YAML 文件样例

ewomail

Docker命令行

 docker run -h mail.siguadantang.com 
 -p 25:25 \
 -p 110:110 \
 -p 109:109 \
 -p 143:143 \
 -p 465:465 \
 -p 587:587 \
 -p 993:993 \
 -p 995:995 \
 -p 80:80 \
 -p 8080:8080 \
 -v /data/mail/dkim:/ewomail/dkim \
 -v data/mail/data:/ewomail/www/rainloop/data \
 -v /data/mail/certs:/etc/ssl/certs/ \
 -v /data/mail/private/:/etc/ssl/private/ \
 -v /data/mail/mail:/ewomail/mail/ \
 -v /data/mail/mysql-data/:/ewomail/mysql/data \
 -name cloud-mail \
 bestwu/ewomail
* 有效于错误日志报10024端口错误
* 注释文件 /etc/postfix/main.cf 中如下内容
  content_filter = smtp-amavis:[127.0.0.1]:10024
  receive_override_options = no_address_mappings

  web初始密码:admin/ewomail123
  mysql密码位置:/etc/config.ini

KUbernetes Yaml文件

kind: Deployment
apiVersion: apps/v1
metadata:
  name: cloud-mail-1
  namespace: kube-cloud
  labels:
    app: cloud-mail
    app.kubernetes.io/name: cloud-mail
    app.kubernetes.io/version: v1
    version: '1'
  annotations:
    deployment.kubernetes.io/revision: '6'
    kubesphere.io/alias-name: cloud-mail
    servicemesh.kubesphere.io/enabled: 'false'
spec:
  replicas: 1
  selector:
    matchLabels:
      app: cloud-mail
      app.kubernetes.io/name: cloud-mail
      app.kubernetes.io/version: v1
      version: '1'
  template:
    metadata:
      creationTimestamp: null
      labels:
        app: cloud-mail
        app.kubernetes.io/name: cloud-mail
        app.kubernetes.io/version: v1
        version: '1'
    spec:
      volumes:
        - name: volume-dkim
          persistentVolumeClaim:
            claimName: cloud-mail-ssl-dkim
        - name: volume-rainloop
          persistentVolumeClaim:
            claimName: cloud-mail-rainloop
        - name: volume-certs
          persistentVolumeClaim:
            claimName: cloud-mail-ssl-certs
        - name: volume-private
          persistentVolumeClaim:
            claimName: cloud-mail-ssl-private
        - name: volume-mail
          persistentVolumeClaim:
            claimName: cloud-mail-mail
        - name: volume-data
          persistentVolumeClaim:
            claimName: cloud-mail-mysql-data
      containers:
        - name: cloud-mail
          image: 'bestwu/ewomail'
          ports:
            - name: port-25
              containerPort: 25
              protocol: TCP
            - name: port-109
              containerPort: 109
              protocol: TCP
            - name: port-110
              containerPort: 110
              protocol: TCP
            - name: port-143
              containerPort: 143
              protocol: TCP
            - name: port-465
              containerPort: 465
              protocol: TCP
            - name: port-587
              containerPort: 587
              protocol: TCP
            - name: port-993
              containerPort: 993
              protocol: TCP
            - name: port-995
              containerPort: 995
              protocol: TCP
            - name: port-80
              containerPort: 80
              protocol: TCP
            - name: port-8080
              containerPort: 8080
              protocol: TCP
          resources:
            requests:
              cpu: 10m
              memory: 10Mi
          volumeMounts:
            - name: volume-dkim
              mountPath: /ewomail/dkim
            - name: volume-rainloop
              mountPath: /ewomail/www/rainloop/data
            - name: volume-certs
              mountPath: /etc/ssl/certs/
            - name: volume-private
              mountPath: /etc/ssl/private/
            - name: volume-mail
              mountPath: /ewomail/mail/
            - name: volume-data
              mountPath: /ewomail/mysql/data/
          terminationMessagePath: /dev/termination-log
          terminationMessagePolicy: File
          imagePullPolicy: IfNotPresent
      restartPolicy: Always
      terminationGracePeriodSeconds: 30
      dnsPolicy: ClusterFirst
      serviceAccountName: default
      serviceAccount: default
      securityContext: {}
      hostname: mail
      subdomain: siguadantang
      schedulerName: default-scheduler
  strategy:
    type: RollingUpdate
    rollingUpdate:
      maxUnavailable: 25%
      maxSurge: 25%
  revisionHistoryLimit: 10
  progressDeadlineSeconds: 600
---
kind: Service
apiVersion: v1
metadata:
  name: cloud-mail
  namespace: kube-cloud
  labels:
    app: cloud-mail
    app.kubernetes.io/name: cloud-mail
    app.kubernetes.io/version: v1
  annotations:
    kubesphere.io/alias-name: cloud-mail
    kubesphere.io/workloadType: Deployment
    servicemesh.kubesphere.io/enabled: 'false'
spec:
  ports:
    - name: http-25
      protocol: TCP
      port: 25
      targetPort: 25
    - name: http-109
      protocol: TCP
      port: 109
      targetPort: 109
    - name: http-110
      protocol: TCP
      port: 110
      targetPort: 110
    - name: http-143
      protocol: TCP
      port: 143
      targetPort: 143
    - name: http-465
      protocol: TCP
      port: 465
      targetPort: 465
    - name: http-587
      protocol: TCP
      port: 587
      targetPort: 587
    - name: http-993
      protocol: TCP
      port: 993
      targetPort: 993
    - name: http-995
      protocol: TCP
      port: 995
      targetPort: 995
    - name: http-80
      protocol: TCP
      port: 80
      targetPort: 80
    - name: http-8080
      protocol: TCP
      port: 8080
      targetPort: 8080
  selector:
    app: cloud-mail
    app.kubernetes.io/name: cloud-mail
    app.kubernetes.io/version: v1
  type: ClusterIP
  sessionAffinity: None
---
kind: Ingress
apiVersion: extensions/v1beta1
metadata:
  name: cloud-mail
  namespace: kube-cloud
spec:
  rules:
    - host: cloudmailserver.siguadantang.com
      http:
        paths:
          - backend:
              serviceName: cloud-mail
              servicePort: 8080
    - host: cloudmailclient.siguadantang.com
      http:
        paths:
          - backend:
              serviceName: cloud-mail
              servicePort: 80

kind: Service
apiVersion: v1
metadata:
  name: cloud-mail
  namespace: kube-cloud
  labels:
    app: cloud-mail
    app.kubernetes.io/name: cloud-mail
    app.kubernetes.io/version: v1
  annotations:
    kubesphere.io/alias-name: cloud-mail
    kubesphere.io/workloadType: Deployment
    servicemesh.kubesphere.io/enabled: 'false'
spec:
  ports:
    - name: http-25
      protocol: TCP
      port: 25
      targetPort: 25
      nodePort: 32257
    - name: http-109
      protocol: TCP
      port: 109
      targetPort: 109
      nodePort: 30181
    - name: http-110
      protocol: TCP
      port: 110
      targetPort: 110
      nodePort: 32352
    - name: http-143
      protocol: TCP
      port: 143
      targetPort: 143
      nodePort: 30956
    - name: http-465
      protocol: TCP
      port: 465
      targetPort: 465
      nodePort: 31309
    - name: http-587
      protocol: TCP
      port: 587
      targetPort: 587
      nodePort: 32024
    - name: http-993
      protocol: TCP
      port: 993
      targetPort: 993
      nodePort: 31067
    - name: http-995
      protocol: TCP
      port: 995
      targetPort: 995
      nodePort: 30818
    - name: http-80
      protocol: TCP
      port: 80
      targetPort: 80
      nodePort: 30144
    - name: http-8080
      protocol: TCP
      port: 8080
      targetPort: 8080
      nodePort: 30755
  selector:
    app: cloud-mail
    app.kubernetes.io/name: cloud-mail
    app.kubernetes.io/version: v1
  type: NodePort
  sessionAffinity: None
  externalTrafficPolicy: Cluster

ELK 部署

K8S Yaml文件

kind: Ingress
apiVersion: extensions/v1beta1
metadata:
  name: cloud-elk
  namespace: yunpingtai
  labels:
    app: cloud-elk
  annotations:
    kubesphere.io/alias-name: cloud-elk
    kubesphere.io/description: cloud-elk
    nginx.ingress.kubernetes.io/service-upstream: 'true'
spec:
  rules:
    - host: cloud-elastic.yunpingtai.suningbank.com
      http:
        paths:
          - path: /
            backend:
              serviceName: cloud-elastic
              servicePort: 9200
    - host: cloud-kinbana.yunpingtai.suningbank.com
      http:
        paths:
          - path: /
            backend:
              serviceName: cloud-kinbana
              servicePort: 5601
---
kind: Service
apiVersion: v1
metadata:
  name: cloud-elastic
  namespace: yunpingtai
  labels:
    app: cloud-elastic
    app.kubernetes.io/name: cloud-elk
    app.kubernetes.io/version: v1
  annotations:
    kubesphere.io/alias-name: cloud-elastic
    kubesphere.io/workloadType: Deployment
    servicemesh.kubesphere.io/enabled: 'true'
spec:
  ports:
    - name: http-9200
      protocol: TCP
      port: 9200
      targetPort: 9200
    - name: http-9300
      protocol: TCP
      port: 9300
      targetPort: 9300
  selector:
    app: cloud-elastic
    app.kubernetes.io/name: cloud-elk
    app.kubernetes.io/version: v1
  clusterIP: 179.15.129.43
  type: ClusterIP
  sessionAffinity: None
---
kind: Deployment
apiVersion: apps/v1
metadata:
  name: cloud-elastic
  namespace: yunpingtai
  labels:
    app: cloud-elastic
spec:
  replicas: 1
  selector:
    matchLabels:
      app: cloud-elastic
  template:
    metadata:
      creationTimestamp: null
      labels:
        app: cloud-elastic
    spec:
      volumes:
        - name: volume-elastic
          persistentVolumeClaim:
            claimName: cloud-elastic
      containers:
        - name: cloud-elastic
          image: 'elasticsearch:7.6.2'
          ports:
            - name: http-9200
              containerPort: 9200
              protocol: TCP
            - name: http-9300
              containerPort: 9300
              protocol: TCP
          env:
            - name: node.name
              value: cloud-elastic
            - name: cluster.name
              value: cloud-elastic
            - name: discovery.seed_hosts
              value: cloud-elastic
            - name: ES_JAVA_OPTS
              value: '-Xms512m -Xmx512m'
            - name: cluster.initial_master_nodes
              value: cloud-elastic
            - name: network.bind_host
              value: 0.0.0.0
            - name: bootstrap.system_call_filter
              value: 'false'
          resources:
            requests:
              cpu: 10m
              memory: 10Mi
          volumeMounts:
            - name: volume-elastic
              mountPath: /usr/share/snbcloud-es/data
            - name: timezone
              mountPath: /etc/localtime
          terminationMessagePath: /dev/termination-log
          terminationMessagePolicy: File
          imagePullPolicy: IfNotPresent
      volumes:
        - name: timezone
          hostPath:
            path: /usr/share/zoneinfo/Asia/Shanghai
      restartPolicy: Always
      terminationGracePeriodSeconds: 30
      dnsPolicy: ClusterFirst
      serviceAccountName: default
      serviceAccount: default
      securityContext: {}
      hostname: cloud-elastic
      schedulerName: default-scheduler
  strategy:
    type: RollingUpdate
    rollingUpdate:
      maxUnavailable: 25%
      maxSurge: 25%
  revisionHistoryLimit: 10
  progressDeadlineSeconds: 600
---
kind: Service
apiVersion: v1
metadata:
  name: cloud-kinbana
  namespace: yunpingtai
  labels:
    app: cloud-kinbana
    app.kubernetes.io/name: cloud-elk
    app.kubernetes.io/version: v1
  annotations:
    kubesphere.io/alias-name: cloud-kinbana
    kubesphere.io/workloadType: Deployment
    servicemesh.kubesphere.io/enabled: 'true'
spec:
  ports:
    - name: port-5601
      protocol: TCP
      port: 5601
      targetPort: 5601
  selector:
    app: cloud-kinbana
    app.kubernetes.io/name: cloud-elk
    app.kubernetes.io/version: v1
  clusterIP: 179.15.210.167
  type: ClusterIP
  sessionAffinity: None
---
kind: Deployment
apiVersion: apps/v1
metadata:
  name: cloud-kinbana
  namespace: yunpingtai
  labels:
    app: cloud-kinbana
spec:
  replicas: 1
  selector:
    matchLabels:
      app: cloud-kinbana
  template:
    metadata:
      creationTimestamp: null
      labels:
        app: cloud-kinbana
    spec:
      containers:
        - name: cloud-kinbana
          image: 'kibana:7.6.2'
          ports:
            - name: port-5601
              containerPort: 5601
              protocol: TCP
          volumeMounts:
            - name: timezone
              mountPath: /etc/localtime
          env:
            - name: ELASTICSEARCH_URL
              value: 'http://cloud-elastic:9200'
            - name: snbcloud-es.ssl.verificationMode
              value: none
            - name: ELASTICSEARCH_HOSTS
              value: 'http://cloud-elastic:9200'
            - name: xpack.security.enabled
              value: 'false'
          resources:
            requests:
              cpu: 10m
              memory: 10Mi
          terminationMessagePath: /dev/termination-log
          terminationMessagePolicy: File
          imagePullPolicy: IfNotPresent
      volumes:
        - name: timezone
          hostPath:
            path: /usr/share/zoneinfo/Asia/Shanghai
      restartPolicy: Always
      terminationGracePeriodSeconds: 30
      dnsPolicy: ClusterFirst
      serviceAccountName: default
      serviceAccount: default
      securityContext: {}
      hostname: cloud-kinbana
      schedulerName: default-scheduler
  strategy:
    type: RollingUpdate
    rollingUpdate:
      maxUnavailable: 25%
      maxSurge: 25%
  revisionHistoryLimit: 10
  progressDeadlineSeconds: 600