feat: add Kubernetes deployment support

deploy/k8s/README.md

@@ -0,0 +1,47 @@
+# HiClaw Kubernetes Deployment
+
+> 在 Kubernetes 集群上部署 HiClaw 多 Agent 协作平台
+
+## 快速开始
+
+```bash
+# 1. 修改配置
+vim secrets.yaml  # 设置 LLM API Key 和密码
+
+# 2. 一键部署
+kubectl apply -k .
+
+# 3. 配置 hosts 文件
+# 获取 Ingress IP
+kubectl get ingress -n hiclaw
+
+# 添加到 /etc/hosts
+# <INGRESS_IP> element.hiclaw.local matrix.hiclaw.local gateway.hiclaw.local
+```
+
+## 文件说明
+
+| 文件 | 说明 |
+|------|------|
+| `kustomization.yaml` | Kustomize 配置文件 |
+| `namespace.yaml` | 命名空间定义 |
+| `secrets.yaml` | 敏感信息 Secret |
+| `minio.yaml` | MinIO 文件存储 |
+| `matrix.yaml` | Matrix (Tuwunel) IM 服务 |
+| `higress.yaml` | Higress AI Gateway |
+| `element.yaml` | Element Web 前端 |
+| `manager.yaml` | HiClaw Manager |
+| `ingress.yaml` | Ingress 路由规则 |
+| `deploy.sh` | 一键部署脚本 |
+
+## 详细文档
+
+参见 [K8s 部署教程](../../docs/zh-cn/deployment/hiclaw-k8s-deployment-tutorial.md)
+
+## 相关 Issue
+
+- [#245](https://github.com/alibaba/hiclaw/issues/245) - K8s 部署模式支持请求
+
+## 贡献
+
+欢迎提交 Issue 和 PR 来完善 K8s 部署方案！

deploy/k8s/deploy.sh

@@ -0,0 +1,90 @@
+#!/bin/bash
+# HiClaw K8s 一键部署脚本
+
+set -e
+
+echo "🦞 HiClaw Kubernetes 部署脚本"
+echo "=============================="
+
+# 颜色定义
+RED='\033[0;31m'
+GREEN='\033[0;32m'
+YELLOW='\033[1;33m'
+NC='\033[0m' # No Color
+
+# 检查 kubectl
+if ! command -v kubectl &> /dev/null; then
+    echo -e "${RED}错误: kubectl 未安装${NC}"
+    echo "请先安装 kubectl: https://kubernetes.io/docs/tasks/tools/"
+    exit 1
+fi
+
+# 检查集群连接
+if ! kubectl cluster-info &> /dev/null; then
+    echo -e "${RED}错误: 无法连接到 Kubernetes 集群${NC}"
+    echo "请检查 kubeconfig 配置"
+    exit 1
+fi
+
+echo -e "${GREEN}✓ Kubernetes 集群连接正常${NC}"
+
+# 提示输入配置
+echo ""
+echo "请输入配置信息："
+echo "----------------"
+
+read -p "LLM API Key: " LLM_API_KEY
+if [ -z "$LLM_API_KEY" ]; then
+    echo -e "${RED}错误: LLM API Key 不能为空${NC}"
+    exit 1
+fi
+
+read -p "管理员密码 [自动生成]: " ADMIN_PASSWORD
+if [ -z "$ADMIN_PASSWORD" ]; then
+    ADMIN_PASSWORD=$(openssl rand -base64 16)
+    echo -e "${YELLOW}已生成管理员密码: $ADMIN_PASSWORD${NC}"
+fi
+
+read -p "MinIO 密码 [minioadmin]: " MINIO_PASSWORD
+MINIO_PASSWORD=${MINIO_PASSWORD:-minioadmin}
+
+# 更新 Secret
+echo ""
+echo "正在更新配置..."
+sed -i.bak "s/your-api-key-here/$LLM_API_KEY/g" secrets.yaml
+sed -i.bak "s/change-me-secure-password/$ADMIN_PASSWORD/g" secrets.yaml
+sed -i.bak "s/minioadmin/$MINIO_PASSWORD/g" secrets.yaml
+
+# 部署
+echo ""
+echo "开始部署..."
+kubectl apply -k .
+
+# 等待 Pod 就绪
+echo ""
+echo "等待 Pod 就绪..."
+kubectl wait --for=condition=ready pod -l app.kubernetes.io/name -n hiclaw --timeout=300s || true
+
+# 显示状态
+echo ""
+echo "=============================="
+echo -e "${GREEN}✓ 部署完成！${NC}"
+echo ""
+echo "访问地址："
+echo "  Element Web:     http://element.hiclaw.local"
+echo "  Higress 控制台:  http://higress-console.hiclaw.local"
+echo "  OpenClaw 控制台: http://openclaw-console.hiclaw.local"
+echo "  MinIO 控制台:    http://minio-console.hiclaw.local"
+echo ""
+echo "凭据信息："
+echo "  管理员用户名: admin"
+echo "  管理员密码: $ADMIN_PASSWORD"
+echo "  MinIO 用户名: minioadmin"
+echo "  MinIO 密码: $MINIO_PASSWORD"
+echo ""
+echo "请将以下内容添加到 /etc/hosts："
+echo "  <INGRESS_IP> element.hiclaw.local matrix.hiclaw.local gateway.hiclaw.local"
+echo "  <INGRESS_IP> higress-console.hiclaw.local openclaw-console.hiclaw.local"
+echo "  <INGRESS_IP> minio.hiclaw.local minio-console.hiclaw.local"
+echo ""
+echo "获取 Ingress IP: kubectl get ingress -n hiclaw"

deploy/k8s/element.yaml

@@ -0,0 +1,99 @@
+# Element Web - 前端客户端
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: element-config
+  namespace: hiclaw
+  labels:
+    app.kubernetes.io/name: element-web
+data:
+  config.json: |
+    {
+      "default_home_server": "matrix-local.hiclaw.io:8080",
+      "default_server_config": {
+        "m.homeserver": {
+          "base_url": "http://tuwunel.hiclaw.svc.cluster.local:8080"
+        },
+        "m.identity_server": {
+          "base_url": "https://vector.im"
+        }
+      },
+      "disable_custom_urls": false,
+      "disable_guests": true,
+      "disable_login_language_selector": false,
+      "disable_3pid_login": true,
+      "brand": "HiClaw",
+      "integrations_ui_url": "https://scalar.vector.im/",
+      "integrations_rest_url": "https://scalar.vector.im/api",
+      "show_labs_settings": true,
+      "room_directory": {
+        "servers": ["matrix-local.hiclaw.io:8080"]
+      }
+    }
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: element-web
+  namespace: hiclaw
+  labels:
+    app.kubernetes.io/name: element-web
+    app.kubernetes.io/component: frontend
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: element-web
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: element-web
+    spec:
+      containers:
+      - name: element-web
+        image: vectorim/element-web:v1.11.58
+        ports:
+        - containerPort: 80
+          name: http
+        volumeMounts:
+        - name: config
+          mountPath: /app/config.json
+          subPath: config.json
+        resources:
+          limits:
+            cpu: "200m"
+            memory: "128Mi"
+          requests:
+            cpu: "50m"
+            memory: "32Mi"
+        livenessProbe:
+          httpGet:
+            path: /
+            port: 80
+          initialDelaySeconds: 10
+          periodSeconds: 10
+        readinessProbe:
+          httpGet:
+            path: /
+            port: 80
+          initialDelaySeconds: 5
+          periodSeconds: 5
+      volumes:
+      - name: config
+        configMap:
+          name: element-config
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: element-web
+  namespace: hiclaw
+  labels:
+    app.kubernetes.io/name: element-web
+spec:
+  ports:
+  - port: 80
+    targetPort: 80
+    name: http
+  selector:
+    app.kubernetes.io/name: element-web

deploy/k8s/higress.yaml

@@ -0,0 +1,94 @@
+# Higress - AI Gateway
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: higress
+  namespace: hiclaw
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: higress
+  namespace: hiclaw
+  labels:
+    app.kubernetes.io/name: higress
+    app.kubernetes.io/component: gateway
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: higress
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: higress
+    spec:
+      serviceAccountName: higress
+      containers:
+      - name: higress-gateway
+        image: higress-registry.cn-hangzhou.cr.aliyuncs.com/higress/gateway:1.4.0
+        ports:
+        - containerPort: 8080
+          name: http
+        - containerPort: 8443
+          name: https
+        - containerPort: 15020
+          name: metrics
+        resources:
+          limits:
+            cpu: "1"
+            memory: "1Gi"
+          requests:
+            cpu: "200m"
+            memory: "256Mi"
+        livenessProbe:
+          httpGet:
+            path: /healthz/ready
+            port: 15020
+          initialDelaySeconds: 30
+          periodSeconds: 10
+        readinessProbe:
+          httpGet:
+            path: /healthz/ready
+            port: 15020
+          initialDelaySeconds: 10
+          periodSeconds: 5
+      - name: higress-controller
+        image: higress-registry.cn-hangzhou.cr.aliyuncs.com/higress/higress:1.4.0
+        ports:
+        - containerPort: 8001
+          name: console
+        env:
+        - name: LLM_API_KEY
+          valueFrom:
+            secretKeyRef:
+              name: hiclaw-secrets
+              key: LLM_API_KEY
+        resources:
+          limits:
+            cpu: "500m"
+            memory: "512Mi"
+          requests:
+            cpu: "100m"
+            memory: "128Mi"
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: higress
+  namespace: hiclaw
+  labels:
+    app.kubernetes.io/name: higress
+spec:
+  type: LoadBalancer
+  ports:
+  - port: 80
+    targetPort: 8080
+    name: http
+  - port: 443
+    targetPort: 8443
+    name: https
+  - port: 8001
+    name: console
+  selector:
+    app.kubernetes.io/name: higress