mirror of
https://github.com/tencentmusic/cube-studio.git
synced 2024-11-27 05:33:10 +08:00
替换docker镜像源
This commit is contained in:
data-infra
parent
ad8a71d587
commit
508df27ee0
@ -8,7 +8,6 @@ kubeflow = [
|
||||
"kubeflow/training-operator:v1-8a066f9", # 分布式训练
|
||||
'ccr.ccs.tencentyun.com/cube-studio/spark-operator:1.3.8-3.1.1', # spark serverless
|
||||
'alpine:3.10',
|
||||
"mpioperator/kubectl-delivery:latest"
|
||||
]
|
||||
|
||||
kubernetes_dashboard = [
|
||||
@ -148,7 +147,7 @@ pull_harbor_file = open('pull_harbor.sh', mode='w')
|
||||
pull_save_file = open('image_save.sh',mode='w')
|
||||
load_image_file = open('image_load.sh',mode='w')
|
||||
|
||||
push_harbor_file.write(f'准备登录: {harbor_repo}\n')
|
||||
# push_harbor_file.write(f'准备登录: {harbor_repo}\n')
|
||||
push_harbor_file.write('docker login '+harbor_repo[:harbor_repo.index('/')]+"\n")
|
||||
pull_harbor_file.write('docker login '+harbor_repo[:harbor_repo.index('/')]+"\n")
|
||||
|
||||
|
||||
@ -1,27 +1,30 @@
|
||||
docker pull busybox:1.36.0 &
|
||||
docker pull nvidia/dcgm-exporter:3.1.7-3.1.4-ubuntu20.04 &
|
||||
docker pull grafana/grafana:9.1.5 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/prometheus-adapter:v0.9.1 &
|
||||
docker pull quay.io/prometheus-operator/prometheus-operator:v0.46.0 &
|
||||
docker pull quay.io/prometheus-operator/prometheus-config-reloader:v0.46.0 &
|
||||
docker pull volcanosh/vc-scheduler:v1.7.0 &
|
||||
docker pull mysql:8.0.32 &
|
||||
docker pull volcanosh/vc-controller-manager:v1.7.0 &
|
||||
docker pull argoproj/workflow-controller:v3.4.3 &
|
||||
docker pull carlosedp/addon-resizer:v1.8.4 &
|
||||
docker pull istio/proxyv2:1.15.0 &
|
||||
docker pull minio/minio:RELEASE.2023-04-20T17-56-55Z &
|
||||
docker pull kubeflow/training-operator:v1-8a066f9 &
|
||||
docker pull prom/prometheus:v2.27.1 &
|
||||
docker pull argoproj/argocli:v3.4.3 &
|
||||
docker pull volcanosh/vc-webhook-manager:v1.7.0 &
|
||||
docker pull bitnami/redis:6.2.12 &
|
||||
docker pull argoproj/argoexec:v3.4.3 &
|
||||
docker pull bitnami/kube-rbac-proxy:0.14.1 &
|
||||
docker pull kubernetesui/metrics-scraper:v1.0.8 &
|
||||
docker pull nvidia/k8s-device-plugin:v0.11.0-ubuntu20.04 &
|
||||
docker pull prom/node-exporter:v1.5.0 &
|
||||
docker pull istio/pilot:1.15.0 &
|
||||
docker pull kubernetesui/dashboard:v2.6.1 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/kubernetesui-dashboard:v2.6.1 && docker tag ccr.ccs.tencentyun.com/cube-studio/kubernetesui-dashboard:v2.6.1 kubernetesui/dashboard:v2.6.1 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/minio-minio:RELEASE.2023-04-20T17-56-55Z && docker tag ccr.ccs.tencentyun.com/cube-studio/minio-minio:RELEASE.2023-04-20T17-56-55Z minio/minio:RELEASE.2023-04-20T17-56-55Z &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/volcanosh-vc-controller-manager:v1.7.0 && docker tag ccr.ccs.tencentyun.com/cube-studio/volcanosh-vc-controller-manager:v1.7.0 volcanosh/vc-controller-manager:v1.7.0 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/mysql:8.0.32 && docker tag ccr.ccs.tencentyun.com/cube-studio/mysql:8.0.32 mysql:8.0.32 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/ubuntu:20.04 && docker tag ccr.ccs.tencentyun.com/cube-studio/ubuntu:20.04 ubuntu:20.04 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/busybox:1.36.0 && docker tag ccr.ccs.tencentyun.com/cube-studio/busybox:1.36.0 busybox:1.36.0 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/nvidia-dcgm-exporter:3.1.7-3.1.4-ubuntu20.04 && docker tag ccr.ccs.tencentyun.com/cube-studio/nvidia-dcgm-exporter:3.1.7-3.1.4-ubuntu20.04 nvidia/dcgm-exporter:3.1.7-3.1.4-ubuntu20.04 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/alpine:3.10 && docker tag ccr.ccs.tencentyun.com/cube-studio/alpine:3.10 alpine:3.10 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/volcanosh-vc-webhook-manager:v1.7.0 && docker tag ccr.ccs.tencentyun.com/cube-studio/volcanosh-vc-webhook-manager:v1.7.0 volcanosh/vc-webhook-manager:v1.7.0 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/argoproj-workflow-controller:v3.4.3 && docker tag ccr.ccs.tencentyun.com/cube-studio/argoproj-workflow-controller:v3.4.3 argoproj/workflow-controller:v3.4.3 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/spark-operator:1.3.8-3.1.1 && docker tag ccr.ccs.tencentyun.com/cube-studio/spark-operator:1.3.8-3.1.1 ccr.ccs.tencentyun.com/cube-studio/spark-operator:1.3.8-3.1.1 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/argoproj-argocli:v3.4.3 && docker tag ccr.ccs.tencentyun.com/cube-studio/argoproj-argocli:v3.4.3 argoproj/argocli:v3.4.3 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/nvidia-k8s-device-plugin:v0.11.0-ubuntu20.04 && docker tag ccr.ccs.tencentyun.com/cube-studio/nvidia-k8s-device-plugin:v0.11.0-ubuntu20.04 nvidia/k8s-device-plugin:v0.11.0-ubuntu20.04 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/quay.io-prometheus-operator-prometheus-config-reloader:v0.46.0 && docker tag ccr.ccs.tencentyun.com/cube-studio/quay.io-prometheus-operator-prometheus-config-reloader:v0.46.0 quay.io/prometheus-operator/prometheus-config-reloader:v0.46.0 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/grafana-grafana:9.1.5 && docker tag ccr.ccs.tencentyun.com/cube-studio/grafana-grafana:9.1.5 grafana/grafana:9.1.5 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/prom-prometheus:v2.27.1 && docker tag ccr.ccs.tencentyun.com/cube-studio/prom-prometheus:v2.27.1 prom/prometheus:v2.27.1 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/kubernetesui-metrics-scraper:v1.0.8 && docker tag ccr.ccs.tencentyun.com/cube-studio/kubernetesui-metrics-scraper:v1.0.8 kubernetesui/metrics-scraper:v1.0.8 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/argoproj-argoexec:v3.4.3 && docker tag ccr.ccs.tencentyun.com/cube-studio/argoproj-argoexec:v3.4.3 argoproj/argoexec:v3.4.3 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/carlosedp-addon-resizer:v1.8.4 && docker tag ccr.ccs.tencentyun.com/cube-studio/carlosedp-addon-resizer:v1.8.4 carlosedp/addon-resizer:v1.8.4 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/quay.io-prometheus-operator-prometheus-operator:v0.46.0 && docker tag ccr.ccs.tencentyun.com/cube-studio/quay.io-prometheus-operator-prometheus-operator:v0.46.0 quay.io/prometheus-operator/prometheus-operator:v0.46.0 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/volcanosh-vc-scheduler:v1.7.0 && docker tag ccr.ccs.tencentyun.com/cube-studio/volcanosh-vc-scheduler:v1.7.0 volcanosh/vc-scheduler:v1.7.0 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/bitnami-redis:6.2.12 && docker tag ccr.ccs.tencentyun.com/cube-studio/bitnami-redis:6.2.12 bitnami/redis:6.2.12 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/istio-pilot:1.15.0 && docker tag ccr.ccs.tencentyun.com/cube-studio/istio-pilot:1.15.0 istio/pilot:1.15.0 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/kubeflow-training-operator:v1-8a066f9 && docker tag ccr.ccs.tencentyun.com/cube-studio/kubeflow-training-operator:v1-8a066f9 kubeflow/training-operator:v1-8a066f9 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/prom-node-exporter:v1.5.0 && docker tag ccr.ccs.tencentyun.com/cube-studio/prom-node-exporter:v1.5.0 prom/node-exporter:v1.5.0 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/bitnami-kube-rbac-proxy:0.14.1 && docker tag ccr.ccs.tencentyun.com/cube-studio/bitnami-kube-rbac-proxy:0.14.1 bitnami/kube-rbac-proxy:0.14.1 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/prometheus-adapter:v0.9.1 && docker tag ccr.ccs.tencentyun.com/cube-studio/prometheus-adapter:v0.9.1 ccr.ccs.tencentyun.com/cube-studio/prometheus-adapter:v0.9.1 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/istio-proxyv2:1.15.0 && docker tag ccr.ccs.tencentyun.com/cube-studio/istio-proxyv2:1.15.0 istio/proxyv2:1.15.0 &
|
||||
|
||||
wait
|
||||
|
||||
39
install/kubernetes/pull_images.sh
Normal file
39
install/kubernetes/pull_images.sh
Normal file
@ -0,0 +1,39 @@
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/phpmyadmin &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/model_download:20221001 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/deploy-service:20211001 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/llama-factory:20240410 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/notebook:jupyter-ubuntu-deeplearning &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/torchserve:0.5.3-cpu &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/prometheus-adapter:v0.9.1 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/notebook:vscode-ubuntu-cpu-base &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/ml-server:20240601 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/datax:20240501 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/patrikx3:latest &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/llm-server:20240601 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/tritonserver:22.07-py3 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/video-audio:20210601 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/spark-operator:1.3.8-3.1.1 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/data-process:20230501 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/notebook:jupyter-ubuntu-cpu-1.0.0 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/tf:20230801 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/volcano:20230601 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/yolov7:2024.01 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/pytorch:20230801 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/notebook:jupyter-ubuntu22.04-cuda11.8.0-cudnn8 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/notebook:vscode-ubuntu-gpu-base &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/datax:20230601 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/model_register:20230501 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/python:strong &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/nni:20230601 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/ray:gpu-20230801 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/ubuntu-gpu:cuda11.8.0-cudnn8-python3.9 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/offline-predict:20230801 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/neo4j:4.4 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/notebook:jupyter-ubuntu-bigdata &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/notebook:jupyter-ubuntu-machinelearning &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/ray-sklearn:20230801 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/notebook:jupyter-ubuntu22.04 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/dataset:20230501 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-studio/tfserving:2.3.4 &
|
||||
|
||||
wait
|
||||
@ -10,7 +10,7 @@ pull_harbor_file = open('pull_rancher_harbor.sh', mode='w')
|
||||
pull_save_file = open('rancher_image_save.sh',mode='w')
|
||||
load_image_file = open('rancher_image_load.sh',mode='w')
|
||||
|
||||
push_harbor_file.write(f'准备登录: {harbor_repo}\n')
|
||||
# push_harbor_file.write(f'准备登录: {harbor_repo}\n')
|
||||
push_harbor_file.write('docker login '+harbor_repo[:harbor_repo.index('/')]+"\n")
|
||||
pull_harbor_file.write('docker login '+harbor_repo[:harbor_repo.index('/')]+"\n")
|
||||
|
||||
|
||||
@ -1,43 +0,0 @@
|
||||
# ubuntu:20.04
|
||||
#sysctl -w net/netfilter/nf_conntrack_max=524288
|
||||
|
||||
service docker stop
|
||||
rpm -qa | grep docker | xargs yum remove -y
|
||||
rpm -qa | grep docker
|
||||
rm -rf /usr/lib/systemd/system/docker.service
|
||||
|
||||
# 创建docker的存储路径,因为docker使用的存储很大,默认根目录磁盘很小
|
||||
rm -rf /data/docker && mkdir -p /data/docker/
|
||||
|
||||
# 安装docker,顺带安装调试工具
|
||||
yum update -y
|
||||
yum install docker-ce -y
|
||||
yum install -y htop docker-compose
|
||||
yum install -y wireshark
|
||||
yum install -y telnet
|
||||
|
||||
# 停止docker,修改配置
|
||||
systemctl stop docker
|
||||
systemctl stop docker.socket
|
||||
systemctl stop docker.service
|
||||
|
||||
# 将源docker目录下文件,复制到新目录下
|
||||
cp -R /var/lib/docker/* /data/docker/
|
||||
|
||||
# 将私有仓库写入到配置文件中
|
||||
mkdir -p /etc/docker/
|
||||
|
||||
(
|
||||
cat << EOF
|
||||
{
|
||||
"insecure-registries":["docker.oa.com:8080"],
|
||||
"data-root": "/data/docker"
|
||||
}
|
||||
EOF
|
||||
)> /etc/docker/daemon.json
|
||||
|
||||
systemctl daemon-reload
|
||||
# 重启docker
|
||||
systemctl start docker
|
||||
# 删除原目录数据
|
||||
rm -rf /var/lib/docker
|
||||
@ -20,11 +20,16 @@ sudo apt-get install -y ca-certificates curl gnupg lsb-release vim git wget net-
|
||||
|
||||
sudo mkdir -p /etc/apt/keyrings
|
||||
rm -rf /etc/apt/keyrings/docker.gpg
|
||||
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
|
||||
rm -rf /etc/apt/sources.list.d/docker.list
|
||||
|
||||
### 稳定存储库
|
||||
### 使用docker 官方源
|
||||
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
|
||||
echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
|
||||
|
||||
### 国内使用阿里源
|
||||
curl -fsSL http://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | apt-key add -
|
||||
sudo add-apt-repository "deb [arch=amd64] http://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable"
|
||||
|
||||
### 安装docker
|
||||
sudo apt-get update
|
||||
|
||||
@ -97,7 +102,7 @@ vi /etc/docker/daemon.json
|
||||
添加如下配置
|
||||
|
||||
{
|
||||
"registry-mirrors": ["https://registry.docker-cn.com","https://pee6w651.mirror.aliyuncs.com"],
|
||||
"registry-mirrors": ["https://docker.m.daocloud.io", "https://dockerproxy.com", "https://docker.mirrors.ustc.edu.cn", "https://docker.nju.edu.cn"],
|
||||
"dns": ["114.114.114.114","8.8.8.8"],
|
||||
"data-root": "/data/docker",
|
||||
}
|
||||
@ -107,7 +112,19 @@ systemctl daemon-reload
|
||||
systemctl start docker
|
||||
```
|
||||
|
||||
# 切换docker根目录
|
||||
|
||||
```bash
|
||||
mkdir -p /data/docker/
|
||||
# 将源docker目录下文件,复制到新目录下
|
||||
cp -R /var/lib/docker/* /data/docker/
|
||||
```
|
||||
然后按照上面的配置daemon.json,配置根目录为/data/docker/
|
||||
|
||||
就可以把之前的目录删掉了
|
||||
```bash
|
||||
rm -rf /var/lib/docker
|
||||
```
|
||||
|
||||
## yum安装k8s的源
|
||||
```bash
|
||||
|
||||
@ -1,24 +1,24 @@
|
||||
docker pull rancher/mirrored-cluster-proportional-autoscaler:1.8.3 &
|
||||
docker pull rancher/mirrored-calico-kube-controllers:v3.19.2 &
|
||||
docker pull rancher/mirrored-calico-cni:v3.19.2 &
|
||||
docker pull rancher/mirrored-coredns-coredns:1.8.4 &
|
||||
docker pull rancher/mirrored-coreos-etcd:v3.4.16-rancher1 &
|
||||
docker pull rancher/mirrored-metrics-server:v0.5.0 &
|
||||
docker pull registry:2 &
|
||||
docker pull rancher/rancher-runtime:v2.6.2 &
|
||||
docker pull rancher/mirrored-coreos-flannel:v0.14.0 &
|
||||
docker pull rancher/rke-tools:v0.1.78 &
|
||||
docker pull rancher/kubectl:v1.20.2 &
|
||||
docker pull rancher/mirrored-calico-pod2daemon-flexvol:v3.19.2 &
|
||||
docker pull rancher/mirrored-pause:3.4.1 &
|
||||
docker pull rancher/rancher:v2.6.2 &
|
||||
docker pull rancher/shell:v0.1.10 &
|
||||
docker pull rancher/kube-api-auth:v0.1.5 &
|
||||
docker pull rancher/rancher-agent:v2.6.2 &
|
||||
docker pull rancher/hyperkube:v1.21.5-rancher1 &
|
||||
docker pull rancher/mirrored-kube-rbac-proxy:v0.5.0 &
|
||||
docker pull rancher/mirrored-calico-node:v3.19.2 &
|
||||
docker pull rancher/rancher-webhook:v0.2.1 &
|
||||
docker pull rancher/fleet-agent:v0.3.7
|
||||
|
||||
docker pull ccr.ccs.tencentyun.com/cube-rancher/rancher-webhook:v0.2.1 && docker tag ccr.ccs.tencentyun.com/cube-rancher/rancher-webhook:v0.2.1 rancher/rancher-webhook:v0.2.1 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-rancher/rancher:v2.6.2 && docker tag ccr.ccs.tencentyun.com/cube-rancher/rancher:v2.6.2 rancher/rancher:v2.6.2 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-rancher/mirrored-pause:3.4.1 && docker tag ccr.ccs.tencentyun.com/cube-rancher/mirrored-pause:3.4.1 rancher/mirrored-pause:3.4.1 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-rancher/mirrored-calico-pod2daemon-flexvol:v3.19.2 && docker tag ccr.ccs.tencentyun.com/cube-rancher/mirrored-calico-pod2daemon-flexvol:v3.19.2 rancher/mirrored-calico-pod2daemon-flexvol:v3.19.2 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-rancher/rke-tools:v0.1.78 && docker tag ccr.ccs.tencentyun.com/cube-rancher/rke-tools:v0.1.78 rancher/rke-tools:v0.1.78 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-rancher/mirrored-calico-cni:v3.19.2 && docker tag ccr.ccs.tencentyun.com/cube-rancher/mirrored-calico-cni:v3.19.2 rancher/mirrored-calico-cni:v3.19.2 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-rancher/fleet-agent:v0.3.7 && docker tag ccr.ccs.tencentyun.com/cube-rancher/fleet-agent:v0.3.7 rancher/fleet-agent:v0.3.7 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-rancher/kube-api-auth:v0.1.5 && docker tag ccr.ccs.tencentyun.com/cube-rancher/kube-api-auth:v0.1.5 rancher/kube-api-auth:v0.1.5 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-rancher/mirrored-kube-rbac-proxy:v0.5.0 && docker tag ccr.ccs.tencentyun.com/cube-rancher/mirrored-kube-rbac-proxy:v0.5.0 rancher/mirrored-kube-rbac-proxy:v0.5.0 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-rancher/hyperkube:v1.21.5-rancher1 && docker tag ccr.ccs.tencentyun.com/cube-rancher/hyperkube:v1.21.5-rancher1 rancher/hyperkube:v1.21.5-rancher1 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-rancher/kubectl:v1.20.2 && docker tag ccr.ccs.tencentyun.com/cube-rancher/kubectl:v1.20.2 rancher/kubectl:v1.20.2 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-rancher/mirrored-cluster-proportional-autoscaler:1.8.3 && docker tag ccr.ccs.tencentyun.com/cube-rancher/mirrored-cluster-proportional-autoscaler:1.8.3 rancher/mirrored-cluster-proportional-autoscaler:1.8.3 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-rancher/mirrored-metrics-server:v0.5.0 && docker tag ccr.ccs.tencentyun.com/cube-rancher/mirrored-metrics-server:v0.5.0 rancher/mirrored-metrics-server:v0.5.0 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-rancher/rancher-runtime:v2.6.2 && docker tag ccr.ccs.tencentyun.com/cube-rancher/rancher-runtime:v2.6.2 rancher/rancher-runtime:v2.6.2 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-rancher/mirrored-coreos-etcd:v3.4.16-rancher1 && docker tag ccr.ccs.tencentyun.com/cube-rancher/mirrored-coreos-etcd:v3.4.16-rancher1 rancher/mirrored-coreos-etcd:v3.4.16-rancher1 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-rancher/mirrored-coreos-flannel:v0.14.0 && docker tag ccr.ccs.tencentyun.com/cube-rancher/mirrored-coreos-flannel:v0.14.0 rancher/mirrored-coreos-flannel:v0.14.0 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-rancher/mirrored-calico-kube-controllers:v3.19.2 && docker tag ccr.ccs.tencentyun.com/cube-rancher/mirrored-calico-kube-controllers:v3.19.2 rancher/mirrored-calico-kube-controllers:v3.19.2 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-rancher/mirrored-calico-node:v3.19.2 && docker tag ccr.ccs.tencentyun.com/cube-rancher/mirrored-calico-node:v3.19.2 rancher/mirrored-calico-node:v3.19.2 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-rancher/mirrored-coredns-coredns:1.8.4 && docker tag ccr.ccs.tencentyun.com/cube-rancher/mirrored-coredns-coredns:1.8.4 rancher/mirrored-coredns-coredns:1.8.4 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-rancher/shell:v0.1.10 && docker tag ccr.ccs.tencentyun.com/cube-rancher/shell:v0.1.10 rancher/shell:v0.1.10 &
|
||||
docker pull ccr.ccs.tencentyun.com/cube-rancher/rancher-agent:v2.6.2 && docker tag ccr.ccs.tencentyun.com/cube-rancher/rancher-agent:v2.6.2 rancher/rancher-agent:v2.6.2 &
|
||||
|
||||
wait
|
||||
|
||||
@ -106,13 +106,15 @@ class MyUser(User):
|
||||
# timestamp = int(func.date_format(self.changed_on))
|
||||
timestamp = int(self.changed_on.timestamp())
|
||||
payload = {
|
||||
"iss": self.username
|
||||
"iss": "cube-studio",
|
||||
"sub":self.username
|
||||
# "iat": timestamp, # Issue period
|
||||
# "nbf": timestamp, # Effective Date
|
||||
# "exp": timestamp + 60 * 60 * 24 * 30 * 12, # Valid for 12 months
|
||||
}
|
||||
|
||||
global_password = 'myapp'
|
||||
from myapp import conf
|
||||
global_password = conf.get('JWT_PASSWORD','cube-studio')
|
||||
encoded_jwt = jwt.encode(payload, global_password, algorithm='HS256')
|
||||
return encoded_jwt
|
||||
return ''
|
||||
@ -129,7 +131,11 @@ class MyRoleModelView(RoleModelView):
|
||||
|
||||
class MyUserRemoteUserModelView_Base():
|
||||
datamodel = SQLAInterface(MyUser)
|
||||
|
||||
base_permissions = ['can_list', 'can_edit', 'can_add', 'can_show','can_userinfo']
|
||||
|
||||
list_columns = ["username", "active", "roles", ]
|
||||
|
||||
edit_columns = ["first_name", "last_name", "username",'password', "active", "email", "roles", 'org', 'quota' ]
|
||||
add_columns = ["first_name", "last_name", "username",'password', "active", "email", "roles", 'org', 'quota']
|
||||
show_columns = ["username", "active", "roles", "login_count"]
|
||||
@ -342,15 +348,15 @@ class MyappSecurityManager(SecurityManager):
|
||||
# 添加从header中进行认证的方式
|
||||
self.lm.header_loader(self.load_user_from_header)
|
||||
|
||||
# 使用header 认证,通过rtx名获取用户
|
||||
# 使用header 认证,通过username名获取用户
|
||||
# @pysnooper.snoop()
|
||||
def load_user_from_header(self, authorization_value):
|
||||
# token=None
|
||||
# if 'token' in request.headers:
|
||||
# token = request.headers['token']
|
||||
if authorization_value:
|
||||
# rtx 免认证
|
||||
if len(authorization_value) < 20:
|
||||
# username 免认证
|
||||
if len(authorization_value) < 40:
|
||||
username = authorization_value
|
||||
if username:
|
||||
user = self.find_user(username)
|
||||
@ -358,13 +364,14 @@ class MyappSecurityManager(SecurityManager):
|
||||
return user
|
||||
else: # token 认证
|
||||
encoded_jwt = authorization_value.encode('utf-8')
|
||||
payload = jwt.decode(encoded_jwt, 'myapp', algorithms=['HS256'])
|
||||
from myapp import conf
|
||||
payload = jwt.decode(encoded_jwt, conf.get('JWT_PASSWORD','cube-studio'), algorithms=['HS256'])
|
||||
# if payload['iat'] > time.time():
|
||||
# return
|
||||
# elif payload['exp'] < time.time():
|
||||
# return
|
||||
# else:
|
||||
user = self.find_user(payload['iss'])
|
||||
user = self.find_user(payload['sub'])
|
||||
g.user = user
|
||||
return user
|
||||
|
||||
@ -536,8 +543,7 @@ class MyappSecurityManager(SecurityManager):
|
||||
from myapp import conf
|
||||
user = self.find_user(username=username)
|
||||
# 添加以组织同名的角色,同时添加上级角色
|
||||
# # 注册rtx同名角色
|
||||
# rtx_role = self.add_role(username)
|
||||
|
||||
# 如果用户不存在就注册用户
|
||||
if user is None:
|
||||
user = self.add_org_user(
|
||||
@ -561,8 +567,7 @@ class MyappSecurityManager(SecurityManager):
|
||||
gamma_role = self.find_role(self.auth_user_registration_role)
|
||||
if gamma_role and gamma_role not in user.roles:
|
||||
user.roles.append(gamma_role)
|
||||
# if rtx_role and rtx_role not in user.roles:
|
||||
# user.roles.append(rtx_role)
|
||||
|
||||
# 更新用户信息
|
||||
if org_name:
|
||||
user.org = org_name # 更新组织架构字段
|
||||
|
||||
Loading…
Reference in New Issue
Block a user