wooo/awoooi
1
1
Fork 0
Code Issues 2 Pull Requests 1 Actions 2 Packages Projects Releases Wiki Activity
Files
04ceb3e7c8c22dc5d7ec0efb1cd0e2e82d3304a2
awoooi/scripts/deploy-infra.sh
OG T 7478dc0254 feat(phase6-9): Complete modular architecture and Agent Teams 
Phase 6.4 - Modular Architecture:
- Add lewooogo-brain adapters for LLM providers
- Add lewooogo-data dual memory (Redis + PostgreSQL)
- Implement consensus engine for multi-agent decisions
- Add incident memory service for historical context

Phase 9 - Agent Teams (Claude Agent SDK):
- Add base agent class with Claude Sonnet 4 integration
- Implement action planner, blast radius, and security agents
- Add agent API endpoints and proposal workflow
- Integrate ADR-009 OpenClaw Agent Teams architecture

DevOps & CI/CD:
- Add GitHub Actions CI/CD workflows (ci.yaml, cd.yaml)
- Add pre-commit hooks and secrets baseline
- Add docker-compose for local development
- Update Kubernetes network policies

Frontend Improvements:
- Add auto-healing error boundary component
- Update i18n messages for agent features
- Enhance dual-state incident card with execution feedback

Documentation:
- Add 7 ADRs covering MCP, design system, architecture decisions
- Update ARCHITECTURE_MEMORY.md with modular design
- Add GLOBAL_RULES.md and SOUL.md for project identity

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-03-23 18:40:36 +08:00

185 lines
6.9 KiB
Bash
Executable File
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
#!/bin/bash
# =============================================================================
# AWOOOI K3s Infrastructure Deployment Script
# =============================================================================
# Phase 0: 基礎設施部署至 K3s Master (192.168.0.120)
#
# 用途: 將 k8s/awoooi-prod/ 下的 YAML 依序部署至 K3s 叢集
# 負責人: CIO + Claude Code
# 日期: 2026-03-21
#
# =============================================================================
# ⚠️ 前端 Docker Image 建置警告 ⚠️
# =============================================================================
# 前端 Next.js Docker Image 於 CI/CD 建置時,必須透過 --build-arg 注入
# 生產環境的 API 網址,絕對不可沿用本機 localhost 的預設值!
#
# 正確做法 (CI/CD Pipeline):
# docker build --build-arg NEXT_PUBLIC_API_URL=https://awoooi.wooo.work \
# -f apps/web/Dockerfile -t awoooi-web:${TAG} .
#
# 錯誤做法:
# 沿用 Dockerfile 預設值 http://localhost:8000 (僅限本機開發)
#
# =============================================================================
set -e # 遇到錯誤立即中斷
# =============================================================================
# 配置 (四主機架構常量)
# =============================================================================
K3S_MASTER="192.168.0.120"
K3S_USER="root" # 或 ogt (依據 SSH Key 配置)
REMOTE_DIR="/tmp/awoooi-deploy"
LOCAL_K8S_DIR="./k8s/awoooi-prod"
NAMESPACE="awoooi-prod"
# 顏色輸出
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m' # No Color
# =============================================================================
# 函數定義
# =============================================================================
log_info() {
echo -e "${BLUE}[INFO]${NC} $1"
}
log_success() {
echo -e "${GREEN}[SUCCESS]${NC} $1"
}
log_warn() {
echo -e "${YELLOW}[WARN]${NC} $1"
}
log_error() {
echo -e "${RED}[ERROR]${NC} $1"
}
# =============================================================================
# 前置檢查
# =============================================================================
echo ""
echo "=============================================="
echo " AWOOOI K3s Infrastructure Deployment"
echo " Target: ${K3S_MASTER} (K3s Master)"
echo " Namespace: ${NAMESPACE}"
echo "=============================================="
echo ""
# 檢查本地 YAML 目錄
if [ ! -d "$LOCAL_K8S_DIR" ]; then
log_error "K8s 配置目錄不存在: $LOCAL_K8S_DIR"
exit 1
fi
# 檢查 SSH 連線
log_info "測試 SSH 連線至 ${K3S_MASTER}..."
if ! ssh -o ConnectTimeout=5 -o BatchMode=yes ${K3S_USER}@${K3S_MASTER} "echo 'SSH OK'" > /dev/null 2>&1; then
log_error "無法透過 SSH 連線至 ${K3S_MASTER}"
log_warn "請確認 SSH Key 已配置 (禁止硬編碼密碼)"
exit 1
fi
log_success "SSH 連線成功"
# =============================================================================
# Step 1: 傳輸 YAML 檔案
# =============================================================================
log_info "Step 1: 傳輸 YAML 至遠端 ${REMOTE_DIR}..."
# 建立遠端目錄
ssh ${K3S_USER}@${K3S_MASTER} "mkdir -p ${REMOTE_DIR}"
# 複製所有 YAML (排除 secrets.yaml)
scp -q ${LOCAL_K8S_DIR}/01-namespace-quota.yaml ${K3S_USER}@${K3S_MASTER}:${REMOTE_DIR}/
scp -q ${LOCAL_K8S_DIR}/02-network-policy.yaml ${K3S_USER}@${K3S_MASTER}:${REMOTE_DIR}/
scp -q ${LOCAL_K8S_DIR}/04-configmap.yaml ${K3S_USER}@${K3S_MASTER}:${REMOTE_DIR}/
scp -q ${LOCAL_K8S_DIR}/05-deployment-web.yaml ${K3S_USER}@${K3S_MASTER}:${REMOTE_DIR}/
scp -q ${LOCAL_K8S_DIR}/06-deployment-api.yaml ${K3S_USER}@${K3S_MASTER}:${REMOTE_DIR}/
scp -q ${LOCAL_K8S_DIR}/07-rbac.yaml ${K3S_USER}@${K3S_MASTER}:${REMOTE_DIR}/
log_success "YAML 檔案傳輸完成 (secrets.yaml 需單獨處理)"
# =============================================================================
# Step 2: 依序執行 kubectl apply
# =============================================================================
log_info "Step 2: 依序部署 K8s 資源..."
# 2.1 Namespace + ResourceQuota (必須最先)
log_info " [1/5] 部署 Namespace + ResourceQuota..."
ssh ${K3S_USER}@${K3S_MASTER} "kubectl apply -f ${REMOTE_DIR}/01-namespace-quota.yaml"
# 2.2 NetworkPolicy (安全隔離)
log_info " [2/5] 部署 NetworkPolicy..."
ssh ${K3S_USER}@${K3S_MASTER} "kubectl apply -f ${REMOTE_DIR}/02-network-policy.yaml"
# 2.3 ConfigMap
log_info " [3/5] 部署 ConfigMap..."
ssh ${K3S_USER}@${K3S_MASTER} "kubectl apply -f ${REMOTE_DIR}/04-configmap.yaml"
# 2.4 RBAC (ServiceAccount, ClusterRole, ClusterRoleBinding)
log_info " [4/5] 部署 RBAC..."
ssh ${K3S_USER}@${K3S_MASTER} "kubectl apply -f ${REMOTE_DIR}/07-rbac.yaml"
# 2.5 Deployments (Web + API) - 僅建立資源,映像標籤由 CI 注入
log_info " [5/5] 部署 Deployment 模板 (映像標籤需由 CI 注入)..."
ssh ${K3S_USER}@${K3S_MASTER} "kubectl apply -f ${REMOTE_DIR}/05-deployment-web.yaml" || log_warn "Web Deployment 可能因 ImagePullBackOff 失敗 (預期行為)"
ssh ${K3S_USER}@${K3S_MASTER} "kubectl apply -f ${REMOTE_DIR}/06-deployment-api.yaml" || log_warn "API Deployment 可能因 ImagePullBackOff 失敗 (預期行為)"
log_success "K8s 資源部署完成"
# =============================================================================
# Step 3: 驗證部署結果
# =============================================================================
log_info "Step 3: 驗證部署結果..."
echo ""
echo "--- Namespace ---"
ssh ${K3S_USER}@${K3S_MASTER} "kubectl get ns ${NAMESPACE}"
echo ""
echo "--- ResourceQuota ---"
ssh ${K3S_USER}@${K3S_MASTER} "kubectl get quota -n ${NAMESPACE}"
echo ""
echo "--- NetworkPolicy ---"
ssh ${K3S_USER}@${K3S_MASTER} "kubectl get netpol -n ${NAMESPACE}"
echo ""
echo "--- ServiceAccount (RBAC) ---"
ssh ${K3S_USER}@${K3S_MASTER} "kubectl get sa -n ${NAMESPACE}"
echo ""
echo "--- Deployments ---"
ssh ${K3S_USER}@${K3S_MASTER} "kubectl get deploy -n ${NAMESPACE}"
echo ""
# =============================================================================
# Step 4: 清理遠端暫存
# =============================================================================
log_info "Step 4: 清理遠端暫存 ${REMOTE_DIR}..."
ssh ${K3S_USER}@${K3S_MASTER} "rm -rf ${REMOTE_DIR}"
log_success "暫存清理完成"
# =============================================================================
# 完成
# =============================================================================
echo ""
echo "=============================================="
echo -e "${GREEN} AWOOOI K3s 基礎設施部署完成!${NC}"
echo "=============================================="
echo ""
echo "下一步:"
echo " 1. 建立 Secrets: kubectl apply -f k8s/awoooi-prod/03-secrets.yaml"
echo " 2. CI/CD 建置映像並推送至 Harbor (192.168.0.110:5000)"
echo " 3. 使用 kustomize set image 更新 Deployment"
echo ""
log_warn "提醒: Deployment 目前使用 IMAGE_TAG_PLACEHOLDER需由 CI 動態注入"
echo ""
Reference in New Issue View Git Blame Copy Permalink