#!/bin/bash # JPD集群完整部署脚本 - 在Master节点上运行 # 使用方法: bash deploy-all-on-master.sh set -e echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" echo "🚀 JPD集群GitOps自动化部署" echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" echo "" # 检查是否在master节点上 if ! command -v kubectl &> /dev/null; then echo "❌ kubectl未找到,请确保在K3s master节点上运行此脚本" exit 1 fi # 配置kubectl echo "📝 配置kubectl..." export KUBECONFIG=/etc/rancher/k3s/k3s.yaml sudo chmod 644 /etc/rancher/k3s/k3s.yaml # 验证集群 echo "🔍 验证集群状态..." kubectl get nodes -o wide echo "" # 检查Helm if ! command -v helm &> /dev/null; then echo "📦 安装Helm..." curl -fsSL https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash echo "✅ Helm安装完成" else echo "✅ Helm已安装" fi echo "" echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" echo "📦 步骤 1/4: 部署Gitea" echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" echo "" # 添加Gitea Helm仓库 echo "📝 添加Gitea Helm仓库..." helm repo add gitea-charts https://dl.gitea.com/charts/ helm repo update # 创建gitea命名空间 echo "📝 创建gitea命名空间..." kubectl create namespace gitea --dry-run=client -o yaml | kubectl apply -f - # 部署Gitea echo "🚀 部署Gitea..." helm upgrade --install gitea gitea-charts/gitea \ --namespace gitea \ --set gitea.admin.username=gitea_admin \ --set gitea.admin.password=GitAdmin@2026 \ --set gitea.admin.email=admin@jpd.net3w.com \ --set service.http.type=NodePort \ --set service.http.nodePort=30080 \ --set postgresql-ha.enabled=true \ --set redis-cluster.enabled=true \ --wait --timeout=10m echo "✅ Gitea部署完成" echo "" # 等待Gitea就绪 echo "⏳ 等待Gitea Pod就绪..." kubectl wait --for=condition=ready pod -l app.kubernetes.io/name=gitea -n gitea --timeout=300s # 获取Gitea访问信息 GITEA_PORT=$(kubectl get svc gitea-http -n gitea -o jsonpath='{.spec.ports[0].nodePort}') NODE_IP=$(kubectl get nodes -o jsonpath='{.items[0].status.addresses[?(@.type=="InternalIP")].address}') echo "✅ Gitea访问地址: http://$NODE_IP:$GITEA_PORT" echo " 域名访问: http://git.jpd.net3w.com" echo "" echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" echo "📦 步骤 2/4: 部署ArgoCD" echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" echo "" # 创建argocd命名空间 echo "📝 创建argocd命名空间..." kubectl create namespace argocd --dry-run=client -o yaml | kubectl apply -f - # 部署ArgoCD echo "🚀 部署ArgoCD..." kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml # 等待ArgoCD就绪 echo "⏳ 等待ArgoCD Pod就绪..." kubectl wait --for=condition=ready pod -l app.kubernetes.io/name=argocd-server -n argocd --timeout=300s # 修改ArgoCD服务为NodePort echo "📝 配置ArgoCD NodePort..." kubectl patch svc argocd-server -n argocd -p '{"spec": {"type": "NodePort"}}' # 获取ArgoCD访问信息 ARGOCD_PORT=$(kubectl get svc argocd-server -n argocd -o jsonpath='{.spec.ports[0].nodePort}') ARGOCD_PASSWORD=$(kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d) echo "✅ ArgoCD部署完成" echo " 访问地址: https://$NODE_IP:$ARGOCD_PORT" echo " 域名访问: https://argocd.jpd.net3w.com" echo " 用户名: admin" echo " 密码: $ARGOCD_PASSWORD" echo "" echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" echo "📦 步骤 3/4: 部署cert-manager" echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" echo "" # 部署cert-manager echo "🚀 部署cert-manager..." kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.13.0/cert-manager.yaml # 等待cert-manager就绪 echo "⏳ 等待cert-manager Pod就绪..." kubectl wait --for=condition=ready pod -l app=cert-manager -n cert-manager --timeout=300s kubectl wait --for=condition=r app=webhook -n cert-manager --timeout=300s # 创建Let's Encrypt ClusterIssuer echo "📝 配置Let's Encrypt..." cat < 149.13.91.216" echo " - 首次HTTPS访问需等待1-2分钟证书签发" echo " - 可以通过NodePort直接访问服务" echo "" echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"