awoooi

Author	SHA1	Message	Date
OG T	99be215e83	fix(monitoring): R1 Review 修正 — Blackbox DNS/PSA label/告警閾值 Critical: Blackbox Exporter replacement 從 K8s DNS 改為主機 IP (192.168.0.188:9115) Important: Descheduler namespace 顯式宣告 PSA restricted labels Suggestion: failedJobsHistoryLimit 3→1, 新增 MinioDiskUsageCritical 5% 告警 R1 Review by: 首席架構師 (Phase O-1) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-02 14:02:50 +08:00
OG T	6ce82ff883	fix(k3s): Phase O-1 基礎設施修復 — Descheduler + MinIO/Kali 監控 O-1.1: Descheduler securityContext 修復 (PodSecurity restricted 合規) - 新增 pod securityContext (runAsNonRoot, runAsUser:65534, seccompProfile) - 新增 container securityContext (allowPrivilegeEscalation:false, drop ALL) - 補齊 RBAC: namespaces + replicasets list 權限 - 已部署驗證: CronJob 成功執行 (Status: Completed) O-1.3: MinIO Prometheus scrape 配置 + 告警規則 O-1.4: Kali Blackbox TCP probe + 告警規則 - MinioDown, MinioDiskUsageHigh, MinioOfflineDisk - KaliScannerDown 待手動部署: Prometheus config → .188, kubectl kubeconfig → 120/121 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-02 13:55:26 +08:00
OG T	0b68352fc2	feat(k3s): P2/P3 改進 - kube-state-metrics + Kured 時區修復 + Descheduler 調整 P2 改進: - 新增 kube-state-metrics v2.10.1 (NodePort:30888) - 新增 7 條 kube-state-metrics 告警規則 (NPD 整合) P3 改進: - 修復 Kured 維護窗口時區 (18:00→02:00 台北時間) - Descheduler threshold 20%→30% (避免過度遷移) 首席架構師審查建議執行項目 Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-03-28 22:23:42 +08:00
OG T	541565de48	feat(k4.2): Descheduler for pod rebalancing - Deploy Descheduler v0.30.1 as CronJob - Schedule: Every 2 hours - Policies enabled: - LowNodeUtilization: rebalance when node < 20% usage - RemoveDuplicates: spread replicas across nodes - RemovePodsViolatingNodeAffinity: enforce affinity rules Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-03-28 22:03:54 +08:00

4 Commits