huojin
/
Cpte-Boot
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Cpte-Boot/k8s/services/basic-service.yaml

474 lines
14 KiB
YAML
Raw Normal View History

no message
2026-03-20 17:07:12 +08:00
# ===== 1. Secret - 应用敏感信息 =====
kind: Secret
apiVersion: v1
metadata:
name: cpte-wms-basic-secret
namespace: cpte-wms
annotations:
kubesphere.io/creator: admin
kubesphere.io/description: 基础服务
type: Opaque
stringData:
MYSQL_HOST: "47.103.100.52"
MYSQL_PORT: "53306"
MYSQL_DATABASE: "cpte-wms"
MYSQL_USERNAME: "root"
MYSQL_PASSWORD: "Youchain@56"
REDIS_HOST: "redis-service"
REDIS_PORT: "6379"
REDIS_PASSWORD: "cpte@123"
MAIL_HOST: "smtp.163.com"
MAIL_USERNAME: "cpteos@163.com"
MAIL_PASSWORD: "cpte@123"
DRUID_LOGIN_PASSWORD: "cpte@123"
SIGNATURE_SECRET: "dd05f1c54d63749eda95f9fa6d49v442a"
---
# ===== 2. ConfigMap - 应用配置文件(修复 Shiro 格式)=====
kind: ConfigMap
apiVersion: v1
metadata:
name: cpte-wms-basic-conf
namespace: cpte-wms
annotations:
kubesphere.io/creator: admin
kubesphere.io/description: 基础服务配置文件
data:
application.yml: |
server:
port: 8001
tomcat:
max-swallow-size: -1
error:
include-exception: true
include-stacktrace: ALWAYS
include-message: ALWAYS
servlet:
context-path: /cpte-wms-basic
compression:
enabled: true
min-response-size: 1024
mime-types: application/javascript,application/json,application/xml,text/html,text/xml,text/plain,text/css,image/*
management:
endpoints:
web:
exposure:
include: health,info,prometheus,metrics
base-path: /actuator
endpoint:
health:
show-details: when_authorized
probes:
enabled: true
info:
enabled: true
prometheus:
enabled: true
security:
enabled: false
spring:
application:
name: cpte-wms-basic
flyway:
enabled: false
clean-disabled: true
servlet:
multipart:
max-file-size: 10MB
max-request-size: 10MB
mail:
timeJobSend: false
host: ${MAIL_HOST}
username: ${MAIL_USERNAME}
password: ${MAIL_PASSWORD}
properties:
mail.smtp.timeout: 10000
mail.smtp.connectiontimeout: 10000
mail.smtp.writetimeout: 10000
mail.smtp.auth: true
mail.smtp.ssl.enable: true
jackson:
date-format: yyyy-MM-dd HH:mm:ss
time-zone: GMT+8
jpa:
open-in-view: false
aop:
proxy-target-class: true
freemarker:
suffix: .ftl
content-type: text/html
charset: UTF-8
cache: false
prefer-file-system-access: false
template-loader-path:
- classpath:/templates
template_update_delay: 0
mvc:
static-path-pattern: /**
pathmatch:
matching-strategy: ant_path_matcher
resource:
static-locations: classpath:/static/,classpath:/public/
autoconfigure:
exclude:
- com.alibaba.druid.spring.boot3.autoconfigure.DruidDataSourceAutoConfigure
- org.springframework.boot.autoconfigure.flyway.FlywayAutoConfiguration
datasource:
druid:
stat-view-servlet:
enabled: true
loginUsername: admin
loginPassword: ${DRUID_LOGIN_PASSWORD}
web-stat-filter:
enabled: true
dynamic:
druid:
initial-size: 5
min-idle: 5
maxActive: 1000
maxWait: 60000
timeBetweenEvictionRunsMillis: 60000
minEvictableIdleTimeMillis: 300000
validationQuery: SELECT 1
testWhileIdle: true
testOnBorrow: false
testOnReturn: false
poolPreparedStatements: true
maxPoolPreparedStatementPerConnectionSize: 20
filters: stat,slf4j
wall:
selectWhereAlwayTrueCheck: false
stat:
slow-sql-millis: 5000
merge-sql: true
datasource:
master:
url: jdbc:mysql://${MYSQL_HOST}:${MYSQL_PORT}/${MYSQL_DATABASE}?characterEncoding=UTF-8&useUnicode=true&useSSL=false&tinyInt1isBit=false&allowPublicKeyRetrieval=true&serverTimezone=Asia/Shanghai&rewriteBatchedStatements=true
username: ${MYSQL_USERNAME}
password: ${MYSQL_PASSWORD}
driver-class-name: com.mysql.cj.jdbc.Driver
data:
redis:
database: 0
host: ${REDIS_HOST}
port: ${REDIS_PORT}
password: ${REDIS_PASSWORD}
mybatis-plus:
mapper-locations: classpath*:org/jeecg/**/xml/*Mapper.xml,classpath*:org/cpte/**/xml/*Mapper.xml
global-config:
banner: false
db-config:
id-type: ASSIGN_ID
table-underline: true
configuration:
log-impl: org.apache.ibatis.logging.stdout.StdOutImpl
call-setners-on-nulls: true
minidao:
base-package: org.jeecg.modules.jmreport.*,org.jeecg.modules.drag.*
# ========== 关键修复Shiro excludeUrls 改为单行 ==========
jeecg:
firewall:
dataSourceSafe: false
lowCodeMode: dev
signatureSecret: ${SIGNATURE_SECRET}
signUrls: /sys/dict/getDictItems/*,/sys/dict/loadDict/*,/sys/dict/loadDictOrderByValue/*,/sys/dict/loadDictItem/*,/sys/dict/loadTreeData,/sys/api/queryTableDictItemsByCode,/sys/api/queryFilterTableDictInfo,/sys/api/queryTableDictByKeys,/sys/api/translateDictFromTable,/sys/api/translateDictFromTableByKeys,/sys/sendChangePwdSms,/sys/user/sendChangePhoneSms,/sys/sms,/desform/api/sendVerifyCode
uploadType: local
domainUrl:
pc: http://101.35.253.46:8001/cpte-wms-basic/sys/common/upload
app: http://101.35.253.46:8051
path:
upload: /home/wms/upload
webapp: /home/wms/webapp
shiro:
excludeUrls: /test/cpteDemo/demo3,/test/cpteDemo/redisDemo/**,/bigscreen/category/**,/bigscreen/visual/**,/bigscreen/map/**,/jmreport/bigscreen2/**,/cpte-wms-basic/actuator/**,/actuator/**
oss:
accessKey: ??
secretKey: ??
endpoint: oss-cn-beijing.aliyuncs.com
bucketName: cptedev
sms-template:
signature:
templateCode:
SMS_175435174:
SMS_465391221:
SMS_175430166:
file-view-domain: http://fileview.cpte.com
minio:
minio_url: http://minio.cpte.com
minio_name: ??
minio_pass: ??
bucketName: otatest
jmreport:
saasMode:
firewall:
dataSourceSafe: false
lowCodeMode: dev
gao-de-api:
api-key: ??
secret-key: ??
redisson:
address: ${REDIS_HOST}:${REDIS_PORT}
password: ${REDIS_PASSWORD}
type: STANDALONE
enabled: true
baidu-api:
app-id: ??
api-key: ??
secret-key: ??
cas:
prefixUrl: http://cas.example.org:8443/cas
logging:
level:
org.springframework.context.support.PostProcessorRegistrationDelegate: error
org.flywaydb: debug
org.jeecg.modules.system.mapper: info
org.jeecg.modules.demo.test.mapper: info
knife4j:
enable: true
production: false
basic:
enable: false
username: cpte
password: cpte1314
justauth:
enabled: true
type:
GITHUB:
client-id: ??
client-secret: ??
redirect-uri: http://101.35.253.46:8000/cpte-wms/sys/thirdLogin/github/callback
WECHAT_ENTERPRISE:
client-id: ??
client-secret: ??
redirect-uri: http://101.35.253.46:8000/cpte-wms/sys/thirdLogin/wechat_enterprise/callback
agent-id: ??
DINGTALK:
client-id: ??
client-secret: ??
redirect-uri: http://101.35.253.46:8000/cpte-wms/sys/thirdLogin/dingtalk/callback
WECHAT_OPEN:
client-id: ??
client-secret: ??
redirect-uri: http://101.35.253.46:8000/cpte-wms/sys/thirdLogin/wechat_open/callback
cache:
type: default
prefix: 'demo::'
timeout: 1h
---
# ===== 3. PersistentVolumeClaim - 文件存储 =====
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: cpte-wms-basic-data
namespace: cpte-wms
annotations:
kubesphere.io/creator: admin
kubesphere.io/description: 文件上传存储
spec:
accessModes:
- ReadWriteOnce
storageClassName: local
resources:
requests:
storage: 10Gi
---
# ===== 4. Deployment - 系统服务(修复探针路径)=====
no message
2026-03-16 23:52:17 +08:00
apiVersion: apps/v1
kind: Deployment
metadata:
name: cpte-wms-basic
namespace: cpte-wms
labels:
app: cpte-wms-basic
no message
2026-03-20 17:07:12 +08:00
version: v1
annotations:
kubesphere.io/description: "WMS-基础服务"
no message
2026-03-16 23:52:17 +08:00
spec:
no message
2026-03-20 17:07:12 +08:00
replicas: 1
strategy:
type: RollingUpdate
rollingUpdate:
maxSurge: 1
maxUnavailable: 0
no message
2026-03-16 23:52:17 +08:00
selector:
matchLabels:
app: cpte-wms-basic
template:
metadata:
labels:
app: cpte-wms-basic
no message
2026-03-20 17:07:12 +08:00
version: v1
annotations:
prometheus.io/scrape: "true"
prometheus.io/port: "8001"
prometheus.io/path: "/cpte-wms-basic/actuator/prometheus"
no message
2026-03-16 23:52:17 +08:00
spec:
containers:
no message
2026-03-20 17:07:12 +08:00
- name: cpte-wms-basic
image: docker.io/library/cpte-wms-basic:1.0
imagePullPolicy: IfNotPresent
ports:
- name: http
containerPort: 8001
protocol: TCP
env:
- name: MYSQL_HOST
valueFrom:
secretKeyRef:
name: cpte-wms-basic-secret
key: MYSQL_HOST
- name: MYSQL_PORT
valueFrom:
secretKeyRef:
name: cpte-wms-basic-secret
key: MYSQL_PORT
- name: MYSQL_DATABASE
valueFrom:
secretKeyRef:
name: cpte-wms-basic-secret
key: MYSQL_DATABASE
- name: MYSQL_USERNAME
valueFrom:
secretKeyRef:
name: cpte-wms-basic-secret
key: MYSQL_USERNAME
- name: MYSQL_PASSWORD
valueFrom:
secretKeyRef:
name: cpte-wms-basic-secret
key: MYSQL_PASSWORD
- name: REDIS_HOST
valueFrom:
secretKeyRef:
name: cpte-wms-basic-secret
key: REDIS_HOST
- name: REDIS_PORT
valueFrom:
secretKeyRef:
name: cpte-wms-basic-secret
key: REDIS_PORT
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: cpte-wms-basic-secret
key: REDIS_PASSWORD
- name: MAIL_HOST
valueFrom:
secretKeyRef:
name: cpte-wms-basic-secret
key: MAIL_HOST
- name: MAIL_USERNAME
valueFrom:
secretKeyRef:
name: cpte-wms-basic-secret
key: MAIL_USERNAME
- name: MAIL_PASSWORD
valueFrom:
secretKeyRef:
name: cpte-wms-basic-secret
key: MAIL_PASSWORD
- name: DRUID_LOGIN_PASSWORD
valueFrom:
secretKeyRef:
name: cpte-wms-basic-secret
key: DRUID_LOGIN_PASSWORD
- name: SIGNATURE_SECRET
valueFrom:
secretKeyRef:
name: cpte-wms-basic-secret
key: SIGNATURE_SECRET
- name: JAVA_OPTS
value: "-Xms512m -Xmx2048m -XX:+UseG1GC -XX:MaxGCPauseMillis=200 -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/app/logs/heapdump.hprof"
resources:
requests:
cpu: "500m"
memory: "1Gi"
limits:
cpu: "2000m"
memory: "2Gi"
# ========== 关键修复 3: 探针路径 ==========
livenessProbe:
httpGet:
path: /cpte-wms-basic/actuator/health/liveness # ✅ 包含 context-path
port: 8001
initialDelaySeconds: 180
periodSeconds: 20
timeoutSeconds: 10
failureThreshold: 3
readinessProbe:
httpGet:
path: /cpte-wms-basic/actuator/health/readiness # ✅ 包含 context-path
port: 8001
initialDelaySeconds: 120
periodSeconds: 15
timeoutSeconds: 10
failureThreshold: 3
startupProbe:
httpGet:
path: /cpte-wms-basic/actuator/health/liveness # ✅ 包含 context-path
port: 8001
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 90
volumeMounts:
- name: cpte-wms-basic-conf
mountPath: /app/application.yml
subPath: application.yml
readOnly: true
- name: cpte-wms-basic-data
mountPath: /home/wms
- name: host-time
mountPath: /etc/localtime
readOnly: true
securityContext:
runAsNonRoot: false
no message
2026-03-16 23:52:17 +08:00
volumes:
no message
2026-03-20 17:07:12 +08:00
- name: cpte-wms-basic-conf
configMap:
name: cpte-wms-basic-conf
items:
- key: application.yml
path: application.yml
- name: cpte-wms-basic-data
persistentVolumeClaim:
claimName: cpte-wms-basic-data
- name: host-time
hostPath:
path: /etc/localtime
type: File
restartPolicy: Always
no message
2026-03-16 23:52:17 +08:00
---
no message
2026-03-20 17:07:12 +08:00
# ===== 5. Service - ClusterIP 集群内访问 =====
no message
2026-03-16 23:52:17 +08:00
kind: Service
no message
2026-03-20 17:07:12 +08:00
apiVersion: v1
no message
2026-03-16 23:52:17 +08:00
metadata:
name: cpte-wms-basic
namespace: cpte-wms
labels:
app: cpte-wms-basic
spec:
ports:
no message
2026-03-20 17:07:12 +08:00
- name: cpte-wms-basic
protocol: TCP
port: 8001
targetPort: 8001
no message
2026-03-16 23:52:17 +08:00
selector:
app: cpte-wms-basic
no message
2026-03-20 17:07:12 +08:00
clusterIP: 10.233.42.190
clusterIPs:
- 10.233.42.190
type: ClusterIP
sessionAffinity: None
ipFamilies:
- IPv4
ipFamilyPolicy: SingleStack
internalTrafficPolicy: Cluster