icecheng/freeleaps-ops
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
2,264 Commits 1 Branch 0 Tags 29 MiB
master
Commit Graph

146 Commits

Author SHA1 Message Date
zhenyus
decca8e7a1 fix: update labels for Fluent Bit resources to ensure correct identification 
Signed-off-by: zhenyus <zhenyus@mathmast.com>
 2025-04-16 00:46:39 +08:00
zhenyus
358f131809 Add Fluent Bit configuration for log collection 
- Introduced Fluent Bit resources including FluentBit, Parser, Output, FluentBitConfig, and ClusterInput.
- Configured default resource requests and limits for Fluent Bit.
- Set up JSON parser with customizable time key and format.
- Established output forwarding to Fluentd service in the logging system.
- Enabled conditional deployment based on the `fluentbit.enabled` value in Helm chart.

Signed-off-by: zhenyus <zhenyus@mathmast.com>
 2025-04-16 00:18:16 +08:00
zhenyus
0de22b2623 refactor(ImageBuilder): remove logging of files in artifact directory to streamline output 
Signed-off-by: zhenyus <zhenyus@mathmast.com>
 2025-04-14 16:40:46 +08:00
zhenyus
6ebdef8933 Update ingress hosts and issuer references for alpha environment 
Signed-off-by: zhenyus <zhenyus@mathmast.com>
 2025-04-11 01:22:29 +08:00
zhenyus
6029462f12 ci: update Gitea webhook configuration and modify Redis URLs for alpha environment 
Signed-off-by: zhenyus <zhenyus@mathmast.com>
 2025-03-31 15:19:33 +08:00
zhenyus
32ba41f1f4 feat: add secret key configuration for webhook authentication 
Signed-off-by: zhenyus <zhenyus@mathmast.com>
 2025-03-31 00:53:33 +08:00
zhenyus
60817c1be4 feat: add gitea-webhook-ambassador service and migration script 
Signed-off-by: zhenyus <zhenyus@mathmast.com>
 2025-03-30 23:37:19 +08:00
zhenyus
c66408be1c fix: update groupName in ClusterIssuer for GoDaddy webhook 
Signed-off-by: zhenyus <zhenyus@mathmast.com>
 2025-03-27 15:28:45 +08:00
zhenyus
0cecb340da feat: add ClusterIssuer for freeleaps.com and update issuer reference in frontend values 
Signed-off-by: zhenyus <zhenyus@mathmast.com>
 2025-03-27 15:15:02 +08:00
zhenyus
17c9a1b16f docs: add README files for Freeleaps repo migrator and cluster authenticator 
Signed-off-by: zhenyus <zhenyus@mathmast.com>
 2025-03-25 17:22:29 +08:00
zhenyus
bf34f4cd90 feat: enhance authenticator script with usage instructions and exit command 
Signed-off-by: zhenyus <zhenyus@mathmast.com>
 2025-03-20 11:03:06 +08:00
zhenyus
39dfcd56cd feat: add Kubernetes dashboard commands and token retrieval to authenticator script 
Signed-off-by: zhenyus <zhenyus@mathmast.com>
 2025-03-20 10:38:01 +08:00
zhenyus
51c9b2f07b chore: update inventory to comment out deprecated worker nodes and adjust Gitea resource limits 
Signed-off-by: zhenyus <zhenyus@mathmast.com>
 2025-03-19 15:52:35 +08:00
zhenyus
6ed99f5f9c chore: uncomment newly added worker nodes in inventory for cost optimization 
Signed-off-by: zhenyus <zhenyus@mathmast.com>
 2025-03-19 10:56:30 +08:00
zhenyus
6e0b6dd99b chore: comment out newly added worker nodes in inventory for cost reduction 
Signed-off-by: zhenyus <zhenyus@mathmast.com>
 2025-03-19 10:53:47 +08:00
zhenyus
b8d48fcae5 chore: update inventory and configuration for new cluster nodes and remove deprecated DNS settings 
Signed-off-by: zhenyus <zhenyus@mathmast.com>
 2025-03-19 10:52:34 +08:00
zhenyus
073a7e0559 fix: update load-watcher image tag to v0.0.3-modify for consistency 
Signed-off-by: zhenyus <zhenyus@mathmast.com>
 2025-03-18 11:22:37 +08:00
zhenyus
2969cafc9d feat: add serviceMonitor configuration for content, payment, notification, central-storage, and authentication services 
Signed-off-by: zhenyus <zhenyus@mathmast.com>
 2025-03-17 21:24:35 +08:00
zhenyus
4bb5d6ee38 feat: add Vertical Pod Autoscaler components and scripts for deployment 
Signed-off-by: zhenyus <zhenyus@mathmast.com>
 2025-03-14 12:44:49 +08:00
zhenyus
68a818de80 feat: add Descheduler Helm chart with templates and tests for deployment and cronjob 
Signed-off-by: zhenyus <zhenyus@mathmast.com>
 2025-03-11 22:25:53 +08:00
zhenyus
98a13e4b04 fix: add tolerations and affinity rules for devops node role in Argo CD and Jenkins, and update resource requests and limits for RabbitMQ 
Signed-off-by: zhenyus <zhenyus@mathmast.com>
 2025-03-08 21:36:53 +08:00
zhenyus
3f2c07c0e1 fix: update cAdvisor housekeeping interval and optimize resource requests and limits for Gitea components 
Signed-off-by: zhenyus <zhenyus@mathmast.com>
 2025-03-08 21:04:37 +08:00
zhenyus
149d68874d fix: optimize resource requests and limits for RabbitMQ and update cAdvisor configuration 
Signed-off-by: zhenyus <zhenyus@mathmast.com>
 2025-03-08 20:18:12 +08:00
zhenyus
35fad27856 feat: add new worker node configuration for production environment 
Signed-off-by: zhenyus <zhenyus@mathmast.com>
 2025-03-08 17:36:26 +08:00
zhenyus
ed01e51f8f feat: add Redis cluster Helm chart with common dependencies and configurations 
Signed-off-by: zhenyus <zhenyus@mathmast.com>
 2025-03-07 17:50:30 +08:00
zhenyus
20f70d4f76 feat(ci): update Jenkinsfile for service branch and disable commit message linting 
Signed-off-by: zhenyus <zhenyus@mathmast.com>
 2025-03-06 02:34:38 +08:00
zhenyus
68da30a59a feat: add k8s overall panel to grafana 
Signed-off-by: zhenyus <zhenyus@mathmast.com>
 2025-03-05 17:34:20 +08:00
zhenyus
ec3b743f7a feat(storage): update resource requests and limits for MongoDB and add Azure Disk CSI storage classes 
Signed-off-by: zhenyus <zhenyus@mathmast.com>
 2025-03-05 16:47:18 +08:00
zhenyus
34ac69a8fe feat(secrets): add jenkins-observer secret for monitoring system 
Signed-off-by: zhenyus <zhenyus@mathmast.com>
 2025-03-04 01:57:07 +08:00
zhenyus
8d149418fc feat(auth): add infra-auth-retriever script for retrieving service authentication 
Signed-off-by: zhenyus <zhenyus@mathmast.com>
 2025-03-04 00:31:44 +08:00
zhenyus
ee02d8f511 feat(rabbitmq): update storage class and enable clustering with custom settings 
Signed-off-by: zhenyus <zhenyus@mathmast.com>
 2025-02-22 06:17:24 +08:00
dongli
1c75c52563 add worker-05 2025-02-18 22:50:15 -08:00
dongli
b837dcf346 use wwwadmin 2025-02-18 21:57:47 -08:00
zhenyus
9923bc1ada Merge branch 'master' of https://dev.azure.com/freeleaps/freeleaps-ops/_git/freeleaps-ops 2025-02-19 13:55:55 +08:00
zhenyus
3e8e02bf15 doc(readme): add instructions for cluster scaling and anonymous auth enabling 
Signed-off-by: zhenyus <zhenyus@mathmast.com>
 2025-02-19 13:55:53 +08:00
dongli
f789f0d05c use wwwadmin 2025-02-18 21:54:25 -08:00
zhenyus
b450a86083 fix(inventory): comment out unused worker nodes for clarity 
Signed-off-by: zhenyus <zhenyus@mathmast.com>
 2025-02-19 12:31:32 +08:00
zhenyus
66126db4cf fix(k8s-cluster): uncomment kube_oidc_username_prefix for clarity 
Signed-off-by: zhenyus <zhenyus@mathmast.com>
 2025-02-19 12:31:08 +08:00
zhenyus
b8675f081f fix: command error when upgrade cluster 
Signed-off-by: zhenyus <zhenyus@mathmast.com>
 2025-02-18 13:55:16 +08:00
zhenyus
b299e0b86e doc(manifests): add pre settings for cluster 
Signed-off-by: zhenyus <zhenyus@mathmast.com>
 2025-02-18 13:33:22 +08:00
zhenyus
a5866494e1 doc(manifests): add pre settings for cluster 
Signed-off-by: zhenyus <zhenyus@mathmast.com>
 2025-02-18 13:15:20 +08:00
zhenyus
69ceddfa22 fix(kubespray): syntax error in k8s-cluster.yml 
Signed-off-by: zhenyus <zhenyus@mathmast.com>
 2025-02-18 13:00:27 +08:00
zhenyus
0e256f8708 chore(git): code staging 
Signed-off-by: zhenyus <zhenyus@mathmast.com>
 2025-02-17 14:02:49 +08:00
zhenyus
37b574ba50 fix(pipeline): change file permissions to executable for Ansible and script files 
Signed-off-by: zhenyus <zhenyus@mathmast.com>
 2025-02-10 15:39:49 +08:00
zhenyus
d110546ff9 fix(pipeline): change file permissions from executable to non-executable for script files 
Signed-off-by: zhenyus <zhenyus@mathmast.com>
 2025-02-10 15:39:41 +08:00
孙振宇
3af74b7931 feat(dashboard): add nginx ingress dashboard 
Signed-off-by: 孙振宇 <>
 2025-01-16 17:36:07 +08:00
孙振宇
b91d2192ba feat(k8s): add Jenkins certificate and Azure Blob Storage configuration 
Signed-off-by: 孙振宇 <>
 2025-01-16 17:00:31 +08:00
孙振宇
c1967c7ab2 feat(k8s): add security hardening instructions for kube-apiserver and service account configuration 
Signed-off-by: 孙振宇 <>
 2025-01-14 06:58:52 +08:00
孙振宇
1ea5fa49f4 feat(k8s): add Azure Blob Storage CSI driver configuration and resources 
Signed-off-by: 孙振宇 <>
 2025-01-14 06:06:45 +08:00
孙振宇
2e848585ad fix(k8s): update Alertmanager notification title template for Microsoft Teams 
Signed-off-by: 孙振宇 <>
 2025-01-13 20:37:13 +08:00
孙振宇
d22d094811 fix(k8s): correct template syntax in Alertmanager configuration for Microsoft Teams 
Signed-off-by: 孙振宇 <>
 2025-01-13 19:56:57 +08:00
孙振宇
5c273b8d6d feat(k8s): add Alertmanager configuration for Microsoft Teams notifications 
Signed-off-by: 孙振宇 <>
 2025-01-13 19:55:57 +08:00
孙振宇
841ef17655 feat(k8s): update OIDC username prefix to allow full claim value 
Signed-off-by: 孙振宇 <>
 2025-01-13 19:34:48 +08:00
孙振宇
6574c07350 feat(k8s): enhance freeleaps cluster login script and add RBAC bindings 
Signed-off-by: 孙振宇 <>
 2025-01-13 19:10:06 +08:00
孙振宇
cfa135eff5 feat(k8s): update OIDC username claim and add self-signed issuer for Microsoft Entra ID 
Signed-off-by: 孙振宇 <>
 2025-01-13 17:48:40 +08:00
孙振宇
bfc2577e0d feat(k8s): add freeleaps cluster login script and update OIDC configuration 
Signed-off-by: 孙振宇 <>
 2025-01-13 16:44:00 +08:00
孙振宇
e71c27f587 feat(ansible): add upgrade cluster script and update OIDC URL 
Signed-off-by: 孙振宇 <>
 2025-01-13 13:56:33 +08:00
孙振宇
a5941cf798 feat(ansible): add upgrade control plane script with pre-checks 
Signed-off-by: 孙振宇 <>
 2025-01-13 13:16:52 +08:00
孙振宇
1cf128bd58 fix(k8s): enable oidc auth feature 
Signed-off-by: 孙振宇 <>
 2025-01-13 13:15:41 +08:00
孙振宇
561906df63 feat(k8s): enable integrates with Microsoft Entra ID 
Signed-off-by: 孙振宇 <>
 2025-01-13 13:10:07 +08:00
孙振宇
1753ce658e fix(manifests): update Grafana ingress path to remove wildcard and set pathType 
Signed-off-by: 孙振宇 <>
 2025-01-13 02:57:13 +08:00
孙振宇
84650c4dd7 fix(ingress-nginx): disable hostPort in values.yaml 
Signed-off-by: 孙振宇 <>
 2025-01-13 02:50:06 +08:00
孙振宇
463cdf3d85 fix(manifests): update Grafana ingress to use ingressClassName and correct indentation 
Signed-off-by: 孙振宇 <>
 2025-01-13 02:47:09 +08:00
孙振宇
9448d1c684 fix(manifests): add missing ingress class annotation for Grafana ingress 
Signed-off-by: 孙振宇 <>
 2025-01-13 02:41:01 +08:00
孙振宇
bd448c08d2 fix(manifests): correct indentation for annotations in Grafana ingress configuration 
Signed-off-by: 孙振宇 <>
 2025-01-13 02:28:42 +08:00
孙振宇
5200451d11 feat(manifests): add annotations for Grafana ingress to configure service upstream and upstream vhost 
Signed-off-by: 孙振宇 <>
 2025-01-13 02:27:08 +08:00
孙振宇
cd6735510b fix(manifests): update apiVersion for Grafana ingress to networking.k8s.io/v1 
Signed-off-by: 孙振宇 <>
 2025-01-13 02:09:31 +08:00
孙振宇
4a463e489f feat(manifests): add Grafana ingress and TLS certificate configuration 
Signed-off-by: 孙振宇 <>
 2025-01-13 02:08:21 +08:00
孙振宇
30fc78315d fix(manifests): update NodePort values for ingress-nginx service 
Signed-off-by: 孙振宇 <>
 2025-01-13 01:36:43 +08:00
孙振宇
da5e00bc31 feat(manifests): update ingress-nginx configuration for NodePort service type and enable metrics, serviceMonitor, and prometheusRule 
Signed-off-by: 孙振宇 <>
 2025-01-13 01:34:42 +08:00
孙振宇
cea95ef680 fix(manifests): disable issuerRef for prometheus-stack 2025-01-13 01:24:35 +08:00
孙振宇
d2b104e22d fix(manifests): change cluster domain 2025-01-13 01:12:57 +08:00
孙振宇
32b6a20b22 chore(manifests): remove unused namespace for freeleaps-controls-system 
Signed-off-by: 孙振宇 <>
 2025-01-13 01:05:22 +08:00
孙振宇
38d10f0e81 feat(manifests): update Grafana and kube-state-metrics to use freeleaps-monitoring-system namespace; enable ThanosRuler and configure Prometheus storage 
Signed-off-by: 孙振宇 <>
 2025-01-13 00:52:41 +08:00
孙振宇
51efcea05e feat(manifests): add namespace for freeleaps monitoring system 
Signed-off-by: 孙振宇 <>
 2025-01-13 00:19:11 +08:00
孙振宇
c2e01c63c0 feat(manifests): add infra service manifests 2025-01-13 00:16:43 +08:00
孙振宇
01b16cd60c feat(manifests): add OpenEBS storage system manifests and initialization script 
Signed-off-by: 孙振宇 <>
 2025-01-12 15:57:02 +08:00
孙振宇
24d662f18b fix(config): update load balancer domain name and nodelocaldns IP address 
Signed-off-by: 孙振宇 <>
 2025-01-12 05:38:35 +08:00
孙振宇
8422bc2fb3 feat(docs): update README with Ansible directory information and adjust nodelocaldns IP 
Signed-off-by: 孙振宇 <>
 2025-01-12 04:56:08 +08:00
孙振宇
cc91ef7d73 fix(scripts): made reset.sh executable 
Signed-off-by: 孙振宇 <>
 2025-01-12 04:15:53 +08:00
孙振宇
59c0e83d07 feat(reset): add reset script for cluster management and validation checks 
Signed-off-by: 孙振宇 <>
 2025-01-12 04:14:59 +08:00
孙振宇
7ae54597b6 feat(config): update upstream DNS servers and enable system hostname override 
Signed-off-by: 孙振宇 <>
 2025-01-12 03:03:58 +08:00
孙振宇
afd5d6b146 feat(deploy): add become flag to ansible-playbook execution in deploy script 
Signed-off-by: 孙振宇 <>
 2025-01-12 02:14:17 +08:00
孙振宇
65da501ba9 feat(config): update load balancer configuration for apiserver 
Signed-off-by: 孙振宇 <>
 2025-01-12 02:11:29 +08:00
孙振宇
b45e5ca63b feat(config): add option to prevent overriding system hostname 
Signed-off-by: 孙振宇 <>
 2025-01-12 02:06:45 +08:00
孙振宇
545a9cdca7 fix(hostname): correct hostname of each nodes 
Signed-off-by: 孙振宇 <>
 2025-01-12 01:56:12 +08:00
孙振宇
34527c28f4 fix(scripts): made deploy.sh executable 
Signed-off-by: 孙振宇 <>
 2025-01-12 01:48:54 +08:00
孙振宇
81b849dd0f feat(deploy): add deployment script with pre-checks and ansible-playbook execution 
Signed-off-by: 孙振宇 <>
 2025-01-12 01:47:07 +08:00
孙振宇
051b6e4ae5 fix(check.sh): add -kK option to ansible-playbook command for extra verbosity 
Signed-off-by: 孙振宇 <>
 2025-01-11 19:15:14 +08:00
孙振宇
c5b43e96d2 fix(scripts): execute perm for check.sh 
Signed-off-by: 孙振宇 <>
 2025-01-11 19:12:28 +08:00
孙振宇
512add2d57 feat(ansible): add check script for pre-requisites before running ansible playbook 
Signed-off-by: 孙振宇 <>
 2025-01-11 19:11:33 +08:00
孙振宇
847a2c04ad feat(inventory): add inventory template and update existing entries 
Signed-off-by: 孙振宇 <>
 2025-01-11 19:06:42 +08:00
孙振宇
c16e80e54a fix(inventory): update ingress worker hostnames in inventory.ini 
Signed-off-by: 孙振宇 <>
 2025-01-11 19:03:53 +08:00
孙振宇
9e34d037a3 chore(inventory): remove bastion host entry from inventory.ini 
Signed-off-by: 孙振宇 <>
 2025-01-11 18:55:17 +08:00
孙振宇
99e2a6a5e3 feat(ansible): add init and activate scripts for virtual environment setup 
chore: add .gitignore for virtual environment files
refactor: move etcd configuration to manifests and remove obsolete files

Signed-off-by: 孙振宇 <>
 2025-01-11 18:52:32 +08:00
孙振宇
2bb6934c77 chore: code staging 
Signed-off-by: 孙振宇 <>
 2025-01-10 02:35:25 +08:00