juwan/juwan-backend
1
0
Fork 0
Code Issues Pull Requests Actions 20 Packages Projects Releases Wiki Activity

refactor(k01): flatten directory layout and split deployment into five scripts
build-and-push-harbor / docker-build-push (push) Waiting to run
Details

Browse Source
This commit is contained in:
zetaloop
2026-05-06 02:37:25 +08:00
parent 8ba8c7ca20
commit c575b53843
31 changed files with 95 additions and 57 deletions
Download Patch File Download Diff File Expand all files Collapse all files
deploy/k01/infra/envoy.yaml
+1096
View File
File diff suppressed because it is too large Load Diff
deploy/k01/infra/kafka.yaml
+72
View File
@@ -0,0 +1,72 @@
apiVersion: kafka.strimzi.io/v1
kind: KafkaNodePool
metadata:
name: controller
namespace: kafka
labels:
strimzi.io/cluster: juwan-kafka
spec:
replicas: 1
roles:
- controller
storage:
type: persistent-claim
size: 1Gi
deleteClaim: false
---
apiVersion: kafka.strimzi.io/v1
kind: KafkaNodePool
metadata:
name: broker
namespace: kafka
labels:
strimzi.io/cluster: juwan-kafka
spec:
replicas: 1
roles:
- broker
storage:
type: persistent-claim
size: 5Gi
deleteClaim: false
---
apiVersion: kafka.strimzi.io/v1
kind: Kafka
metadata:
name: juwan-kafka
namespace: kafka
annotations:
strimzi.io/node-pools: enabled
strimzi.io/kraft: enabled
spec:
kafka:
version: 4.2.0
metadataVersion: 4.2-IV0
listeners:
- name: plain
port: 9092
type: internal
tls: false
config:
offsets.topic.replication.factor: 1
transaction.state.log.replication.factor: 1
transaction.state.log.min.isr: 1
default.replication.factor: 1
min.insync.replicas: 1
entityOperator:
topicOperator: {}
userOperator: {}
---
apiVersion: kafka.strimzi.io/v1
kind: KafkaTopic
metadata:
name: email-task
namespace: kafka
labels:
strimzi.io/cluster: juwan-kafka
spec:
partitions: 1
replicas: 1
deploy/k01/infra/mongo.yaml
+41
View File
@@ -0,0 +1,41 @@
apiVersion: mongodbcommunity.mongodb.com/v1
kind: MongoDBCommunity
metadata:
name: chat-mongodb
namespace: juwan
spec:
members: 1
type: ReplicaSet
version: "8.2.6"
security:
authentication:
modes:
- SCRAM
users:
- name: app-user
db: admin
passwordSecretRef:
name: chat-mongodb-app-user-password
roles:
- name: readWrite
db: juwan_chat
scramCredentialsSecretName: chat-mongodb-app-user-scram
additionalMongodConfig:
storage.wiredTiger.engineConfig.journalCompressor: zlib
statefulSet:
spec:
volumeClaimTemplates:
- metadata:
name: data-volume
spec:
accessModes: ["ReadWriteOnce"]
resources:
requests:
storage: 1Gi
- metadata:
name: logs-volume
spec:
accessModes: ["ReadWriteOnce"]
resources:
requests:
storage: 256Mi
deploy/k01/infra/postgres.yaml
+185
View File
@@ -0,0 +1,185 @@
apiVersion: postgresql.cnpg.io/v1
kind: Cluster
metadata:
namespace: juwan
name: user-db
spec:
instances: 1
imageName: ghcr.io/cloudnative-pg/postgresql:18.3-system-trixie
primaryUpdateStrategy: unsupervised
bootstrap:
initdb:
database: app
owner: app
storage:
size: 1Gi
---
apiVersion: postgresql.cnpg.io/v1
kind: Cluster
metadata:
namespace: juwan
name: player-db
spec:
instances: 1
imageName: ghcr.io/cloudnative-pg/postgresql:18.3-system-trixie
primaryUpdateStrategy: unsupervised
bootstrap:
initdb:
database: app
owner: app
storage:
size: 1Gi
---
apiVersion: postgresql.cnpg.io/v1
kind: Cluster
metadata:
namespace: juwan
name: game-db
spec:
instances: 1
imageName: ghcr.io/cloudnative-pg/postgresql:18.3-system-trixie
primaryUpdateStrategy: unsupervised
bootstrap:
initdb:
database: app
owner: app
storage:
size: 1Gi
---
apiVersion: postgresql.cnpg.io/v1
kind: Cluster
metadata:
namespace: juwan
name: shop-db
spec:
instances: 1
imageName: ghcr.io/cloudnative-pg/postgresql:18.3-system-trixie
primaryUpdateStrategy: unsupervised
bootstrap:
initdb:
database: app
owner: app
storage:
size: 1Gi
---
apiVersion: postgresql.cnpg.io/v1
kind: Cluster
metadata:
namespace: juwan
name: order-db
spec:
instances: 1
imageName: ghcr.io/cloudnative-pg/postgresql:18.3-system-trixie
primaryUpdateStrategy: unsupervised
bootstrap:
initdb:
database: app
owner: app
storage:
size: 1Gi
---
apiVersion: postgresql.cnpg.io/v1
kind: Cluster
metadata:
namespace: juwan
name: wallet-db
spec:
instances: 1
imageName: ghcr.io/cloudnative-pg/postgresql:18.3-system-trixie
primaryUpdateStrategy: unsupervised
bootstrap:
initdb:
database: app
owner: app
storage:
size: 1Gi
---
apiVersion: postgresql.cnpg.io/v1
kind: Cluster
metadata:
namespace: juwan
name: community-db
spec:
instances: 1
imageName: ghcr.io/cloudnative-pg/postgresql:18.3-system-trixie
primaryUpdateStrategy: unsupervised
bootstrap:
initdb:
database: app
owner: app
storage:
size: 1Gi
---
apiVersion: postgresql.cnpg.io/v1
kind: Cluster
metadata:
namespace: juwan
name: review-db
spec:
instances: 1
imageName: ghcr.io/cloudnative-pg/postgresql:18.3-system-trixie
primaryUpdateStrategy: unsupervised
bootstrap:
initdb:
database: app
owner: app
storage:
size: 1Gi
---
apiVersion: postgresql.cnpg.io/v1
kind: Cluster
metadata:
namespace: juwan
name: dispute-db
spec:
instances: 1
imageName: ghcr.io/cloudnative-pg/postgresql:18.3-system-trixie
primaryUpdateStrategy: unsupervised
bootstrap:
initdb:
database: app
owner: app
storage:
size: 1Gi
---
apiVersion: postgresql.cnpg.io/v1
kind: Cluster
metadata:
namespace: juwan
name: notification-db
spec:
instances: 1
imageName: ghcr.io/cloudnative-pg/postgresql:18.3-system-trixie
primaryUpdateStrategy: unsupervised
bootstrap:
initdb:
database: app
owner: app
storage:
size: 1Gi
---
apiVersion: postgresql.cnpg.io/v1
kind: Cluster
metadata:
namespace: juwan
name: search-db
spec:
instances: 1
imageName: ghcr.io/cloudnative-pg/postgresql:18.3-system-trixie
primaryUpdateStrategy: unsupervised
bootstrap:
initdb:
database: app
owner: app
storage:
size: 1Gi
deploy/k01/infra/ratelimit.yaml
+149
View File
@@ -0,0 +1,149 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: ratelimit-config
namespace: juwan
data:
ratelimit.yaml: |
domain: api
descriptors:
- key: generic_key
value: login
descriptors:
- key: remote_address
rate_limit:
unit: MINUTE
requests_per_unit: 10
- key: generic_key
value: register
descriptors:
- key: remote_address
rate_limit:
unit: MINUTE
requests_per_unit: 5
- key: generic_key
value: forgot_password_send
descriptors:
- key: remote_address
rate_limit:
unit: MINUTE
requests_per_unit: 3
- key: generic_key
value: verify_code_send
descriptors:
- key: remote_address
rate_limit:
unit: MINUTE
requests_per_unit: 3
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: rl-redis
namespace: juwan
labels:
app: rl-redis
spec:
replicas: 1
selector:
matchLabels:
app: rl-redis
template:
metadata:
labels:
app: rl-redis
spec:
containers:
- name: redis
image: redis:8.6.2-alpine
ports:
- containerPort: 6379
resources:
requests:
cpu: 20m
memory: 32Mi
---
apiVersion: v1
kind: Service
metadata:
name: rl-redis-svc
namespace: juwan
spec:
ports:
- port: 6379
targetPort: 6379
selector:
app: rl-redis
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: ratelimit
namespace: juwan
labels:
app: ratelimit
spec:
replicas: 1
selector:
matchLabels:
app: ratelimit
template:
metadata:
labels:
app: ratelimit
spec:
containers:
- name: ratelimit
image: envoyproxy/ratelimit:fe26676d
command: ["/bin/ratelimit"]
env:
- name: REDIS_SOCKET_TYPE
value: tcp
- name: REDIS_URL
value: rl-redis-svc:6379
- name: USE_STATSD
value: "false"
- name: RUNTIME_ROOT
value: /data
- name: RUNTIME_SUBDIRECTORY
value: ratelimit
- name: RUNTIME_WATCH_ROOT
value: "true"
- name: LOG_LEVEL
value: info
ports:
- containerPort: 8081
name: grpc
- containerPort: 6070
name: debug
volumeMounts:
- name: config
mountPath: /data/ratelimit/config
resources:
requests:
cpu: 50m
memory: 64Mi
volumes:
- name: config
configMap:
name: ratelimit-config
---
apiVersion: v1
kind: Service
metadata:
name: ratelimit-svc
namespace: juwan
spec:
ports:
- name: grpc
port: 8081
targetPort: 8081
- name: debug
port: 6070
targetPort: 6070
selector:
app: ratelimit
deploy/k01/infra/redis.yaml
+346
View File
@@ -0,0 +1,346 @@
apiVersion: redis.redis.opstreelabs.in/v1beta2
kind: RedisReplication
metadata:
name: user-redis
namespace: juwan
spec:
clusterSize: 1
kubernetesConfig:
image: quay.io/opstree/redis:v7.0.15
imagePullPolicy: IfNotPresent
resources:
requests:
cpu: 50m
memory: 64Mi
redisSecret:
name: user-redis
key: password
podSecurityContext:
runAsUser: 1000
fsGroup: 1000
storage:
volumeClaimTemplate:
spec:
accessModes: ["ReadWriteOnce"]
resources:
requests:
storage: 1Gi
---
apiVersion: redis.redis.opstreelabs.in/v1beta2
kind: RedisReplication
metadata:
name: player-redis
namespace: juwan
spec:
clusterSize: 1
kubernetesConfig:
image: quay.io/opstree/redis:v7.0.15
imagePullPolicy: IfNotPresent
resources:
requests:
cpu: 50m
memory: 64Mi
redisSecret:
name: player-redis
key: password
podSecurityContext:
runAsUser: 1000
fsGroup: 1000
storage:
volumeClaimTemplate:
spec:
accessModes: ["ReadWriteOnce"]
resources:
requests:
storage: 1Gi
---
apiVersion: redis.redis.opstreelabs.in/v1beta2
kind: RedisReplication
metadata:
name: game-redis
namespace: juwan
spec:
clusterSize: 1
kubernetesConfig:
image: quay.io/opstree/redis:v7.0.15
imagePullPolicy: IfNotPresent
resources:
requests:
cpu: 50m
memory: 64Mi
redisSecret:
name: game-redis
key: password
podSecurityContext:
runAsUser: 1000
fsGroup: 1000
storage:
volumeClaimTemplate:
spec:
accessModes: ["ReadWriteOnce"]
resources:
requests:
storage: 1Gi
---
apiVersion: redis.redis.opstreelabs.in/v1beta2
kind: RedisReplication
metadata:
name: shop-redis
namespace: juwan
spec:
clusterSize: 1
kubernetesConfig:
image: quay.io/opstree/redis:v7.0.15
imagePullPolicy: IfNotPresent
resources:
requests:
cpu: 50m
memory: 64Mi
redisSecret:
name: shop-redis
key: password
podSecurityContext:
runAsUser: 1000
fsGroup: 1000
storage:
volumeClaimTemplate:
spec:
accessModes: ["ReadWriteOnce"]
resources:
requests:
storage: 1Gi
---
apiVersion: redis.redis.opstreelabs.in/v1beta2
kind: RedisReplication
metadata:
name: order-redis
namespace: juwan
spec:
clusterSize: 1
kubernetesConfig:
image: quay.io/opstree/redis:v7.0.15
imagePullPolicy: IfNotPresent
resources:
requests:
cpu: 50m
memory: 64Mi
redisSecret:
name: order-redis
key: password
podSecurityContext:
runAsUser: 1000
fsGroup: 1000
storage:
volumeClaimTemplate:
spec:
accessModes: ["ReadWriteOnce"]
resources:
requests:
storage: 1Gi
---
apiVersion: redis.redis.opstreelabs.in/v1beta2
kind: RedisReplication
metadata:
name: wallet-redis
namespace: juwan
spec:
clusterSize: 1
kubernetesConfig:
image: quay.io/opstree/redis:v7.0.15
imagePullPolicy: IfNotPresent
resources:
requests:
cpu: 50m
memory: 64Mi
redisSecret:
name: wallet-redis
key: password
podSecurityContext:
runAsUser: 1000
fsGroup: 1000
storage:
volumeClaimTemplate:
spec:
accessModes: ["ReadWriteOnce"]
resources:
requests:
storage: 1Gi
---
apiVersion: redis.redis.opstreelabs.in/v1beta2
kind: RedisReplication
metadata:
name: community-redis
namespace: juwan
spec:
clusterSize: 1
kubernetesConfig:
image: quay.io/opstree/redis:v7.0.15
imagePullPolicy: IfNotPresent
resources:
requests:
cpu: 50m
memory: 64Mi
redisSecret:
name: community-redis
key: password
podSecurityContext:
runAsUser: 1000
fsGroup: 1000
storage:
volumeClaimTemplate:
spec:
accessModes: ["ReadWriteOnce"]
resources:
requests:
storage: 1Gi
---
apiVersion: redis.redis.opstreelabs.in/v1beta2
kind: RedisReplication
metadata:
name: review-redis
namespace: juwan
spec:
clusterSize: 1
kubernetesConfig:
image: quay.io/opstree/redis:v7.0.15
imagePullPolicy: IfNotPresent
resources:
requests:
cpu: 50m
memory: 64Mi
redisSecret:
name: review-redis
key: password
podSecurityContext:
runAsUser: 1000
fsGroup: 1000
storage:
volumeClaimTemplate:
spec:
accessModes: ["ReadWriteOnce"]
resources:
requests:
storage: 1Gi
---
apiVersion: redis.redis.opstreelabs.in/v1beta2
kind: RedisReplication
metadata:
name: dispute-redis
namespace: juwan
spec:
clusterSize: 1
kubernetesConfig:
image: quay.io/opstree/redis:v7.0.15
imagePullPolicy: IfNotPresent
resources:
requests:
cpu: 50m
memory: 64Mi
redisSecret:
name: dispute-redis
key: password
podSecurityContext:
runAsUser: 1000
fsGroup: 1000
storage:
volumeClaimTemplate:
spec:
accessModes: ["ReadWriteOnce"]
resources:
requests:
storage: 1Gi
---
apiVersion: redis.redis.opstreelabs.in/v1beta2
kind: RedisReplication
metadata:
name: notification-redis
namespace: juwan
spec:
clusterSize: 1
kubernetesConfig:
image: quay.io/opstree/redis:v7.0.15
imagePullPolicy: IfNotPresent
resources:
requests:
cpu: 50m
memory: 64Mi
redisSecret:
name: notification-redis
key: password
podSecurityContext:
runAsUser: 1000
fsGroup: 1000
storage:
volumeClaimTemplate:
spec:
accessModes: ["ReadWriteOnce"]
resources:
requests:
storage: 1Gi
---
apiVersion: redis.redis.opstreelabs.in/v1beta2
kind: RedisReplication
metadata:
name: search-redis
namespace: juwan
spec:
clusterSize: 1
kubernetesConfig:
image: quay.io/opstree/redis:v7.0.15
imagePullPolicy: IfNotPresent
resources:
requests:
cpu: 50m
memory: 64Mi
redisSecret:
name: search-redis
key: password
podSecurityContext:
runAsUser: 1000
fsGroup: 1000
storage:
volumeClaimTemplate:
spec:
accessModes: ["ReadWriteOnce"]
resources:
requests:
storage: 1Gi
---
apiVersion: redis.redis.opstreelabs.in/v1beta2
kind: RedisReplication
metadata:
name: chat-redis
namespace: juwan
spec:
clusterSize: 1
kubernetesConfig:
image: quay.io/opstree/redis:v7.0.15
imagePullPolicy: IfNotPresent
resources:
requests:
cpu: 50m
memory: 64Mi
redisSecret:
name: chat-redis
key: password
podSecurityContext:
runAsUser: 1000
fsGroup: 1000
storage:
volumeClaimTemplate:
spec:
accessModes: ["ReadWriteOnce"]
resources:
requests:
storage: 1Gi