juwan/juwan-backend
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity

补齐各个服务的k8s配置清单

Browse Source
This commit is contained in:
wwweww
2026-05-02 11:57:07 +08:00
parent 41890ddd33
commit 83fa982749
18 changed files with 2719 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
deploy/k8s/service/chat/chat-api.yaml
+291
View File
@@ -0,0 +1,291 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: chat-api
namespace: juwan
labels:
app: chat-api
spec:
replicas: 3
revisionHistoryLimit: 5
selector:
matchLabels:
app: chat-api
template:
metadata:
labels:
app: chat-api
spec:
serviceAccountName: find-endpoints
containers:
- name: chat-api
image: chat-api:latest
imagePullPolicy: Always
ports:
- containerPort: 8888
name: http
protocol: TCP
- containerPort: 8889
name: ws
protocol: TCP
- containerPort: 8443
name: wt
protocol: UDP
- containerPort: 4001
name: metrics
protocol: TCP
env:
- name: REDIS_M_HOST
value: "chat-redis-master.juwan:6379"
- name: REDIS_S_HOST
value: "chat-redis-replica.juwan:6379"
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: chat-redis
key: password
- name: JWT_SECRET_KEY
valueFrom:
secretKeyRef:
name: jwt-secret
key: secret-key
- name: MONGO_URI
value: "mongodb://app-user:$(MONGO_PASSWORD)@chat-mongodb-0.chat-mongodb-svc.juwan.svc.cluster.local:27017,chat-mongodb-1.chat-mongodb-svc.juwan.svc.cluster.local:27017,chat-mongodb-2.chat-mongodb-svc.juwan.svc.cluster.local:27017/juwan_chat?replicaSet=chat-mongodb&authSource=admin"
- name: MONGO_PASSWORD
valueFrom:
secretKeyRef:
name: chat-mongodb-app-user-password
key: password
readinessProbe:
tcpSocket:
port: 8888
initialDelaySeconds: 5
periodSeconds: 10
livenessProbe:
tcpSocket:
port: 8888
initialDelaySeconds: 15
periodSeconds: 20
resources:
requests:
cpu: 500m
memory: 512Mi
limits:
cpu: 1000m
memory: 1024Mi
volumeMounts:
- name: timezone
mountPath: /etc/localtime
- name: wt-tls
mountPath: /etc/certs
readOnly: true
volumes:
- name: timezone
hostPath:
path: /usr/share/zoneinfo/Asia/Shanghai
- name: wt-tls
secret:
secretName: chat-wt-tls
optional: true
---
# TCP Service: REST API + WebSocket
apiVersion: v1
kind: Service
metadata:
name: chat-api-svc
namespace: juwan
annotations:
prometheus.io/scrape: "true"
prometheus.io/port: "4001"
prometheus.io/path: "/metrics"
spec:
ports:
- name: http
port: 8888
targetPort: 8888
protocol: TCP
- name: ws
port: 8889
targetPort: 8889
protocol: TCP
- name: metrics
port: 4001
targetPort: 4001
protocol: TCP
selector:
app: chat-api
---
# UDP Service: WebTransport (QUIC)
apiVersion: v1
kind: Service
metadata:
name: chat-api-wt
namespace: juwan
spec:
ports:
- name: webtransport
port: 8443
targetPort: 8443
protocol: UDP
selector:
app: chat-api
---
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
name: chat-api-hpa-c
namespace: juwan
labels:
app: chat-api-hpa-c
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: chat-api
minReplicas: 3
maxReplicas: 10
metrics:
- type: Resource
resource:
name: cpu
target:
type: Utilization
averageUtilization: 80
---
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
name: chat-api-hpa-m
namespace: juwan
labels:
app: chat-api-hpa-m
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: chat-api
minReplicas: 3
maxReplicas: 10
metrics:
- type: Resource
resource:
name: memory
target:
type: Utilization
averageUtilization: 80
---
apiVersion: v1
kind: Secret
metadata:
name: chat-mongodb-app-user-password
namespace: juwan
type: Opaque
stringData:
password: CHANGE_ME_CHAT_MONGO_PASSWORD
---
apiVersion: mongodbcommunity.mongodb.com/v1
kind: MongoDBCommunity
metadata:
name: chat-mongodb
namespace: juwan
spec:
members: 3
type: ReplicaSet
version: "7.0.12"
security:
authentication:
modes:
- SCRAM
users:
- name: app-user
db: admin
passwordSecretRef:
name: chat-mongodb-app-user-password
roles:
- name: readWrite
db: juwan_chat
scramCredentialsSecretName: chat-mongodb-app-user-scram
additionalMongodConfig:
storage.wiredTiger.engineConfig.journalCompressor: zlib
---
apiVersion: v1
kind: Secret
metadata:
name: chat-redis
namespace: juwan
type: Opaque
stringData:
password: CHANGE_ME_CHAT_REDIS_PASSWORD
---
apiVersion: redis.redis.opstreelabs.in/v1beta2
kind: RedisReplication
metadata:
name: chat-redis
namespace: juwan
spec:
clusterSize: 3
kubernetesConfig:
image: quay.io/opstree/redis:v7.0.12
imagePullPolicy: IfNotPresent
resources:
requests:
cpu: 100m
memory: 128Mi
limits:
cpu: 500m
memory: 512Mi
redisSecret:
name: chat-redis
key: password
redisExporter:
enabled: true
image: quay.io/opstree/redis-exporter:latest
imagePullPolicy: Always
podSecurityContext:
runAsUser: 1000
fsGroup: 1000
storage:
volumeClaimTemplate:
spec:
accessModes: ["ReadWriteOnce"]
resources:
requests:
storage: 1Gi
---
apiVersion: redis.redis.opstreelabs.in/v1beta2
kind: RedisSentinel
metadata:
name: chat-redis-sentinel
namespace: juwan
spec:
clusterSize: 3
kubernetesConfig:
image: quay.io/opstree/redis-sentinel:v7.0.12
imagePullPolicy: IfNotPresent
resources:
requests:
cpu: 100m
memory: 128Mi
limits:
cpu: 500m
memory: 512Mi
podSecurityContext:
runAsUser: 1000
fsGroup: 1000
redisSentinelConfig:
redisReplicationName: chat-redis
masterGroupName: mymaster
redisPort: "6379"
quorum: "2"
downAfterMilliseconds: "5000"
failoverTimeout: "10000"
parallelSyncs: "1"