wwweww
265 lines
6.2 KiB
YAML
265 lines
6.2 KiB
YAML
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: user-rpc
|
|
namespace: juwan
|
|
labels:
|
|
app: user-rpc
|
|
spec:
|
|
replicas: 1
|
|
revisionHistoryLimit: 5
|
|
selector:
|
|
matchLabels:
|
|
app: user-rpc
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: user-rpc
|
|
spec:
|
|
# serviceAccountName: find-endpoints
|
|
serviceAccountName: user-rpc
|
|
initContainers: # 等待数据库就绪的 Init Container 不影响资源使用但是影响调度策略(也可以忽略不计)
|
|
- name: wait-for-db
|
|
image: busybox:1.36
|
|
command:
|
|
[
|
|
"sh",
|
|
"-c",
|
|
'until nc -z -v -w5 user-db-rw 5432; do echo "Waiting for database..."; sleep 2; done;',
|
|
]
|
|
containers:
|
|
- name: user-rpc
|
|
image: 103.236.53.208:4418/library/user-rpc@sha256:3d1d3cc02188a9b1a29a308a4867638b25b6e480e5a6bdaeb938f262f53969b7
|
|
ports:
|
|
- containerPort: 9001
|
|
- containerPort: 4001
|
|
env:
|
|
- name: DB_PORT
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: user-db-app
|
|
key: port
|
|
- name: DB_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: user-db-app
|
|
key: password
|
|
- name: PD_USERNAME
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: user-db-app
|
|
key: username
|
|
- name: DB_NAME
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: user-db-app
|
|
key: dbname
|
|
- name: REDIS_M_HOST
|
|
value: "user-redis-master.juwan:6379"
|
|
- name: REDIS_S_HOST
|
|
value: "user-redis-replica.juwan:6379"
|
|
- name: REDIS_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: user-redis
|
|
key: password
|
|
- name: JWT_SECRET_KEY
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: jwt-secret
|
|
key: secret-key
|
|
readinessProbe:
|
|
tcpSocket:
|
|
port: 9001
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 10
|
|
livenessProbe:
|
|
tcpSocket:
|
|
port: 9001
|
|
initialDelaySeconds: 15
|
|
periodSeconds: 20
|
|
resources:
|
|
requests:
|
|
cpu: 500m
|
|
memory: 512Mi
|
|
limits:
|
|
cpu: 1000m
|
|
memory: 1024Mi
|
|
volumeMounts:
|
|
- name: timezone
|
|
mountPath: /etc/localtime
|
|
volumes:
|
|
- name: timezone
|
|
hostPath:
|
|
path: /usr/share/zoneinfo/Asia/Shanghai
|
|
|
|
---
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: user-rpc-svc
|
|
namespace: juwan
|
|
annotations:
|
|
prometheus.io/scrape: "true"
|
|
prometheus.io/port: "4001"
|
|
prometheus.io/path: "/metrics"
|
|
spec:
|
|
ports:
|
|
- name: rpc
|
|
port: 9001
|
|
targetPort: 9001
|
|
- name: metrics
|
|
port: 4001
|
|
targetPort: 4001
|
|
selector:
|
|
app: user-rpc
|
|
|
|
#---
|
|
#apiVersion: autoscaling/v2
|
|
#kind: HorizontalPodAutoscaler
|
|
#metadata:
|
|
# name: user-rpc-hpa-c
|
|
# namespace: juwan
|
|
# labels:
|
|
# app: user-rpc-hpa-c
|
|
#spec:
|
|
# scaleTargetRef:
|
|
# apiVersion: apps/v1
|
|
# kind: Deployment
|
|
# name: user-rpc
|
|
# minReplicas: 3
|
|
# maxReplicas: 10
|
|
# metrics:
|
|
# - type: Resource
|
|
# resource:
|
|
# name: cpu
|
|
# target:
|
|
# type: Utilization
|
|
# averageUtilization: 80
|
|
#
|
|
#---
|
|
#apiVersion: autoscaling/v2
|
|
#kind: HorizontalPodAutoscaler
|
|
#metadata:
|
|
# name: user-rpc-hpa-m
|
|
# namespace: juwan
|
|
# labels:
|
|
# app: user-rpc-hpa-m
|
|
#spec:
|
|
# scaleTargetRef:
|
|
# apiVersion: apps/v1
|
|
# kind: Deployment
|
|
# name: user-rpc
|
|
# minReplicas: 3
|
|
# maxReplicas: 10
|
|
# metrics:
|
|
# - type: Resource
|
|
# resource:
|
|
# name: memory
|
|
# target:
|
|
# type: Utilization
|
|
# averageUtilization: 80
|
|
#---
|
|
## Redis 主从复制
|
|
#apiVersion: redis.redis.opstreelabs.in/v1beta2
|
|
#kind: RedisReplication
|
|
#metadata:
|
|
# name: user-redis
|
|
# namespace: juwan
|
|
#spec:
|
|
# clusterSize: 3
|
|
# kubernetesConfig:
|
|
# image: quay.io/opstree/redis:v7.0.12
|
|
# imagePullPolicy: IfNotPresent
|
|
# resources:
|
|
# requests:
|
|
# cpu: 100m
|
|
# memory: 128Mi
|
|
# limits:
|
|
# cpu: 500m
|
|
# memory: 512Mi
|
|
# redisSecret:
|
|
# name: user-redis
|
|
# key: password
|
|
#
|
|
# redisExporter:
|
|
# enabled: true
|
|
# image: quay.io/opstree/redis-exporter:latest
|
|
# imagePullPolicy: Always
|
|
# podSecurityContext:
|
|
# runAsUser: 1000
|
|
# fsGroup: 1000
|
|
# storage:
|
|
# volumeClaimTemplate:
|
|
# spec:
|
|
# accessModes: ["ReadWriteOnce"]
|
|
# resources:
|
|
# requests:
|
|
# storage: 1Gi
|
|
#
|
|
#---
|
|
## Sentinel 监控
|
|
#apiVersion: redis.redis.opstreelabs.in/v1beta2
|
|
#kind: RedisSentinel
|
|
#metadata:
|
|
# name: user-redis-sentinel
|
|
# namespace: juwan
|
|
#spec:
|
|
# clusterSize: 3
|
|
# kubernetesConfig:
|
|
# image: quay.io/opstree/redis-sentinel:v7.0.12
|
|
# imagePullPolicy: IfNotPresent
|
|
# resources:
|
|
# requests:
|
|
# cpu: 100m
|
|
# memory: 128Mi
|
|
# limits:
|
|
# cpu: 500m
|
|
# memory: 512Mi
|
|
# podSecurityContext:
|
|
# runAsUser: 1000
|
|
# fsGroup: 1000
|
|
# redisSentinelConfig:
|
|
# redisReplicationName: user-redis
|
|
# masterGroupName: mymaster
|
|
# redisPort: "6379"
|
|
# quorum: "2"
|
|
# downAfterMilliseconds: "5000"
|
|
# failoverTimeout: "10000"
|
|
# parallelSyncs: "1"
|
|
#
|
|
#---
|
|
## PostgreSQL 集群
|
|
#apiVersion: postgresql.cnpg.io/v1
|
|
#kind: Cluster
|
|
#metadata:
|
|
# namespace: juwan
|
|
# name: user-db
|
|
#spec:
|
|
# instances: 3
|
|
# primaryUpdateStrategy: unsupervised
|
|
# bootstrap:
|
|
# initdb:
|
|
# database: app
|
|
# owner: app
|
|
# # 只在 PVC 为空时初始化
|
|
# postInitSQL:
|
|
# - CREATE EXTENSION IF NOT EXISTS pg_stat_statements;
|
|
# backup:
|
|
# barmanObjectStore:
|
|
# destinationPath: s3://juwan-dev-pg-backups-zj/pg-data/
|
|
# endpointURL: https://cn-nb1.rains3.com
|
|
# s3Credentials:
|
|
# accessKeyId:
|
|
# name: rc-creds
|
|
# key: SOucqRaJr4OyfcIu
|
|
# secretAccessKey:
|
|
# name: rc-creds
|
|
# key: tn2Agj9EowMwuPA9y7TdSL0AXKsMEz
|
|
# wal:
|
|
# compression: gzip
|
|
# storage:
|
|
# size: 1Gi
|
|
# monitoring:
|
|
# enablePodMonitor: true
|