083->8083/tcp kubeoperator_nginx /docker-entrypoint.sh ngin ... Up (healthy) 0.0.0.0:80->80/tcp kubeoperator_server ko-server Up (healthy) 8080/tcp kubeoperator_ui /docker-entrypoint.sh ngin ... Up (healthy) 80/tcp kubeoperator_webkubectl sh /opt/webkubectl/start-w ... Up (healthy) ``` -!!! info "登录" +!!! warning "登录" ``` 地址: http://:80 用户名: admin 密码: kubeoperator@admin123 ``` -!!! info "帮助" +!!! warning "帮助" ```sh koctl --help ``` - ## 升级说明 === "离线升级" - !!! example "" + !!! warning "" ```sh - # 离线升级需要提前下载离线安装包,并解压到KubeOperator部署机 + # 离线升级需要提前下载离线安装包,并解压到 KubeOperator 部署机 # 进入升级包目录 - cd KubeOperator-release-v3.x.y + cd KubeOperator-release-{{ kubeoperator.version }} # 运行安装脚本 ./koctl upgrade # 查看 KubeOperator 状态 koctl status ``` - -=== "在线升级" - - !!! example "" - ```sh - # 升级到指定版本 - koctl upgrade v3.x.y - # 升级到最新版本 - koctl upgrade - # 查看 KubeOperator 状态 - koctl status ``` - -## 混合架构说明 - -!!! info "定义:混合架构是指使用 KubeOperator 部署同时包含 x86_64 和 arm64 架构节点的 Kubernetes 集群" - 如下图所示,混合部署需要提供 x86_64 和 arm64 架构的 nexus 仓库,以便于集群部署时可以下载到对应架构的资源,之后在 KubeOperator 系统设置添加不同架构的仓库信息即可。
- - 例如:
-   1.可以分别部署两台不同架构的 KubeOperator(一台 arm64,一台 x86_64)
  2.使用 x86_64 架构的主机作为日常操作的主机
  3.将 arm64 的主机作为 arm 仓库使用并添加到 x86_64 的 KubeOperator 系统设置中 - -![KubeOperator-mixed-arch](../img/KubeOperator-mixed-arch.png) \ No newline at end of file diff --git a/docs/quick_start/cluster_deployment.md b/docs/quick_start/cluster_deployment.md index 777b094..6792192 100644 --- a/docs/quick_start/cluster_deployment.md +++ b/docs/quick_start/cluster_deployment.md @@ -2,25 +2,27 @@ ### 集群信息 !!! warning "" + - 项目: 选择集群所属项目 - 供应商: 支持裸金属(手动模式)和部署计划(自动模式) - - 版本: 支持版本管理中最新的两个 Kubernetes 版本 + - 版本: 支持版本管理中最新的两个 Kubernetes 版本 - 架构: 支持 AMD64 和 ARM64 - Yum 仓库: 支持替换、共存和不操作三种类型 - !!! info "Yum 仓库" - * 替换: 会对 K8S 节点服务器原始 yum repo 文件进行备份,之后生成并仅使用 KubeOperator 的 yum repo - * 共存: 将保持 K8S 节点服务器原始 yum repo 文件不变,同时生成并使用 kubeoperator 的 yum repo - * 不操作: 将保持使用 K8S 节点服务器原始 yum repo 文件,不对 K8S 节点服务器的 yum repo 做任何操作 +!!! warning "Yum 仓库" + - 替换: 此操作将会对 K8S 节点服务器原始 yum repo 文件进行备份,之后生成并仅使用 KubeOperator 的 yum repo + - 共存: 此操作将保持K8S节点服务器原始 yum repo 文件不变,同时生成并使用 kubeoperator 的 yum repo + - 不操作: 此操作将保持使用 K8S 节点服务器原始 yum repo 文件,不对K8S节点服务器的 yum repo 做任何操作 ![deploy-1](../img/user_manual/cluster/deploy-1.png) ### 集群设置 !!! warning "" - - 最大 POD 数量: 默认 110 - - Pod 子网: 默认 10.244.0.0/18 - - Service 子网: 默认 10.244.64.0/18 - - kube-proxy 模式: 支持 iptables 和 ipvs + - 容器网络: CIDR不能与目标IP段重叠,否则会造成初始化失败 + - POD 数量上限/节点: 默认 256 + - Service 数量上限/集群: 默认 256 + - proxy 模式: 支持 iptables 和 ipvs + - dns 缓存: 支持开启 NodeLocal DNSCache - kubernetes 审计: 支持开启日志审计功能 ![deploy-2](../img/user_manual/cluster/deploy-2.png) @@ -28,7 +30,7 @@ ### 运行时设置 !!! warning "" - - 容器运行时: 支持 Docker 和 Containerd(注意: ARM64 架构下,容器运行时不支持 Containerd) + - 容器运行时: 支持 Docker 和 Containerd - Docker 数据路径: 默认 /var/lib/docker - Container 子网: 默认 172.17.0.1/16 @@ -37,19 +39,27 @@ ### 容器网络设置 !!! warning "" - - 网卡名称: 集群节点使用的网卡,根据实际环境填写正确的网卡名称 - - 容器网络: 支持 flannel 和 calico - - 网络模式: flannel 支持 host-gw 和 vxlan、calico 支持 bgp 和 ipip + - 网卡名称: 多网卡环境需要指定使用的网卡名称,单网卡环境可不填 + - 容器网络: 支持 flannel 、 calico 和 cilium - !!! info "vxlan 和 ipip 网络模式" - * 基于隧道,在任何网络环境下都可以正常工作 - * 优势是对物理网络环境没有特殊要求,只要宿主机IP层可以路由互通即可 - * 劣势是封包和解包耗费CPU性能,且额外的封装导致带宽浪费 + !!! warning "vxlan 和 ipip 网络模式" + - 基于隧道,在任何网络环境下都可以正常工作 + - 优势是对物理网络环境没有特殊要求,只要宿主机IP层可以路由互通即可 + - 劣势是封包和解包耗费CPU性能,且额外的封装导致带宽浪费 - !!! info "host-gw 和 bgp 网络模式" - * 基于路由,不适用于公有云环境 - * 优势是没有封包和解包过程,完全基于两端宿主机的路由表进行转发 - * 劣势是要求宿主机在2层网络是互通,且路由表膨胀会导致性能降低 + !!! warning "host-gw 和 bgp 网络模式" + - 基于路由,不适用于公有云环境 + - 优势是没有封包和解包过程,完全基于两端宿主机的路由表进行转发 + - 劣势是要求宿主机在2层网络是互通,且路由表膨胀会导致性能降低 + + !!! warning "cilium Overlay" + - 支持 vxlan 和 geneve + - 基于封装的虚拟网络,产生所有主机。目前 VXLAN 和 Geneve 已经完成,但可以启用 Linux 支持的所有封装格式 + - 此模式具有最小的基础设施和集成要求。它几乎适用于任何网络基础设施,因为唯一的要求是主机之间的IP连接,这通常已经给出 + + !!! warning "cilium Native Routing" + - 使用 Linux 主机的常规路由表。网络必须能够路由应用程序容器的IP地址,此模式适用于高级用户,需要了解底层网络基础结构。 + - 适用于(1. 原生 IPv6 网络、2. 与云网络路由器配合使用、3. 如果您已经在运行路由守护进程) ![deploy-4](../img/user_manual/cluster/deploy-4.png) @@ -65,12 +75,12 @@ ### 节点信息 !!! warning "" - * 根据不同的节点角色选择目标主机(手动模式) + 根据不同的节点角色选择目标主机(手动模式) ![deploy-hosts](../img/user_manual/cluster/deploy-hosts.png) !!! warning "" - * 选择已授权部署计划,设置 Worker 节点数量(自动模式) + 选择已授权部署计划,设置 Worker 节点数量(自动模式) ![deploy-plan](../img/user_manual/cluster/deploy-plan.png) @@ -83,4 +93,4 @@ !!! warning "" 集群创建过程中为 Initializing 状态,点击可查看集群安装进度并支持查看当前任务的实时日志(支持手动暂停任务日志输出) -![deploy-log](../img/user_manual/cluster/deploy-log.png) \ No newline at end of file +![deploy-log](../img/user_manual/cluster/deploy-log.png) diff --git a/docs/quick_start/cluster_import.md b/docs/quick_start/cluster_import.md index bd4519d..312d146 100644 --- a/docs/quick_start/cluster_import.md +++ b/docs/quick_start/cluster_import.md @@ -2,47 +2,211 @@ ### 基本信息 !!! warning "" - 输入要导入集群的名称、Api Server、Router、Token + - 支持导入非 KubeOperator 创建的集群 + - 导入非 KubeOperator 创建的集群不支持扩缩容、升级、备份等 Day2 操作 ![cluster-import](../img/user_manual/cluster/cluster-import.png) -!!! info "示例" - * Api Server: https://172.16.10.100:8443 - * Router: 装有 kube-proxy 的任意节点的且可以被访问到的 IP 地址 - * Token: 要具有 cluster-admin 权限 +!!! warning "获取架构" + 选择集群节点的 CPU 架构类型(支持 amd64、arm64 和混合架构三种类型) - ```vi - # 获取 cluster-admin 权限的 token - kubectl -n kube-system describe secrets kubeoperator-admin-token-m7srm - Name: kubeoperator-admin-token-m7srm - Namespace: kube-system - Labels: - Annotations: kubernetes.io/service-account.name: kubeoperator-admin - kubernetes.io/service-account.uid: d3f3622-a5cb-4ad1-ab2e-53887c59007 +!!! warning "获取 Api Server" + ```shell + cat ~/.kube/config | grep server: | awk '{print $2}' + ``` + + 注意:如果 server IP 为 127.0.0.1,需要将 IP 替换为任意 master 节点 IP - Type: kubernetes.io/service-account-token +!!! warning "获取 Router" + 装有 kube-proxy 的任意 K8s 集群节点的 IP 地址 - Data - ==== - ca.crt: 1038 bytes - namespace: 11 bytes - token: eyJhbGciOiJSUzI1NiIsImtcZCI6Ik9GN2U0SXhybVFVRV9JaFJYSTBzdXQ2Mi1WZmRHcXpIOXNDb2Rqemt0MjAifQ.eyJpc3MiOiJrdWJlcm5ldGVzL1NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pxy9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJrby1hZG1pbi10b2tlbi1tN3NybSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJrby1hZG1pbiIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6ImQzZjM2MzIyLWE1Y2ItNGFkMS1hYjJlLTUzODg3Y2E1OTAwNyIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlLXN5c3RlbTprby1hZG1pbiJ9.HvpDTAgn0nHu0ZnyPgxOFwWKiwtyYEqWaBWTrSV7EjRcToVIrN2eR8t9kw_RiDEI93S_Nnfjw-Xj1RTRsQEkRASx5uuXMAbELWnFo-rGLR8qs0ct-1t2jGkhgBQ2WtiCqczSG-o91N7PqqYa6RMebUTjy2M7bnybKGxSq0G-StH_JrgOGLHROtvV7U9JWiv32akGXqliK09YfVY6Ykv9kg4z6MeHWvpfCBTmR0qKn9wY2qC2DHynw2Nd_5LxtHeCJGYcvflaR_kcOP4bhzqxMbtGSf0xd5GXYa1iNKGm3Hu8-FtPiDc9BuViQIzR6PvsjzaIBWVRYOxD5zf0jUz_zw + ```shell + kubectl -n kube-system get pod -o wide | grep kube-proxy ``` -### 使用工具 + 注意:获取任意节点的 IP 地址 -!!! info "示例" - * 工具中所涉及到的镜像默认使用 KubeOperator 镜像仓库,在启用工具前,需要在 Kubernetes 节点配置私有仓库的可信任设置可以通过HTTP直接访问 - ``` +!!! warning "获取 Token" + + === "KubeOperator 创建集群" + + ```shell + kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep ko-admin | awk '{print $1}') | grep token: | awk '{print $2}' + ``` + + === "自建集群" + + !!! warning "" + 创建 Service Account + + ```yaml + apiVersion: v1 + kind: ServiceAccount + metadata: + name: kubeoperator-user + namespace: kube-system + ``` + + !!! warning "" + 创建 ClusterRoleBinding + + ```yaml + apiVersion: rbac.authorization.k8s.io/v1 + kind: ClusterRoleBinding + metadata: + name: kubeoperator-user + roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cluster-admin + subjects: + - kind: ServiceAccount + name: kubeoperator-user + namespace: kube-system + ``` + + !!! warning "" + 获取 Token + + ```shell + kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep kubeoperator-user | awk '{print $1}') | grep token: | awk '{print $2}' + ``` + +### 非 KubeOperator 创建集群 + +#### 使用工具 + +!!! warning "仓库配置" + - 工具中涉及到的镜像来源于 nexus 镜像仓库。在启用工具之前,需要在所有 K8s 集群节点上对 nexus 镜像仓库进行 http 授信。 + + ```shell vim /etc/docker/daemon.json + ``` + + ```json { + ... "insecure-registries" : [ "...", "kubeoperator-ip:8082", "..." ] + ... } - # kubeoperator-ip 为 KubeOperator 部署机 IP - # 为了使得配置生效,需要重新启动 docker 服务 + 注意:kubeoperator-ip 为 KubeOperator 部署机 IP + ``` + + ```shell + # 重新启动 docker 服务使得配置生效 systemctl restart docker.service ``` +### KubeOperator 创建集群 + +#### 获取容器运行时参数 + +!!! warning "Docker" + ```shell + # 集群任意节点执行 + cat /etc/docker/daemon.json + ``` + + ```json + { + ... + "bip": "172.17.0.1/16", # Container 子网 + "data-root": "/var/lib/docker", # Docker 数据路径 + ... + } + ``` + +!!! warning "Containerd" + + ```shell + # 集群任意节点执行 + cat /etc/containerd/config.toml + ``` + + ```yaml + ... + root = "/var/lib/containerd" # Containerd 数据路径 + ... + ``` + +#### 获取容器网络参数 + !!! warning "" - * KubeOperator 不能针对导入的集群进行扩缩容、备份等集群运营操作 + + === "flannel" + + !!! warning "网络模式" + + ```shell + # 集群任意节点执行 + kubectl -n kube-system get cm kube-flannel-cfg -o yaml + ``` + + ```json + { + ... + net-conf.json: | + { + "Network": "10.0.0.0/14", + "Backend": { + "Type": "vxlan" # 网络模式为 vxlan + } + } + ... + } + ``` + + !!! warning "多网络设置" + + ```shell + # 集群任意节点执行 + kubectl -n kube-system get daemonsets.apps kube-flannel-ds -o yaml + ``` + + ```yaml + ... + containers: + - args: + - --ip-masq + - --kube-subnet-mgr + - --iface=ens192 # 多网络设置为启用,网卡名称为 ens192 + ... + ``` + + === "calico" + + !!! warning "网络模式" + + ```shell + # 集群任意节点执行 + kubectl -n kube-system get cm calico-config -o yaml + ``` + + ```yaml + ... + containers: + - env: + - name: CALICO_IPV4POOL_IPIP + value: "off" # off 代表网络模式为 bgp,Always 代表网络模式为 ipip + ... + ``` + + !!! warning "多网络设置" + + ```shell + # 集群任意节点执行 + kubectl -n kube-system get daemonsets.apps calico-node -o yaml + ``` + + ```yaml + ... + containers: + - env: + - name: DATASTORE_TYPE + value: kubernetes + - name: IP_AUTODETECTION_METHOD + value: interface=ens192 # 多网络设置为网卡,网卡名称为 ens192 + value: cidr=192.168.64.0/24 # 多网络设置为网段,网段为 192.168.64.0/24 + ... + ``` \ No newline at end of file diff --git a/docs/quick_start/cluster_planning/automatic.md b/docs/quick_start/cluster_planning/automatic.md index e601e50..86ead53 100644 --- a/docs/quick_start/cluster_planning/automatic.md +++ b/docs/quick_start/cluster_planning/automatic.md @@ -1,92 +1,118 @@ !!! warning "" - KubeOperator 支持两种 Kubernetes 集群部署方式,一种是自动模式,另外一种是手动模式,我们推荐使用自动模式。在自动模式下,用户需要准备软件定义的 IaaS 云平台,比如 VMware vSphere、Openstack 和 FusionCompute 等 - - 本章节以 VMware vSphere 平台作为示例,讲解整个 K8s 集群的规划、部署及管理过程。部署示意图如下图所示: + - KubeOperator 推荐使用自动模式部署 Kubernetes 集群 + - 在自动模式下,用户需要准备软件定义的 IaaS 云平台,比如 VMware vSphere、Openstack 和 FusionCompute 等 + - 本章节以 VMware vSphere 平台作为示例,讲解整个 K8s 集群的规划、部署及管理过程,部署示意图如下图所示: ![overview](../../img/tutorial/vmware.png) -### 虚拟机配置 - -!!! warning "" - * 支持添加和修改虚拟机配置(CPU、内存) - * 默认 small、medium、large、xlarge、2xlarge 和 4xlarge 六种配置 - -![virtual-config-list](../../img/user_manual/plan/virtual-config-list.png) - -### IP 池 +### IP 池配置 !!! warning "" - * IP 池在创建可用区时使用,池中的 IP 地址将分配给虚拟机 + IP 池在创建可用区时使用,池中的 IP 地址将分配给虚拟机 ![ip-pool-list](../../img/user_manual/plan/ip-pool-list.png) #### 添加 IP 池 !!! warning "" - * 创建 IP 池要配置好子网掩码、起止 IP、网关和 DNS 等 + 创建 IP 池要配置好子网掩码、起止 IP、网关和 DNS 等 ![ip-pool-add](../../img/user_manual/plan/ip-pool-add.png) -#### IP 使用情况 +#### 查看 IP 使用情况 !!! warning "" - * 列表页点击IP 使用情况可查看IP 池中所有 IP 的状态(可达、可用和占用) - * 在 IP 池页面,可手动添加 IP 段、同步 IP 状态 + - 列表页点击 IP 使用情况可查看 IP 池中所有 IP 的状态(可达、可用和占用) + - 在 IP 池页面,可手动添加 IP 段、同步 IP 状态等 ![ip-pool-use](../../img/user_manual/plan/ip-pool-use.png) -### 区域(Region) +### 虚拟机配置 !!! warning "" - * 与公有云中的 Region 概念相似,可以简单理解为地理上的区域 - * 创建区域时,首先选择提供商,目前支持 VMware vSphere、OpenStack 和 FusionCompute - -![region-1](../../img/user_manual/plan/region-1.png) + - 支持添加和修改虚拟机配置(CPU、内存) + - 默认 small、medium、large、xlarge、2xlarge 和 4xlarge 六种配置 -!!! warning "" - * 配置参数时,需要提供 vSphere 环境信息,包括 vCenter IP,用户名和密码,单击【验证】可以校验 vSphere 信息是否正确 +![virtual-config-list](../../img/user_manual/plan/virtual-config-list.png) -![region-2](../../img/user_manual/plan/region-2.png) +### 自定义模版配置 !!! warning "" - * vCenter 用户需要的权限比较高,建议直接绑定带有管理员角色的用户 + - 支持 VMware vSphere 和 OpenStack 两种 IaaS 云平台 -![region-3](../../img/user_manual/plan/region-3.png) +![virtual-config-list](../../img/user_manual/plan/custom-templates.png) + +### 区域(Region) !!! warning "" - * 选择 vCenter 的目标数据中心 + - 与公有云中的 Region 概念相似,可以简单理解为地理上的区域 + - 创建区域时,首先选择提供商,目前支持 VMware vSphere、OpenStack 和 FusionCompute + - 配置参数时,需要提供 vSphere 环境信息,包括 vCenter 主机,端口,用户名和密码(建议直接绑定带有管理员角色的用户) + - 单击【获取数据中心】,获取并绑定目标数据中心 + +![region-1](../../img/user_manual/plan/region-1.png) ### 可用区(Zone) !!! warning "" - * 与公有云中的 AZ 概念相似,可以简单理解为 Region 中具体的机房 - * 在 vSphere 体系中我们使用不同的 Cluster 或者同个 Cluster 下的不同 Resource Pool 来实现 Zone 的划分 + - 与公有云中的 AZ 概念相似,可以简单理解为 Region 中具体的机房 + - 在 vSphere 体系中我们使用不同的 Cluster 或者同个 Cluster 下的不同 Resource Pool 来实现 Zone 的划分 + - 选择可用区配置参数时,需要选择计算集群,资源池,存储类型以及网络适配器等信息,这些信息依赖于 vCenter 环境配置 + - 支持已有模版、默认模版和自定义模版 ![zone-1](../../img/user_manual/plan/zone-1.png) -!!! warning "" - * 选择可用区配置参数时,需要选择计算集群,资源池,存储类型以及网络适配器等信息,这些信息依赖于 vCenter 环境配置 - * 支持默认模版和自定义模版(默认模版为CentOS 7.6) - -![zone-2](../../img/user_manual/plan/zone-2.png) - -![zone-3](../../img/user_manual/plan/zone-3.png) - -!!! warning "" - * 添加成功后会有一个初始化的过程(选择默认模版时,需要上传 nexus 仓库中模版文件),同步成功之后状态变为就绪 - ### 部署计划(Plan) !!! warning "" - * 用来描述在哪个区域下,哪些可用区中,使用什么样的机器规格,部署什么类型的集群的一个抽象概念 + - 用来描述在哪个区域下,哪些可用区中,使用什么样的机器规格,部署什么类型的集群的一个抽象概念 + - 部署计划配置包括选择可用区(可用区可以单选或多选),并设置 Master 节点,Worker 节点的规格 + - 多主多节点集群可以选择多个可用区的部署计划 ![plan-1](../../img/user_manual/plan/plan-1.png) -!!! warning "" - * 部署计划配置包括选择可用区(可用区可以单选或多选),并设置 Master 节点,Worker 节点的规格 +### 默认模版 + +#### 下载 + +!!! warning "默认模版" + - 离线环境下,需要手动上传模版文件至 nexus 仓库 + - 模版文件下载地址如下: + + !!! warning "vSphere" + - ovf: https://kubeoperator.fit2cloud.com/terraform/images/vsphere/kubeoperator_centos_7.6.1810/kubeoperator_centos_7.6.1810.ovf + - vmdk: https://kubeoperator.fit2cloud.com/terraform/images/vsphere/kubeoperator_centos_7.6.1810/kubeoperator_centos_7.6.1810-1.vmdk + + !!! warning "OpenStack" + - qcow2: https://kubeoperator.fit2cloud.com/terraform/images/openstack/kubeoperator_centos_7.6.1810-1.qcow2 + + !!! warning "FusionCompute" + - ovf: https://kubeoperator.fit2cloud.com/terraform/images/fusioncompute/kubeoperator_centos_7.6.1810/kubeoperator_centos_7.6.1810.ovf + - vhd: https://kubeoperator.fit2cloud.com/terraform/images/fusioncompute/kubeoperator_centos_7.6.1810/kubeoperator_centos_7.6.1810-vda.vhd -![plan-2](../../img/user_manual/plan/plan-2.png) +#### 上传 !!! warning "" - * 多主多节点集群可以选择多个可用区的部署计划 + - 模版文件需要上传至 binary-k8s-raw 仓库 + - 仓库默认用户名/密码:admin/admin123 + + ![template-upload](../../img/user_manual/plan/template-upload.png) + + !!! warning "vSphere" + - 需上传 ovf 和 vmdk 文件 + - 文件路径:/terraform/images/vsphere/kubeoperator_centos_7.6.1810 + + ![template-vsphere](../../img/user_manual/plan/template-vsphere.png) + + !!! warning "OpenStack" + - 需上传 qcow2 文件 + - 文件路径:/terraform/images/openstack + + ![template-openstack](../../img/user_manual/plan/template-openstack.png) + + !!! warning "FusionCompute" + - 需上传 ovf 和 vhd 文件 + - 文件路径:/terraform/images/fusioncompute/kubeoperator_centos_7.6.1810 + + ![template-fusioncompute](../../img/user_manual/plan/template-fusioncompute.png) diff --git a/docs/quick_start/cluster_planning/manual.md b/docs/quick_start/cluster_planning/manual.md index c977520..22e91d1 100644 --- a/docs/quick_start/cluster_planning/manual.md +++ b/docs/quick_start/cluster_planning/manual.md @@ -1,8 +1,7 @@ !!! warning "" - KubeOperator 支持两种 Kubernetes 集群部署方式,一种是手动模式,另外一种是自动模式。手动模式下,用户需要自行准备主机。 - - 本章节以手动模式部署一个开发测试用集群为例,需要至少准备三台服务器,每台服务器的用途和需求是: + - 手动模式下,用户需要自行准备主机 + - 本章节以手动模式部署一个开发测试用集群,每台服务器的用途和需求如下表: @@ -38,13 +37,14 @@ ### 添加主机 !!! warning "" - * 主机列表可以看到已添加主机的详细信息,包括 IP、CPU、内存、操作系统等。 + - 推荐使用全新的机器 + - KubeOperator 部署机不能作为 Kubernetes 集群节点使用 ![host-add](../../img/user_manual/hosts/host-add.png) -### 授权 +### 主机列表 !!! warning "" - * 系统管理员或项目管理员可将主机授权给目标集群所在项目 + 主机列表可以看到已添加主机的详细信息,包括 IP、CPU、内存、操作系统等 -![host-authorization](../../img/user_manual/hosts/host-authorization.png) +![host-list](../../img/user_manual/hosts/host-list.png) diff --git a/docs/quick_start/system_settings.md b/docs/quick_start/system_settings.md index 6203088..015dac6 100644 --- a/docs/quick_start/system_settings.md +++ b/docs/quick_start/system_settings.md @@ -1,22 +1,36 @@ -## 系统设置 - -!!! info "" - * 仓库协议: 支持 http 和 https,默认 http - * 仓库 IP: 默认为部署 KubeOperator 的服务器 IP。将使用该 IP 来访问 nexus 仓库 - * CPU架构: 支持 x86_64 和 arm64 ,即两种不同 CPU 架构的仓库 - -!!! warning "注意" - 如果部署 Kubernetes 集群时需要K8S节点采用 x86_64 和 arm64 混合部署,则需要添加两个不同 CPU 架构的仓库 +### 仓库 + +!!! warning "" + - CPU 架构: 支持 x86_64 和 aarch64 + - 协议: 支持 http 和 https(需手动启用) + - 地址: 默认为部署 KubeOperator 的服务器 IP(将使用 IP:8081 来访问 nexus 仓库) + ![system](../img/user_manual/system_management/registry.png) -!!! info "" - * 手动模式创建集群,需要提前设置好主机凭据 +### 凭据 + +!!! warning "" + - 凭据为 KubeOperator 连接主机资产的凭证。支持添加 password 和 privatekey 两种方式的凭据 + - 系统会初始化名称为 kubeoperator 的凭据(自动模式默认模版创建服务器的密码),默认密码为: KubeOperator@2019 + +!!! warning "密钥" + - 1、在 KubeOperator 主机通过 ssh-keygen 命令生成 id_rsa 和 id_rsa.pub 密钥对 + - 2、将 id_rsa.pub 公钥内容添加到目标主机 .ssh/authorized_keys 文件中 + - 3、将 id_rsa 私钥内容添加到凭据密钥框中 ![password](../img/user_manual/system_management/key-1.png) -!!! info "" - * NTP Server: 时间同步服务器,默认可以为空。也可以自建或使用公共 NTP Server +![key](../img/user_manual/system_management/key-2.png) + +### NTP + +!!! warning "" + - 支持配置多个 NTP 服务器地址 + - 支持手动启用或禁用 NTP 服务器 -![system](../img/user_manual/system_management/ntp.png) +![ntp](../img/user_manual/system_management/ntp.png) +### Dashboard +!!! warning "" + 此处为 admin 用户登录凭据,需要和 Dashboard 用户管理中设置的密码保持一致。 diff --git a/docs/system_arch.md b/docs/system_arch.md index 9375feb..874da95 100644 --- a/docs/system_arch.md +++ b/docs/system_arch.md @@ -8,14 +8,14 @@ !!! warning "" - kubeoperator_server: 提供平台业务管理相关功能的后台服务; - kubeoperator_ui: 提供平台业务管理相关功能的前台服务; + - kubeoperator_kubepi: 提供 Dashboard 的功能; - kubeoperator_kobe: 提供执行 Ansible 任务创建 Kubernetes 集群的功能; - kubeoperator_kotf: 提供执行 Terraform 任务创建虚拟机的功能; - kubeoperator_webkubectl: 提供在 Web 浏览器中运行 kubectl 命令的功能; - kubeoperator_nginx: 平台统一入口,并运行控制台的 Web 界面服务; - kubeoperator_mysql: 数据库管理组件; - kubeoperator_nexus: 仓库组件,提供 Docker、Helm、Raw、Yum等资源仓库功能; - - kubeoperator_grafana: 监控组件,提供平台监控等相关功能; !!! warning "" 各个组件间的关系可参考下图 -![组件说明](./img/components.png) \ No newline at end of file +![组件说明](./img/components.jpg) \ No newline at end of file diff --git a/docs/guidelines/argocd.md b/docs/user_manual/argocd.md similarity index 78% rename from docs/guidelines/argocd.md rename to docs/user_manual/argocd.md index 77d812a..b3d63ed 100644 --- a/docs/guidelines/argocd.md +++ b/docs/user_manual/argocd.md @@ -5,25 +5,25 @@ !!! warning "" Argo CD 是一个为 Kubernetes 而生的,遵循声明式 GitOps 理念的持续部署(CD)工具。Argo CD 可在 Git 存储库更改时自动同步和部署应用程序 -!!! info "优势" - * 应用定义、配置和环境信息是声明式的,并可以进行版本控制 - * 应用部署和生命周期管理是全自动化的、是可审计的,清晰易懂 +!!! warning "优势" + - 应用定义、配置和环境信息是声明式的,并可以进行版本控制 + - 应用部署和生命周期管理是全自动化的、是可审计的,清晰易懂 Argo CD 在 CI/CD 流程中的位置如下图所示: ![argocd-1](../img/guidelines/argocd/argocd-1.png ) - * 借助 Argo CD 在 Kubernetes 集群上落地 CD + - 借助 Argo CD 在 Kubernetes 集群上落地 CD -!!! info "步骤" - * 将应用的 Git 仓库分为 Application Deployment file 和 Docker file 两个库。Docker file 用于存放应用的核心代码以及 Docker build file,后续将会直接打包成 Docker image;Application Deployment file 可以 Kustomize、Helm、Ksconnet、Jsonnet 等 多种 Kubernetes 包管理工具来定义;以 Helm 为例,Chart 中所使用到的 Image 由 Docker file Code 打包完成后提供 - * 使用 Jenkins 或 Gitlab 等 CI 工具进行自动化构建打包,并将 Docker image push 到 Harbor 镜像仓库 - * 使用 Argo CD 部署应用。Argo CD 可以独立于集群之外,并且支持管理多个 Kubernetes 集群。在 Argo CD 上配置好应用部署的相关信息后 Argo CD 便可以正常工作,Argo CD 会自动和代码仓库 Application deployment file 的内容进行校验,当代码仓库中应用属性等信息发生变化时,Argo CD 会自动同步更新 Kubernetes 集群中的应用;应用启动时,会从 Harbor 镜像仓库拉取 Docker image +!!! warning "步骤" + - 将应用的 Git 仓库分为 Application Deployment file 和 Docker file 两个库。Docker file 用于存放应用的核心代码以及 Docker build file,后续将会直接打包成 Docker image;Application Deployment file 可以 Kustomize、Helm、Ksconnet、Jsonnet 等 多种 Kubernetes 包管理工具来定义;以 Helm 为例,Chart 中所使用到的 Image 由 Docker file Code 打包完成后提供 + - 使用 Jenkins 或 Gitlab 等 CI 工具进行自动化构建打包,并将 Docker image push 到 Harbor 镜像仓库 + - 使用 Argo CD 部署应用。Argo CD 可以独立于集群之外,并且支持管理多个 Kubernetes 集群。在 Argo CD 上配置好应用部署的相关信息后 Argo CD 便可以正常工作,Argo CD 会自动和代码仓库 Application deployment file 的内容进行校验,当代码仓库中应用属性等信息发生变化时,Argo CD 会自动同步更新 Kubernetes 集群中的应用;应用启动时,会从 Harbor 镜像仓库拉取 Docker image ## Argo CD 安装指南 !!! warning "" - * 通过 KubeOperator 应用商店部署 Argo CD 非常简单,我们已经在应用商店直接支持一键部署 Argo CD + - 通过 KubeOperator 应用商店部署 Argo CD 非常简单,我们已经在应用商店直接支持一键部署 Argo CD ![kubeapps-4](../img/guidelines/kubeapps/kubeapps-4.png) @@ -34,7 +34,7 @@ ### 修改默认配置 !!! warning "" - * 根据需要修改默认配置,再点击提交,或者直接使用默认参数提交 + - 根据需要修改默认配置,再点击提交,或者直接使用默认参数提交 ![argocd-3](../img/guidelines/argocd/argocd-3.png ) @@ -45,7 +45,7 @@ ### 访问 Argo CD !!! warning "" - * 我们是通过 NodePort 的方式访问 Argo CD ,获取 Argo CD 的 NodePort 信息,需要在该应用的描述信息中按照提示步骤,可以在 Kubernetes 集群任意 master、worker 节点中执行描述中的命令 + - 我们是通过 NodePort 的方式访问 Argo CD ,获取 Argo CD 的 NodePort 信息,需要在该应用的描述信息中按照提示步骤,可以在 Kubernetes 集群任意 master、worker 节点中执行描述中的命令 ![argocd-6](../img/guidelines/argocd/argocd-deploy05.png ) @@ -60,21 +60,21 @@ ### 填写信息 !!! warning "" - * 填写应用名称: guestbook ,项目: default ,同步策略: 手动 + - 填写应用名称: guestbook ,项目: default ,同步策略: 手动 ![argocd-9](../img/guidelines/argocd/argocd-deploy08.png ) ### 配置来源 !!! warning "" - * 这里配置的是 Git ,代码仓库的 URL 配置为 Github 上的项目地址: https://github.com/argoproj/argocd-example-apps.git ,Revision 选择: HEAD ,项目路径选择: guestbook + - 这里配置的是 Git ,代码仓库的 URL 配置为 Github 上的项目地址: https://github.com/argoproj/argocd-example-apps.git ,Revision 选择: HEAD ,项目路径选择: guestbook ![argocd-10](../img/guidelines/argocd/argocd-deploy09.png ) ### 选择集群 !!! warning "" - * 应用部署的目标集群: https://kubernetes.default.svc ,因为此次的 Argo CD 部署在 Kubernetes 集群当中,默认 Argo CD 已经帮我们添加好当前所在的 Kubernetes 集群,直接使用即可。Namespace 选择: my-app , Namespcae 可以在 Kubernetes 集群上使用 # kubectl create namespace my-app 命令来创建 + - 应用部署的目标集群: https://kubernetes.default.svc ,因为此次的 Argo CD 部署在 Kubernetes 集群当中,默认 Argo CD 已经帮我们添加好当前所在的 Kubernetes 集群,直接使用即可。Namespace 选择: my-app , Namespcae 可以在 Kubernetes 集群上使用 # kubectl create namespace my-app 命令来创建 ![argocd-11](../img/guidelines/argocd/argocd-deploy10.png ) @@ -85,7 +85,7 @@ ### 同步(部署) !!! warning "" - * 由于尚未部署应用程序,并且尚未创建 Kubernetes 资源,所以 Status 还是 OutOfSync 状态,因此我们还需要点击 SYNC 进行同步(部署)。同时也可以安装 Argo CD 客户端,使用 Argo CD CLI 进行同步 + - 由于尚未部署应用程序,并且尚未创建 Kubernetes 资源,所以 Status 还是 OutOfSync 状态,因此我们还需要点击 SYNC 进行同步(部署)。同时也可以安装 Argo CD 客户端,使用 Argo CD CLI 进行同步 ``` sh argocd app sync guestbook @@ -96,16 +96,16 @@ ![argocd-13](../img/guidelines/argocd/argocd-deploy13.png ) !!! warning "" - * 等待应用创建完成 + - 等待应用创建完成 ![argocd-14](../img/guidelines/argocd/argocd-deploy14.png ) ![argocd-15](../img/guidelines/argocd/argocd-deploy15.png ) !!! warning "" - * 完成后在 Kubernetes 集群中查看应用 + - 完成后在 Kubernetes 集群中查看应用 ![argocd-16](../img/guidelines/argocd/argocd-deploy16.png ) !!! warning "" - * 想要了解 Argo CD 更多的详细内容,可以前往 Argo CD 官方文档查看 https://argoproj.github.io/argo-cd + - 想要了解 Argo CD 更多的详细内容,可以前往 Argo CD 官方文档查看 https://argoproj.github.io/argo-cd diff --git a/docs/user_manual/backup_account.md b/docs/user_manual/backup_account.md new file mode 100644 index 0000000..23fa12a --- /dev/null +++ b/docs/user_manual/backup_account.md @@ -0,0 +1,16 @@ + +!!! warning "" + 支持五种种类的存储,即 aliyun OSS、AWS S3、SFTP、MINIO 和 Azure + +### 添加 + +![backup-create.png](../img/user_manual/backup_account/backup-1.png) + +### 列表 + +![backup-list.png](../img/user_manual/backup_account/backup-2.png) + +### 授权 + +!!! warning "" + 授权操作需要在项目管理菜单中实现(资源管理 - 备份账号),可以将备份账号授权到项目或集群 \ No newline at end of file diff --git a/docs/quick_start/cluster_operation.md b/docs/user_manual/cluster.md similarity index 59% rename from docs/quick_start/cluster_operation.md rename to docs/user_manual/cluster.md index 3f20049..f4a3aaf 100644 --- a/docs/quick_start/cluster_operation.md +++ b/docs/user_manual/cluster.md @@ -2,8 +2,8 @@ ### 概览 !!! warning "" - * 集中显示了集群基本信息、容量信息和统计信息 - * 可下载 kubeconfig 文件(将 kubeconfig 文件中 cluster.server 地址修改为 master 节点 IP) + - 集中显示了集群基本信息、容量信息和统计信息 + - 可下载 kubeconfig 文件(将 kubeconfig 文件中 cluster.server 地址修改为 master 节点 IP) ![overview-1](../img/user_manual/cluster/overview-1.png) @@ -12,31 +12,33 @@ ![overview-2](../img/user_manual/cluster/overview-2.png) -### 集群扩容、缩容 +### 节点 !!! warning "" - 显示集群节点相关信息。支持针对 Kubernetes 集群 worker 节点的扩缩容 + 集中显示了集群所有节点的基础信息 ![node-1](../img/user_manual/cluster/node-1.png) !!! warning "" - worker 节点扩容(手动模式选择要添加的主机,自动模式输入扩容后 worker 节点数量) + 点击节点,可查看节点标签、运行状态等具体信息 -![node-2](../img/user_manual/cluster/node-2.png) +![node-detail](../img/user_manual/cluster/node-detail.png) -![node-5](../img/user_manual/cluster/node-3.png) +!!! warning "驱散" + - 驱散成功后,节点将处于不可调度状态 + - 安全模式: 如果节点拥有独立的 Pod 或临时的数据,它将被隔离但不会被驱散 + - 强制模式: 独立 Pods 和它们的数据将永久删除 -!!! warning "" - * 自动模式: 删除所选节点虚拟机 - * 手动模式: 在所选节点执行卸载任务,删除该节点上安装 k8s 集群所依赖的服务(节点删除成功后,要手动重启该节点来删除虚拟网卡等信息) +![node-cordon](../img/user_manual/cluster/node-cordon.png) -![node-3](../img/user_manual/cluster/node-4.png) +!!! warning "激活" + 撤销已驱散节点的不可调度状态 ### 命名空间 !!! warning "" - * 列表显示为集群中现有的 namespace,支持创建和删除操作 - * 系统默认和 kube-operator namespace 不支持删除 + - 列表显示为集群中现有的 namespace,支持创建和删除操作 + - 系统默认和 kube-operator namespace 不支持删除 ![namespace-1](../img/user_manual/cluster/namespace-1.png) @@ -52,19 +54,19 @@ !!! warning "" 支持的类型有 nfs、external-ceph、rook-ceph、vsphere 和 oceanstor(华为 csi) -!!! info "" - * nfs: 需要指定 nfs 服务端版本、IP 和共享目录 - * external-ceph: 创建成功之后,会在集群中初始化 ceph provisioner 相关 pod - * rook-ceph: 需要指定 ceph 集群所需磁盘(集群所有节点都必须包含指定的磁盘,如sdb,sdc...) - * vsphere: 集群服务器必须在指定 Folder 中(自动模式创建集群默认 Folder 为 kubeoperator),并且服务器名称要和集群 node 节点名称保持一致 - * oceanstor: 参考文档: https://github.com/Huawei/eSDK_K8S_Plugin/tree/master/docs/zh +!!! warning "" + - nfs: 需要指定 nfs 服务端版本、IP 和共享目录 + - external-ceph: 创建成功之后,会在集群中初始化 ceph provisioner 相关 pod + - rook-ceph: 需要指定 ceph 集群所需磁盘(集群所有节点都必须包含指定的磁盘,如sdb,sdc...) + - vsphere: 集群服务器必须在指定 Folder 中(自动模式创建集群默认 Folder 为 kubeoperator),并且服务器名称要和集群 node 节点名称保持一致 + - oceanstor: 参考文档: https://github.com/Huawei/eSDK_K8S_Plugin/tree/master/docs/zh #### 存储类 !!! warning "" 内置 local volume 存储提供商,如需添加其他类型,需要提前创建对应类型的存储提供商 -!!! info "external-ceph: 需要在 Kubernetes 中创建 admin 及 user 所需的 secret" +!!! warning "external-ceph: 需要在 Kubernetes 中创建 admin 及 user 所需的 secret" ``` # 可在 ceph 服务端通过以下命令获得 secret key @@ -85,8 +87,8 @@ ### 事件 !!! warning "" - * 支持查看目标 namespace 下的系统事件 - * 支持启用 node-problem-detector + - 支持查看目标 namespace 下的系统事件 + - 支持启用 node-problem-detector ![cluster-events](../img/user_manual/cluster/cluster-events.png) @@ -110,8 +112,8 @@ 提供 prometheus、kubeapps、grafana、elasticsearch、loki、dashboard、registry和chartmuseum 八种管理工具,可根据需要自定义安装 !!! warning "" - * 点击启用按钮,可以设置 namespace 和是否启用存储等参数 - * 失败状态下,可点击启用按钮重新设置参数提交(会触发更新操作) + - 点击启用按钮,可以设置 namespace 和是否启用存储等参数 + - 失败状态下,可点击启用按钮重新设置参数提交(会触发更新操作) ![tools-1](../img/user_manual/cluster/tools-1.png) @@ -145,33 +147,51 @@ ### 集群升级 !!! warning "" - * 进入【项目】菜单,选中目标集群,点击【升级】按钮,选择要升级到的目标版本 - * 升级之前,会先检测当前 kubernetes 集群中 etcd、docker/containerd 和 kubernetes 版本,若检测结果为可升级,将会对 etcd、docker/containerd、kubernetes 进行统一升级,从而保证集群各组件之间的兼容性 - * 升级过程中,支持查看任务实时的日志输出 + - 进入【项目】菜单,选中目标集群,点击【升级】按钮,选择要升级到的目标版本 + - 升级之前,会先检测当前 kubernetes 集群中 etcd、docker/containerd 和 kubernetes 版本,若检测结果为可升级,将会对 etcd、docker/containerd、kubernetes 进行统一升级,从而保证集群各组件之间的兼容性 + - 升级过程中,支持查看任务实时的日志输出 ![cluster-upgrade](../img/user_manual/cluster/cluster-upgrade.png) +### 集群扩容、缩容 + +!!! warning "worker 节点扩容" + - 手动模式需要选择要添加的主机(主机需要在项目管理中授权到目标集群,并且主机状态为运行中) + - 自动模式输入要扩容 worker 节点的数量 + +![node-3](../img/user_manual/cluster/node-3.png) + +![node-2](../img/user_manual/cluster/node-2.png) + +!!! warning "worker 节点缩容" + - 自动模式: 将所选节点在集群中删除,然后删除所选节点虚拟机 + - 手动模式: 将所选节点在集群中删除,然后在所选节点执行卸载脚本(删除节点上安装的 k8s 集群所依赖的服务) + - 强制删除: 将忽略脚本执行过程中的错误信息,强制删除数据 + +![node-4](../img/user_manual/cluster/node-4.png) + +!!! warning "注意" + 手动模式节点删除成功后,要手动重启该节点来删除虚拟网卡等信息 + ### 集群诊断、修复 !!! warning "诊断" - * 检查集群节点网络是否可用 - * 检查 kubeoperator_server 容器内是否可以 ssh 连接到 kubernetes 集群节点 - * 检查 kubeoperator_server 容器内是否可以正常调用 kubernetes api + - 检测节点可连接性 + - 检测集群 Token 是否匹配 + - 检测集群 API 是否已就绪 + - 检测集群节点是否同步 + - 检测集群代理 IP 是否匹配 ![cluster-diagnosis](../img/user_manual/cluster/cluster-diagnosis.png) !!! warning "修复" 存在异常状态的情况下,可点击修复按钮来修复相关问题 -![cluster-repair-1](../img/user_manual/cluster/cluster-repair-1.png) - -![cluster-repair-2](../img/user_manual/cluster/cluster-repair-2.png) - ### 集群卸载 !!! warning "" - * 自动模式: 删除 KubeOperator 创建的虚拟机 - * 手动模式: 在集群所有节点执行卸载任务,删除安装 k8s 集群所依赖的服务(集群卸载完成后,要手动重启节点来删除虚拟网卡等信息) - * 强制删除: 如果 k8s 集群存在失联状态的节点,可勾选强制删除来删除集群 + - 自动模式: 删除 KubeOperator 创建的虚拟机 + - 手动模式: 在集群所有节点执行卸载任务,删除安装 k8s 集群所依赖的服务(集群卸载完成后,要手动重启节点来删除虚拟网卡等信息) + - 强制删除: 如果 k8s 集群存在失联状态的节点,可勾选强制删除来删除集群 -![cluster-remove](../img/user_manual/cluster/cluster-remove.png) +![cluster-remove](../img/user_manual/cluster/cluster-remove.png) \ No newline at end of file diff --git a/docs/user_manual/hosts.md b/docs/user_manual/hosts.md index e16c28f..393595d 100644 --- a/docs/user_manual/hosts.md +++ b/docs/user_manual/hosts.md @@ -1,41 +1,54 @@ !!! warning "" - 手动模式创建集群,需要先添加目标节点主机 + 手动模式创建集群,用户需要自行准备主机 ### 列表 !!! warning "" - * 主机列表可以看到已添加主机的详细信息,包括 IP、CPU、内存、操作系统等 + - 主机列表可以查看已添加主机的详细信息,包括 IP、CPU、内存、操作系统等 + - 点击主机,查看主机基础信息和磁盘信息 ![host-list](../img/user_manual/hosts/host-list.png) +![host-detail](../img/user_manual/hosts/host-detail.png) + ### 添加 !!! warning "" - * 推荐使用全新的机器 - * KubeOperator 部署机不能作为 Kubernetes 集群节点使用 + - 集群节点推荐使用全新的服务器 + - KubeOperator 部署机不能作为 Kubernetes 集群节点使用 ![host-add](../img/user_manual/hosts/host-add.png) -### 批量导入 +### 编辑 + +!!! warning "" + 支持编辑非绑定状态的主机 + +![host-edit](../img/user_manual/hosts/host-edit.png) + +### 导入 !!! warning "" - * 点击批量导入按钮,点击下载模版链接下载excel模版并添加主机信息 + 点击批量导入按钮,点击下载模版链接下载excel模版并添加主机信息 ![host-import](../img/user_manual/hosts/host-import.png) -![host-import](../img/user_manual/hosts/host-import-excel.png) +![host-import-excel](../img/user_manual/hosts/host-import-excel.png) ### 授权 !!! warning "" - * 系统管理员或项目管理员可将主机授权给目标集群所在项目 + 授权操作需要在项目管理菜单中实现(资源管理 - 备份账号),可以将主机授权到项目或集群 -![host-authorization](../img/user_manual/hosts/host-authorization.png) - -### 刷新 +### 同步 !!! warning "" - * 如果主机状态异常或者手动更新过主机配置,可以点击刷新按钮来同步主机基本信息和磁盘信息 + 如果主机状态异常或主机配置有手动更新,可以点击同步按钮来实现主机状态和配置的一致 + +![host-refresh](../img/user_manual/hosts/host-refresh.png) -![host-refresh](../img/user_manual/hosts/host-refresh.png) \ No newline at end of file +### 批量操作 + +!!! warning "" + 支持批量修改主机凭据和端口 diff --git a/docs/user_manual/kubeapps.md b/docs/user_manual/kubeapps.md new file mode 100644 index 0000000..740bad5 --- /dev/null +++ b/docs/user_manual/kubeapps.md @@ -0,0 +1,95 @@ +## Kubeapps 使用指南 + +### 什么是 KubeApps ? + +!!! warning "" + Kubeapps 是一个应用商店,可以通过 Web UI 在 Kubernetes 集群中部署和管理应用程序 + +!!! warning "主要功能" + - 从 Helm Chart 仓库中浏览并部署 Helm Chart 应用 + - 集群中已有 Helm chart 应用的查看、升级和卸载 + - 支持自定义 Helm Chart 仓库(比如 ChartMuseum 和 JFrog Artifactory 等) + - 基于 Kubernetes RBAC 的身份验证和授权 + +### 安装 KubeApps + +!!! warning "" + 进入目标集群,在【工具】tab页面点击启用 KubeApps。根据需要自定义存储 + +![kubeapps-2](../img/guidelines/kubeapps/kubeapps-2.png) + +### 使用 KubeApps + +!!! warning "" + KubeApps 安装完成后,单击 【转到】 按钮,可以安全地访问 KubeApps Dashboard + +![kubeapps-3](../img/guidelines/kubeapps/kubeapps-3.png) + +### 部署应用 + +!!! warning "" + 在 Dashboard 中的【Catalog】页中可以看到系统默认自带的应用,可选择一个应用程序部署 + +![kubeapps-4](../img/guidelines/kubeapps/kubeapps-4.png) + + +!!! warning "" + 首选根据用户需要选择一个 namespace,这里选择 kube-operator,然后单击部署应用,可以看到【应用商店】里面目前支持的应用列表。选择 GitLab 应用后,在应用页面右侧单击“Deploy”按钮 + +![gitlab-1](../img/guidelines/kubeapps/gitlab-1.png) + +!!! warning "" + 系统将提示输入应用程序的名称,还可以看到目前版本,以及 GitLab 应用 YAML 配置文件,用户可根据自身需求修改该配置文件 + +![gitlab-2](../img/guidelines/kubeapps/gitlab-2.png) + +!!! warning "" + 根据实际情况,自定义存储(storageClass)、Ingress等变量 + +!!! warning "" + 在最下面点击 “Submit” 按钮,该应用程序将被部署,部署成功后,应用变为就绪状态 + +![gitlab-3](../img/guidelines/kubeapps/gitlab-3.png) + +!!! warning "" + 要获取 GitLab 用户名和密码, 请参考部署页面的 “Notes” 部分。如果 Service 类型为 Ingress,要将该 URL 添加到本地 hosts 解析 + +### 删除应用 + +!!! warning "" + 部署完成的应用如果要删除,可以在【Applications】进入 GitLab 应用后,单击右侧 “Delete” 按钮确定即可删除 + +![gitlab-4](../img/guidelines/kubeapps/gitlab-4.png) + +### 添加存储库 + +!!! warning "" + KubeApps 支持添加外部应用仓库,在【Configuration】下拉菜单“App Repositories“页面,单击“Add App Repository” + +![kubeapps-5](../img/guidelines/kubeapps/kubeapps-5.png) + +### 推送 chart 镜像(离线包安装集群可选) + +!!! warning "" + 包括 Argo CD、Gitlab、Harbor、Jenkins、Weave Scope 和 Sonarqube 镜像,用户可以根据需要下载并安装 + +!!! warning "" + 安装包下载链接: https://github.com/KubeOperator/charts/releases + +#### 安装步骤: + +!!! warning "" + ```sh + # 首先登录 kubeoperator 部署机,进入 /tmp (或其他自定义)目录,将离线包拷贝到该目录中 + cd /tmp + + # 解压文件到本目录 + tar zxvf gitlab.tar.gz && cd gitlab + + # 执行 install.sh 文件,将镜像推送到nexus仓库 + /bin/bash install.sh start + + # 选择是否使用外部Docker Image Registry y/n + # 没有外部镜像仓库的情况下,可以选择 "n" 来使用 kubeoperator 部署节点的 nexus 仓库 registry.kubeoperator.io:8083) + # nexus 默认用户名密码为: admin/admin123 + ``` diff --git a/docs/user_manual/plan.md b/docs/user_manual/plan.md index 5793990..f627357 100644 --- a/docs/user_manual/plan.md +++ b/docs/user_manual/plan.md @@ -1,85 +1,110 @@ - -### 虚拟机配置 - -!!! warning "" - * 支持添加和修改虚拟机配置(CPU、内存) - * 默认 small、medium、large、xlarge、2xlarge 和 4xlarge 六种配置 - -![virtual-config-list](../img/user_manual/plan/virtual-config-list.png) - -### IP 池 +### IP 池配置 !!! warning "" - * IP 池在创建可用区时使用,池中的 IP 地址将分配给虚拟机 + IP 池在创建可用区时使用,池中的 IP 地址将分配给虚拟机 ![ip-pool-list](../img/user_manual/plan/ip-pool-list.png) #### 添加 IP 池 !!! warning "" - * 创建 IP 池要配置好子网掩码、起止 IP、网关和 DNS 等 + 创建 IP 池要配置好子网掩码、起止 IP、网关和 DNS 等 ![ip-pool-add](../img/user_manual/plan/ip-pool-add.png) -#### IP 使用情况 +#### 查看 IP 使用情况 !!! warning "" - * 列表页点击IP 使用情况可查看IP 池中所有 IP 的状态(可达、可用和占用) - * 在 IP 池页面,可手动添加 IP 段、同步 IP 状态 + - 列表页点击 IP 使用情况可查看 IP 池中所有 IP 的状态(可达、可用和占用) + - 在 IP 池页面,可手动添加 IP 段、同步 IP 状态等 ![ip-pool-use](../img/user_manual/plan/ip-pool-use.png) -### 区域(Region) +### 虚拟机配置 !!! warning "" - * 与公有云中的 Region 概念相似,可以简单理解为地理上的区域 - * 创建区域时,首先选择提供商,目前支持 VMware vSphere、OpenStack 和 FusionCompute - -![region-1](../img/user_manual/plan/region-1.png) + - 支持添加和修改虚拟机配置(CPU、内存) + - 默认 small、medium、large、xlarge、2xlarge 和 4xlarge 六种配置 -!!! warning "" - * 配置参数时,需要提供 vSphere 环境信息,包括 vCenter IP,用户名和密码,单击【验证】可以校验 vSphere 信息是否正确 +![virtual-config-list](../img/user_manual/plan/virtual-config-list.png) -![region-2](../img/user_manual/plan/region-2.png) +### 自定义模版配置 !!! warning "" - * vCenter 用户需要的权限比较高,建议直接绑定带有管理员角色的用户 + - 支持 VMware vSphere 和 OpenStack 两种 IaaS 云平台 -![region-3](../img/user_manual/plan/region-3.png) +![custom-templates](../img/user_manual/plan/custom-templates.png) + +### 区域(Region) !!! warning "" - * 选择 vCenter 的目标数据中心 + - 与公有云中的 Region 概念相似,可以简单理解为地理上的区域 + - 创建区域时,首先选择提供商,目前支持 VMware vSphere、OpenStack 和 FusionCompute + - 配置参数时,需要提供 vSphere 环境信息,包括 vCenter 主机,端口,用户名和密码(建议直接绑定带有管理员角色的用户) + - 单击【获取数据中心】,获取并绑定目标数据中心 + +![region-1](../img/user_manual/plan/region-1.png) ### 可用区(Zone) !!! warning "" - * 与公有云中的 AZ 概念相似,可以简单理解为 Region 中具体的机房 - * 在 vSphere 体系中我们使用不同的 Cluster 或者同个 Cluster 下的不同 Resource Pool 来实现 Zone 的划分 + - 与公有云中的 AZ 概念相似,可以简单理解为 Region 中具体的机房 + - 在 vSphere 体系中我们使用不同的 Cluster 或者同个 Cluster 下的不同 Resource Pool 来实现 Zone 的划分 + - 选择可用区配置参数时,需要选择计算集群,资源池,存储类型以及网络适配器等信息,这些信息依赖于 vCenter 环境配置 + - 支持已有模版、默认模版和自定义模版 ![zone-1](../img/user_manual/plan/zone-1.png) -!!! warning "" - * 选择可用区配置参数时,需要选择计算集群,资源池,存储类型以及网络适配器等信息,这些信息依赖于 vCenter 环境配置 - * 支持默认模版和自定义模版(默认模版为CentOS 7.6) - -![zone-2](../img/user_manual/plan/zone-2.png) - -![zone-3](../img/user_manual/plan/zone-3.png) - -!!! warning "" - * 添加成功后会有一个初始化的过程(选择默认模版时,需要上传 nexus 仓库中模版文件),同步成功之后状态变为就绪 - ### 部署计划(Plan) !!! warning "" - * 用来描述在哪个区域下,哪些可用区中,使用什么样的机器规格,部署什么类型的集群的一个抽象概念 + - 用来描述在哪个区域下,哪些可用区中,使用什么样的机器规格,部署什么类型的集群的一个抽象概念 + - 部署计划配置包括选择可用区(可用区可以单选或多选),并设置 Master 节点,Worker 节点的规格 + - 多主多节点集群可以选择多个可用区的部署计划 ![plan-1](../img/user_manual/plan/plan-1.png) -!!! warning "" - * 部署计划配置包括选择可用区(可用区可以单选或多选),并设置 Master 节点,Worker 节点的规格 +### 默认模版 + +#### 下载 + +!!! warning "默认模版" + - 离线环境下,需要手动上传模版文件至 nexus 仓库 + - 模版文件下载地址如下: + + !!! warning "vSphere" + - ovf: https://kubeoperator.fit2cloud.com/terraform/images/vsphere/kubeoperator_centos_7.6.1810/kubeoperator_centos_7.6.1810.ovf + - vmdk: https://kubeoperator.fit2cloud.com/terraform/images/vsphere/kubeoperator_centos_7.6.1810/kubeoperator_centos_7.6.1810-1.vmdk + + !!! warning "OpenStack" + - qcow2: https://kubeoperator.fit2cloud.com/terraform/images/openstack/kubeoperator_centos_7.6.1810-1.qcow2 + + !!! warning "FusionCompute" + - ovf: https://kubeoperator.fit2cloud.com/terraform/images/fusioncompute/kubeoperator_centos_7.6.1810/kubeoperator_centos_7.6.1810.ovf + - vhd: https://kubeoperator.fit2cloud.com/terraform/images/fusioncompute/kubeoperator_centos_7.6.1810/kubeoperator_centos_7.6.1810-vda.vhd -![plan-2](../img/user_manual/plan/plan-2.png) +#### 上传 !!! warning "" - * 多主多节点集群可以选择多个可用区的部署计划 + - 模版文件需要上传至 binary-k8s-raw 仓库 + - 仓库默认用户名/密码:admin/admin123 + + ![template-upload](../img/user_manual/plan/template-upload.png) + + !!! warning "vSphere" + - 需上传 ovf 和 vmdk 文件 + - 文件路径:/terraform/images/vsphere/kubeoperator_centos_7.6.1810 + + ![template-vsphere](../img/user_manual/plan/template-vsphere.png) + + !!! warning "OpenStack" + - 需上传 qcow2 文件 + - 文件路径:/terraform/images/openstack + + ![template-openstack](../img/user_manual/plan/template-openstack.png) + + !!! warning "FusionCompute" + - 需上传 ovf 和 vhd 文件 + - 文件路径:/terraform/images/fusioncompute/kubeoperator_centos_7.6.1810 + + ![template-fusioncompute](../img/user_manual/plan/template-fusioncompute.png) diff --git a/docs/user_manual/project.md b/docs/user_manual/project.md index 91ea92e..3c23e38 100644 --- a/docs/user_manual/project.md +++ b/docs/user_manual/project.md @@ -1,29 +1,36 @@ !!! warning "" - KubeOperator 系统自带一个默认项目。除默认项目外,系统管理员(admin 账号和新建的系统管理员账号)可以创建其他项目,项目内可以部署多个集群,不同项目之间的集群除系统管理员以外账号是不可见的。项目管理员管理该项目的集群,通过授权资源(包括主机,部署计划和备份账号)给项目,然后可以开始创建集群 + - 系统会初始化一个默认项目: kubeoperator + - 左侧导航为 项目 - 集群 树(设置成员、资源 和 Dashboard 时,均需区分项目或集群) ### 创建项目 !!! warning "" - * 创建项目完成后需要授权集群所需的资源,然后创建 Kubernetes 集群 + - 系统管理员可以创建项目 + - 不同项目的集群除系统管理员外是不可见的 -![project-1](../img/user_manual/project/project-1.png) +![project-list](../img/user_manual/project/project-list.png) -### 添加成员 +### 成员管理 !!! warning "" - * 系统管理员账号可以分配一个或多个项目管理员角色给项目,项目管理员可以对该项目创建、安装、升级等管理操作 - -![project-2](../img/user_manual/project/project-2.png) + 管理员可将用户设置为项目管理员或集群管理员 ![project-3](../img/user_manual/project/project-3.png) -### 资源授权 +### 资源管理 !!! warning "" - * 在 KubeOperator 环境中的资源需要系统管理员或项目管理员授权给项目后才可以使用,包括主机、部署计划和备份账号 - * 创建手动模式集群,必须要先将 Kubernetes 节点主机授权到目标项目 - -![project-4](../img/user_manual/project/project-4.png) + - 资源包括主机、部署计划和备份账号 + - 手动模式集群进行 Worker 节点扩容时,需要先将主机授权到目标集群 + - 备份账号需要授权到目标集群后才能正常启用集群备份/恢复功能 ![project-5](../img/user_manual/project/project-5.png) + +### Dashboard + +!!! warning "" + - 此处为集群列表 Dashboard 系统登录用户及凭据 + - 若项目和集群同时存在绑定的 Dashboard 用户,则集群绑定用户优先 + +![project-dashboard](../img/user_manual/project/project-dashboard.png) diff --git a/docs/user_manual/system_log.md b/docs/user_manual/system_log.md index 39718a2..aeeb436 100644 --- a/docs/user_manual/system_log.md +++ b/docs/user_manual/system_log.md @@ -1,6 +1,6 @@ !!! warning "" - * 用户可以在日志页面查看用户的操作,记录了用户、行为、操作内容、时间等信息 - * 支持根据操作、操作内容模糊查询 + - 支持查看所有用户的操作记录(记录了用户、操作、操作内容、创建时间等信息) + - 支持根据名称、操作内容、时间等条件模糊查询 -![system-log.png](../img/user_manual/system_log/system-log.png) \ No newline at end of file +![system-log.png](../img/user_manual/system_log/system-log.png) diff --git a/docs/user_manual/system_management.md b/docs/user_manual/system_management.md index 6523156..58d9089 100644 --- a/docs/user_manual/system_management.md +++ b/docs/user_manual/system_management.md @@ -1,56 +1,118 @@ +### 仓库 -!!! warning "注意" - 在使用 KubeOperator 之前,必须先对 KubeOperator 进行必要的参数设置。这些系统参数将影响到 Kubernetes 集群的安装及相关服务的访问 +!!! warning "" + - CPU 架构: 支持 x86_64 和 aarch64 + - 协议: 支持 http 和 https(需手动启用) + - 地址: 默认为部署 KubeOperator 的服务器 IP(将使用 IP:8081 来访问 nexus 仓库) -### 仓库 +#### 端口 -!!! info "" - * 仓库协议: 支持 http 和 https,默认 http - * 仓库 IP: 默认为部署 KubeOperator 的服务器 IP。将使用该 IP 来访问 nexus 仓库 - * CPU架构: 支持 x86_64 和 arm64 ,即两种不同CPU架构的仓库 - -!!! warning "注意" - 如果部署K8S集群时需要K8S节点采用 x86_64 和 arm64 混合部署,则需要添加两个不同CPU架构的仓库 -![system](../img/user_manual/system_management/registry.png) +!!! warning "" + - 8081: nexus 仓库管理端口 + - 8082: docker group 仓库端口(适用于 docker pull 操作) + - 8083: docker hosted 仓库端口(适用于 docker push 操作) + !!! warning "开启/关闭" + - 出于安全考虑,可以手动关闭 nexus 对外暴露的端口 + - ./kubeoperator/docker-compose.yml,将对应的端口注释,koctl restart 重启服务即可 +#### 密码 -### NTP +!!! warning "" + 默认用户名/密码: admin/admin123(建议修改) + !!! warning "修改密码" + - 登录 nexus 系统修改默认密码 + - 将修改后的密码同步到 KubeOperator 仓库(KubeOperator 系统设置 - 仓库 - 编辑 - 修改密码) -!!! info "" - * NTP Server: 时间同步服务器,默认可以为空。也可以自建或使用公共 NTP Server - -![system](../img/user_manual/system_management/ntp.png) +#### group 仓库 + +!!! warning "" + - 四个 proxy 仓库: + !!! warning "" + - docker hub: https://registry-1.docker.io + - quay.io: https://quay.io + - elastic: https://docker.elastic.co + - aliyun: https://registry.cn-qingdao.aliyuncs.com + - 一个 hosted 类型仓库: + !!! warning "" + - kubeoperator + +#### hosted 仓库 + +!!! warning "" + 该类型仓库支持用户手动 push 镜像 + !!! warning "push 镜像" + - docker login ip:8083 -u admin -p admin123 + - docker tag nginx:alpine ip:8083/nginx:alpine + - docker push ip:8083/nginx:alpine + +![registry](../img/user_manual/system_management/registry.png) + +!!! warning "注意" + 如果部署K8S集群时需要K8S节点采用 x86_64 和 arm64 混合部署,则需要添加两个不同CPU架构的仓库 + +!!! warning "自定义 Nexus 仓库端口" + - v3.9.0 版本开始,KubeOperator 支持用户自定义 Nexus 仓库端口 + - 修改 ./kubeoperator.conf 配置文件,koctl restart 重启服务后生效 + - 在 系统设置 - 仓库设置 的高级设置中完成仓库端口的变更 ### 凭据 !!! warning "" - * 凭据为 KubeOperator 连接主机资产的凭证。支持添加 password 和 privatekey 两种方式的凭据 - * 系统会初始化名称为 kubeoperator 的凭据作为自动模式所创建服务器的密码,默认密码为 KubeOperator@2019 + - 凭据为 KubeOperator 连接主机资产的凭证。支持添加 password 和 privatekey 两种方式的凭据 + - 系统会初始化名称为 kubeoperator 的凭据(自动模式默认模版创建服务器的密码),默认密码为: KubeOperator@2019 + +!!! warning "密钥" + - 1、在 KubeOperator 主机通过 ssh-keygen 命令生成 id_rsa 和 id_rsa.pub 密钥对 + - 2、将 id_rsa.pub 公钥内容添加到目标主机 .ssh/authorized_keys 文件中 + - 3、将 id_rsa 私钥内容添加到凭据密钥框中 ![password](../img/user_manual/system_management/key-1.png) ![key](../img/user_manual/system_management/key-2.png) +### NTP + !!! warning "" - * 密钥方法连接主机举例说明: 在 KubeOperator 主机中首先生成 id_rsa 和 id_rsa.pub 密钥对,将 id_rsa.pub 公钥里面内容添加要连接的目标主机 authorized_keys 文件中,authorized_keys 文件权限需要设置为 600 。然后在 KubeOperator 控制台的【凭据】页面,将开始生成的 id_rsa 私钥文件内容复制到凭据的密钥框中。注意这里的账号需要 root 账号 + - 支持配置多个 NTP 服务器地址 + - 支持手动启用或禁用 NTP 服务器 + +![ntp](../img/user_manual/system_management/ntp.png) -### 备份 +### Dashboard !!! warning "" - * KubeOperator 目前的备份功能支持四种不同种类的存储,即 AWS S3、aliyun oss、Azure 和 SFTP + 此处为 admin 用户登录凭据,需要和 Dashboard 用户管理中设置的密码保持一致。 -![backup](../img/user_manual/system_management/backup-1.png) - -### 邮件 +### LDAP !!! warning "" - * 电子邮件服务器用于向重置密码和消息中心开启邮件功能的用户发送邮件 + LDAP 支持 使用 LADP 与 Windows AD 的用户作为 KubeOperator 登录用户。 -![email](../img/user_manual/system_management/email-1.png) +!!! warning "选项说明" + | name | explain | + | :---------- | :----------------------------------------| + | 地址 | serverurl | + | 端口 | 389 | + | 用户名 | CN=account,CN=Users,DC=ko,DC=com | + | 密码 | ******** | + | 用户过滤 DN | dc=kubeoperator,dc=com | + | 用户过滤器 | ((objectClass=organizationalPerson)) | + | 用户属性映射 | {"Name": "cn", "Email": "mail"} | -### 许可 +### 消息 !!! warning "" - * 支持 license 导入,启用 x-pack 功能 + 必须设置才能使用与消息订阅相关的功能 + +!!! warning "邮箱" + | 名称 | 示例 | 备注 | + | ---------- | ---------------- | ---------------------------------- | + | SMTP地址 | smtp.qq.com | 服务商提供的 smtp 服务器 | + | 端口 | 25 | 通常是 `25` | + | 用户名 | 296015668@qq.com | 通常是 `user@domain.com` | + | 密码 | **************** | 每次 `测试连接` 都需要重新输入密码 | + | 测试用户 | 296015668@qq.com | `测试连接` 必须要输入 | -![license](../img/user_manual/system_management/license-1.png) +!!! warning "" + - 企业微信: [企业微信基本概念](https://developer.work.weixin.qq.com/document/path/90665) + - 钉钉: [钉钉机器人消息发送设置](https://open.dingtalk.com/document/group/assign-a-webhook-url-to-an-internal-chatbot) diff --git a/docs/user_manual/user_management.md b/docs/user_manual/user_management.md index 481298d..d31bca7 100644 --- a/docs/user_manual/user_management.md +++ b/docs/user_manual/user_management.md @@ -1,27 +1,42 @@ -!!! warning "" - 支持添加系统管理员用户和普通用户,普通用户可以根据【项目】选择其作为项目管理员,来实现不同用户对不同项目的使用权限的分级管理 +!!! warning "提示" + - 请妥善保管账号密码,不要将密码泄露给他人 + - 为了提高 KubeOperator 账号的安全性,建议您定期修改密码 + + !!! warning "修改建议" + - 请勿使用简单密码登录,建议密码设为8-30位 + - 密码至少同时包含下列四种字符中的两种: + - 1) 大写字母 + - 2) 小写字母 + - 3) 数字 + - 4) 非字母数字字符(如!、@、#等) + - 密码中不得包含登录用户名 + - 密码修改两个月至少修改一次 -### 系统管理员 +!!! warning "超级管理员" + 用户名: admin, 初始密码: kubeoperator@admin123 + +### 添加 !!! warning "" - * 系统管理员用户权限和系统默认账号 admin 权限完全相同。新建的系统管理员登录系统后可实现所有 admin 权限的操作 + - 超级管理员可以添加管理员或者普通用户 + - 管理员可以添加普通用户 ![admin-user](../img/user_manual/user_management/user-1.png) -### 普通用户 +### 授权 !!! warning "" - * 普通用户初始状态没有任何权限。需要在【项目】内添加成为项目管理员 + 添加普通用户后(初始状态没有任何权限),需要在【项目管理】菜单中将其添加为项目管理员或集群管理员 -![common-user](../img/user_manual/user_management/user-2.png) +### 编辑 !!! warning "" - * admin 管理员可以删除、禁用和开启所有用户,新建系统管理员可以删除、禁用和开启除 admin 账号以外的所有用户,普通用户无上述权限" + - 超级管理员可以修改用户角色并重置用户密码 + - 管理员可以修改普通用户邮箱 + - 超级管理员或者管理员可以针对用户进行删除、禁用和启用等操作 ### 修改密码 !!! warning "" - * 点击右上角用户下拉按钮,选择修改密码 - -![edit-password](../img/user_manual/user_management/user-3.png) + 点击右上角用户下拉按钮,选择个人设置 - 修改密码 diff --git a/docs/user_manual/version.md b/docs/user_manual/version.md index be549bb..d40bdfd 100644 --- a/docs/user_manual/version.md +++ b/docs/user_manual/version.md @@ -2,26 +2,27 @@ ### 版本详情 !!! warning "" - 点击详情按钮,支持查看 Kubernetes 及各个组件的版本信息 + 点击详情按钮,支持查看 Kubernetes 各组件的版本信息 ![version-2](../img/user_manual/version/version-2.png) ### 版本启用 !!! warning "" - 开启目标版本后,才支持创建该版本 k8s 集群 + 开启目标版本后,才支持创建该版本的 Kubernetes 集群 ![version-1](../img/user_manual/version/version-1.png) ### 离线包 !!! warning "" - 离线包中 Kubernetes 默认只携带最新的两个版本。如果当前是离线环境,需要执行脚本生成旧版本 k8s 离线包,并推送至 nexus 仓库 + 离线包中默认携带一个最新的 Kubernetes 版本。如果当前是离线环境,则需要手动执行脚本来生成目标版本的 Kubernetes 离线包,并将其推送至 nexus 仓库 #### 构建离线包 !!! warning "" - KubeOperator当前支持的 K8S 版本 + KubeOperator 支持的 Kubernetes 版本 +
@@ -29,69 +30,72 @@ + + + + + + + + + + + + + + + + + + + + + + - - - + +
v1.22.6v1.22.8v1.22.10v1.22.12
v1.20.4v1.20.6v1.20.8v1.20.10v1.20.12v1.20.14
v1.18.4 v1.18.6 v1.18.8 v1.18.10
v1.18.12 v1.18.14 v1.18.15v1.20.4v1.18.18v1.18.20
+ !!! warning "" 执行构建离线包的服务器需要能够访问互联网 - -=== "KubeOperator 版本 >= v3.6.0" !!! warning "" ```sh # 使用git下载项目源码文件 git clone https://github.com/KubeOperator/K8SVersionManage.git cd K8SVersionManage - # 切换分支 - git checkout v3.6 - # 例:打包 v1.18.10 版本的离线包。可根据实际情况修改构建对应版本到离线包 - bash build.sh v1.18.10 + # 切换到目标分支(与 KubeOperator 版本分支保持一致) + git checkout v3.16 + # 例:打包 v1.20.6 版本的离线包。可根据实际情况修改构建对应版本到离线包 + bash build.sh v1.20.6 ``` !!! warning "" - build 完成后,会生成类似 v1.18.10_offline.tar.gz的离线包 + build 完成后,会生成类似 v1.20.6_offline.tar.gz的离线包 -=== "KubeOperator 版本 <= v3.5.0" - !!! warning "" - ```sh - # 使用git下载项目源码文件 - git clone https://github.com/KubeOperator/K8SVersionManage.git - cd K8SVersionManage - # 切换到对应版本分支,KubeOperator当前版本小于 v3.5 时,直接切换到 v3.5 分支即可 - git checkout v3.5 - # 例:打包 v1.18.10 版本的离线包 - bash build.sh v1.18.10 - ``` - !!! warning "" - build 完成后,会生成类似 v1.18.10_offline.tar.gz的离线包 - - - - #### 推送离线包 !!! warning "" - 将生成的目标版本离线包上传至 KubeOperator 部署机,运行上传脚本。 - - -```sh -# 解压离线包 -tar zxvf v1.18.10_offline.tar.gz -# 执行上传脚本 -cd v1.18.10_offline -# 例:推送 v1.18.10 版本的离线包 -bash upload.sh -``` + - 将生成的目标版本离线包上传至 KubeOperator 部署机,运行 upload.sh 脚本 + - 如有修改 nexus 仓库默认的 8081-8083 端口,在离线包解压后需要手动将 upload.sh 脚本中端口修改为目标端口 + + ```sh + # 解压离线包 + tar zxvf v1.20.6_offline.tar.gz + # 执行上传脚本 + cd v1.20.6_offline + # 例:推送 v1.20.6 版本的离线包 + bash upload.sh + ``` !!! warning "" - 仓库地址:KubeOperator 默认仓库地址(registry.kubeoperator.io) diff --git a/mkdocs.yml b/mkdocs.yml index 3cb5723..9a120ad 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -1,109 +1,135 @@ site_name: 'KubeOperator 文档' -site_url: 'https://kubeoperator.io/' -site_description: 'KubeOperator 文档' +site_url: 'https://kubeoperator.io' site_author: 'wanghe' -google_analytics: ['UA-147297392-1', 'kubeoperator.io'] +site_description: 'KubeOperator 是一个开源的轻量级 Kubernetes 发行版' -repo_name: 'KubeOperator' +repo_name: 'KubeOperator/KubeOperator' repo_url: 'https://github.com/KubeOperator/KubeOperator' edit_uri: '' theme: - name: 'material' - logo: 'img/kubeoerator-white.png' - favicon: 'img/KubeOperator-icon.png' - language: 'zh' - highlightjs: true - palette: - primary: 'deep orange' - accent: 'red' - feature: - tabs: true - hljs_languages: - - yaml - - django - features: - - search.suggest - - search.highlight - custom_dir: 'theme' + name: 'material' + logo: 'img/kubeoperator-white.png' + favicon: 'img/KubeOperator-icon.png' + language: 'zh' + palette: + - scheme: default + accent: 'red' + toggle: + icon: material/weather-sunny + name: Switch to dark mode + - scheme: slate + accent: 'red' + toggle: + icon: material/weather-night + name: Switch to light mode + features: + - navigation.instant + - navigation.tracking + - navigation.indexes + - navigation.top + - search.suggest + - search.highlight + - search.share + - header.autohide + font: false + custom_dir: 'theme' + icon: + repo: fontawesome/brands/github nav: - - 总体介绍: index.md - - 主要概念: concept.md - - 系统架构: system_arch.md - - 安装部署: installation/install.md - - 快速入门: - - 系统设置: quick_start/system_settings.md - - 集群规划: - - 自动模式: quick_start/cluster_planning/automatic.md - - 手动模式: quick_start/cluster_planning/manual.md - - 集群部署: quick_start/cluster_deployment.md - - 集群导入: quick_start/cluster_import.md - - 集群运营: quick_start/cluster_operation.md - - 使用指南: - - 项目管理: user_manual/project.md - - 主机管理: user_manual/hosts.md - - 部署计划: user_manual/plan.md - - 版本管理: user_manual/version.md - - 用户管理: user_manual/user_management.md - - 系统设置: user_manual/system_management.md - - 系统日志: user_manual/system_log.md - - 开发文档: dev/rest_api.md - - 常见问题: faq.md - - 教程: - - 应用商店: guidelines/kubeapps.md - - Argo CD: guidelines/argocd.md - - 关于: - - 更新说明: about/changelog.md - - 联系我们: about/contact.md - - 企业版试用: enterprise.md + - 总体介绍: index.md + - 主要概念: concept.md + - 系统架构: system_arch.md + - 安装部署: installation/install.md + - 快速入门: + - 系统设置: quick_start/system_settings.md + - 集群规划: + - 手动模式: quick_start/cluster_planning/manual.md + - 自动模式: quick_start/cluster_planning/automatic.md + - 集群部署: quick_start/cluster_deployment.md + - 集群导入: quick_start/cluster_import.md + - 使用指南: + - 集群: user_manual/cluster.md + - 主机: user_manual/hosts.md + - 自动模式: user_manual/plan.md + - 备份账号: user_manual/backup_account.md + - 版本管理: user_manual/version.md + - 项目管理: user_manual/project.md + - 用户管理: user_manual/user_management.md + - 系统日志: user_manual/system_log.md + - 系统设置: user_manual/system_management.md + - 开发文档: + - 开发环境搭建: dev/dev_manual.md + - API 文档: dev/rest_api.md + - 更新日志: about/changelog.md markdown_extensions: - - admonition - - codehilite: - guess_lang: True - linenums: False - - toc: - permalink: True - - footnotes - - attr_list - - def_list - - tables - - abbr - - md_in_html - - pymdownx.extra - - pymdownx.arithmatex - - pymdownx.betterem: - smart_enable: all - - pymdownx.caret - - pymdownx.critic - - pymdownx.details - - pymdownx.emoji: - emoji_generator: !!python/name:pymdownx.emoji.to_png - - pymdownx.inlinehilite - - pymdownx.magiclink - - pymdownx.mark - - pymdownx.smartsymbols - - pymdownx.superfences - - pymdownx.tasklist - - pymdownx.tilde - - pymdownx.tabbed - - pymdownx.betterem - - pymdownx.superfences - - pymdownx.progressbar - - pymdownx.tasklist: - custom_checkbox: true + - admonition + - abbr + - attr_list + - def_list + - footnotes + - meta + - toc: + permalink: ⚓︎ + - pymdownx.arithmatex: + generic: true + - pymdownx.betterem: + smart_enable: all + - pymdownx.caret + - pymdownx.critic + - pymdownx.details + - pymdownx.emoji: + emoji_index: !!python/name:materialx.emoji.twemoji + emoji_generator: !!python/name:materialx.emoji.to_svg + options: + custom_icons: + - theme/.icons + - pymdownx.inlinehilite + - pymdownx.keys + - pymdownx.superfences: + custom_fences: + - name: mermaid + class: mermaid + format: !!python/name:pymdownx.superfences.fence_code_format + - pymdownx.saneheaders + - pymdownx.magiclink: + repo_url_shortener: true + repo_url_shorthand: true + - pymdownx.mark + - pymdownx.smartsymbols + - pymdownx.snippets: + check_paths: true + - pymdownx.tabbed: + alternate_style: true + - pymdownx.tasklist: + custom_checkbox: true + - pymdownx.tilde extra: + kubeoperator: + version: v3.16.4 + search: + separator: '[\s\-\.]+' + language: 'zh' + Content-Encoding: gzip generator: false + version: + default: master + provider: mike social: - icon: fontawesome/brands/github link: https://github.com/KubeOperator + - icon: fontawesome/solid/envelope + link: mailto:support@fit2cloud.com + - icon: fontawesome/brands/skype + link: tel://400-052-0755 extra_css: - css/extra.css -copyright: Copyright © 2014-2020 杭州飞致云信息科技有限公司, All Rights Reserved. 京ICP备15023818号 - +copyright: Copyright © 2014-2024 杭州飞致云信息科技有限公司, All Rights Reserved. 京ICP备15023818号 plugins: - search + - macros diff --git a/requirements/requirements.txt b/requirements/requirements.txt index 4537ec2..e76b4e5 100644 --- a/requirements/requirements.txt +++ b/requirements/requirements.txt @@ -1,7 +1,3 @@ -mkdocs >= 1.1 -mkdocs-material -mdx_gh_links -Pygments>=2.4 -markdown>=3.2 -mkdocs-material-extensions>=1.0 -pymdown-extensions>=7.0 +mkdocs-material>=8.4.0 +mkdocs-macros-plugin>=0.7.0 +mike>=1.1.2 diff --git a/theme/.icons/Bilibili_Logo_Blue.svg b/theme/.icons/Bilibili_Logo_Blue.svg new file mode 100644 index 0000000..08c4515 --- /dev/null +++ b/theme/.icons/Bilibili_Logo_Blue.svg @@ -0,0 +1,67 @@ + + + + + + + + diff --git a/theme/css/f2c-header.css b/theme/css/f2c-header.css index a6bbfa3..c9904b5 100644 --- a/theme/css/f2c-header.css +++ b/theme/css/f2c-header.css @@ -2,7 +2,6 @@ /*! CSS Used from: https://metersphere.io/css/bootstrap.min.css */ *,::after,::before{box-sizing:border-box;} h4,h5{margin-top:0;margin-bottom:.5rem;} -p{margin-top:0;margin-bottom:1rem;} img{vertical-align:middle;border-style:none;} svg{overflow:hidden;vertical-align:middle;} button{border-radius:0;} @@ -142,7 +141,6 @@ h4,h5{font-family:"Nunito", sans-serif;line-height:1.5;font-weight:600;} ::-moz-selection{background:rgba(47, 85, 212, 0.9);color:#ffffff;} ::selection{background:rgba(47, 85, 212, 0.9);color:#ffffff;} a{text-decoration:none!important;} -p{line-height:1.6;} @media (max-width: 991px){ #topnav .container{width:auto;} } @@ -190,4 +188,4 @@ h4,h5{font-family:-apple-system, BlinkMacSystemFont, "Neue Haas Grotesk Text Pro @font-face{font-family:'Nunito';font-style:normal;font-weight:700;font-display:swap;src:url(https://fonts.gstatic.com/s/nunito/v16/XRXW3I6Li01BKofAjsOUb-vISTs.woff2) format('woff2');unicode-range:U+0100-024F, U+0259, U+1E00-1EFF, U+2020, U+20A0-20AB, U+20AD-20CF, U+2113, U+2C60-2C7F, U+A720-A7FF;} @font-face{font-family:'Nunito';font-style:normal;font-weight:700;font-display:swap;src:url(https://fonts.gstatic.com/s/nunito/v16/XRXW3I6Li01BKofAjsOUYevI.woff2) format('woff2');unicode-range:U+0000-00FF, U+0131, U+0152-0153, U+02BB-02BC, U+02C6, U+02DA, U+02DC, U+2000-206F, U+2074, U+20AC, U+2122, U+2191, U+2193, U+2212, U+2215, U+FEFF, U+FFFD;} -.footer-start-box{position:fixed;bottom:75px!important;right:30px!important;width:100px!important;height:45px!important;padding:13px;border-radius:20px;box-shadow:0 8px 16px 0 rgba(46,37,111,.32);background-image:linear-gradient(109deg,#FB6454,#FB6454);color:#fff;cursor:pointer;text-align:center;} \ No newline at end of file +.footer-start-box{position:fixed;bottom:75px!important;right:30px!important;width:100px!important;height:45px!important;padding:13px;border-radius:20px;box-shadow:0 8px 16px 0 rgba(46,37,111,.32);background-image:linear-gradient(109deg,#FB6454,#FB6454);color:#fff;cursor:pointer;text-align:center;} diff --git a/theme/f2c-header.html b/theme/f2c-header.html index 7671c86..54042c3 100644 --- a/theme/f2c-header.html +++ b/theme/f2c-header.html @@ -17,7 +17,7 @@

- 了解 FIT2CLOUD 飞致云旗下软件产品 + 了解 FIT2CLOUD 飞致云旗下开源产品

-

我们基于创新的开源模式,向企业级用户交付被广泛验证、可信赖的关键基础软件。

+

我们基于创新的开源模式,向企业级用户交付被广泛验证、可信赖的通用工具软件。

@@ -51,6 +51,7 @@
测试
MeterSphere Logo

开源持续测试平台

+ GitHub stars
@@ -69,6 +70,7 @@
运行
KubeOperator Logo

开源容器平台

+ GitHub stars
@@ -81,12 +83,13 @@
运行
- +
-
管理
+
分析
- CloudExplorer Logo -

多云管理平台

+ DataEase Logo +

开源数据可视化分析平台

+ GitHub stars
@@ -105,6 +108,7 @@
保护
JumpServer Logo

开源堡垒机

+ GitHub stars
diff --git a/theme/img/logo/banner-nav-DataEase.svg b/theme/img/logo/banner-nav-DataEase.svg new file mode 100644 index 0000000..3dbfe72 --- /dev/null +++ b/theme/img/logo/banner-nav-DataEase.svg @@ -0,0 +1,77 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/theme/main.html b/theme/main.html index 919ddaa..f6f1801 100644 --- a/theme/main.html +++ b/theme/main.html @@ -1,27 +1,23 @@ {% extends "base.html" %} {% block header %} -{% include "f2c-header.html" %} {{ super() }} {% endblock %} {% block styles %} - - {{ super() }} {% endblock styles %} {% block footer %} -
-
+
{% if config.copyright %} -
+
{{ config.copyright }}
{% endif %} @@ -30,6 +26,7 @@
+ {% endblock footer %} {% block libs %} {{ super() }} - - {% endblock libs %} {% block scripts %} @@ -56,4 +52,4 @@ lightGallery(elements[i]); } -{% endblock scripts %} \ No newline at end of file +{% endblock scripts %}