juwan/juwan-backend
1
0
Fork 0
Code Issues Pull Requests Actions 19 Packages Projects Releases Wiki Activity
Files
9a328500301427f0fec35c67cbde7bb973492e16
juwan-backend/deploy/k8s/service/user/user-rpc.yaml
T
wwweww 83fa982749 补齐各个服务的k8s配置清单
2026-05-02 11:57:07 +08:00

267 lines
6.1 KiB
YAML
Raw Blame History

apiVersion: apps/v1
kind: Deployment
metadata:
name: user-rpc
namespace: juwan
labels:
app: user-rpc
spec:
replicas: 3
revisionHistoryLimit: 5
selector:
matchLabels:
app: user-rpc # .Name
template:
metadata:
labels:
app: user-rpc
spec:
# serviceAccountName: find-endpoints
serviceAccountName: user-rpc
initContainers: # 等待数据库就绪的 Init Container 不影响资源使用但是影响调度策略(也可以忽略不计)
- name: wait-for-db
image: busybox:1.36
command:
[
"sh",
"-c",
'until nc -z -v -w5 user-db-rw 5432; do echo "Waiting for database..."; sleep 2; done;',
]
containers:
- name: user-rpc
# image: 103.236.53.208:4418/library/user-rpc@sha256:28d785c4152d28b5cb368316e0fb3d48d728303e4439cdce13ebdbc5af8d19ce
image: 103.236.53.208:4418/juwan/user-rpc:latest
imagePullPolicy: Always
ports:
- containerPort: 9001
- containerPort: 4001
env:
- name: DB_PORT
valueFrom:
secretKeyRef:
name: user-db-app
key: port
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
name: user-db-app
key: password
- name: PD_USERNAME
valueFrom:
secretKeyRef:
name: user-db-app
key: username
- name: DB_NAME
valueFrom:
secretKeyRef:
name: user-db-app
key: dbname
- name: REDIS_M_HOST
value: "user-redis-master.juwan:6379"
- name: REDIS_S_HOST
value: "user-redis-replica.juwan:6379"
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: user-redis
key: password
- name: JWT_SECRET_KEY
valueFrom:
secretKeyRef:
name: jwt-secret
key: secret-key
readinessProbe:
tcpSocket:
port: 9001
initialDelaySeconds: 5
periodSeconds: 10
livenessProbe:
tcpSocket:
port: 9001
initialDelaySeconds: 15
periodSeconds: 20
resources:
requests:
cpu: 500m
memory: 512Mi
limits:
cpu: 1000m
memory: 1024Mi
volumeMounts:
- name: timezone
mountPath: /etc/localtime
volumes:
- name: timezone
hostPath:
path: /usr/share/zoneinfo/Asia/Shanghai
---
apiVersion: v1
kind: Service
metadata:
name: user-rpc-svc
namespace: juwan
annotations:
prometheus.io/scrape: "true"
prometheus.io/port: "4001"
prometheus.io/path: "/metrics"
spec:
ports:
- name: rpc
port: 9001
targetPort: 9001
- name: metrics
port: 4001
targetPort: 4001
selector:
app: user-rpc
---
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
name: user-rpc-hpa-c
namespace: juwan
labels:
app: user-rpc-hpa-c
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: user-rpc
minReplicas: 3
maxReplicas: 10
metrics:
- type: Resource
resource:
name: cpu
target:
type: Utilization
averageUtilization: 80
---
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
name: user-rpc-hpa-m
namespace: juwan
labels:
app: user-rpc-hpa-m
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: user-rpc
minReplicas: 3
maxReplicas: 10
metrics:
- type: Resource
resource:
name: memory
target:
type: Utilization
averageUtilization: 80
---
# Redis 主从复制
apiVersion: redis.redis.opstreelabs.in/v1beta2
kind: RedisReplication
metadata:
name: user-redis
namespace: juwan
spec:
clusterSize: 3
kubernetesConfig:
image: quay.io/opstree/redis:v7.0.12
imagePullPolicy: IfNotPresent
resources:
requests:
cpu: 100m
memory: 128Mi
limits:
cpu: 500m
memory: 512Mi
redisSecret:
name: user-redis
key: password
redisExporter:
enabled: true
image: quay.io/opstree/redis-exporter:latest
imagePullPolicy: Always
podSecurityContext:
runAsUser: 1000
fsGroup: 1000
storage:
volumeClaimTemplate:
spec:
accessModes: ["ReadWriteOnce"]
resources:
requests:
storage: 1Gi
---
# Sentinel 监控
apiVersion: redis.redis.opstreelabs.in/v1beta2
kind: RedisSentinel
metadata:
name: user-redis-sentinel
namespace: juwan
spec:
clusterSize: 3
kubernetesConfig:
image: quay.io/opstree/redis-sentinel:v7.0.12
imagePullPolicy: IfNotPresent
resources:
requests:
cpu: 100m
memory: 128Mi
limits:
cpu: 500m
memory: 512Mi
podSecurityContext:
runAsUser: 1000
fsGroup: 1000
redisSentinelConfig:
redisReplicationName: user-redis
masterGroupName: mymaster
redisPort: "6379"
quorum: "2"
downAfterMilliseconds: "5000"
failoverTimeout: "10000"
parallelSyncs: "1"
---
# PostgreSQL 集群
apiVersion: postgresql.cnpg.io/v1
kind: Cluster
metadata:
namespace: juwan
name: user-db
spec:
instances: 3
primaryUpdateStrategy: unsupervised
bootstrap:
initdb:
database: app
owner: app
# 只在 PVC 为空时初始化
postInitSQL:
- CREATE EXTENSION IF NOT EXISTS pg_stat_statements;
backup:
barmanObjectStore:
destinationPath: s3://juwan-dev-pg-backups-zj/pg-data/
endpointURL: https://cn-nb1.rains3.com
s3Credentials:
accessKeyId:
name: rc-creds
key: ACCESS_KEY_ID
secretAccessKey:
name: rc-creds
key: SECRET_ACCESS_KEY
wal:
compression: gzip
storage:
size: 1Gi
monitoring:
enablePodMonitor: true
Reference in New Issue View Git Blame Copy Permalink