update

dis/deployment.yaml

@@ -0,0 +1,79 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  annotations: {}
+  labels:
+    k8s.kuboard.cn/layer: web
+    k8s.kuboard.cn/name: dis
+  name: dis
+  namespace: energycode
+spec:
+  progressDeadlineSeconds: 600
+  replicas: 1
+  selector:
+    matchLabels:
+      k8s.kuboard.cn/layer: web
+      k8s.kuboard.cn/name: dis
+  strategy:
+    rollingUpdate:
+      maxSurge: 1
+      maxUnavailable: 0
+    type: RollingUpdate
+  template:
+    metadata:
+      creationTimestamp: null
+      labels:
+        k8s.kuboard.cn/layer: web
+        k8s.kuboard.cn/name: dis
+    spec:
+      containers:
+        - envFrom:
+            - secretRef:
+                name: dis-config
+          image: 'hub.dt-ok.cn:8888/qiyetech/dis-14:1.9.6'
+          imagePullPolicy: IfNotPresent
+          name: dis
+          resources: {}
+          terminationMessagePath: /dev/termination-log
+          terminationMessagePolicy: File
+          volumeMounts:
+            - mountPath: /etc/odoo
+              name: pvc
+              subPath: config
+            - mountPath: /var/lib/odoo/.local/share/Odoo
+              name: pvc
+              subPath: data
+            - mountPath: /var/log/odoo
+              name: pvc
+              subPath: logs
+            - mountPath: /tmp
+              name: pvc
+              subPath: tmp
+            - mountPath: /backups
+              name: backups
+            - mountPath: /data
+              name: svg-data
+      dnsPolicy: ClusterFirst
+      # imagePullSecrets:
+      #   - name: hub-dt-ok
+      restartPolicy: Always
+      schedulerName: default-scheduler
+      securityContext: {}
+      terminationGracePeriodSeconds: 30
+      volumes:
+        - name: pvc
+          persistentVolumeClaim:
+            claimName: pvc-dis
+        - name: svg-data
+          persistentVolumeClaim:
+            claimName: pvc-svg-data
+        - name: backups
+          persistentVolumeClaim:
+            claimName: pvc-dis-backups
+status:
+  availableReplicas: 1
+  observedGeneration: 414
+  readyReplicas: 1
+  replicas: 1
+  updatedReplicas: 1

dis/ingress.yaml

@@ -0,0 +1,23 @@
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  annotations: {}
+  labels:
+    k8s.kuboard.cn/layer: web
+    k8s.kuboard.cn/name: dis
+  name: dis
+  namespace: energycode
+spec:
+  ingressClassName: traefik
+  rules:
+    - host: d.k8s.orb.local
+      http:
+        paths:
+          - backend:
+              service:
+                name: dis
+                port:
+                  number: 8069
+            path: /
+            pathType: Prefix

dis/namespace.yaml

@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: energycode

dis/pv-pvc-dis-backups.yaml

@@ -0,0 +1,46 @@
+---
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: pv-dis-backups
+  annotations:
+    pv.kubernetes.io/provisioned-by: nfs-csi
+  finalizers:
+    - kubernetes.io/pv-protection
+spec:
+  capacity:
+    storage: 5Gi
+  accessModes:
+    - ReadWriteMany
+  csi:
+    driver: nfs.csi.k8s.io
+    volumeAttributes:
+      server: nfs.nfs.orb.local
+      share: /
+      subdir: dis/backups
+    volumeHandle: nfs#dis#backups#
+  mountOptions:
+    - hard
+    - nfsvers=4.2
+  persistentVolumeReclaimPolicy: Retain
+  storageClassName: nfs-csi
+  volumeMode: Filesystem
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: pvc-dis-backups
+  namespace: energycode
+  annotations:
+    volume.beta.kubernetes.io/storage-provisioner: nfs-csi
+    volume.kubernetes.io/storage-provisioner: nfs-csi
+  finalizers:
+    - kubernetes.io/pvc-protection
+spec:
+  accessModes:
+    - ReadWriteMany
+  resources:
+    requests:
+      storage: 5Gi
+  storageClassName: nfs-csi
+  volumeMode: Filesystem

dis/pv-pvc-dis.yaml

@@ -0,0 +1,52 @@
+---
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  annotations:
+    pv.kubernetes.io/bound-by-controller: 'yes'
+    pv.kubernetes.io/provisioned-by: nfs-server
+  finalizers:
+    - kubernetes.io/pv-protection
+  name: pv-dis
+spec:
+  accessModes:
+    - ReadWriteMany
+  capacity:
+    storage: 10Gi
+  claimRef:
+    apiVersion: v1
+    kind: PersistentVolumeClaim
+    name: pvc-dis
+    namespace: energycode
+  csi:
+    driver: nfs.csi.k8s.io
+    volumeAttributes:
+      server: nfs.nfs.orb.local
+      share: /
+      subdir: dis
+    volumeHandle: nfs#dis#
+  mountOptions:
+    - hard
+    - nfsvers=4.2
+  persistentVolumeReclaimPolicy: Retain
+  storageClassName: nfs-csi
+  volumeMode: Filesystem
+status:
+  phase: Bound
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  finalizers:
+    - kubernetes.io/pvc-protection
+  name: pvc-dis
+  namespace: energycode
+spec:
+  accessModes:
+    - ReadWriteMany
+  resources:
+    requests:
+      storage: 10Gi
+  storageClassName: nfs-csi
+  volumeMode: Filesystem
+  volumeName: pv-dis

dis/pv-pvc-svg-data.yaml

@@ -0,0 +1,58 @@
+---
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  annotations:
+    pv.kubernetes.io/bound-by-controller: 'yes'
+    pv.kubernetes.io/provisioned-by: nfs-server
+  finalizers:
+    - kubernetes.io/pv-protection
+  name: pv-svg-data
+spec:
+  accessModes:
+    - ReadWriteMany
+  capacity:
+    storage: 1Gi
+  claimRef:
+    apiVersion: v1
+    kind: PersistentVolumeClaim
+    name: pvc-svg-data
+    namespace: energycode
+  csi:
+    driver: nfs.csi.k8s.io
+    volumeAttributes:
+      server: nfs.nfs.orb.local
+      share: /
+      subdir: dis/svg-data
+    volumeHandle: nfs#dis#svg-data#
+  mountOptions:
+    - hard
+    - nfsvers=4.2
+  persistentVolumeReclaimPolicy: Retain
+  storageClassName: nfs-csi
+  volumeMode: Filesystem
+status:
+  phase: Bound
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  finalizers:
+    - kubernetes.io/pvc-protection
+  name: pvc-svg-data
+  namespace: energycode
+spec:
+  accessModes:
+    - ReadWriteMany
+  resources:
+    requests:
+      storage: 1Gi
+  storageClassName: nfs-csi
+  volumeMode: Filesystem
+  volumeName: pv-svg-data
+status:
+  accessModes:
+    - ReadWriteMany
+  capacity:
+    storage: 1Gi
+  phase: Bound

dis/secret.yaml

@@ -0,0 +1,22 @@
+---
+apiVersion: v1
+data:
+  HOST: aG9zdC5kb2NrZXIuaW50ZXJuYWw=
+  PASSWORD: amFjaw==
+  PGDATABASE: ZGlz
+  PGHOST: aG9zdC5kb2NrZXIuaW50ZXJuYWw=
+  PGPASSWORD: YWFhQUFBMTEx
+  PGUSER: YWFhQUFBMTEx
+  POSTGRES_DB: ZGlz
+  POSTGRES_PASSWORD: YWFhQUFBMTEx
+  POSTGRES_USER: amFjaw==
+  PYTHONUNBUFFERED: MQ==
+  TZ: QXNpYS9TaGFuZ2hhaQ==
+  USER: amFjaw==
+immutable: false
+kind: Secret
+metadata:
+  annotations: {}
+  name: dis-config
+  namespace: energycode
+type: Opaque

dis/svc.yaml

@@ -0,0 +1,22 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: dis
+  namespace: energycode
+  labels:
+    k8s.kuboard.cn/layer: web
+    k8s.kuboard.cn/name: dis
+  annotations: {}
+spec:
+  type: NodePort
+  ports:
+    - name: dis-svc-port
+      protocol: TCP
+      port: 8069
+      targetPort: 8069
+      nodePort: 30888
+  selector:
+    k8s.kuboard.cn/layer: web
+    k8s.kuboard.cn/name: dis
+  sessionAffinity: None

kafka/kafka-pv.yaml

@@ -7,7 +7,6 @@ spec:
     storage: 10Gi
   accessModes:
     - ReadWriteOnce
-  storageClassName: kafka-sc
   hostPath:
     path: /mnt/data/kafka
   persistentVolumeReclaimPolicy: Retain

kafka/kafka-pvc.yaml

@@ -9,4 +9,3 @@ spec:
   resources:
     requests:
       storage: 10Gi
-  storageClassName: kafka-sc

kafka/kafka-sc.yaml

@@ -1,7 +0,0 @@
-apiVersion: storage.k8s.io/v1
-kind: StorageClass
-metadata:
-  name: kafka-sc
-provisioner: k8s.io/minikube-hostpath  # 这里根据环境更改
-reclaimPolicy: Retain
-volumeBindingMode: Immediate

nfs/docker-compose.yaml

@@ -1,6 +1,3 @@
-# docker-compose.yml
-version: "3.8"
-
 services:
   nfs:
     image: erichough/nfs-server
@@ -8,9 +5,7 @@ services:
     ports:
       - "2049:2049"
     environment:
-      NFS_VOLUME_UID: ${UID:-1000}
-      NFS_VOLUME_GID: ${GID:-1000}
-      NFS_EXPORT_0: '/nfs *(rw,no_root_squash,insecure,sync,no_wdelay,subtree_check,fsid=0)'
+      NFS_EXPORT_0: '/nfs *(rw,no_root_squash,all_squash,sync,insecure,no_wdelay,no_subtree_check,fsid=0)'
     volumes:
       - nfs_data:/nfs
 

odoo/odoo.yaml

@@ -0,0 +1,220 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  annotations:
+    meta.helm.sh/release-name: my-release
+    meta.helm.sh/release-namespace: default
+  labels:
+    app.kubernetes.io/instance: my-release
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: odoo
+    app.kubernetes.io/version: 18.0.20250705
+    helm.sh/chart: odoo-28.2.7
+  name: my-release-odoo
+  namespace: default
+  resourceVersion: '1177761'
+spec:
+  progressDeadlineSeconds: 600
+  replicas: 1
+  revisionHistoryLimit: 10
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: my-release
+      app.kubernetes.io/name: odoo
+  strategy:
+    rollingUpdate:
+      maxSurge: 25%
+      maxUnavailable: 25%
+    type: RollingUpdate
+  template:
+    metadata:
+      creationTimestamp: null
+      labels:
+        app.kubernetes.io/instance: my-release
+        app.kubernetes.io/managed-by: Helm
+        app.kubernetes.io/name: odoo
+        app.kubernetes.io/version: 18.0.20250705
+        helm.sh/chart: odoo-28.2.7
+    spec:
+      affinity:
+        podAntiAffinity:
+          preferredDuringSchedulingIgnoredDuringExecution:
+            - podAffinityTerm:
+                labelSelector:
+                  matchLabels:
+                    app.kubernetes.io/instance: my-release
+                    app.kubernetes.io/name: odoo
+                topologyKey: kubernetes.io/hostname
+              weight: 1
+      automountServiceAccountToken: false
+      containers:
+        - env:
+            - name: BITNAMI_DEBUG
+              value: 'false'
+            - name: ALLOW_EMPTY_PASSWORD
+              value: 'no'
+            - name: ODOO_DATABASE_HOST
+              value: my-release-postgresql
+            - name: ODOO_DATABASE_PORT_NUMBER
+              value: '5432'
+            - name: ODOO_DATABASE_NAME
+              value: bitnami_odoo
+            - name: ODOO_DATABASE_FILTER
+              value: .*
+            - name: ODOO_DATABASE_USER
+              value: bn_odoo
+            - name: ODOO_DATABASE_PASSWORD_FILE
+              value: /opt/bitnami/odoo/secrets/password
+            - name: ODOO_EMAIL
+              value: user@example.com
+            - name: ODOO_PASSWORD_FILE
+              value: /opt/bitnami/odoo/secrets/odoo-password
+            - name: ODOO_SKIP_BOOTSTRAP
+              value: 'no'
+            - name: ODOO_LOAD_DEMO_DATA
+              value: 'no'
+          image: 'docker.io/bitnami/odoo:18.0.20250705-debian-12-r0'
+          imagePullPolicy: IfNotPresent
+          livenessProbe:
+            failureThreshold: 6
+            initialDelaySeconds: 600
+            periodSeconds: 30
+            successThreshold: 1
+            tcpSocket:
+              port: http
+            timeoutSeconds: 5
+          name: my-release-odoo
+          ports:
+            - containerPort: 8069
+              name: http
+              protocol: TCP
+          readinessProbe:
+            failureThreshold: 12
+            httpGet:
+              path: /web/health
+              port: http
+              scheme: HTTP
+            initialDelaySeconds: 30
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 5
+          resources:
+            limits:
+              cpu: 1500m
+              ephemeral-storage: 2Gi
+              memory: 3Gi
+            requests:
+              cpu: '1'
+              ephemeral-storage: 50Mi
+              memory: 2Gi
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              add:
+                - CHOWN
+                - FOWNER
+                - SYS_CHROOT
+                - SETGID
+                - SETUID
+                - DAC_OVERRIDE
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: false
+            runAsGroup: 0
+            runAsNonRoot: false
+            runAsUser: 0
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
+          terminationMessagePath: /dev/termination-log
+          terminationMessagePolicy: File
+          volumeMounts:
+            - mountPath: /bitnami/odoo
+              name: odoo-data
+            - mountPath: /opt/bitnami/odoo/secrets
+              name: odoo-secrets
+      dnsPolicy: ClusterFirst
+      restartPolicy: Always
+      schedulerName: default-scheduler
+      securityContext:
+        fsGroup: 0
+        fsGroupChangePolicy: Always
+      serviceAccount: my-release-odoo
+      serviceAccountName: my-release-odoo
+      terminationGracePeriodSeconds: 30
+      volumes:
+        - name: odoo-data
+          persistentVolumeClaim:
+            claimName: my-release-odoo
+        - name: odoo-secrets
+          projected:
+            defaultMode: 420
+            sources:
+              - secret:
+                  name: my-release-odoo
+              - secret:
+                  name: my-release-postgresql
+status:
+  availableReplicas: 1
+  conditions:
+    - lastTransitionTime: '2025-08-05T02:27:18Z'
+      lastUpdateTime: '2025-08-05T02:27:18Z'
+      message: Deployment has minimum availability.
+      reason: MinimumReplicasAvailable
+      status: 'True'
+      type: Available
+    - lastTransitionTime: '2025-08-05T02:24:52Z'
+      lastUpdateTime: '2025-08-05T02:27:18Z'
+      message: ReplicaSet "my-release-odoo-6ccbb84497" has successfully progressed.
+      reason: NewReplicaSetAvailable
+      status: 'True'
+      type: Progressing
+  observedGeneration: 1
+  readyReplicas: 1
+  replicas: 1
+  updatedReplicas: 1
+
+---
+apiVersion: v1
+kind: Service
+metadata:
+  annotations:
+    meta.helm.sh/release-name: my-release
+    meta.helm.sh/release-namespace: default
+  finalizers:
+    - service.kubernetes.io/load-balancer-cleanup
+  labels:
+    app.kubernetes.io/instance: my-release
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: odoo
+    app.kubernetes.io/version: 18.0.20250705
+    helm.sh/chart: odoo-28.2.7
+  name: my-release-odoo
+  namespace: default
+  resourceVersion: '1177520'
+spec:
+  allocateLoadBalancerNodePorts: true
+  clusterIP: 192.168.194.246
+  clusterIPs:
+    - 192.168.194.246
+  externalTrafficPolicy: Cluster
+  internalTrafficPolicy: Cluster
+  ipFamilies:
+    - IPv4
+  ipFamilyPolicy: SingleStack
+  ports:
+    - name: http
+      nodePort: 32314
+      port: 80
+      protocol: TCP
+      targetPort: http
+  selector:
+    app.kubernetes.io/instance: my-release
+    app.kubernetes.io/name: odoo
+  sessionAffinity: None
+  type: LoadBalancer
+status:
+  loadBalancer: {}
+

odoo/pg.yaml

@@ -0,0 +1,293 @@
+---
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  annotations:
+    meta.helm.sh/release-name: my-release
+    meta.helm.sh/release-namespace: default
+  labels:
+    app.kubernetes.io/component: primary
+    app.kubernetes.io/instance: my-release
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: postgresql
+    app.kubernetes.io/version: 17.4.0
+    helm.sh/chart: postgresql-16.6.6
+  name: my-release-postgresql
+  namespace: default
+  resourceVersion: '1177653'
+spec:
+  persistentVolumeClaimRetentionPolicy:
+    whenDeleted: Retain
+    whenScaled: Retain
+  podManagementPolicy: OrderedReady
+  replicas: 1
+  revisionHistoryLimit: 10
+  selector:
+    matchLabels:
+      app.kubernetes.io/component: primary
+      app.kubernetes.io/instance: my-release
+      app.kubernetes.io/name: postgresql
+  serviceName: my-release-postgresql-hl
+  template:
+    metadata:
+      creationTimestamp: null
+      labels:
+        app.kubernetes.io/component: primary
+        app.kubernetes.io/instance: my-release
+        app.kubernetes.io/managed-by: Helm
+        app.kubernetes.io/name: postgresql
+        app.kubernetes.io/version: 17.4.0
+        helm.sh/chart: postgresql-16.6.6
+      name: my-release-postgresql
+    spec:
+      affinity:
+        podAntiAffinity:
+          preferredDuringSchedulingIgnoredDuringExecution:
+            - podAffinityTerm:
+                labelSelector:
+                  matchLabels:
+                    app.kubernetes.io/component: primary
+                    app.kubernetes.io/instance: my-release
+                    app.kubernetes.io/name: postgresql
+                topologyKey: kubernetes.io/hostname
+              weight: 1
+      automountServiceAccountToken: false
+      containers:
+        - env:
+            - name: BITNAMI_DEBUG
+              value: 'false'
+            - name: POSTGRESQL_PORT_NUMBER
+              value: '5432'
+            - name: POSTGRESQL_VOLUME_DIR
+              value: /bitnami/postgresql
+            - name: PGDATA
+              value: /bitnami/postgresql/data
+            - name: POSTGRES_USER
+              value: bn_odoo
+            - name: POSTGRES_PASSWORD_FILE
+              value: /opt/bitnami/postgresql/secrets/password
+            - name: POSTGRES_POSTGRES_PASSWORD_FILE
+              value: /opt/bitnami/postgresql/secrets/postgres-password
+            - name: POSTGRES_DATABASE
+              value: bitnami_odoo
+            - name: POSTGRESQL_ENABLE_LDAP
+              value: 'no'
+            - name: POSTGRESQL_ENABLE_TLS
+              value: 'no'
+            - name: POSTGRESQL_LOG_HOSTNAME
+              value: 'false'
+            - name: POSTGRESQL_LOG_CONNECTIONS
+              value: 'false'
+            - name: POSTGRESQL_LOG_DISCONNECTIONS
+              value: 'false'
+            - name: POSTGRESQL_PGAUDIT_LOG_CATALOG
+              value: 'off'
+            - name: POSTGRESQL_CLIENT_MIN_MESSAGES
+              value: error
+            - name: POSTGRESQL_SHARED_PRELOAD_LIBRARIES
+              value: pgaudit
+          image: 'docker.io/bitnami/postgresql:17.4.0-debian-12-r17'
+          imagePullPolicy: IfNotPresent
+          livenessProbe:
+            exec:
+              command:
+                - /bin/sh
+                - '-c'
+                - >-
+                  exec pg_isready -U "bn_odoo" -d "dbname=bitnami_odoo" -h
+                  127.0.0.1 -p 5432
+            failureThreshold: 6
+            initialDelaySeconds: 30
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 5
+          name: postgresql
+          ports:
+            - containerPort: 5432
+              name: tcp-postgresql
+              protocol: TCP
+          readinessProbe:
+            exec:
+              command:
+                - /bin/sh
+                - '-c'
+                - '-e'
+                - >
+                  exec pg_isready -U "bn_odoo" -d "dbname=bitnami_odoo" -h
+                  127.0.0.1 -p 5432
+
+                  [ -f /opt/bitnami/postgresql/tmp/.initialized ] || [ -f
+                  /bitnami/postgresql/.initialized ]
+            failureThreshold: 6
+            initialDelaySeconds: 5
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 5
+          resources:
+            limits:
+              cpu: 150m
+              ephemeral-storage: 2Gi
+              memory: 192Mi
+            requests:
+              cpu: 100m
+              ephemeral-storage: 50Mi
+              memory: 128Mi
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
+            runAsNonRoot: true
+            runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
+          terminationMessagePath: /dev/termination-log
+          terminationMessagePolicy: File
+          volumeMounts:
+            - mountPath: /tmp
+              name: empty-dir
+              subPath: tmp-dir
+            - mountPath: /opt/bitnami/postgresql/conf
+              name: empty-dir
+              subPath: app-conf-dir
+            - mountPath: /opt/bitnami/postgresql/tmp
+              name: empty-dir
+              subPath: app-tmp-dir
+            - mountPath: /opt/bitnami/postgresql/secrets/
+              name: postgresql-password
+            - mountPath: /dev/shm
+              name: dshm
+            - mountPath: /bitnami/postgresql
+              name: data
+      dnsPolicy: ClusterFirst
+      restartPolicy: Always
+      schedulerName: default-scheduler
+      securityContext:
+        fsGroup: 1001
+        fsGroupChangePolicy: Always
+      serviceAccount: my-release-postgresql
+      serviceAccountName: my-release-postgresql
+      terminationGracePeriodSeconds: 30
+      volumes:
+        - emptyDir: {}
+          name: empty-dir
+        - name: postgresql-password
+          secret:
+            defaultMode: 420
+            secretName: my-release-postgresql
+        - emptyDir:
+            medium: Memory
+          name: dshm
+  updateStrategy:
+    rollingUpdate:
+      partition: 0
+    type: RollingUpdate
+  volumeClaimTemplates:
+    - apiVersion: v1
+      kind: PersistentVolumeClaim
+      metadata:
+        creationTimestamp: null
+        name: data
+      spec:
+        accessModes:
+          - ReadWriteOnce
+        resources:
+          requests:
+            storage: 8Gi
+        volumeMode: Filesystem
+      status:
+        phase: Pending
+status:
+  availableReplicas: 1
+  collisionCount: 0
+  currentReplicas: 1
+  currentRevision: my-release-postgresql-5ddb5c949
+  observedGeneration: 1
+  readyReplicas: 1
+  replicas: 1
+  updateRevision: my-release-postgresql-5ddb5c949
+  updatedReplicas: 1
+
+---
+apiVersion: v1
+kind: Service
+metadata:
+  annotations:
+    meta.helm.sh/release-name: my-release
+    meta.helm.sh/release-namespace: default
+  labels:
+    app.kubernetes.io/component: primary
+    app.kubernetes.io/instance: my-release
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: postgresql
+    app.kubernetes.io/version: 17.4.0
+    helm.sh/chart: postgresql-16.6.6
+  name: my-release-postgresql-hl
+  namespace: default
+  resourceVersion: '1177503'
+spec:
+  clusterIP: None
+  clusterIPs:
+    - None
+  internalTrafficPolicy: Cluster
+  ipFamilies:
+    - IPv4
+  ipFamilyPolicy: SingleStack
+  ports:
+    - name: tcp-postgresql
+      port: 5432
+      protocol: TCP
+      targetPort: tcp-postgresql
+  publishNotReadyAddresses: true
+  selector:
+    app.kubernetes.io/component: primary
+    app.kubernetes.io/instance: my-release
+    app.kubernetes.io/name: postgresql
+  sessionAffinity: None
+  type: ClusterIP
+status:
+  loadBalancer: {}
+
+---
+apiVersion: v1
+kind: Service
+metadata:
+  annotations:
+    meta.helm.sh/release-name: my-release
+    meta.helm.sh/release-namespace: default
+  labels:
+    app.kubernetes.io/component: primary
+    app.kubernetes.io/instance: my-release
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: postgresql
+    app.kubernetes.io/version: 17.4.0
+    helm.sh/chart: postgresql-16.6.6
+  name: my-release-postgresql
+  namespace: default
+  resourceVersion: '1177508'
+spec:
+  clusterIP: 192.168.194.163
+  clusterIPs:
+    - 192.168.194.163
+  internalTrafficPolicy: Cluster
+  ipFamilies:
+    - IPv4
+  ipFamilyPolicy: SingleStack
+  ports:
+    - name: tcp-postgresql
+      port: 5432
+      protocol: TCP
+      targetPort: tcp-postgresql
+  selector:
+    app.kubernetes.io/component: primary
+    app.kubernetes.io/instance: my-release
+    app.kubernetes.io/name: postgresql
+  sessionAffinity: None
+  type: ClusterIP
+status:
+  loadBalancer: {}
+

postgresql/postgresql-full.yaml

@@ -0,0 +1,107 @@
+# Namespace
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: postgresql
+
+---
+
+# Headless Service (名称必须和 StatefulSet.serviceName 一致)
+apiVersion: v1
+kind: Service
+metadata:
+  name: postgresql-db-service  # 注意名称
+  namespace: postgresql
+spec:
+  clusterIP: None
+  selector:
+    app: postgresql-db
+  ports:
+    - port: 5432
+      targetPort: 5432
+  sessionAffinity: None
+  type: ClusterIP
+
+---
+
+# LoadBalancer Service 用于外部访问
+apiVersion: v1
+kind: Service
+metadata:
+  name: postgresql-db-lb
+  namespace: postgresql
+spec:
+  selector:
+    app: postgresql-db
+  ports:
+    - port: 5432
+      targetPort: 5432
+  type: LoadBalancer
+
+---
+
+# StatefulSet 配置（保持原有配置不变）
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: postgresql-db
+  namespace: postgresql
+spec:
+  serviceName: postgresql-db-service  # 必须和无头服务名称一致
+  replicas: 3
+  selector:
+    matchLabels:
+      app: postgresql-db
+  template:
+    metadata:
+      labels:
+        app: postgresql-db
+    spec:
+      containers:
+      - name: postgresql-db
+        image: postgres:14.7
+        env:
+        - name: POSTGRES_PASSWORD
+          value: aaaAAA111
+        - name: PGDATA
+          value: /data/pgdata
+        volumeMounts:
+        - name: postgresql-db-disk
+          mountPath: /data
+        ports:
+        - containerPort: 5432
+          name: postgres
+        readinessProbe:
+          exec:
+            command:
+            - pg_isready
+            - -U
+            - postgres
+          initialDelaySeconds: 10
+          periodSeconds: 10
+          failureThreshold: 5
+        livenessProbe:
+          exec:
+            command:
+            - pg_isready
+            - -U
+            - postgres
+          initialDelaySeconds: 30
+          periodSeconds: 10
+          failureThreshold: 5
+        resources:
+          requests:
+            memory: "512Mi"
+            cpu: "500m"
+          limits:
+            memory: "1Gi"
+            cpu: "1"
+  volumeClaimTemplates:
+  - metadata:
+      name: postgresql-db-disk
+    spec:
+      accessModes:
+      - ReadWriteOnce
+      resources:
+        requests:
+          storage: 25Gi

postgresql/svc.yaml

@@ -0,0 +1,15 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: postgresql-db-service
+  namespace: postgresql
+spec:
+  clusterIP: None
+  ports:
+    - port: 5432
+      targetPort: 5432
+  sessionAffinity: None
+  type: ClusterIP
+  selector:
+    app: postgresql-db