服务访问清单

所有对外暴露的服务端口和凭据，集中管理。

AIForge 平台 (新)

项目	值
前端控制台	`http://107.148.176.193:30801`
Gateway API	`http://107.148.176.193:30800`
注册测试用户	admin@aiforge.dev / aiforge123
OpenAI 兼容	`http://107.148.176.193:30800/v1/chat/completions`
Playground	`http://107.148.176.193:30801/playground`
注册	`POST /api/v1/auth/register`
登录	`POST /api/v1/auth/login`

集群访问

项目	值
API Server	`https://107.148.176.193:6443`
kubeconfig (本机)	`~/.kube/config-k8s-lab`
使用方式	`export KUBECONFIG=~/.kube/config-k8s-lab && kubectl get nodes`

节点 SSH

角色	IP	SSH	WireGuard IP
Master	107.148.176.193	`ssh root@107.148.176.193`	10.10.0.1
Worker-1	107.148.164.118	`ssh root@107.148.164.118`	10.10.0.2
Worker-2	154.9.27.60	`ssh root@154.9.27.60`	10.10.0.3
Worker-3	38.76.221.17	`ssh root@38.76.221.17`	10.10.0.4
Worker-4	154.219.104.66	`ssh root@154.219.104.66`	10.10.0.5

Web 服务

通过任意节点的公网 IP + NodePort 访问。推荐用 Master IP 107.148.176.193。

服务	URL	用户名	密码	备注
Grafana	`http://107.148.176.193:30300`	admin	`XXALH7sLZeubHVTofib3E3U9n6VgWTv0fbBq7KZ1`	监控仪表盘
Harbor	`http://107.148.176.193:30180`	admin	`Harbor12345`	镜像仓库
ArgoCD	`http://107.148.176.193:30880`	admin	`oJAKbz26bMzRCfTN`	GitOps CI/CD
Gitea	`http://107.148.176.193:30500`	admin	`Gitea12345`	自托管 Git (NFS I/O 慢，PostgreSQL 需迁移到 local PV)
Ingress HTTP	`http://154.9.27.60:30080`	—	—	需要 Host header
Ingress HTTPS	`https://154.9.27.60:30443`	—	—	需要 Host header
Nginx Demo	`http://107.148.176.193:31281`	—	—	Phase 1 练习

Ingress 路由

# 访问 dev 命名空间的 nginx（通过 Ingress）
curl -H "Host: app.k8s-lab.local" http://154.9.27.60:30080/

# 或者本地配 hosts：
# 154.9.27.60 app.k8s-lab.local
# 然后浏览器访问 http://app.k8s-lab.local:30080/

集群内部服务

只能从集群内部（Pod 中或节点上）访问：

服务	ClusterIP	DNS
Prometheus	10.x.x.x:9090	`monitoring-kube-prometheus-prometheus.monitoring.svc:9090`
Alertmanager	10.x.x.x:9093	`monitoring-kube-prometheus-alertmanager.monitoring.svc:9093`
CoreDNS	10.96.0.10:53	—
Kubernetes API	10.96.0.1:443	`kubernetes.default.svc`

存储

项目	值
NFS Server	Worker-4 (10.10.0.5 / 154.219.104.66)
NFS 路径	`/srv/nfs/k8s`
StorageClass	`nfs-dynamic`（默认）
查看 PVC	`kubectl get pvc --all-namespaces`

Gitea SSH (Git 推送)

# 通过 NodePort 30022 推送代码到 Gitea
git remote add gitea ssh://git@107.148.176.193:30022/admin/my-app.git

已部署组件清单

组件	Namespace	状态	存储
Calico CNI	kube-system	Running	—
metrics-server	kube-system	Running	—
NFS Provisioner	kube-system	Running	Worker-4 NFS
Prometheus + Alertmanager	monitoring	Running	10Gi + 2Gi NFS
Grafana	monitoring	Running	5Gi NFS
Loki + Promtail	monitoring	Running	10Gi NFS
node-exporter	monitoring	DaemonSet 5 节点	—
kube-state-metrics	monitoring	Running	—
nginx-ingress	ingress-nginx	Running	—
Harbor	harbor	Running	20Gi+ NFS
ArgoCD	argocd	Running	—
Gitea	gitea	Starting	5Gi NFS

ML Platform

项目	值
推理 API	`kubectl -n ml-platform port-forward svc/housing-model-v1-svc 8080:8080`
预测请求	`curl -X POST http://localhost:8080/predict -d '{"features":[8.3,20,6.0,1.0,1500,3.0,37.78,-122.42]}'`
模型信息	`curl http://localhost:8080/model/info`
Prometheus 指标	`curl http://localhost:8080/metrics`
查看 MLModel	`kubectl -n ml-platform get mlmodel`
训练日志	`kubectl -n ml-platform logs job/ml-training-v1`
Operator 日志	`kubectl -n ml-platform logs deploy/ml-operator`

端口分配表

端口	服务	协议
6443	K8s API Server	HTTPS
30080	Ingress HTTP	HTTP
30180	Harbor	HTTP
30300	Grafana	HTTP
30443	Ingress HTTPS	HTTPS
30500	Gitea Web	HTTP
30022	Gitea SSH	SSH
30880	ArgoCD HTTP	HTTP
30881	ArgoCD HTTPS	HTTPS
31281	Nginx Demo	HTTP
51820	WireGuard	UDP