apiVersion: apps/v1 kind: Deployment metadata: name: chat-api namespace: juwan labels: app: chat-api spec: replicas: 3 revisionHistoryLimit: 5 selector: matchLabels: app: chat-api template: metadata: labels: app: chat-api spec: serviceAccountName: find-endpoints containers: - name: chat-api image: 103.236.53.208:4418/juwan/chat-api:latest imagePullPolicy: Always ports: - containerPort: 8888 name: http protocol: TCP - containerPort: 8889 name: ws protocol: TCP - containerPort: 8443 name: wt protocol: UDP - containerPort: 4001 name: metrics protocol: TCP env: - name: REDIS_M_HOST value: "chat-redis-master.juwan:6379" - name: REDIS_S_HOST value: "chat-redis-replica.juwan:6379" - name: REDIS_PASSWORD valueFrom: secretKeyRef: name: chat-redis key: password - name: JWT_SECRET_KEY valueFrom: secretKeyRef: name: jwt-secret key: secret-key - name: MONGO_URI value: "mongodb://app-user:$(MONGO_PASSWORD)@chat-mongodb-0.chat-mongodb-svc.juwan.svc.cluster.local:27017,chat-mongodb-1.chat-mongodb-svc.juwan.svc.cluster.local:27017,chat-mongodb-2.chat-mongodb-svc.juwan.svc.cluster.local:27017/juwan_chat?replicaSet=chat-mongodb&authSource=admin" - name: MONGO_PASSWORD valueFrom: secretKeyRef: name: chat-mongodb-app-user-password key: password readinessProbe: tcpSocket: port: 8888 initialDelaySeconds: 5 periodSeconds: 10 livenessProbe: tcpSocket: port: 8888 initialDelaySeconds: 15 periodSeconds: 20 resources: requests: cpu: 500m memory: 512Mi limits: cpu: 1000m memory: 1024Mi volumeMounts: - name: timezone mountPath: /etc/localtime - name: wt-tls mountPath: /etc/certs readOnly: true volumes: - name: timezone hostPath: path: /usr/share/zoneinfo/Asia/Shanghai - name: wt-tls secret: secretName: chat-wt-tls optional: true --- # TCP Service: REST API + WebSocket apiVersion: v1 kind: Service metadata: name: chat-api-svc namespace: juwan annotations: prometheus.io/scrape: "true" prometheus.io/port: "4001" prometheus.io/path: "/metrics" spec: ports: - name: http port: 8888 targetPort: 8888 protocol: TCP - name: ws port: 8889 targetPort: 8889 protocol: TCP - name: metrics port: 4001 targetPort: 4001 protocol: TCP selector: app: chat-api --- # UDP Service: WebTransport (QUIC) apiVersion: v1 kind: Service metadata: name: chat-api-wt namespace: juwan spec: ports: - name: webtransport port: 8443 targetPort: 8443 protocol: UDP selector: app: chat-api --- apiVersion: autoscaling/v2 kind: HorizontalPodAutoscaler metadata: name: chat-api-hpa-c namespace: juwan labels: app: chat-api-hpa-c spec: scaleTargetRef: apiVersion: apps/v1 kind: Deployment name: chat-api minReplicas: 3 maxReplicas: 10 metrics: - type: Resource resource: name: cpu target: type: Utilization averageUtilization: 80 --- apiVersion: autoscaling/v2 kind: HorizontalPodAutoscaler metadata: name: chat-api-hpa-m namespace: juwan labels: app: chat-api-hpa-m spec: scaleTargetRef: apiVersion: apps/v1 kind: Deployment name: chat-api minReplicas: 3 maxReplicas: 10 metrics: - type: Resource resource: name: memory target: type: Utilization averageUtilization: 80 --- apiVersion: v1 kind: Secret metadata: name: chat-mongodb-app-user-password namespace: juwan type: Opaque stringData: password: CHANGE_ME_CHAT_MONGO_PASSWORD --- apiVersion: mongodbcommunity.mongodb.com/v1 kind: MongoDBCommunity metadata: name: chat-mongodb namespace: juwan spec: members: 3 type: ReplicaSet version: "7.0.12" security: authentication: modes: - SCRAM users: - name: app-user db: admin passwordSecretRef: name: chat-mongodb-app-user-password roles: - name: readWrite db: juwan_chat scramCredentialsSecretName: chat-mongodb-app-user-scram additionalMongodConfig: storage.wiredTiger.engineConfig.journalCompressor: zlib --- apiVersion: v1 kind: Secret metadata: name: chat-redis namespace: juwan type: Opaque stringData: password: CHANGE_ME_CHAT_REDIS_PASSWORD --- apiVersion: redis.redis.opstreelabs.in/v1beta2 kind: RedisReplication metadata: name: chat-redis namespace: juwan spec: clusterSize: 3 kubernetesConfig: image: quay.io/opstree/redis:v7.0.12 imagePullPolicy: IfNotPresent resources: requests: cpu: 100m memory: 128Mi limits: cpu: 500m memory: 512Mi redisSecret: name: chat-redis key: password redisExporter: enabled: true image: quay.io/opstree/redis-exporter:latest imagePullPolicy: Always podSecurityContext: runAsUser: 1000 fsGroup: 1000 storage: volumeClaimTemplate: spec: accessModes: ["ReadWriteOnce"] resources: requests: storage: 1Gi --- apiVersion: redis.redis.opstreelabs.in/v1beta2 kind: RedisSentinel metadata: name: chat-redis-sentinel namespace: juwan spec: clusterSize: 3 kubernetesConfig: image: quay.io/opstree/redis-sentinel:v7.0.12 imagePullPolicy: IfNotPresent resources: requests: cpu: 100m memory: 128Mi limits: cpu: 500m memory: 512Mi podSecurityContext: runAsUser: 1000 fsGroup: 1000 redisSentinelConfig: redisReplicationName: chat-redis masterGroupName: mymaster redisPort: "6379" quorum: "2" downAfterMilliseconds: "5000" failoverTimeout: "10000" parallelSyncs: "1"