From 836983d8a536b6f84c59ba3aaa373887b7598efd Mon Sep 17 00:00:00 2001 From: dengbiao Date: Fri, 6 Dec 2024 11:31:48 +0800 Subject: [PATCH] update --- k8s/container.yaml | 282 ++++++++++++++++++++++++++++++--------- k8s/container_prd.yaml | 58 ++++++-- k8s/ingress_prd_wap.yaml | 21 +++ k8s/wap_container.yaml | 56 ++++++++ 4 files changed, 343 insertions(+), 74 deletions(-) create mode 100644 k8s/ingress_prd_wap.yaml create mode 100644 k8s/wap_container.yaml diff --git a/k8s/container.yaml b/k8s/container.yaml index 81e79a7..49c8016 100644 --- a/k8s/container.yaml +++ b/k8s/container.yaml @@ -1,60 +1,222 @@ -kind: Deployment -apiVersion: apps/v1 -# 元数据 -metadata: - name: egg-app - namespace: egg - labels: - app: egg-app - annotations: - kubesphere.io/creator: dengbiao - kubesphere.io/description: egg-app -# deployment主要部分 -spec: - replicas: 1 - selector: - matchLabels: - # 名称与上面的labels对应 - app: egg-app - template: - metadata: - labels: - # 名称与上面的matchLabels对应 - app: egg-app - spec: - # 声明挂载卷(将外部已存在的pvc、config等挂载进来) - volumes: - # 用于时区校正 - - name: host-time - hostPath: - path: /etc/localtime - type: '' - # 将前面创建的configMap也挂载进来 - - name: egg-app-cfg - configMap: - # 这里的名字就是前面创建的configMap的名字 - name: egg-app-cfg - defaultMode: 420 - containers: - # 主容器 - - name: egg-app-container - # 镜像地址(提前打包好并推送的镜像仓库) - image: 'registry.cn-shenzhen.aliyuncs.com/fnuoos-prd/egg-app:0.0.1' - ports: - - name: egg-app-4011 - # 容器端口号(注意与golang web server启动的端口一致) - containerPort: 4011 - protocol: TCP - # 将前面volume声明的需要用到的pvc、config挂载上来 - volumeMounts: - - name: host-time - readOnly: true - mountPath: /etc/localtime - - name: egg-app-cfg # 该名字对应前面volumes声明的名字 - readOnly: true - # 挂载到容器的哪个路径 - mountPath: /var/egg - imagePullPolicy: Always - restartPolicy: Always - terminationGracePeriodSeconds: 30 - dnsPolicy: ClusterFirst \ No newline at end of file + + limit_req_zone $binary_remote_addr zone=mylimit:20m rate=5r/s; + server { + listen 80; + server_name _; + root /usr/share/nginx/html; + #将DNS指向kubernetes集群内的DNS + resolver kube-dns.kube-system.svc.cluster.local valid=30s; + + set $oss_endpoint_service zhios-oss.zhios.svc.cluster.local:5000; + set $mall_service zhios-mall.zhios.svc.cluster.local:5002; + set $domain_server zhios-request-domain.zhios.svc.cluster.local:4040; + set $agent_endpoint_service zhios-app-comm.zhios.svc.cluster.local:5003; + set $o2ob_endpoint_service zhios-app-o2o.zhios.svc.cluster.local:5004; + set $adset_callback_endpoint_service app-comm-adset-callback.zhios.svc.cluster.local:5505; + set $b2c_customer_service zyos-b2c-customer.zhios.svc.cluster.local:5009; + set $chat_gpt_service chat-gpt.zhios.svc.cluster.local:5200; + set $live_broadcast_video_service zyos-live-broadcast-video.zhios.svc.cluster.local:5010; + set $o2oc_endpoint_service zhios-app-o2o-customer.zhios.svc.cluster.local:5005; + set $endpoint_service zhios-app.zhios.svc.cluster.local:5000; + set $community_team_service community-team.zhios.svc.cluster.local:6001; + + set $super_cloud_issuance_service super-cloud-issuance.zhios.svc.cluster.local:3001; + + + + location /api/v1/chatGpt { + limit_req zone=mylimit burst=5 nodelay; + proxy_pass http://$chat_gpt_service; + proxy_http_version 1.1; + proxy_set_header Origin ""; + proxy_set_header Host $host; + proxy_set_header X-Real-Scheme $scheme; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection 'upgrade'; + break; + } + + location /api/v1/communityTeam { + limit_req zone=mylimit burst=5 nodelay; + proxy_pass http://$community_team_service; + proxy_http_version 1.1; + proxy_set_header Origin ""; + proxy_set_header Host $host; + proxy_set_header X-Real-Scheme $scheme; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection 'upgrade'; + break; + } + + location /api/v1/superCloudIssuance { + limit_req zone=mylimit burst=5 nodelay; + proxy_pass http://$super_cloud_issuance_service; + proxy_http_version 1.1; + proxy_set_header Origin ""; + proxy_set_header Host $host; + proxy_set_header X-Real-Scheme $scheme; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection 'upgrade'; + break; + } + + location = / { + limit_req zone=mylimit burst=5 nodelay; + proxy_pass http://$endpoint_service; + + proxy_http_version 1.1; + + proxy_set_header Connection ""; + proxy_set_header Host $host; + proxy_set_header Platform "wap"; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + break; + } + + location /getDomain { + limit_req zone=mylimit burst=5 nodelay; + proxy_pass http://$domain_server; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + break; + } + + location /static { + limit_req zone=mylimit burst=5 nodelay; + root /usr/share/nginx/html; + index index.html index.htm; + } + + location /api/v1/mall { + limit_req zone=mylimit burst=5 nodelay; + proxy_pass http://$mall_service; + proxy_set_header Connection ""; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + break; + } + + + location /api/v1/comm/adset { + limit_req zone=mylimit burst=5 nodelay; + proxy_pass http://$adset_callback_endpoint_service; + proxy_set_header Connection ""; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + + break; + } + + location /api/v2/comm { + limit_req zone=mylimit burst=5 nodelay; + proxy_pass http://$agent_endpoint_service; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + break; + } + + + location /api/v1/comm { + limit_req zone=mylimit burst=5 nodelay; + proxy_pass http://$agent_endpoint_service; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + break; + } + + # o2o c端 + location /api/v1/o2oc { + limit_req zone=mylimit burst=5 nodelay; + proxy_pass http://$o2oc_endpoint_service; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + break; + } + + # o2o商家端 + location /api/v1/o2o { + limit_req zone=mylimit burst=5 nodelay; + proxy_pass http://$o2ob_endpoint_service; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + break; + } + # 多用户商城c端 + location /api/v1/b2cc { + limit_req zone=mylimit burst=5 nodelay; + proxy_pass http://$b2c_customer_service; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + break; + } + + + location /api/v1/live_room { + limit_req zone=mylimit burst=5 nodelay; + proxy_pass http://$endpoint_service; + + #istio下http协议必须大于等于1.1 + proxy_http_version 1.1; + + proxy_set_header Connection ""; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + break; + } + + location /api/v1/live { + limit_req zone=mylimit burst=5 nodelay; + proxy_pass http://$live_broadcast_video_service; + proxy_set_header Connection ""; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + break; + } + + location /api/qiniu { + limit_req zone=mylimit burst=5 nodelay; + proxy_pass http://$oss_endpoint_service; + proxy_set_header Connection ""; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + break; + } + + + #proxy server + location /api { + limit_req zone=mylimit burst=5 nodelay; + proxy_pass http://$endpoint_service; + #istio下http协议必须大于等于1.1 + proxy_http_version 1.1; + + proxy_set_header Connection ""; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + break; + } + } \ No newline at end of file diff --git a/k8s/container_prd.yaml b/k8s/container_prd.yaml index 5142718..0ac8886 100644 --- a/k8s/container_prd.yaml +++ b/k8s/container_prd.yaml @@ -2,25 +2,25 @@ kind: Deployment apiVersion: apps/v1 # 元数据 metadata: - name: egg-app - namespace: egg + name: advertisement + namespace: advertisement labels: - app: egg-app + app: advertisement annotations: kubesphere.io/creator: dengbiao - kubesphere.io/description: egg-app + kubesphere.io/description: advertisement # deployment主要部分 spec: replicas: 1 selector: matchLabels: # 名称与上面的labels对应 - app: egg-app + app: advertisement template: metadata: labels: # 名称与上面的matchLabels对应 - app: egg-app + app: advertisement spec: # 声明挂载卷(将外部已存在的pvc、config等挂载进来) volumes: @@ -30,31 +30,61 @@ spec: path: /etc/localtime type: '' # 将前面创建的configMap也挂载进来 - - name: egg-app-cfg + - name: advertisement-cfg configMap: # 这里的名字就是前面创建的configMap的名字 - name: egg-app-cfg + name: advertisement-cfg defaultMode: 420 + # pvc + - name: advertisement-pvc # 在该部署中的名称,后面使用改名称挂载 + persistentVolumeClaim: + claimName: advertisement-pvc # pvc的名称 + # Nginx配置 + - name: advertisement-nginx + configMap: + name: advertisement-nginx # 外部configMap的名称 + items: + - key: go.conf + path: default.conf containers: # 主容器 - - name: egg-app-container + - name: advertisement-container # 镜像地址(提前打包好并推送的镜像仓库) - image: 'registry.cn-shenzhen.aliyuncs.com/fnuoos-prd/egg-app:20241205-01' + image: 'registry.cn-shenzhen.aliyuncs.com/fnuoos-prd/advertisement:0.0.1' ports: - - name: egg-app-4011 + - name: ad-1002 # 容器端口号(注意与golang web server启动的端口一致) - containerPort: 4011 + containerPort: 1002 protocol: TCP # 将前面volume声明的需要用到的pvc、config挂载上来 volumeMounts: - name: host-time readOnly: true mountPath: /etc/localtime - - name: egg-app-cfg # 该名字对应前面volumes声明的名字 + - name: advertisement-cfg # 该名字对应前面volumes声明的名字 readOnly: true # 挂载到容器的哪个路径 - mountPath: /var/egg + mountPath: /var/zyos imagePullPolicy: Always + # Nginx 容器 + - name: nginx + image: 'registry.cn-shenzhen.aliyuncs.com/fnuoos-prd/nginx:latest' + ports: + - name: http-80 + containerPort: 80 + protocol: TCP + volumeMounts: + # 时区校正 + - name: host-time + readOnly: true + mountPath: /etc/localtime + # 存储卷 用于存放前端代码 + - name: advertisement-pvc # 前面volumes声明的名称 + mountPath: /usr/share/nginx/html + - name: advertisement-nginx # Nginx 配置 + readOnly: true + mountPath: /etc/nginx/conf.d/default.conf + subPath: default.conf restartPolicy: Always terminationGracePeriodSeconds: 30 dnsPolicy: ClusterFirst \ No newline at end of file diff --git a/k8s/ingress_prd_wap.yaml b/k8s/ingress_prd_wap.yaml new file mode 100644 index 0000000..0aba314 --- /dev/null +++ b/k8s/ingress_prd_wap.yaml @@ -0,0 +1,21 @@ +kind: Ingress +apiVersion: networking.k8s.io/v1 +metadata: + name: ddxq.ddstaros.com + namespace: egg + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + kubesphere.io/creator: admin +spec: + ingressClassName: nginx + rules: + - host: ddxq.ddstaros.com + http: + paths: + - path: / + pathType: ImplementationSpecific + backend: + service: + name: egg-pc + port: + number: 80 diff --git a/k8s/wap_container.yaml b/k8s/wap_container.yaml new file mode 100644 index 0000000..185b4be --- /dev/null +++ b/k8s/wap_container.yaml @@ -0,0 +1,56 @@ +kind: Deployment +apiVersion: apps/v1 +metadata: + name: egg-pc + namespace: egg + labels: + app: egg-pc + annotations: + kubesphere.io/creator: dengbiao + kubesphere.io/description: egg-pc +spec: + replicas: 1 + selector: + matchLabels: + app: egg-pc + template: + metadata: + labels: + app: egg-pc + spec: + volumes: + - name: host-time + hostPath: + path: /etc/localtime + type: '' + - name: egg-pc-nginx + configMap: + name: egg-pc-nginx + items: + - key: pc.conf + path: default.conf + defaultMode: 420 + - name: egg-pc + persistentVolumeClaim: + claimName: egg-pc + containers: + - name: container-pc + image: 'registry.cn-shenzhen.aliyuncs.com/fnuoos-prd/nginx:latest' + ports: + - name: tcp-80 + containerPort: 80 + protocol: TCP + resources: {} + volumeMounts: + - name: host-time + readOnly: true + mountPath: /etc/localtime + - name: egg-pc-nginx + readOnly: true + mountPath: /etc/nginx/conf.d/default.conf + subPath: default.conf + - name: egg-pc + mountPath: /usr/share/nginx/html + restartPolicy: Always + terminationGracePeriodSeconds: 30 + dnsPolicy: ClusterFirst \ No newline at end of file