User Tools
devsecops_и_промышленные_решения
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
devsecops_и_промышленные_решения [2025/12/15 11:27] val |
devsecops_и_промышленные_решения [2025/12/15 12:59] (current) val [2.3 Стратегии развертывания и масштабирование нагрузки] |
||
|---|---|---|---|
| Line 218: | Line 218: | ||
| * Создать УЗ user1 через [[Инструмент GitLab#REST API интерфейс]] и связать через [[Инструмент GitLab#Клиент OpenID]] | * Создать УЗ user1 через [[Инструмент GitLab#REST API интерфейс]] и связать через [[Инструмент GitLab#Клиент OpenID]] | ||
| - | * Стратегии развертывания и масштабирование нагрузки | + | ==== 2.3 Стратегии развертывания и масштабирование нагрузки ==== |
| - | * ArgoCD и универсальный Helm Chart | + | |
| + | * Добавляем корпоративный сертификат в кластер kubernetes | ||
| + | <code> | ||
| + | server# | ||
| + | |||
| + | bash -c ' | ||
| + | scp /opt/freeipa-data/etc/ipa/ca.crt kube1:/usr/local/share/ca-certificates/ | ||
| + | ssh kube1 update-ca-certificates | ||
| + | ssh kube1 systemctl restart containerd | ||
| + | scp /opt/freeipa-data/etc/ipa/ca.crt kube2:/usr/local/share/ca-certificates/ | ||
| + | ssh kube2 update-ca-certificates | ||
| + | ssh kube2 systemctl restart containerd | ||
| + | scp /opt/freeipa-data/etc/ipa/ca.crt kube3:/usr/local/share/ca-certificates/ | ||
| + | ssh kube3 update-ca-certificates | ||
| + | ssh kube3 systemctl restart containerd | ||
| + | scp /opt/freeipa-data/etc/ipa/ca.crt kube4:/usr/local/share/ca-certificates/ | ||
| + | ssh kube4 update-ca-certificates | ||
| + | ssh kube4 systemctl restart containerd | ||
| + | ' | ||
| + | </code> | ||
| + | |||
| + | * [[Система Kubernetes#Управление образами]] | ||
| + | |||
| + | * [[Стратегии деплоя в Kubernetes]] | ||
| + | |||
| + | ==== 2.4 ArgoCD и универсальный Helm Chart ==== | ||
| ===== Модуль 3: Безопасность в DevOps ===== | ===== Модуль 3: Безопасность в DevOps ===== | ||
| Line 258: | Line 283: | ||
| * Service Mesh (Istio) | * Service Mesh (Istio) | ||
| - | <code> | ||
| - | bash -c ' | ||
| - | scp /opt/freeipa-data/etc/ipa/ca.crt kube1:/usr/local/share/ca-certificates/ | ||
| - | ssh kube1 update-ca-certificates | ||
| - | ssh kube1 systemctl restart containerd | ||
| - | scp /opt/freeipa-data/etc/ipa/ca.crt kube2:/usr/local/share/ca-certificates/ | ||
| - | ssh kube2 update-ca-certificates | ||
| - | ssh kube2 systemctl restart containerd | ||
| - | scp /opt/freeipa-data/etc/ipa/ca.crt kube3:/usr/local/share/ca-certificates/ | ||
| - | ssh kube3 update-ca-certificates | ||
| - | ssh kube3 systemctl restart containerd | ||
| - | scp /opt/freeipa-data/etc/ipa/ca.crt kube4:/usr/local/share/ca-certificates/ | ||
| - | ssh kube4 update-ca-certificates | ||
| - | ssh kube4 systemctl restart containerd | ||
| - | ' | ||
| - | kubeN# | ||
| - | crictl pull server.corpX.un:5000/student/gowebd | ||
| - | crictl images | ||
| - | crictl rmi server.corpX.un:5000/student/gowebd | ||
| - | </code> | ||
devsecops_и_промышленные_решения.1765787261.txt.gz · Last modified: 2025/12/15 11:27 by val
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
