From ab109807fb35f862c377436d57c80e774fe2d7c1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=90=B4=E5=B0=8F=E7=99=BD?= <296015668@qq.com> Date: Fri, 18 Aug 2023 20:26:39 +0800 Subject: [PATCH] =?UTF-8?q?feat:=20=E6=9B=B4=E6=96=B0=20v3.6.1?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- charts/jumpserver/Chart.yaml | 4 +- charts/jumpserver/README.md | 2 +- .../templates/celery/deployment-celery.yaml | 10 + charts/jumpserver/values.yaml | 230 ++++++++---------- 4 files changed, 113 insertions(+), 133 deletions(-) diff --git a/charts/jumpserver/Chart.yaml b/charts/jumpserver/Chart.yaml index b310c0e..5f40fdc 100644 --- a/charts/jumpserver/Chart.yaml +++ b/charts/jumpserver/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 -appVersion: "v3.6.0" +appVersion: "v3.6.1" description: A Helm chart for Deploying Jumpserver on Kubernetes engine: gotpl home: https://jumpserver.org @@ -10,4 +10,4 @@ maintainers: sources: - https://github.com/jumpserver/ name: jumpserver -version: 3.6.0 +version: 3.6.1 diff --git a/charts/jumpserver/README.md b/charts/jumpserver/README.md index 80390d6..1de9f25 100644 --- a/charts/jumpserver/README.md +++ b/charts/jumpserver/README.md @@ -30,7 +30,7 @@ helm repo add jumpserver https://jumpserver.github.io/helm-charts | `nameOveride` | name override | `nil` | | `fullNameOveride` | full name override | `nil` | | `global.imageRegistry` | 仓库地址 | `docker.io` | -| `global.imageTag` | 版本号 | `v3.6.0 ` | +| `global.imageTag` | 版本号 | `v3.6.1 ` | | `global.imagePullSecrets` | 私有仓库认证凭据 | `nil` | | `global.storageClass` | 存储 sc | `nil` | | `ingress.enabled` | 开启 ingress | `true` | diff --git a/charts/jumpserver/templates/celery/deployment-celery.yaml b/charts/jumpserver/templates/celery/deployment-celery.yaml index b29b63e..41dfcd8 100644 --- a/charts/jumpserver/templates/celery/deployment-celery.yaml +++ b/charts/jumpserver/templates/celery/deployment-celery.yaml @@ -94,6 +94,16 @@ spec: command: - /bin/bash - /opt/jumpserver/utils/check_celery.sh + initialDelaySeconds: 60 + timeoutSeconds: 5 + readinessProbe: + exec: + command: + - sh + - -c + - test -e /tmp/worker_ready_celery + initialDelaySeconds: 60 + timeoutSeconds: 5 resources: {{- toYaml .resources | nindent 12 }} volumeMounts: diff --git a/charts/jumpserver/values.yaml b/charts/jumpserver/values.yaml index 7f4b5c9..e013ead 100644 --- a/charts/jumpserver/values.yaml +++ b/charts/jumpserver/values.yaml @@ -12,7 +12,7 @@ fullnameOverride: "" ## global: imageRegistry: "ghcr.io" - imageTag: v3.6.0 + imageTag: v3.6.1 ## E.g. # imagePullSecrets: # - myRegistryKeySecretName @@ -40,10 +40,10 @@ externalRedis: password: "" serviceAccount: - # Specifies whether a service account should be created + ## Specifies whether a service account should be created create: false - # The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template + ## The name of the service account to use. + ## If not set and create is true, a name is generated using the fullname template name: ingress: @@ -71,11 +71,11 @@ core: app.jumpserver.org/name: jms-core config: - # Generate a new random secret key by execute `cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 50` + ## Generate a new random secret key by execute `cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 50` secretKey: "" - # Generate a new random bootstrap token by execute `cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 24` + ## Generate a new random bootstrap token by execute `cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 24` bootstrapToken: "" - # Enabled it for debug + ## Enabled it for debug debug: false log: level: ERROR @@ -85,28 +85,28 @@ core: image: registry: docker.io repository: jumpserver/core - tag: v3.6.0 + tag: v3.6.1 pullPolicy: IfNotPresent command: [] env: - # See: https://docs.jumpserver.org/zh/master/admin-guide/env/#core + ## See: https://docs.jumpserver.org/zh/master/admin-guide/env/#core SESSION_EXPIRE_AT_BROWSER_CLOSE: true # SESSION_COOKIE_AGE: 86400 # SECURITY_VIEW_AUTH_NEED_MFA: true + ## Django CSRF_TRUSTED_ORIGINS need to be set to the domain name of the jumpserver (https://docs.jumpserver.org/zh/v3/installation/upgrade_notice/) + # DOMAINS: "demo.jumpserver.org:443, 172.17.200.11:80" livenessProbe: - failureThreshold: 30 - httpGet: - path: /api/health/ - port: web - - readinessProbe: - failureThreshold: 30 - httpGet: - path: /api/health/ - port: web + initialDelaySeconds: 90 + failureThreshold: 3 + timeoutSeconds: 5 + exec: + command: + - curl + - -fsL + - http://localhost:8080/api/health/ podSecurityContext: {} # fsGroup: 2000 @@ -125,10 +125,10 @@ core: port: 8080 resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + ## We usually recommend not to specify default resources and to leave this as a conscious + ## choice for the user. This also increases chances charts run on environments with little + ## resources, such as Minikube. If you do want to specify resources, uncomment the following + ## lines, adjust them as necessary, and remove the curly braces after 'resources:'. # limits: # cpu: 1000m # memory: 2048Mi @@ -173,26 +173,22 @@ koko: image: registry: docker.io repository: jumpserver/koko - tag: v3.6.0 + tag: v3.6.1 pullPolicy: IfNotPresent command: [] env: [] - # See: https://docs.jumpserver.org/zh/master/admin-guide/env/#koko + ## See: https://docs.jumpserver.org/zh/master/admin-guide/env/#koko # LANGUAGE_CODE: zh # REUSE_CONNECTION: true # ENABLE_LOCAL_PORT_FORWARD: true # ENABLE_VSCODE_SUPPORT: true livenessProbe: - failureThreshold: 30 - httpGet: - path: /koko/health/ - port: web - - readinessProbe: - failureThreshold: 30 + initialDelaySeconds: 10 + failureThreshold: 3 + timeoutSeconds: 5 httpGet: path: /koko/health/ port: web @@ -217,10 +213,10 @@ koko: port: 2222 resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + ## We usually recommend not to specify default resources and to leave this as a conscious + ## choice for the user. This also increases chances charts run on environments with little + ## resources, such as Minikube. If you do want to specify resources, uncomment the following + ## lines, adjust them as necessary, and remove the curly braces after 'resources:'. # limits: # cpu: 100m # memory: 128Mi @@ -265,13 +261,13 @@ lion: image: registry: docker.io repository: jumpserver/lion - tag: v3.6.0 + tag: v3.6.1 pullPolicy: IfNotPresent command: [] env: - # See: https://docs.jumpserver.org/zh/master/admin-guide/env/#lion + ## See: https://docs.jumpserver.org/zh/master/admin-guide/env/#lion JUMPSERVER_ENABLE_FONT_SMOOTHING: true # JUMPSERVER_COLOR_DEPTH: 32 # JUMPSERVER_ENABLE_WALLPAPER: true @@ -281,13 +277,9 @@ lion: # JUMPSERVER_ENABLE_MENU_ANIMATIONS: true livenessProbe: - failureThreshold: 30 - httpGet: - path: /lion/health/ - port: web - - readinessProbe: - failureThreshold: 30 + initialDelaySeconds: 90 + failureThreshold: 3 + timeoutSeconds: 5 httpGet: path: /lion/health/ port: web @@ -309,10 +301,10 @@ lion: port: 8081 resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + ## We usually recommend not to specify default resources and to leave this as a conscious + ## choice for the user. This also increases chances charts run on environments with little + ## resources, such as Minikube. If you do want to specify resources, uncomment the following + ## lines, adjust them as necessary, and remove the curly braces after 'resources:'. # limits: # cpu: 100m # memory: 512Mi @@ -357,7 +349,7 @@ magnus: image: registry: docker.io repository: jumpserver/magnus - tag: v3.6.0 + tag: v3.6.1 pullPolicy: IfNotPresent command: [] @@ -365,12 +357,9 @@ magnus: env: [] livenessProbe: - failureThreshold: 30 - tcpSocket: - port: 9090 - - readinessProbe: - failureThreshold: 30 + initialDelaySeconds: 10 + failureThreshold: 3 + timeoutSeconds: 5 tcpSocket: port: 9090 @@ -399,10 +388,10 @@ magnus: ports: 30000-30100 resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + ## We usually recommend not to specify default resources and to leave this as a conscious + ## choice for the user. This also increases chances charts run on environments with little + ## resources, such as Minikube. If you do want to specify resources, uncomment the following + ## lines, adjust them as necessary, and remove the curly braces after 'resources:'. # limits: # cpu: 100m # memory: 512Mi @@ -447,7 +436,7 @@ chen: image: registry: docker.io repository: jumpserver/chen - tag: v3.6.0 + tag: v3.6.1 pullPolicy: IfNotPresent command: [] @@ -455,12 +444,9 @@ chen: env: [] livenessProbe: - failureThreshold: 30 - tcpSocket: - port: web - - readinessProbe: - failureThreshold: 30 + initialDelaySeconds: 60 + failureThreshold: 3 + timeoutSeconds: 5 tcpSocket: port: web @@ -481,10 +467,10 @@ chen: port: 8082 resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + ## We usually recommend not to specify default resources and to leave this as a conscious + ## choice for the user. This also increases chances charts run on environments with little + ## resources, such as Minikube. If you do want to specify resources, uncomment the following + ## lines, adjust them as necessary, and remove the curly braces after 'resources:'. # limits: # cpu: 100m # memory: 128Mi @@ -516,7 +502,7 @@ chen: kael: enabled: true - + labels: app.jumpserver.org/name: jms-kael @@ -529,7 +515,7 @@ kael: image: registry: docker.io repository: jumpserver/kael - tag: v3.6.0 + tag: v3.6.1 pullPolicy: IfNotPresent command: [] @@ -537,13 +523,11 @@ kael: env: [] livenessProbe: - failureThreshold: 30 - tcpSocket: - port: web - - readinessProbe: - failureThreshold: 30 - tcpSocket: + initialDelaySeconds: 10 + failureThreshold: 3 + timeoutSeconds: 5 + httpGet: + path: /kael/health/ port: web podSecurityContext: {} @@ -563,10 +547,10 @@ kael: port: 8083 resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + ## We usually recommend not to specify default resources and to leave this as a conscious + ## choice for the user. This also increases chances charts run on environments with little + ## resources, such as Minikube. If you do want to specify resources, uncomment the following + ## lines, adjust them as necessary, and remove the curly braces after 'resources:'. # limits: # cpu: 100m # memory: 128Mi @@ -612,7 +596,7 @@ xrdp: image: registry: registry.fit2cloud.com repository: jumpserver/xrdp - tag: v3.6.0 + tag: v3.6.1 pullPolicy: IfNotPresent command: [] @@ -620,12 +604,9 @@ xrdp: env: [] livenessProbe: - failureThreshold: 30 - tcpSocket: - port: rdp - - readinessProbe: - failureThreshold: 30 + initialDelaySeconds: 10 + failureThreshold: 3 + timeoutSeconds: 5 tcpSocket: port: rdp @@ -646,10 +627,10 @@ xrdp: port: 3390 resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + ## We usually recommend not to specify default resources and to leave this as a conscious + ## choice for the user. This also increases chances charts run on environments with little + ## resources, such as Minikube. If you do want to specify resources, uncomment the following + ## lines, adjust them as necessary, and remove the curly braces after 'resources:'. # limits: # cpu: 100m # memory: 128Mi @@ -692,7 +673,7 @@ razor: image: registry: registry.fit2cloud.com repository: jumpserver/razor - tag: v3.6.0 + tag: v3.6.1 pullPolicy: IfNotPresent command: [] @@ -700,12 +681,9 @@ razor: env: [] livenessProbe: - failureThreshold: 30 - tcpSocket: - port: rdp - - readinessProbe: - failureThreshold: 30 + initialDelaySeconds: 10 + failureThreshold: 3 + timeoutSeconds: 5 tcpSocket: port: rdp @@ -726,10 +704,10 @@ razor: port: 3389 resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + ## We usually recommend not to specify default resources and to leave this as a conscious + ## choice for the user. This also increases chances charts run on environments with little + ## resources, such as Minikube. If you do want to specify resources, uncomment the following + ## lines, adjust them as necessary, and remove the curly braces after 'resources:'. # limits: # cpu: 100m # memory: 128Mi @@ -772,7 +750,7 @@ video: image: registry: registry.fit2cloud.com repository: jumpserver/video-worker - tag: v3.6.0 + tag: v3.6.1 pullPolicy: IfNotPresent command: [] @@ -780,13 +758,9 @@ video: env: [] livenessProbe: - failureThreshold: 30 - httpGet: - path: /video-worker/health/ - port: web - - readinessProbe: - failureThreshold: 30 + initialDelaySeconds: 10 + failureThreshold: 3 + timeoutSeconds: 5 httpGet: path: /video-worker/health/ port: web @@ -809,10 +783,10 @@ video: port: 9000 resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + ## We usually recommend not to specify default resources and to leave this as a conscious + ## choice for the user. This also increases chances charts run on environments with little + ## resources, such as Minikube. If you do want to specify resources, uncomment the following + ## lines, adjust them as necessary, and remove the curly braces after 'resources:'. # limits: # cpu: 100m # memory: 128Mi @@ -853,7 +827,7 @@ web: image: registry: docker.io repository: jumpserver/web - tag: v3.6.0 + tag: v3.6.1 pullPolicy: IfNotPresent command: [] @@ -863,13 +837,9 @@ web: # CLIENT_MAX_BODY_SIZE: 4096m livenessProbe: - failureThreshold: 30 - httpGet: - path: /api/health/ - port: web - - readinessProbe: - failureThreshold: 30 + initialDelaySeconds: 10 + failureThreshold: 3 + timeoutSeconds: 5 httpGet: path: /api/health/ port: web @@ -891,10 +861,10 @@ web: port: 80 resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + ## We usually recommend not to specify default resources and to leave this as a conscious + ## choice for the user. This also increases chances charts run on environments with little + ## resources, such as Minikube. If you do want to specify resources, uncomment the following + ## lines, adjust them as necessary, and remove the curly braces after 'resources:'. # limits: # cpu: 100m # memory: 128Mi