15308555518/ seafile-admin-docs
1
0
Fork 0
mirror of https://github.com/haiwen/seafile-admin-docs.git synced 2025-12-25 18:22:48 +00:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

update cluster by k8s

This commit is contained in:
Junxiang Huang 2025-01-10 18:34:30 +08:00
parent 2727389f17
commit efe8981447
42 changed files with 616 additions and 314 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
manual/extension/libreoffice_online.md
View File

@ -27,7 +27,7 @@
Download the `collabora.yml`
```sh
wget https://manual.seafile.com/12.0/docker/collabora.yml
wget https://manual.seafile.com/12.0/repo/docker/collabora.yml
```
Insert `collabora.yml` to field `COMPOSE_FILE` lists (i.e., `COMPOSE_FILE='...,collabora.yml'`) and add the relative options in `.env`

6
manual/extension/notification-server.md
View File

@ -17,7 +17,7 @@ The notification server uses websocket protocol and maintains a two-way communic
Since Seafile 12.0, we use a separate Docker image to deploy the notification server. First download `notification-server.yml` to Seafile directory:
```sh
wget https://manual.seafile.com/12.0/docker/notification-server.yml
wget https://manual.seafile.com/12.0/repo/docker/notification-server.yml
```
Modify `.env`, and insert `notification-server.yml` into `COMPOSE_FILE`:
@ -68,8 +68,8 @@ If you enable [clustering](../setup_binary/cluster_deployment.md), You need to d
Download `.env` and `notification-server.yml` to notification server directory:
```sh
wget https://manual.seafile.com/12.0/docker/notification-server/standalone/notification-server.yml
wget -O .env https://manual.seafile.com/12.0/docker/notification-server/standalone/env
wget https://manual.seafile.com/12.0/repo/docker/notification-server/standalone/notification-server.yml
wget -O .env https://manual.seafile.com/12.0/repo/docker/notification-server/standalone/env
```
Then modify the `.env` file according to your environment. The following fields are needed to be modified:

2
manual/extension/only_office.md
View File

@ -11,7 +11,7 @@ Seafile supports [OnlyOffice](https://www.onlyoffice.com/) to view/edit office f
Download the `onlyoffice.yml`
```shell
wget https://manual.seafile.com/12.0/docker/onlyoffice.yml
wget https://manual.seafile.com/12.0/repo/docker/onlyoffice.yml
```
insert `onlyoffice.yml` into `COMPOSE_FILE` list (i.e., `COMPOSE_FILE='...,onlyoffice.yml'`), and add the following configurations of onlyoffice in `.env` file.

6
manual/extension/setup_seadoc.md
View File

@ -36,7 +36,7 @@ The easiest way to deployment SeaDoc is to deploy it with Seafile server on the
1. Download the `seadoc.yml` to `/opt/seafile`
```shell
wget https://manual.seafile.com/12.0/docker/seadoc.yml
wget https://manual.seafile.com/12.0/repo/docker/seadoc.yml
```
2. Modify `.env`, and insert `seadoc.yml` into `COMPOSE_FILE`, and enable SeaDoc server
@ -64,8 +64,8 @@ If you deploy Seafile in a cluster or if you deploy Seafile with binary package,
1. Download and modify the `.env` and `seadoc.yml` files to directory `/opt/seadoc`
```sh
wget https://manual.seafile.com/12.0/docker/seadoc/1.0/standalone/seadoc.yml
wget -O .env https://manual.seafile.com/12.0/docker/seadoc/1.0/standalone/env
wget https://manual.seafile.com/12.0/repo/docker/seadoc/1.0/standalone/seadoc.yml
wget -O .env https://manual.seafile.com/12.0/repo/docker/seadoc/1.0/standalone/env
```
2. Then modify the `.env` file according to your environment. The following fields are needed to be modified:

2
manual/extension/virus_scan_with_clamav.md
View File

@ -9,7 +9,7 @@ If your Seafile server is deployed using [Docker](../setup/setup_pro_by_docker.m
Download `clamav.yml`
```sh
wget https://manual.seafile.com/12.0/docker/pro/clamav.yml
wget https://manual.seafile.com/12.0/repo/docker/pro/clamav.yml
```
Modify `.env`, insert `clamav.yml` to field `COMPOSE_FILE`

0
manual/docker/caddy.yml → manual/repo/docker/caddy.yml
View File

0
manual/docker/ce/env → manual/repo/docker/ce/env
View File

2
manual/docker/ce/seafile-server.yml → manual/repo/docker/ce/seafile-server.yml
View File

@ -57,7 +57,7 @@ services:
- JWT_PRIVATE_KEY=${JWT_PRIVATE_KEY:?Variable is not set or empty}
- SEAFILE_LOG_TO_STDOUT=${SEAFILE_LOG_TO_STDOUT:-false}
- ENABLE_SEADOC=${ENABLE_SEADOC:-false}
- SEADOC_SERVER_URL=${SEADOC_SERVER_URL:-http://example.example.com/sdoc-server}
- SEADOC_SERVER_URL=${SEADOC_SERVER_URL:-http://seafile.example.com/sdoc-server}
labels:
caddy: ${SEAFILE_SERVER_PROTOCOL:-http}://${SEAFILE_SERVER_HOSTNAME:?Variable is not set or empty}
caddy.reverse_proxy: "{{upstreams 80}}"

0
manual/docker/cluster/env → manual/repo/docker/cluster/env
View File

5
manual/docker/cluster/seafile-server.yml → manual/repo/docker/cluster/seafile-server.yml
View File

@ -30,11 +30,10 @@ services:
- INIT_S3_SECRET_KEY=${INIT_S3_SECRET_KEY:-}
- INIT_S3_USE_V4_SIGNATURE=${INIT_S3_USE_V4_SIGNATURE:-true}
- INIT_S3_AWS_REGION=${INIT_S3_AWS_REGION:-us-east-1}
- INIT_S3_HOST=${INIT_S3_HOST:-us-east-1:-}
- INIT_S3_HOST=${INIT_S3_HOST:-s3.us-east-1.amazonaws.com}
- INIT_S3_USE_HTTPS=${INIT_S3_USE_HTTPS:-true}
- JWT_PRIVATE_KEY=${JWT_PRIVATE_KEY:?Variable is not set or empty}
- SEAFILE_LOG_TO_STDOUT=${SEAFILE_LOG_TO_STDOUT:-false}
- SITE_ROOT=${SITE_ROOT:-/}
- ENABLE_SEADOC=${ENABLE_SEADOC:-false}
- SEADOC_SERVER_URL=${SEADOC_SERVER_URL:-http://example.example.com/sdoc-server}
- SEADOC_SERVER_URL=${SEADOC_SERVER_URL:-http://seafile.example.com/sdoc-server}

0
manual/docker/collabora.yml → manual/repo/docker/collabora.yml
View File

0
manual/docker/notification-server.yml → manual/repo/docker/notification-server.yml
View File

0
manual/docker/notification-server/standalone/env → manual/repo/docker/notification-server/standalone/env
View File

0
manual/docker/notification-server/standalone/notification-server.yml → manual/repo/docker/notification-server/standalone/notification-server.yml
View File

0
manual/docker/onlyoffice.yml → manual/repo/docker/onlyoffice.yml
View File

0
manual/docker/pro/clamav.yml → manual/repo/docker/pro/clamav.yml
View File

0
manual/docker/pro/env → manual/repo/docker/pro/env
View File

2
manual/docker/pro/seafile-server.yml → manual/repo/docker/pro/seafile-server.yml
View File

@ -75,7 +75,7 @@ services:
- JWT_PRIVATE_KEY=${JWT_PRIVATE_KEY:?Variable is not set or empty}
- SEAFILE_LOG_TO_STDOUT=${SEAFILE_LOG_TO_STDOUT:-false}
- ENABLE_SEADOC=${ENABLE_SEADOC:-false}
- SEADOC_SERVER_URL=${SEADOC_SERVER_URL:-http://example.example.com/sdoc-server}
- SEADOC_SERVER_URL=${SEADOC_SERVER_URL:-http://seafile.example.com/sdoc-server}
- INIT_S3_STORAGE_BACKEND_CONFIG=${INIT_S3_STORAGE_BACKEND_CONFIG:-false}
- INIT_S3_COMMIT_BUCKET=${INIT_S3_COMMIT_BUCKET:-}
- INIT_S3_FS_BUCKET=${INIT_S3_FS_BUCKET:-}

0
manual/docker/pro/seasearch.yml → manual/repo/docker/pro/seasearch.yml
View File

0
manual/docker/seadoc.yml → manual/repo/docker/seadoc.yml
View File

0
manual/docker/seadoc/0.8/docker-compose.yml → manual/repo/docker/seadoc/0.8/docker-compose.yml
View File

0
manual/docker/seadoc/1.0/standalone/env → manual/repo/docker/seadoc/1.0/standalone/env
View File

0
manual/docker/seadoc/1.0/standalone/seadoc.yml → manual/repo/docker/seadoc/1.0/standalone/seadoc.yml
View File

179
manual/repo/k8s/seafile-backend-deployment.yaml Normal file
View File

@ -0,0 +1,179 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: seafile-backend
spec:
replicas: 1
selector:
matchLabels:
app: seafile-backend
template:
metadata:
labels:
app: seafile-backend
spec:
initContainers:
- name: set-ownership
image: busybox
command: ['sh', '-c', 'chown -R root:root /shared']
volumeMounts:
- name: seafile-data
mountPath: /shared
containers:
- name: seafile-backend
image: seafileltd/seafile-pro-mc:12.0-latest
env:
- name: CLUSTER_SERVER
value: "true"
- name: CLUSTER_MODE
value: "frontend"
- name: TIME_ZONE
valueFrom:
configMapKeyRef:
name: seafile-env
key: TIME_ZONE
- name: SEAFILE_LOG_TO_STDOUT
valueFrom:
configMapKeyRef:
name: seafile-env
key: SEAFILE_LOG_TO_STDOUT
- name: SITE_ROOT
valueFrom:
configMapKeyRef:
name: seafile-env
key: SITE_ROOT
- name: ENABLE_SEADOC
valueFrom:
configMapKeyRef:
name: seafile-env
key: ENABLE_SEADOC
- name: SEADOC_SERVER_URL
valueFrom:
configMapKeyRef:
name: seafile-env
key: SEADOC_SERVER_URL
- name: DB_HOST
valueFrom:
configMapKeyRef:
name: seafile-env
key: SEAFILE_MYSQL_DB_HOST
- name: DB_PORT
valueFrom:
configMapKeyRef:
name: seafile-env
key: SEAFILE_MYSQL_DB_PORT
- name: DB_USER
valueFrom:
configMapKeyRef:
name: seafile-env
key: SEAFILE_MYSQL_DB_USER
- name: SEAFILE_MYSQL_DB_CCNET_DB_NAME
valueFrom:
configMapKeyRef:
name: seafile-env
key: SEAFILE_MYSQL_DB_CCNET_DB_NAME
- name: SEAFILE_MYSQL_DB_SEAFILE_DB_NAME
valueFrom:
configMapKeyRef:
name: seafile-env
key: SEAFILE_MYSQL_DB_SEAFILE_DB_NAME
- name: SEAFILE_MYSQL_DB_SEAHUB_DB_NAME
valueFrom:
configMapKeyRef:
name: seafile-env
key: SEAFILE_MYSQL_DB_SEAHUB_DB_NAME
- name: CLUSTER_INIT_MODE
valueFrom:
configMapKeyRef:
name: seafile-env
key: CLUSTER_INIT_MODE
- name: CLUSTER_INIT_MEMCACHED_HOST
valueFrom:
configMapKeyRef:
name: seafile-env
key: CLUSTER_INIT_MEMCACHED_HOST
- name: CLUSTER_INIT_ES_HOST
valueFrom:
configMapKeyRef:
name: seafile-env
key: CLUSTER_INIT_ES_HOST
- name: CLUSTER_INIT_ES_PORT
valueFrom:
configMapKeyRef:
name: seafile-env
key: CLUSTER_INIT_ES_PORT
- name: INIT_S3_STORAGE_BACKEND_CONFIG
valueFrom:
configMapKeyRef:
name: seafile-env
key: INIT_S3_STORAGE_BACKEND_CONFIG
- name: INIT_S3_COMMIT_BUCKET
valueFrom:
configMapKeyRef:
name: seafile-env
key: INIT_S3_COMMIT_BUCKET
- name: INIT_S3_FS_BUCKET
valueFrom:
configMapKeyRef:
name: seafile-env
key: INIT_S3_FS_BUCKET
- name: INIT_S3_BLOCK_BUCKET
valueFrom:
configMapKeyRef:
name: seafile-env
key: INIT_S3_BLOCK_BUCKET
- name: INIT_S3_KEY_ID
valueFrom:
configMapKeyRef:
name: seafile-env
key: INIT_S3_KEY_ID
- name: INIT_S3_USE_V4_SIGNATURE
valueFrom:
configMapKeyRef:
name: seafile-env
key: INIT_S3_USE_V4_SIGNATURE
- name: INIT_S3_AWS_REGION
valueFrom:
configMapKeyRef:
name: seafile-env
key: INIT_S3_AWS_REGION
- name: INIT_S3_HOST
valueFrom:
configMapKeyRef:
name: seafile-env
key: INIT_S3_HOST
- name: INIT_S3_USE_HTTPS
valueFrom:
configMapKeyRef:
name: seafile-env
key: INIT_S3_USE_HTTPS
- name: JWT_PRIVATE_KEY
valueFrom:
secretKeyRef:
name: seafile-secret
key: JWT_PRIVATE_KEY
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
name: seafile-secret
key: SEAFILE_MYSQL_DB_PASSWORD
- name: DB_ROOT_PASSWD
valueFrom:
secretKeyRef:
name: seafile-secret
key: INIT_SEAFILE_MYSQL_ROOT_PASSWORD
- name: INIT_S3_SECRET_KEY
valueFrom:
secretKeyRef:
name: seafile-secret
key: INIT_S3_SECRET_KEY
volumeMounts:
- name: seafile-data
mountPath: /shared
volumes:
- name: seafile-data
persistentVolumeClaim:
claimName: seafile-data
restartPolicy: Always
imagePullSecrets:
- name: regcred

38
manual/repo/k8s/seafile-env.yaml Normal file
View File

@ -0,0 +1,38 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: seafile-env
data:
# for Seafile server
TIME_ZONE: "UTC"
SEAFILE_LOG_TO_STDOUT: "true"
SITE_ROOT: "/"
ENABLE_SEADOC: "false"
SEADOC_SERVER_URL: "https://seafile.example.com/sdoc-server" # only valid in ENABLE_SEADOC = true
# for database
SEAFILE_MYSQL_DB_HOST: "<your MySQL host>"
SEAFILE_MYSQL_DB_PORT: "3306"
SEAFILE_MYSQL_DB_USER: "seafile"
SEAFILE_MYSQL_DB_CCNET_DB_NAME: "ccnet_db"
SEAFILE_MYSQL_DB_SEAFILE_DB_NAME: "seafile_db"
SEAFILE_MYSQL_DB_SEAHUB_DB_NAME: "seahub_db"
# initialization (only valid in first-time deployment and CLUSTER_INIT_MODE = true)
CLUSTER_INIT_MODE: "true"
## for cluster basic service
CLUSTER_INIT_MEMCACHED_HOST: "<your Memcached server host>"
CLUSTER_INIT_ES_HOST: "<your ElasticSearch server host>"
CLUSTER_INIT_ES_PORT: "9200"
## For S3 storage backend (only valid in INIT_S3_STORAGE_BACKEND_CONFIG = true)
INIT_S3_STORAGE_BACKEND_CONFIG: "false"
INIT_S3_COMMIT_BUCKET: ""
INIT_S3_FS_BUCKET: ""
INIT_S3_BLOCK_BUCKET: ""
INIT_S3_KEY_ID: ""
INIT_S3_USE_V4_SIGNATURE: "true"
INIT_S3_AWS_REGION: "us-east-1"
INIT_S3_HOST: "s3.us-east-1.amazonaws.com"
INIT_S3_USE_HTTPS: "true"

181
manual/repo/k8s/seafile-frontend-deployment.yaml Normal file
View File

@ -0,0 +1,181 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: seafile-frontend
spec:
replicas: 2 # change to your frontend service number, i.e., N_f
selector:
matchLabels:
app: seafile-frontend
template:
metadata:
labels:
app: seafile-frontend
spec:
initContainers:
- name: set-ownership
image: busybox
command: ['sh', '-c', 'chown -R root:root /shared']
volumeMounts:
- name: seafile-data
mountPath: /shared
containers:
- name: seafile-frontend
image: seafileltd/seafile-pro-mc:12.0-latest
env:
- name: CLUSTER_SERVER
value: "true"
- name: CLUSTER_MODE
value: "frontend"
- name: TIME_ZONE
valueFrom:
configMapKeyRef:
name: seafile-env
key: TIME_ZONE
- name: SEAFILE_LOG_TO_STDOUT
valueFrom:
configMapKeyRef:
name: seafile-env
key: SEAFILE_LOG_TO_STDOUT
- name: SITE_ROOT
valueFrom:
configMapKeyRef:
name: seafile-env
key: SITE_ROOT
- name: ENABLE_SEADOC
valueFrom:
configMapKeyRef:
name: seafile-env
key: ENABLE_SEADOC
- name: SEADOC_SERVER_URL
valueFrom:
configMapKeyRef:
name: seafile-env
key: SEADOC_SERVER_URL
- name: DB_HOST
valueFrom:
configMapKeyRef:
name: seafile-env
key: SEAFILE_MYSQL_DB_HOST
- name: DB_PORT
valueFrom:
configMapKeyRef:
name: seafile-env
key: SEAFILE_MYSQL_DB_PORT
- name: DB_USER
valueFrom:
configMapKeyRef:
name: seafile-env
key: SEAFILE_MYSQL_DB_USER
- name: SEAFILE_MYSQL_DB_CCNET_DB_NAME
valueFrom:
configMapKeyRef:
name: seafile-env
key: SEAFILE_MYSQL_DB_CCNET_DB_NAME
- name: SEAFILE_MYSQL_DB_SEAFILE_DB_NAME
valueFrom:
configMapKeyRef:
name: seafile-env
key: SEAFILE_MYSQL_DB_SEAFILE_DB_NAME
- name: SEAFILE_MYSQL_DB_SEAHUB_DB_NAME
valueFrom:
configMapKeyRef:
name: seafile-env
key: SEAFILE_MYSQL_DB_SEAHUB_DB_NAME
- name: CLUSTER_INIT_MODE
valueFrom:
configMapKeyRef:
name: seafile-env
key: CLUSTER_INIT_MODE
- name: CLUSTER_INIT_MEMCACHED_HOST
valueFrom:
configMapKeyRef:
name: seafile-env
key: CLUSTER_INIT_MEMCACHED_HOST
- name: CLUSTER_INIT_ES_HOST
valueFrom:
configMapKeyRef:
name: seafile-env
key: CLUSTER_INIT_ES_HOST
- name: CLUSTER_INIT_ES_PORT
valueFrom:
configMapKeyRef:
name: seafile-env
key: CLUSTER_INIT_ES_PORT
- name: INIT_S3_STORAGE_BACKEND_CONFIG
valueFrom:
configMapKeyRef:
name: seafile-env
key: INIT_S3_STORAGE_BACKEND_CONFIG
- name: INIT_S3_COMMIT_BUCKET
valueFrom:
configMapKeyRef:
name: seafile-env
key: INIT_S3_COMMIT_BUCKET
- name: INIT_S3_FS_BUCKET
valueFrom:
configMapKeyRef:
name: seafile-env
key: INIT_S3_FS_BUCKET
- name: INIT_S3_BLOCK_BUCKET
valueFrom:
configMapKeyRef:
name: seafile-env
key: INIT_S3_BLOCK_BUCKET
- name: INIT_S3_KEY_ID
valueFrom:
configMapKeyRef:
name: seafile-env
key: INIT_S3_KEY_ID
- name: INIT_S3_USE_V4_SIGNATURE
valueFrom:
configMapKeyRef:
name: seafile-env
key: INIT_S3_USE_V4_SIGNATURE
- name: INIT_S3_AWS_REGION
valueFrom:
configMapKeyRef:
name: seafile-env
key: INIT_S3_AWS_REGION
- name: INIT_S3_HOST
valueFrom:
configMapKeyRef:
name: seafile-env
key: INIT_S3_HOST
- name: INIT_S3_USE_HTTPS
valueFrom:
configMapKeyRef:
name: seafile-env
key: INIT_S3_USE_HTTPS
- name: JWT_PRIVATE_KEY
valueFrom:
secretKeyRef:
name: seafile-secret
key: JWT_PRIVATE_KEY
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
name: seafile-secret
key: SEAFILE_MYSQL_DB_PASSWORD
- name: DB_ROOT_PASSWD
valueFrom:
secretKeyRef:
name: seafile-secret
key: INIT_SEAFILE_MYSQL_ROOT_PASSWORD
- name: INIT_S3_SECRET_KEY
valueFrom:
secretKeyRef:
name: seafile-secret
key: INIT_S3_SECRET_KEY
ports:
- containerPort: 80
volumeMounts:
- name: seafile-data
mountPath: /shared
volumes:
- name: seafile-data
persistentVolumeClaim:
claimName: seafile-data
restartPolicy: Always
imagePullSecrets:
- name: regcred

11
manual/repo/k8s/seafile-persistentvolume.yaml Normal file
View File

@ -0,0 +1,11 @@
apiVersion: v1
kind: PersistentVolume
metadata:
name: seafile-data
spec:
capacity:
storage: 10Gi
accessModes:
- ReadWriteOnce
hostPath:
path: /opt/seafile-data

10
manual/repo/k8s/seafile-persistentvolumeclaim.yaml Normal file
View File

@ -0,0 +1,10 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: seafile-data
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi

18
manual/repo/k8s/seafile-secret.yaml Normal file
View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Secret
metadata:
name: seafile-secret
type: Opaque
data:
# for Seafile server
JWT_PRIVATE_KEY: "<your JWT key, can generate from `pwgen -s 40 1`>"
# for database
SEAFILE_MYSQL_DB_PASSWORD: "<MySQL user seafile's passsword>"
# Initialization
## for db
INIT_SEAFILE_MYSQL_ROOT_PASSWORD: "<MySQL user root's password>"
## For S3 storage backend (only valid in INIT_S3_STORAGE_BACKEND_CONFIG = true)
INIT_S3_SECRET_KEY: ""

13
manual/repo/k8s/seafile-service.yaml Normal file
View File

@ -0,0 +1,13 @@
apiVersion: v1
kind: Service
metadata:
name: seafile
spec:
selector:
app: seafile-frontend
type: LoadBalancer
ports:
- protocol: TCP
port: 80
targetPort: 80
nodePort: 30000

6
manual/setup/cluster_deploy_with_docker.md
View File

@ -39,7 +39,7 @@ Let's assume you have three nodes in your cluster: A, B, and C.
!!! note "Prerequisites"
- We assume you have already deployed memory cache server (e.g., ***Memcached***), ***MariaDB***, file indexer (e.g., ***ElasticSearch***, [*SeaSearch*](https://seasearch-manual.seafile.com/)) in separate machines and use ***S3*** like object storage.
- We assume you have already deployed memory cache server (e.g., ***Memcached***), ***MariaDB***, file indexer (e.g., ***ElasticSearch***) in separate machines and use ***S3*** like object storage.
- Usually, each node of Seafile Cluster should have at least **2 cores** and **2G memory**. If the above services are deployed together with a node in the Seafile cluster especially ***ElasticSearch***, we recommend that you prepare **4 cores** and **4G memory** for that node
@ -67,8 +67,8 @@ Seafile Server: 2 frontend nodes, 1 backend node
3. Download the `seafile-server.yml` and `.env`
```sh
wget -O .env https://manual.seafile.com/12.0/docker/cluster/env
wget https://manual.seafile.com/12.0/docker/cluster/seafile-server.yml
wget -O .env https://manual.seafile.com/12.0/repo/docker/cluster/env
wget https://manual.seafile.com/12.0/repo/docker/cluster/seafile-server.yml
```
4. Modify the [variables](../config/env.md) in `.env` (especially the terms like `<...>`).

379
manual/setup/cluster_deploy_with_k8s.md
View File

@ -1,289 +1,132 @@
---
status: new
---
# Deploy Seafile cluster with Kubernetes (K8S)
This manual explains how to deploy and run Seafile Server on a Linux server using *Kubernetes* (***k8s*** thereafter).
# Setup with Kubernetes
## Prerequisites
This manual explains how to deploy and run Seafile Server on a Linux server using Kubernetes (k8s thereafter).
### System requirements
## Gettings started
In theory, you only need to prepare one node to deploy a cluster, but this does not conform to the K8S design concept, so we recommend that you prepare at least 4 nodes:
The two volumes for persisting data, `/opt/seafile-data` and `/opt/seafile-mysql`, are still adopted in this manual. What's more, all k8s YAML files will be placed in `/opt/seafile-k8s-yaml`. It is not recommended to change these paths. If you do, account for it when following these instructions.
- **One** node for the K8S control plane
- **Two** nodes for starting the Seafile frontend service
- **One** node for starting the Seafile backend service
## Install kubectl and k8s control plane
For each node, you have to prepare at least **2 cores** cpu, **2G RAM** and 10G disk space.
The two tools, **kubectl** and a **k8s control plane** tool (i.e., ***kubeadm***), are required and can be installed with [official installation guide](https://kubernetes.io/docs/tasks/tools/).
!!! note "More details about System requirements"
We assume you have already deployed memory cache server (e.g., ***Memcached***), ***MariaDB***, file indexer (e.g., ***ElasticSearch***) in separate machines and use ***S3*** like object storage.
- If some of the above services are deployed on one of the nodes, you need to prepare more space for the node. Especially for ***ElasticSearch***, you need to prepare at least **4 cores** cpu, **4GB** memory and more disk space on the node.
!!! tip "Multi-node deployment"
If it is a multi-node deployment, k8s control plane needs to be installed on each node. After installation, you need to start the k8s control plane service on each node and refer to the k8s official manual for [creating a cluster](https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/create-cluster-kubeadm/). Since this manual still uses the same image as docker deployment, we need to add the following repository to k8s:
- Generally, when deploying Seafile in a cluster, we recommend that you use a storage backend (such as AWS S3) to store Seafile data. However, according to the Seafile image startup rules and K8S persistent storage strategy, you still need to prepare a persistent directory for configuring the startup of the Seafile container. In this document, we use the following path for the persistent directory with maximum 10GB space:
```shell
kubectl create secret docker-registry regcred --docker-server=seafileltd --docker-username=seafile --docker-password=zjkmid6rQibdZ=uJMuWS
```
```
/opt/seafile-data
```
## YAML
If you would like to change it or increase the space, you should modify the `seafile-persistentvolume.yaml` and `seafile-persistentvolumeclaim.yaml` in this document.
Seafile mainly involves three different services, namely database service, cache service and seafile service. Since these three services do not have a direct dependency relationship, we need to separate them from the entire docker-compose.yml (in this manual, we use [Seafile 12 PRO](../docker/pro/seafile-server.yml)) and divide them into three pods. For each pod, we need to define a series of YAML files for k8s to read, and we will store these YAMLs in `/opt/seafile-k8s-yaml`.
!!! tip "More details about the number of nodes"
1. For **security reasons**, the k8s cluster will **not** schedule Pods on the *control plane node* by default, this is why we recommend reserving a separate node for the control plane. If your number of nodes does not meet our recommended number (i.e. 4 nodes), please adjust according to the following strategies:
- **3 nodes**: There are still two frontend services and one backend service, but the backend service will be on the same node as one of the frontend services.
- **2 nodes**: A frontend service and a backend service on the same node
- **1 node**: Please refer [here](./setup_pro_by_docker.md) to deploy Seafile in a single node instead of K8S.
2. If you have more available nodes for Seafile server, please provide them to the Seafile frontend service and **make sure there is only one backend service running**. Here is a simple relationship between the number of Seafile frontent services ($N_f$) and total nodes ($N_t$):
$$
N_f = N_t - 2,
$$
where the number **2** means one node for K8S control plane and one for Seafile backend service.
!!! note
This series of YAML mainly includes **Deployment** for pod management and creation, **Service** for exposing services to the external network, **PersistentVolume** for defining the location of a volume used for persistent storage on the host and **Persistentvolumeclaim** for declaring the use of persistent storage in the container. For futher configuration details, you can refer [the official documents](https://kubernetes.io/docs/tasks/configure-pod-container/).
### About kubectl and k8s control plane
### mariadb
Two tools are suggested and can be installed with [official installation guide](https://kubernetes.io/docs/tasks/tools/) **on all nodes**:
#### mariadb-deployment.yaml
- ***kubectl***
- ***k8s control plane tool*** (e.g., ***kubeadm***)
```YAML
apiVersion: apps/v1
kind: Deployment
metadata:
name: mariadb
spec:
selector:
matchLabels:
app: mariadb
replicas: 1
template:
metadata:
labels:
app: mariadb
spec:
containers:
- name: mariadb
image: mariadb:10.11
env:
- name: MARIADB_ROOT_PASSWORD
value: "db_password"
- name: MARIADB_AUTO_UPGRADE
value: "true"
ports:
- containerPort: 3306
volumeMounts:
- name: mariadb-data
mountPath: /var/lib/mysql
volumes:
- name: mariadb-data
persistentVolumeClaim:
claimName: mariadb-data
```
After installation, you need to start the k8s control plane service on each node and refer to the k8s official manual for [creating a cluster](https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/create-cluster-kubeadm/).
Please replease `MARIADB_ROOT_PASSWORD` to your own mariadb password.
!!! tip
In the above Deployment configuration file, no restart policy for the pod is specified. The default restart policy is **Always**. If you need to modify it, add the following to the spec attribute:
Although we recommend installing the *k8s control plane tool* on each node, it does not mean that we will use each node as a control plane node, but it is a necessary tool to create or join a K8S cluster. For details, please refer to the above [link](https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/create-cluster-kubeadm/) about **creating or joining into a cluster**.
```YAML
restartPolicy: OnFailure
## Download K8S YAML files for Seafile cluster (without frontend node)
#Note:
# Always: always restart (include normal exit)
# OnFailure: restart only with unexpected exit
# Never: do not restart
```sh
mkdir -p /opt/seafile-k8s-yaml
wget -P /opt/seafile-k8s-yaml https://manual.seafile.com/12.0/repo/k8s/seafile-backend-deployment.yaml
wget -P /opt/seafile-k8s-yaml https://manual.seafile.com/12.0/repo/k8s/seafile-persistentvolume.yaml
wget -P /opt/seafile-k8s-yaml https://manual.seafile.com/12.0/repo/k8s/seafile-persistentvolumeclaim.yaml
wget -P /opt/seafile-k8s-yaml https://manual.seafile.com/12.0/repo/k8s/seafile-service.yaml
wget -P /opt/seafile-k8s-yaml https://manual.seafile.com/12.0/repo/k8s/seafile-env.yaml
wget -P /opt/seafile-k8s-yaml https://manual.seafile.com/12.0/repo/k8s/seafile-secret.yaml
```
!!! tip "About YAML files"
In here we suppose you download the YAML files in `/opt/seafile-k8s-yaml`, which mainly include about:
- `xx-deployment.yaml` for pod management and creation,
- `xx-service.yaml` for exposing services to the external network,
- `xx-persistentVolume.yaml` for defining the location of a volume used for persistent storage on the host
- `xx-persistentvolumeclaim.yaml` for declaring the use of persistent storage in the container.
For futher configuration details, you can refer [the official documents](https://kubernetes.io/docs/tasks/configure-pod-container/).
## Modify `seafile-env.yaml` and `seafile-secret.yaml`
Similar to Docker-base deployment, Seafile cluster in K8S deployment also supports use files to configure startup progress, you can modify common environment variables by
```sh
nano /opt/seafile-k8s-yaml/seafile-env.yaml
```
and sensitive information (e.g., password) by
```sh
nano /opt/seafile-k8s-yaml/seafile-secret.yaml
```
!!! note "For `seafile-secret.yaml`"
To modify sensitive words, you need to convert the password into base64 encoding and write it into the `seafile-secret.yaml` file:
```sh
echo -n '<your-value>' | base64
```
#### mariadb-service.yaml
!!! warning
For the fields marked with `<...>` are **required**, please make sure these items are filled in, otherwise Seafile server may not run properly.
```YAML
apiVersion: v1
kind: Service
metadata:
name: mariadb
spec:
selector:
app: mariadb
ports:
- protocol: TCP
port: 3306
targetPort: 3306
```
#### mariadb-persistentvolume.yaml
```YAML
apiVersion: v1
kind: PersistentVolume
metadata:
name: mariadb-data
spec:
capacity:
storage: 1Gi
accessModes:
- ReadWriteOnce
hostPath:
path: /opt/seafile-mysql/db
```
#### mariadb-persistentvolumeclaim.yaml
```YAML
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: mariadb-data
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
```
### memcached
#### memcached-deployment.yaml
```YAML
apiVersion: apps/v1
kind: Deployment
metadata:
name: memcached
spec:
replicas: 1
selector:
matchLabels:
app: memcached
template:
metadata:
labels:
app: memcached
spec:
containers:
- name: memcached
image: memcached:1.6.18
args: ["-m", "256"]
ports:
- containerPort: 11211
```
#### memcached-service.yaml
```YAML
apiVersion: v1
kind: Service
metadata:
name: memcached
spec:
selector:
app: memcached
ports:
- protocol: TCP
port: 11211
targetPort: 11211
```
### Seafile
#### seafile-deployment.yaml
```YAML
apiVersion: apps/v1
kind: Deployment
metadata:
name: seafile
spec:
replicas: 1
selector:
matchLabels:
app: seafile
template:
metadata:
labels:
app: seafile
spec:
containers:
- name: seafile
# image: seafileltd/seafile-mc:9.0.10
# image: seafileltd/seafile-mc:11.0-latest
image: seafileltd/seafile-pro-mc:12.0-latest
env:
- name: DB_HOST
value: "mariadb"
- name: DB_ROOT_PASSWD
value: "db_password" #db's password
- name: TIME_ZONE
value: "Europe/Berlin"
- name: INIT_SEAFILE_ADMIN_EMAIL
value: "admin@seafile.com" #admin email
- name: INIT_SEAFILE_ADMIN_PASSWORD
value: "admin_password" #admin password
- name: SEAFILE_SERVER_LETSENCRYPT
value: "false"
- name: SEAFILE_SERVER_HOSTNAME
value: "you_seafile_domain" #hostname
ports:
- containerPort: 80
# - containerPort: 443
# name: seafile-secure
volumeMounts:
- name: seafile-data
mountPath: /shared
volumes:
- name: seafile-data
persistentVolumeClaim:
claimName: seafile-data
restartPolicy: Always
# to get image from protected repository
imagePullSecrets:
- name: regcred
```
Please replease the above configurations, such as database root password, admin in seafile.
#### seafile-service.yaml
```YAML
apiVersion: v1
kind: Service
metadata:
name: seafile
spec:
selector:
app: seafile
type: LoadBalancer
ports:
- protocol: TCP
port: 80
targetPort: 80
nodePort: 30000
```
#### seafile-persistentvolume.yaml
```YAML
apiVersion: v1
kind: PersistentVolume
metadata:
name: seafile-data
spec:
capacity:
storage: 10Gi
accessModes:
- ReadWriteOnce
hostPath:
path: /opt/seafile-data
```
#### seafile-persistentvolumeclaim.yaml
```YAML
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: seafile-data
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
```
## Deploy pods
You can use following command to deploy pods:
## Initialize Seafile cluster
You can use following command to initialize Seafile cluster:
```shell
kubectl apply -f /opt/seafile-k8s-yaml/
```
!!! tip
Now the Seafile cluster is not running in `CLUSTER_INIT_MODE=true`. We suggest you check the configuration in the files in `/opt/seafile-data/conf` are correct or no before starting the server
## Download frontend service's YAML and restart pods to start Seafile server
1. Download frontend service's YAML by:
```sh
wget -P /opt/seafile-k8s-yaml https://manual.seafile.com/12.0/repo/k8s/seafile-frontend-deployment.yaml
```
2. Modify `seafile-env.yaml`, and set `CLUSTER_INIT_MODE` to `false`
3. Run the following command to restart pods to restart Seafile cluster:
!!! tip
If you modify some configurations in `/opt/seafile-data/conf` or YAML files in `/opt/seafile-k8s-yaml/`, you still need to restart service too
```shell
kubectl delete -f /opt/seafile-k8s-yaml/
kubectl apply -f /opt/seafile-k8s-yaml/
```
## Container management
Similar to docker installation, you can also manage containers through [some kubectl commands](https://kubernetes.io/docs/reference/kubectl/#operations). For example, you can use the following command to check whether the relevant resources are started successfully and whether the relevant services can be accessed normally. First, execute the following command and remember the pod name with `seafile-` as the prefix (such as seafile-748b695648-d6l4g)
@ -304,9 +147,17 @@ and enter a container by
kubectl exec -it seafile-748b695648-d6l4g -- bash
```
If you modify some configurations in `/opt/seafile-data/conf` and need to restart the container, the following command can be refered:
## Loadbalance and HTTPS
```shell
kubectl delete deployments --all
kubectl apply -f /opt/seafile-k8s-yaml/
```
When deploying a Seafile cluster using K8S, you can enable HTTPS and use loadbalance in the following two ways:
- External load balancing server, such as *Nginx*. Typically you will need to reverse proxy `http://<your control plane>/`
- K8S Gateway API, e.g., [Nginx-gateway](https://docs.nginx.com/nginx-gateway-fabric/installation/installing-ngf/manifests/) and [Istio-gateway](https://istio.io/latest/docs/tasks/traffic-management/ingress/gateway-api/)
## Firewall Policy
In addition to port `80` (or `443` in HTTPS) required by the Seafile service (usually, you only need to open it in the *control plane node*), you can also operate the firewall of the following ports according to actual conditions in **all nodes**:
- `6443`: K8S server api, joining the cluster via the external network
- `8285` (**UDP**): joining the cluster via the external network
- `10250`: Kubelet api, cluster control

4
manual/setup/migrate_ce_to_pro_with_docker.md
View File

@ -7,8 +7,8 @@
3. Download the `.env` and `seafile-server.yml` of Seafile Pro.
```sh
wget -O .env https://manual.seafile.com/12.0/docker/pro/env
wget https://manual.seafile.com/12.0/docker/pro/seafile-server.yml
wget -O .env https://manual.seafile.com/12.0/repo/docker/pro/env
wget https://manual.seafile.com/12.0/repo/docker/pro/seafile-server.yml
```
## Migrate

12
manual/setup/migrate_non_docker_to_docker.md
View File

@ -65,17 +65,17 @@ You have to download the latest docker-compose files (i.e., series of `.yml` and
=== "Seafile CE"
```sh
wget -O .env https://manual.seafile.com/12.0/docker/ce/env
wget https://manual.seafile.com/12.0/docker/ce/seafile-server.yml
wget https://manual.seafile.com/12.0/docker/caddy.yml
wget -O .env https://manual.seafile.com/12.0/repo/docker/ce/env
wget https://manual.seafile.com/12.0/repo/docker/ce/seafile-server.yml
wget https://manual.seafile.com/12.0/repo/docker/caddy.yml
```
=== "Seafile Pro"
```sh
wget -O .env https://manual.seafile.com/12.0/docker/pro/env
wget https://manual.seafile.com/12.0/docker/pro/seafile-server.yml
wget https://manual.seafile.com/12.0/docker/caddy.yml
wget -O .env https://manual.seafile.com/12.0/repo/docker/pro/env
wget https://manual.seafile.com/12.0/repo/docker/pro/seafile-server.yml
wget https://manual.seafile.com/12.0/repo/docker/caddy.yml
```
Then modify the `.env` according to your configurations.

6
manual/setup/setup_ce_by_docker.md
View File

@ -25,9 +25,9 @@ mkdir /opt/seafile
cd /opt/seafile
# Seafile CE 12.0
wget -O .env https://manual.seafile.com/12.0/docker/ce/env
wget https://manual.seafile.com/12.0/docker/ce/seafile-server.yml
wget https://manual.seafile.com/12.0/docker/caddy.yml
wget -O .env https://manual.seafile.com/12.0/repo/docker/ce/env
wget https://manual.seafile.com/12.0/repo/docker/ce/seafile-server.yml
wget https://manual.seafile.com/12.0/repo/docker/caddy.yml
nano .env
```

18
manual/setup/setup_pro_by_docker.md
View File

@ -46,17 +46,13 @@ Use the [official installation guide for your OS to install Docker](https://docs
### Downloading the Seafile Image
!!! success
Since v12.0, Seafile PE versions are hosted on DockerHub and does not require username and password to download. For ***older Seafile PE*** versions are available private docker repository (back to Seafile 7.0). You can get the username and password on the download page in the [Customer Center](https://customer.seafile.com/downloads).
```bash
docker pull seafileltd/seafile-pro-mc:12.0-latest
```
!!! note
Since v12.0, Seafile PE versions are hosted on DockerHub and does not require username and password to download.
!!! note
Older Seafile PE versions are available private docker repository (back to Seafile 7.0). You can get the username and password on the download page in the [Customer Center](https://customer.seafile.com/downloads).
### Downloading and Modifying `.env`
From Seafile Docker 12.0, we use `.env`, `seafile-server.yml` and `caddy.yml` files for configuration.
@ -66,9 +62,9 @@ mkdir /opt/seafile
cd /opt/seafile
# Seafile PE 12.0
wget -O .env https://manual.seafile.com/12.0/docker/pro/env
wget https://manual.seafile.com/12.0/docker/pro/seafile-server.yml
wget https://manual.seafile.com/12.0/docker/caddy.yml
wget -O .env https://manual.seafile.com/12.0/repo/docker/pro/env
wget https://manual.seafile.com/12.0/repo/docker/pro/seafile-server.yml
wget https://manual.seafile.com/12.0/repo/docker/caddy.yml
nano .env
```

2
manual/setup/use_other_reverse_proxy.md
View File

@ -69,7 +69,7 @@ services:
- NON_ROOT=${NON_ROOT:-false}
- JWT_PRIVATE_KEY=${JWT_PRIVATE_KEY:?Variable is not set or empty}
- ENABLE_SEADOC=${ENABLE_SEADOC:-false}
- SEADOC_SERVER_URL=${SEADOC_SERVER_URL:-http://example.example.com/sdoc-server}
- SEADOC_SERVER_URL=${SEADOC_SERVER_URL:-http://seafile.example.com/sdoc-server}
- INIT_S3_STORAGE_BACKEND_CONFIG=${INIT_S3_STORAGE_BACKEND_CONFIG:-false}
- INIT_S3_COMMIT_BUCKET=${INIT_S3_COMMIT_BUCKET:-}
- INIT_S3_FS_BUCKET=${INIT_S3_FS_BUCKET:-}

2
manual/setup/use_seasearch.md
View File

@ -16,7 +16,7 @@
SeaSearch service is currently mainly deployed via docker. We have integrated it into the relevant docker-compose file. You only need to download it to the same directory as `seafile-server.yml`:
```sh
wget https://manual.seafile.com/12.0/docker/pro/seasearch.yml
wget https://manual.seafile.com/12.0/repo/docker/pro/seasearch.yml
```
## Modify `.env`

2
manual/setup_binary/cluster_deployment.md
View File

@ -9,7 +9,7 @@
!!! note "Prerequisites"
- We assume you have already deployed memory cache server (e.g., ***Memcached***), ***MariaDB***, file indexer (e.g., ***ElasticSearch***, [*SeaSearch*](https://seasearch-manual.seafile.com/)) in separate machines and use ***S3*** like object storage.
- We assume you have already deployed memory cache server (e.g., ***Memcached***), ***MariaDB***, file indexer (e.g., ***ElasticSearch***) in separate machines and use ***S3*** like object storage.
- Usually, each node of Seafile Cluster should have at least **2 cores** and **2G memory**. If the above services are deployed together with a node in the Seafile cluster especially ***ElasticSearch***, we recommend that you prepare **4 cores** and **4G memory** for that node

4
manual/upgrade/upgrade_a_cluster.md
View File

@ -27,8 +27,8 @@ In general, to upgrade a cluster, you need:
2. Download the docker-compose files for *Seafile 12*
```sh
wget -O .env https://manual.seafile.com/12.0/docker/cluster/env
wget https://manual.seafile.com/12.0/docker/cluster/seafile-server.yml
wget -O .env https://manual.seafile.com/12.0/repo/docker/cluster/env
wget https://manual.seafile.com/12.0/repo/docker/cluster/seafile-server.yml
```
3. Modify `.env`:

12
manual/upgrade/upgrade_docker.md
View File

@ -26,9 +26,9 @@ Download [.env](../docker/ce/env), [seafile-server.yml](../docker/ce/seafile-ser
=== "Seafile community edition"
```sh
wget -O .env https://manual.seafile.com/12.0/docker/ce/env
wget https://manual.seafile.com/12.0/docker/ce/seafile-server.yml
wget https://manual.seafile.com/12.0/docker/caddy.yml
wget -O .env https://manual.seafile.com/12.0/repo/docker/ce/env
wget https://manual.seafile.com/12.0/repo/docker/ce/seafile-server.yml
wget https://manual.seafile.com/12.0/repo/docker/caddy.yml
```
The following fields merit particular attention:
@ -49,9 +49,9 @@ Download [.env](../docker/ce/env), [seafile-server.yml](../docker/ce/seafile-ser
=== "Seafile pro edition"
```sh
wget -O .env https://manual.seafile.com/12.0/docker/pro/env
wget https://manual.seafile.com/12.0/docker/pro/seafile-server.yml
wget https://manual.seafile.com/12.0/docker/caddy.yml
wget -O .env https://manual.seafile.com/12.0/repo/docker/pro/env
wget https://manual.seafile.com/12.0/repo/docker/pro/seafile-server.yml
wget https://manual.seafile.com/12.0/repo/docker/caddy.yml
```
The following fields merit particular attention:

6
mkdocs.yml
View File

@ -22,6 +22,7 @@ theme:
- search.suggest
- search.highlight
- search.share
- math
palette:
- scheme: default
@ -53,6 +54,9 @@ extra:
extra_css:
- stylesheets/extra.css
extra_javascript:
- https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.7/MathJax.js?config=TeX-MML-AM_CHTML
# Extensions
markdown_extensions:
- markdown.extensions.admonition
@ -72,6 +76,8 @@ markdown_extensions:
format: !!python/name:pymdownx.superfences.fence_code_format
- pymdownx.tabbed: # provides a syntax to easily add tabbed Markdown content
alternate_style: true
- pymdownx.arithmatex: # LaTeX 数学支持,需要 MathJax
generic: true
# Page tree
nav: