diff --git a/ARCHITECTURE_OVERVIEW.md b/ARCHITECTURE_OVERVIEW.md deleted file mode 100644 index 183c2e7..0000000 --- a/ARCHITECTURE_OVERVIEW.md +++ /dev/null @@ -1,399 +0,0 @@ -# WMS 微服务 K8s 架构总览 - -## 📐 架构设计 - -### 整体架构图 - -``` -┌─────────────────────────────────────────────────────────────────┐ -│ 用户层 │ -│ ┌──────────┐ ┌──────────┐ ┌──────────┐ ┌──────────┐ │ -│ │ Web │ │ App │ │ 第三方 │ │ MOM 系统 │ │ -│ └──────────┘ └──────────┘ └──────────┘ └──────────┘ │ -└─────────────────────────────────────────────────────────────────┘ - │ - ▼ -┌─────────────────────────────────────────────────────────────────┐ -│ 接入层 │ -│ ┌──────────────────────────────────────────────────────────┐ │ -│ │ Nginx Ingress Controller │ │ -│ │ • 统一入口 • SSL 终止 • 路由转发 │ │ -│ └──────────────────────────────────────────────────────────┘ │ -└─────────────────────────────────────────────────────────────────┘ - │ - ▼ -┌─────────────────────────────────────────────────────────────────┐ -│ Kubernetes Cluster │ -│ ┌─────────────────────────────────────────────────────────┐ │ -│ │ 服务网格层 │ │ -│ │ ┌──────────────────────────────────────────────────┐ │ │ -│ │ │ wms-basic-service (基础服务) │ │ │ -│ │ │ - 物品管理 • 区域管理 • 库位管理 │ │ │ -│ │ │ - 副本数:2-10 (HPA 自动伸缩) │ │ │ -│ │ └──────────────────────────────────────────────────┘ │ │ -│ │ │ │ -│ │ ┌──────────────────────────────────────────────────┐ │ │ -│ │ │ wms-inbound-service (入库服务) │ │ │ -│ │ │ - ASN 管理 • 收货 • 上架 • MOM 对接 │ │ │ -│ │ │ - 副本数:2-10 (HPA 自动伸缩) │ │ │ -│ │ └──────────────────────────────────────────────────┘ │ │ -│ │ │ │ -│ │ ┌──────────────────────────────────────────────────┐ │ │ -│ │ │ wms-outbound-service (出库服务) │ │ │ -│ │ │ - 拣货管理 • 下架 • 发货 • MOM 对接 │ │ │ -│ │ │ - 副本数:2-10 (HPA 自动伸缩) │ │ │ -│ │ └──────────────────────────────────────────────────┘ │ │ -│ │ │ │ -│ │ ┌──────────────────────────────────────────────────┐ │ │ -│ │ │ wms-inventory-service(库存服务) │ │ │ -│ │ │ - 库存管理 • 盘点 • 流水 • 统计分析 │ │ │ -│ │ │ - 副本数:2-10 (HPA 自动伸缩) │ │ │ -│ │ └──────────────────────────────────────────────────┘ │ │ -│ │ │ │ -│ │ ┌──────────────────────────────────────────────────┐ │ │ -│ │ │ wms-schedule-service (调度服务) │ │ │ -│ │ │ - AGV 调度 • 输送线 • 定时任务 │ │ │ -│ │ │ - 副本数:2-10 (HPA 自动伸缩) │ │ │ -│ │ └──────────────────────────────────────────────────┘ │ │ -│ └─────────────────────────────────────────────────────────┘ │ -│ │ -│ ┌─────────────────────────────────────────────────────────┐ │ -│ │ 服务间调用 (OpenFeign) │ │ -│ │ │ │ -│ │ 入库服务 ──→ 基础服务 (验证物品/库位) │ │ -│ │ 入库服务 ──→ 库存服务 (增加库存) │ │ -│ │ 入库服务 ──→ 调度服务 (创建上架任务) │ │ -│ │ │ │ -│ │ 出库服务 ──→ 基础服务 (验证物品/库位) │ │ -│ │ 出库服务 ──→ 库存服务 (扣减库存) │ │ -│ │ 出库服务 ──→ 调度服务 (创建下架任务) │ │ -│ │ │ │ -│ │ 调度服务 ──→ 基础服务 (获取库位信息) │ │ -│ │ 调度服务 ──→ 库存服务 (获取库存信息) │ │ -│ └─────────────────────────────────────────────────────────┘ │ -└─────────────────────────────────────────────────────────────────┘ - │ - ▼ -┌─────────────────────────────────────────────────────────────────┐ -│ 数据层 │ -│ ┌──────────────────┐ ┌──────────────────┐ │ -│ │ MySQL Cluster │ │ Redis Cluster │ │ -│ │ • 主从复制 │ │ • 哨兵模式 │ │ -│ │ • 数据持久化 │ │ • 缓存/会话 │ │ -│ └──────────────────┘ └──────────────────┘ │ -└─────────────────────────────────────────────────────────────────┘ -``` - ---- - -## 🎯 核心特性 - -### 1. 微服务拆分 - -| 服务 | 职责 | 数据库表 | 接口前缀 | -|------|------|---------|---------| -| **基础服务** | 物品、区域、库位管理 | wms_basic_* | /api/wms/basic | -| **入库服务** | ASN、收货、上架 | wms_inbound_* | /api/wms/inbound | -| **出库服务** | 拣货、下架、发货 | wms_outbound_* | /api/wms/outbound | -| **库存服务** | 库存、盘点、流水 | wms_inventory_* | /api/wms/inventory | -| **调度服务** | AGV、输送线调度 | wms_schedule_* | /api/wms/schedule | - -### 2. K8s 原生能力 - -| 功能 | K8s 资源 | 说明 | -|------|---------|------| -| **服务发现** | Service + CoreDNS | 自动 DNS 解析 | -| **负载均衡** | Service | 自动负载均衡 | -| **配置管理** | ConfigMap | 统一配置管理 | -| **密钥管理** | Secret | 敏感信息加密 | -| **健康检查** | Liveness/Readiness Probe | 自动故障恢复 | -| **弹性伸缩** | HPA | 自动扩缩容 | -| **滚动更新** | Deployment | 零停机部署 | -| **服务暴露** | Ingress | 统一入口 | - -### 3. 服务间调用(OpenFeign) - -```java -// 声明式服务调用 -@FeignClient( - name = "wms-inventory-service", - url = "http://wms-inventory-service:80", - fallbackFactory = InventoryServiceFallbackFactory.class -) -public interface InventoryServiceClient { - @GetMapping("/api/wms/inventory/query") - Result> queryInventory( - @RequestParam("itemId") String itemId, - @RequestParam("pointId") String pointId - ); -} - -// 使用示例 -@Service -public class InboundService { - @Autowired - private InventoryServiceClient inventoryServiceClient; - - public void inbound(String itemId, Integer qty) { - // 直接调用,像本地方法一样 - Result> result = - inventoryServiceClient.queryInventory(itemId, null); - } -} -``` - ---- - -## 📊 部署配置 - -### 资源配置 - -```yaml -# 每个服务的资源配置 -resources: - requests: - memory: "512Mi" - cpu: "250m" - limits: - memory: "1Gi" - cpu: "500m" -``` - -### HPA 配置 - -```yaml -# 自动伸缩配置 -minReplicas: 2 -maxReplicas: 10 -metrics: -- type: Resource - resource: - name: cpu - target: - type: Utilization - averageUtilization: 70 -- type: Resource - resource: - name: memory - target: - type: Utilization - averageUtilization: 80 -``` - -### 健康检查 - -```yaml -# 存活探针(判断容器是否存活) -livenessProbe: - httpGet: - path: /actuator/health/liveness - port: 8080 - initialDelaySeconds: 60 - periodSeconds: 10 - -# 就绪探针(判断是否可接收流量) -readinessProbe: - httpGet: - path: /actuator/health/readiness - port: 8080 - initialDelaySeconds: 30 - periodSeconds: 5 -``` - ---- - -## 🔄 典型业务流程 - -### 入库流程 - -``` -1. 入库服务接收入库请求 - ↓ -2. 调用基础服务验证物品和库位 - ↓ -3. 调用库存服务增加库存 - ↓ -4. 调用调度服务创建 AGV 上架任务 - ↓ -5. AGV 执行上架任务 - ↓ -6. 库存服务记录库存流水 -``` - -### 出库流程 - -``` -1. 出库服务接收出库请求 - ↓ -2. 调用基础服务验证物品和库位 - ↓ -3. 调用库存服务预占库存 - ↓ -4. 调用调度服务创建 AGV 下架任务 - ↓ -5. AGV 执行下架任务 - ↓ -6. 库存服务扣减库存并记录流水 -``` - ---- - -## 🛡️ 高可用设计 - -### 1. 多副本部署 - -- 每个服务至少 2 个副本 -- Pod 反亲和性,分散到不同节点 -- PDB(Pod Disruption Budget)保证最小可用副本数 - -### 2. 自动故障恢复 - -- Liveness Probe 检测容器健康 -- 容器崩溃自动重启 -- 节点故障自动迁移 - -### 3. 服务降级 - -- Feign Fallback 提供降级逻辑 -- 超时和重试机制 -- 熔断保护(可集成 Sentinel) - -### 4. 数据持久化 - -- MySQL 主从复制 -- Redis 哨兵模式 -- 定期备份 - ---- - -## 📈 监控体系 - -### 1. 应用监控 - -```yaml -# Actuator 端点 -management: - endpoints: - web: - exposure: - include: health,info,metrics,prometheus -``` - -- **健康检查**: /actuator/health -- **应用信息**: /actuator/info -- **性能指标**: /actuator/metrics -- **Prometheus**: /actuator/prometheus - -### 2. 日志收集 - -``` -应用日志 → Fluentd → Elasticsearch → Kibana -``` - -### 3. 链路追踪(可选) - -``` -应用 → SkyWalking Agent → SkyWalking OAP → UI -``` - ---- - -## 🔒 安全设计 - -### 1. 网络安全 - -- NetworkPolicy 限制 Pod 间通信 -- Ingress TLS 加密 -- 服务间 mTLS(可选 Istio) - -### 2. 认证授权 - -- JWT Token 认证 -- RBAC 权限控制 -- API 签名验证 - -### 3. 密钥管理 - -- Kubernetes Secret 加密存储 -- 定期轮换密钥 -- 最小权限原则 - ---- - -## 🚀 部署流程 - -### 开发环境 - -```bash -# 1. 构建镜像 -./deploy.sh build - -# 2. 部署到 K8s -./deploy.sh k8s - -# 3. 查看状态 -kubectl get pods -n wms-system -``` - -### 生产环境 - -```bash -# 1. 设置版本标签 -export IMAGE_TAG=v1.0.0 - -# 2. 构建并推送 -./deploy.sh deploy - -# 3. 验证部署 -kubectl rollout status deployment/wms-inbound-service -n wms-system - -# 4. 监控日志 -kubectl logs -f deployment/wms-inbound-service -n wms-system -``` - ---- - -## 📝 最佳实践 - -### 1. 服务设计 - -- ✅ 单一职责原则 -- ✅ 接口幂等性 -- ✅ 完善的错误处理 -- ✅ 统一的响应格式 - -### 2. 配置管理 - -- ✅ 配置与代码分离 -- ✅ 敏感信息使用 Secret -- ✅ 环境隔离(Namespace) -- ✅ 配置版本管理 - -### 3. 日志规范 - -- ✅ 结构化日志(JSON) -- ✅ 包含 TraceID -- ✅ 合理的日志级别 -- ✅ 敏感信息脱敏 - -### 4. 性能优化 - -- ✅ 连接池配置 -- ✅ HTTP 压缩 -- ✅ 批量接口 -- ✅ 合理使用缓存 - ---- - -## 📖 相关文档 - -- [K8s 部署文档](K8S_DEPLOYMENT.md) -- [Feign 使用指南](cpte-wms-service/FEIGN_USAGE.md) -- [架构设计文档](cpte-wms-service/ARCHITECTURE.md) - ---- - -## 📞 联系方式 - -- **技术支持**: cpte@163.com -- **API 文档**: http://wms.yourcompany.com/doc.html diff --git a/K8S_DEPLOYMENT.md b/K8S_DEPLOYMENT.md deleted file mode 100644 index c134dbd..0000000 --- a/K8S_DEPLOYMENT.md +++ /dev/null @@ -1,521 +0,0 @@ -# WMS 微服务 K8s 部署文档 - -## 📋 目录 - -- [架构概述](#架构概述) -- [技术栈](#技术栈) -- [环境要求](#环境要求) -- [快速开始](#快速开始) -- [详细部署步骤](#详细部署步骤) -- [服务间调用](#服务间调用) -- [监控与运维](#监控与运维) -- [常见问题](#常见问题) - ---- - -## 🏗️ 架构概述 - -### 微服务架构 - -``` -┌─────────────────────────────────────────────────────────┐ -│ Kubernetes Cluster │ -│ ┌────────────────────────────────────────────────────┐ │ -│ │ Nginx Ingress Controller │ │ -│ └────────────────────────────────────────────────────┘ │ -│ │ │ -│ ┌────────────────┼────────────────┐ │ -│ ▼ ▼ ▼ │ -│ ┌────────────┐ ┌────────────┐ ┌────────────┐ │ -│ │ Service │ │ Service │ │ Service │ │ -│ │ Basic │ │ Inbound │ │ Outbound │ │ -│ │ :80 │ │ :80 │ │ :80 │ │ -│ └────────────┘ └────────────┘ └────────────┘ │ -│ │ │ │ │ -│ ┌──────┴──────┐ ┌──────┴──────┐ ┌──────┴──────┐ │ -│ │ Pod ×2 │ │ Pod ×2 │ │ Pod ×2 │ │ -│ │ (HPA 2-10) │ │ (HPA 2-10) │ │ (HPA 2-10) │ │ -│ └─────────────┘ └─────────────┘ └─────────────┘ │ -│ │ -│ ┌────────────┐ ┌────────────┐ │ -│ │ Service │ │ Service │ │ -│ │ Inventory │ │ Schedule │ │ -│ │ :80 │ │ :80 │ │ -│ └────────────┘ └────────────┘ │ -│ │ │ │ -│ ┌──────┴──────┐ ┌──────┴──────┐ │ -│ │ Pod ×2 │ │ Pod ×2 │ │ -│ │ (HPA 2-10) │ │ (HPA 2-10) │ │ -│ └─────────────┘ └─────────────┘ │ -│ │ -│ ┌──────────────────────────────────────────────────┐ │ -│ │ MySQL + Redis (StatefulSet) │ │ -│ └──────────────────────────────────────────────────┘ │ -└─────────────────────────────────────────────────────────┘ -``` - -### 服务列表 - -| 服务名称 | 端口 | 副本数 | HPA | 说明 | -|---------|------|--------|-----|------| -| wms-basic-service | 80 | 2 | 2-10 | 基础数据服务 | -| wms-inbound-service | 80 | 2 | 2-10 | 入库服务 | -| wms-outbound-service | 80 | 2 | 2-10 | 出库服务 | -| wms-inventory-service | 80 | 2 | 2-10 | 库存服务 | -| wms-schedule-service | 80 | 2 | 2-10 | 调度服务(AGV) | - ---- - -## 🛠️ 技术栈 - -### 核心技术 - -- **微服务框架**: Spring Boot 3.5.5 -- **服务调用**: OpenFeign 4.1.3 -- **HTTP 客户端**: OkHttp -- **容器编排**: Kubernetes 1.24+ -- **Ingress**: Nginx Ingress Controller -- **数据库**: MySQL 8.0+ -- **缓存**: Redis 5.0+ - -### 监控与日志 - -- **健康检查**: Spring Boot Actuator -- **指标收集**: Prometheus -- **日志**: ELK Stack(可选) -- **链路追踪**: SkyWalking(可选) - ---- - -## 📦 环境要求 - -### 硬件要求 - -- **CPU**: 至少 8 核(推荐 16 核+) -- **内存**: 至少 16GB(推荐 32GB+) -- **磁盘**: 至少 100GB 可用空间 - -### 软件要求 - -- **Kubernetes**: 1.24+ -- **Docker**: 20.10+ -- **kubectl**: 1.24+ -- **Maven**: 3.6+(用于构建) -- **Helm**: 3.0+(可选) - ---- - -## 🚀 快速开始 - -### 1. 克隆项目 - -```bash -git clone -cd Cpte-Boot -``` - -### 2. 一键部署 - -```bash -# 设置镜像标签 -export IMAGE_TAG=v1.0.0 - -# 执行一键部署 -chmod +x deploy.sh -./deploy.sh deploy -``` - -### 3. 验证部署 - -```bash -# 查看 Pods 状态 -kubectl get pods -n wms-system - -# 查看 Services 状态 -kubectl get svc -n wms-system - -# 查看 Ingress 状态 -kubectl get ingress -n wms-system -``` - -### 4. 访问服务 - -```bash -# 获取 Ingress 地址 -INGRESS_HOST=$(kubectl get ingress wms-ingress -n wms-system -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - -# 访问 API 文档 -echo "http://${INGRESS_HOST}/doc.html" -``` - ---- - -## 📝 详细部署步骤 - -### 步骤 1: 准备 K8s 集群 - -```bash -# 检查 kubectl 连接 -kubectl cluster-info - -# 检查节点状态 -kubectl get nodes -``` - -### 步骤 2: 配置镜像仓库 - -修改 `deploy.sh` 中的镜像仓库地址: - -```bash -REGISTRY_URL="registry.cn-beijing.aliyuncs.com/cpte-wms" -``` - -### 步骤 3: 构建 Docker 镜像 - -```bash -# 单独构建镜像 -./deploy.sh build - -# 或构建特定服务 -cd cpte-wms-service/cpte-wms-inbound-service -docker build -t registry.cn-beijing.aliyuncs.com/cpte-wms/wms-inbound-service:latest . -``` - -### 步骤 4: 推送镜像 - -```bash -# 推送所有镜像 -./deploy.sh push - -# 或推送特定服务 -docker push registry.cn-beijing.aliyuncs.com/cpte-wms/wms-inbound-service:latest -``` - -### 步骤 5: 部署到 K8s - -```bash -# 如果已构建和推送镜像,可直接部署 -./deploy.sh k8s -``` - -### 步骤 6: 验证部署 - -```bash -# 查看所有资源 -kubectl get all -n wms-system - -# 查看 Pods 状态 -kubectl get pods -n wms-system -o wide - -# 查看服务日志 -kubectl logs -f deployment/wms-inbound-service -n wms-system -``` - ---- - -## 🔌 服务间调用 - -### Feign Client 使用 - -#### 1. 添加依赖 - -已在所有服务的 `pom.xml` 中添加: - -```xml - - org.springframework.cloud - spring-cloud-starter-openfeign - 4.1.3 - -``` - -#### 2. 创建 Feign Client - -```java -@FeignClient( - name = "wms-basic-service", - url = "${feign.client.wms-basic.url:http://wms-basic-service:80}", - configuration = FeignClientConfiguration.class, - fallbackFactory = BasicServiceFallbackFactory.class -) -public interface BasicServiceClient { - @GetMapping("/api/wms/basic/item/{id}") - Result> getItemById(@PathVariable("id") String id); -} -``` - -#### 3. 使用 Feign Client - -```java -@Service -public class InboundService { - - @Autowired - private BasicServiceClient basicServiceClient; - - @Autowired - private InventoryServiceClient inventoryServiceClient; - - public Result inbound(String itemId, Integer quantity) { - // 调用基础服务验证物品 - Result> itemResult = basicServiceClient.getItemById(itemId); - if (!itemResult.isSuccess()) { - return Result.error("物品不存在"); - } - - // 调用库存服务增加库存 - Map params = new HashMap<>(); - params.put("itemId", itemId); - params.put("quantity", quantity); - Result increaseResult = inventoryServiceClient.increaseInventory(params); - - return Result.OK("入库成功"); - } -} -``` - -### 服务调用关系 - -``` -入库服务 → 基础服务(验证物品/库位) -入库服务 → 库存服务(增加库存) -入库服务 → 调度服务(创建上架任务) - -出库服务 → 基础服务(验证物品/库位) -出库服务 → 库存服务(扣减库存) -出库服务 → 调度服务(创建下架任务) - -调度服务 → 基础服务(获取库位信息) -调度服务 → 库存服务(获取库存信息) -``` - ---- - -## 📊 监控与运维 - -### 健康检查 - -每个服务都配置了健康检查端点: - -```bash -# 检查服务健康状态 -curl http:///actuator/health - -# 检查存活探针 -curl http:///actuator/health/liveness - -# 检查就绪探针 -curl http:///actuator/health/readiness -``` - -### 查看日志 - -```bash -# 查看实时日志 -kubectl logs -f deployment/wms-inbound-service -n wms-system - -# 查看最近 100 行日志 -kubectl logs --tail=100 deployment/wms-inbound-service -n wms-system - -# 查看特定 Pod 日志 -kubectl logs -n wms-system -``` - -### 扩缩容 - -```bash -# 手动扩容到 5 个副本 -kubectl scale deployment wms-inbound-service --replicas=5 -n wms-system - -# 查看 HPA 状态 -kubectl get hpa -n wms-system - -# HPA 会自动根据 CPU/内存使用率扩缩容 -``` - -### 滚动更新 - -```bash -# 重启服务(滚动更新) -kubectl rollout restart deployment/wms-inbound-service -n wms-system - -# 查看更新状态 -kubectl rollout status deployment/wms-inbound-service -n wms-system - -# 回滚到上一个版本 -kubectl rollout undo deployment/wms-inbound-service -n wms-system -``` - -### 监控指标 - -```bash -# 查看 Pod 资源使用 -kubectl top pods -n wms-system - -# 查看节点资源使用 -kubectl top nodes -``` - ---- - -## ❓ 常见问题 - -### Q1: Pod 无法启动 - -**问题**: Pod 一直处于 `Pending` 或 `CrashLoopBackOff` 状态 - -**解决**: - -```bash -# 查看 Pod 详情 -kubectl describe pod -n wms-system - -# 查看日志 -kubectl logs -n wms-system - -# 常见原因: -# 1. 资源不足:检查节点资源 -# 2. 镜像拉取失败:检查镜像地址和凭证 -# 3. 配置错误:检查 ConfigMap 和 Secret -# 4. 数据库连接失败:检查数据库服务 -``` - -### Q2: 服务间调用失败 - -**问题**: Feign Client 调用超时或返回错误 - -**解决**: - -```bash -# 1. 检查服务是否正常 -kubectl get pods -n wms-system - -# 2. 检查 Service 是否正确 -kubectl get svc -n wms-system - -# 3. 测试服务连通性 -kubectl run test --rm -it --image=busybox --namespace=wms-system --restart=Never -- wget -qO- http://wms-basic-service/actuator/health - -# 4. 查看调用日志 -kubectl logs deployment/wms-inbound-service -n wms-system | grep Feign -``` - -### Q3: Ingress 无法访问 - -**问题**: 通过 Ingress 无法访问服务 - -**解决**: - -```bash -# 1. 检查 Ingress Controller 是否运行 -kubectl get pods -n ingress-nginx - -# 2. 检查 Ingress 配置 -kubectl describe ingress wms-ingress -n wms-system - -# 3. 检查 DNS 解析 -nslookup wms.yourcompany.com - -# 4. 直接通过 Service IP 访问 -kubectl get svc -n wms-system -curl http:///doc.html -``` - -### Q4: HPA 不工作 - -**问题**: HPA 无法自动扩缩容 - -**解决**: - -```bash -# 1. 检查 metrics-server 是否运行 -kubectl get pods -n kube-system | grep metrics-server - -# 2. 查看 HPA 详情 -kubectl describe hpa wms-inbound-hpa -n wms-system - -# 3. 检查 Pod 资源请求配置 -kubectl get deployment wms-inbound-service -n wms-system -o yaml - -# 确保配置了 resources.requests.cpu 和 resources.requests.memory -``` - -### Q5: 数据库连接失败 - -**问题**: 服务无法连接数据库 - -**解决**: - -```bash -# 1. 检查 MySQL 服务 -kubectl get svc mysql-service -n wms-system - -# 2. 测试数据库连接 -kubectl run mysql-test --rm -it --image=mysql:8.0 --namespace=wms-system --restart=Never -- mysql -h mysql-service -u root -p - -# 3. 检查 Secret 配置 -kubectl get secret wms-secret -n wms-system -o yaml - -# 4. 查看服务日志中的数据库连接信息 -kubectl logs deployment/wms-inbound-service -n wms-system | grep -i datasource -``` - ---- - -## 🔧 高级配置 - -### 配置中心 - -使用 ConfigMap 管理配置: - -```bash -# 更新配置 -kubectl create configmap wms-app-config --from-file=application.yml --namespace=wms-system --dry-run=client -o yaml | kubectl apply -f - - -# 重启服务使配置生效 -kubectl rollout restart deployment/wms-inbound-service -n wms-system -``` - -### 密钥管理 - -使用 Secret 管理敏感信息: - -```bash -# 创建 Secret -kubectl create secret generic wms-db-secret --from-literal=username=root --from-literal=password=YourPassword --namespace=wms-system -``` - -### 持久化存储 - -```yaml -# 创建 PersistentVolumeClaim -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: wms-data-pvc - namespace: wms-system -spec: - accessModes: - - ReadWriteMany - resources: - requests: - storage: 10Gi - storageClassName: nfs-storage -``` - ---- - -## 📖 相关文档 - -- [Feign 使用指南](cpte-wms-service/FEIGN_USAGE.md) -- [K8s 配置说明](k8s/) -- [Dockerfile 说明](cpte-wms-service/*/Dockerfile) - ---- - -## 📞 技术支持 - -如有问题,请联系: - -- **邮箱**: cpte@163.com -- **文档**: http://wms.yourcompany.com/doc.html diff --git a/cpte-module-system/cpte-system-start/Dockerfile.k8s b/cpte-module-system/cpte-system-start/Dockerfile.k8s new file mode 100644 index 0000000..8d96c68 --- /dev/null +++ b/cpte-module-system/cpte-system-start/Dockerfile.k8s @@ -0,0 +1,26 @@ +FROM eclipse-temurin:17-jre-alpine AS builder + +LABEL maintainer="cpte@163.com" +LABEL description="CPTE WMS System Service" + +RUN apk add --no-cache curl tzdata \ + && cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime \ + && echo "Asia/Shanghai" > /etc/timezone + +WORKDIR /app + +ARG JAR_FILE=target/*.jar +COPY ${JAR_FILE} app.jar + +RUN mkdir -p /data/upload /data/webapp /data/logs + +ENV JAVA_OPTS="-Xms512m -Xmx1g -XX:+UseG1GC -XX:MaxGCPauseMillis=200 -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/data/logs" +ENV SPRING_PROFILES_ACTIVE="k8s" +ENV TZ="Asia/Shanghai" + +EXPOSE 8000 + +HEALTHCHECK --interval=30s --timeout=3s --start-period=120s --retries=3 \ + CMD curl -f http://localhost:8000/cpte-wms/actuator/health || exit 1 + +ENTRYPOINT ["sh", "-c", "java $JAVA_OPTS -Dspring.profiles.active=$SPRING_PROFILES_ACTIVE -jar app.jar"] diff --git a/cpte-module-system/cpte-system-start/src/main/resources/application-k8s.yml b/cpte-module-system/cpte-system-start/src/main/resources/application-k8s.yml new file mode 100644 index 0000000..6e7848e --- /dev/null +++ b/cpte-module-system/cpte-system-start/src/main/resources/application-k8s.yml @@ -0,0 +1,262 @@ +server: + port: ${SERVER_PORT:8000} + tomcat: + max-swallow-size: -1 + error: + include-exception: true + include-stacktrace: ALWAYS + include-message: ALWAYS + servlet: + context-path: /cpte-wms + compression: + enabled: true + min-response-size: 1024 + mime-types: application/javascript,application/json,application/xml,text/html,text/xml,text/plain,text/css,image/* + +management: + endpoints: + web: + exposure: + include: health,info,metrics,httpexchanges,cptehttptrace + endpoint: + health: + show-details: when_authorized + security: + enabled: true + +spring: + flyway: + enabled: true + clean-disabled: true + servlet: + multipart: + max-file-size: 100MB + max-request-size: 100MB + mail: + timeJobSend: false + host: smtp.163.com + username: cpteos@163.com + password: ${MAIL_PASSWORD:} + properties: + mail.smtp.timeout: 10000 + mail.smtp.connectiontimeout: 10000 + mail.smtp.writetimeout: 10000 + mail.smtp.auth: true + smtp.ssl.enable: true + quartz: + job-store-type: jdbc + jdbc: + initialize-schema: embedded + auto-startup: true + startup-delay: 10s + overwrite-existing-jobs: true + properties: + org: + quartz: + scheduler: + instanceName: K8sScheduler + instanceId: AUTO + jobStore: + class: org.springframework.scheduling.quartz.LocalDataSourceJobStore + driverDelegateClass: org.quartz.impl.jdbcjobstore.StdJDBCDelegate + tablePrefix: QRTZ_ + isClustered: true + misfireThreshold: 12000 + clusterCheckinInterval: 15000 + threadPool: + class: org.quartz.simpl.SimpleThreadPool + threadCount: 10 + threadPriority: 5 + threadsInheritContextClassLoaderOfInitializingThread: true + jackson: + date-format: yyyy-MM-dd HH:mm:ss + time-zone: GMT+8 + jpa: + open-in-view: false + aop: + proxy-target-class: true + freemarker: + suffix: .ftl + content-type: text/html + charset: UTF-8 + cache: true + prefer-file-system-access: false + template-loader-path: + - classpath:/templates + mvc: + static-path-pattern: /** + pathmatch: + matching-strategy: ant_path_matcher + resource: + static-locations: classpath:/static/,classpath:/public/ + autoconfigure: + exclude: + - com.alibaba.druid.spring.boot3.autoconfigure.DruidDataSourceAutoConfigure + - org.springframework.boot.autoconfigure.flyway.FlywayAutoConfiguration + datasource: + druid: + stat-view-servlet: + enabled: false + web-stat-filter: + enabled: true + dynamic: + druid: + initial-size: 10 + min-idle: 10 + maxActive: 200 + maxWait: 30000 + timeBetweenEvictionRunsMillis: 60000 + minEvictableIdleTimeMillis: 300000 + validationQuery: SELECT 1 + testWhileIdle: true + testOnBorrow: false + testOnReturn: false + poolPreparedStatements: true + maxPoolPreparedStatementPerConnectionSize: 20 + filters: stat,slf4j + wall: + selectWhereAlwayTrueCheck: false + stat: + merge-sql: true + slow-sql-millis: 5000 + datasource: + master: + url: ${DB_URL:jdbc:mysql://cpte-wms-mysql:3306/cpte-wms?characterEncoding=UTF-8&useUnicode=true&useSSL=false&tinyInt1isBit=false&allowPublicKeyRetrieval=true&serverTimezone=Asia/Shanghai} + username: ${DB_USERNAME:root} + password: ${DB_PASSWORD:root} + driver-class-name: com.mysql.cj.jdbc.Driver + data: + redis: + database: 0 + host: ${REDIS_HOST:cpte-wms-redis} + port: ${REDIS_PORT:6379} + password: ${REDIS_PASSWORD:} + +mybatis-plus: + mapper-locations: classpath*:org/jeecg/**/xml/*Mapper.xml + global-config: + banner: false + db-config: + id-type: ASSIGN_ID + table-underline: true + configuration: + call-setters-on-nulls: true + +minidao: + base-package: org.jeecg.modules.jmreport.*,org.jeecg.modules.drag.* + +jeecg: + ai-chat: + enabled: false + model: deepseek-chat + apiKey: ${AI_API_KEY:} + apiHost: https://api.deepseek.com/v1 + timeout: 60 + ai-rag: + embed-store: + host: ${PGVECTOR_HOST:} + port: 5432 + database: vector_db + user: postgres + password: ${PGVECTOR_PASSWORD:} + table: embeddings + firewall: + dataSourceSafe: true + lowCodeMode: prod + signatureSecret: ${SIGNATURE_SECRET:dd05f1c54d63749eda95f9fa6d49v442a} + signUrls: /sys/dict/getDictItems/*,/sys/dict/loadDict/*,/sys/dict/loadDictOrderByValue/*,/sys/dict/loadDictItem/*,/sys/dict/loadTreeData,/sys/api/queryTableDictItemsByCode,/sys/api/queryFilterTableDictInfo,/sys/api/queryTableDictByKeys,/sys/api/translateDictFromTable,/sys/api/translateDictFromTableByKeys,/sys/sendChangePwdSms,/sys/user/sendChangePhoneSms,/sys/sms,/desform/api/sendVerifyCode + uploadType: ${UPLOAD_TYPE:minio} + domainUrl: + pc: ${DOMAIN_URL_PC:https://wms.yourdomain.com} + app: ${DOMAIN_URL_APP:https://app.yourdomain.com} + path: + upload: ${UPLOAD_PATH:/data/upload} + webapp: ${WEBAPP_PATH:/data/webapp} + shiro: + excludeUrls: /test/cpteDemo/demo3,/test/cpteDemo/redisDemo/**,/bigscreen/category/**,/bigscreen/visual/**,/bigscreen/map/**,/jmreport/bigscreen2/** + oss: + accessKey: ${OSS_ACCESS_KEY:} + secretKey: ${OSS_SECRET_KEY:} + endpoint: oss-cn-beijing.aliyuncs.com + bucketName: cptedev + file-view-domain: ${FILE_VIEW_DOMAIN:http://fileview.cpte.com} + minio: + minio_url: ${MINIO_URL:http://cpte-wms-minio:9000} + minio_name: ${MINIO_ACCESS_KEY:admin} + minio_pass: ${MINIO_SECRET_KEY:} + bucketName: ${MINIO_BUCKET:cpte-wms} + jmreport: + saasMode: + firewall: + dataSourceSafe: true + lowCodeMode: prod + gao-de-api: + api-key: ${GAODE_API_KEY:} + secret-key: ${GAODE_SECRET_KEY:} + xxljob: + enabled: false + adminAddresses: http://cpte-wms-xxljob:9080/xxl-job-admin + appname: ${spring.application.name} + accessToken: '' + address: cpte-wms-xxljob:30007 + ip: cpte-wms-xxljob + port: 30007 + logPath: /data/logs/xxl-job/ + logRetentionDays: 30 + redisson: + address: ${REDIS_HOST:cpte-wms-redis}:${REDIS_PORT:6379} + password: ${REDIS_PASSWORD:} + type: STANDALONE + enabled: true + baidu-api: + app-id: ${BAIDU_APP_ID:} + api-key: ${BAIDU_API_KEY:} + secret-key: ${BAIDU_SECRET_KEY:} + +cas: + prefixUrl: ${CAS_URL:http://cas.example.org:8443/cas} + +logging: + level: + root: WARN + org.springframework.context.support.PostProcessorRegistrationDelegate: error + org.flywaydb: info + org.jeecg: INFO + org.cpte: INFO + file: + name: ${LOG_PATH:/data/logs}/cpte-wms/cpte-wms.log + max-size: 100MB + max-history: 30 + +knife4j: + enable: true + production: true + basic: + enable: true + username: ${SWAGGER_USERNAME:cpte_admin} + password: ${SWAGGER_PASSWORD:cpte_secure_2024} + +justauth: + enabled: false + type: + GITHUB: + client-id: ${GITHUB_CLIENT_ID:} + client-secret: ${GITHUB_CLIENT_SECRET:} + redirect-uri: https://wms.yourdomain.com/cpte-wms/sys/thirdLogin/github/callback + WECHAT_ENTERPRISE: + client-id: ${WECHAT_ENTERPRISE_CLIENT_ID:} + client-secret: ${WECHAT_ENTERPRISE_CLIENT_SECRET:} + redirect-uri: https://wms.yourdomain.com/cpte-wms/sys/thirdLogin/wechat_enterprise/callback + agent-id: ${WECHAT_ENTERPRISE_AGENT_ID:} + DINGTALK: + client-id: ${DINGTALK_CLIENT_ID:} + client-secret: ${DINGTALK_CLIENT_SECRET:} + redirect-uri: https://wms.yourdomain.com/cpte-wms/sys/thirdLogin/dingtalk/callback + WECHAT_OPEN: + client-id: ${WECHAT_OPEN_CLIENT_ID:} + client-secret: ${WECHAT_OPEN_CLIENT_SECRET:} + redirect-uri: https://wms.yourdomain.com/cpte-wms/sys/thirdLogin/wechat_open/callback + cache: + type: default + prefix: 'k8s::' + timeout: 1h diff --git a/cpte-wms-service/cpte-wms-basic-service/Dockerfile b/cpte-wms-service/cpte-wms-basic-service/Dockerfile index 9262579..7b68ee9 100644 --- a/cpte-wms-service/cpte-wms-basic-service/Dockerfile +++ b/cpte-wms-service/cpte-wms-basic-service/Dockerfile @@ -1,68 +1,26 @@ -# 多阶段构建 - 基础服务 -FROM maven:3.9-eclipse-temurin-17 AS builder +FROM eclipse-temurin:17-jre-alpine LABEL maintainer="cpte@163.com" LABEL description="CPTE WMS Basic Service" -WORKDIR /app - -# 复制 pom.xml 并下载依赖(利用 Docker 缓存) -COPY cpte-boot-base-core/pom.xml ./cpte-boot-base-core/ -COPY cpte-module-system/pom.xml ./cpte-module-system/ -COPY cpte-module-system/cpte-system-api/pom.xml ./cpte-module-system/cpte-system-api/ -COPY cpte-module-system/cpte-system-api/cpte-system-local-api/pom.xml ./cpte-module-system/cpte-system-api/cpte-system-local-api/ -COPY cpte-module-system/cpte-system-biz/pom.xml ./cpte-module-system/cpte-system-biz/ -COPY cpte-boot-module/pom.xml ./cpte-boot-module/ -COPY cpte-boot-module/cpte-module-wms/pom.xml ./cpte-boot-module/cpte-module-wms/ -COPY cpte-wms-service/pom.xml ./cpte-wms-service/ -COPY cpte-wms-service/cpte-wms-api/pom.xml ./cpte-wms-service/cpte-wms-api/ -COPY cpte-wms-service/cpte-wms-basic-service/pom.xml ./cpte-wms-service/cpte-wms-basic-service/ -COPY pom.xml ./ - -# 下载依赖 -RUN mvn dependency:go-offline -B - -# 复制源代码并构建 -COPY cpte-boot-base-core/src ./cpte-boot-base-core/src -COPY cpte-module-system/cpte-system-api/src ./cpte-module-system/cpte-system-api/src -COPY cpte-module-system/cpte-system-api/cpte-system-local-api/src ./cpte-module-system/cpte-system-api/cpte-system-local-api/src -COPY cpte-module-system/cpte-system-biz/src ./cpte-module-system/cpte-system-biz/src -COPY cpte-boot-module/cpte-module-wms/src ./cpte-boot-module/cpte-module-wms/src -COPY cpte-wms-service/cpte-wms-api/src ./cpte-wms-service/cpte-wms-api/src -COPY cpte-wms-service/cpte-wms-basic-service/src ./cpte-wms-service/cpte-wms-basic-service/src - -RUN mvn clean package -DskipTests -pl cpte-wms-service/cpte-wms-basic-service -am -B - -# 运行阶段 -FROM eclipse-temurin:17-jre-alpine - -LABEL maintainer="cpte@163.com" -LABEL description="CPTE WMS Basic Service Runtime" - -# 安装必要的工具 -RUN apk add --no-cache curl tzdata busybox-extras \ +RUN apk add --no-cache curl tzdata \ && cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime \ && echo "Asia/Shanghai" > /etc/timezone WORKDIR /app -# 从构建阶段复制 jar 包 -COPY --from=builder /app/cpte-wms-service/cpte-wms-basic-service/target/*.jar app.jar +ARG JAR_FILE=target/*.jar +COPY ${JAR_FILE} app.jar -# 创建数据目录 -RUN mkdir -p /data/upload /data/webapp /data/logs +RUN mkdir -p /data/upload /data/logs -# 设置环境变量 -ENV JAVA_OPTS="-Xms512m -Xmx1g -XX:+UseG1GC -XX:MaxGCPauseMillis=200 -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/data/logs" +ENV JAVA_OPTS="-Xms256m -Xmx512m -XX:+UseG1GC -XX:MaxGCPauseMillis=200" ENV SPRING_PROFILES_ACTIVE="k8s" ENV TZ="Asia/Shanghai" -# 暴露端口 -EXPOSE 8080 +EXPOSE 8001 -# 健康检查 -HEALTHCHECK --interval=30s --timeout=3s --start-period=60s --retries=3 \ - CMD curl -f http://localhost:8080/actuator/health || exit 1 +HEALTHCHECK --interval=30s --timeout=3s --start-period=90s --retries=3 \ + CMD curl -f http://localhost:8001/cpte-wms-basic/actuator/health || exit 1 -# 启动应用 ENTRYPOINT ["sh", "-c", "java $JAVA_OPTS -Dspring.profiles.active=$SPRING_PROFILES_ACTIVE -jar app.jar"] diff --git a/cpte-wms-service/cpte-wms-basic-service/k8s/deployment.yaml b/cpte-wms-service/cpte-wms-basic-service/k8s/deployment.yaml deleted file mode 100644 index a50321a..0000000 --- a/cpte-wms-service/cpte-wms-basic-service/k8s/deployment.yaml +++ /dev/null @@ -1,132 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: wms-basic-service - namespace: wms-system - labels: - app: wms-basic - version: v1 -spec: - replicas: 2 - selector: - matchLabels: - app: wms-basic - template: - metadata: - labels: - app: wms-basic - version: v1 - spec: - containers: - - name: wms-basic - image: registry.cn-beijing.aliyuncs.com/cpte-wms/wms-basic-service:latest - imagePullPolicy: Always - ports: - - containerPort: 8080 - name: http - protocol: TCP - env: - - name: SPRING_PROFILES_ACTIVE - value: "k8s" - - name: MYSQL_HOST - valueFrom: - secretKeyRef: - name: wms-secret - key: MYSQL_HOST - - name: MYSQL_PORT - valueFrom: - secretKeyRef: - name: wms-secret - key: MYSQL_PORT - - name: MYSQL_USERNAME - valueFrom: - secretKeyRef: - name: wms-secret - key: MYSQL_USERNAME - - name: MYSQL_PASSWORD - valueFrom: - secretKeyRef: - name: wms-secret - key: MYSQL_PASSWORD - - name: REDIS_HOST - valueFrom: - secretKeyRef: - name: wms-secret - key: REDIS_HOST - - name: REDIS_PORT - valueFrom: - secretKeyRef: - name: wms-secret - key: REDIS_PORT - - name: REDIS_PASSWORD - valueFrom: - secretKeyRef: - name: wms-secret - key: REDIS_PASSWORD - - name: JAVA_OPTS - value: "-Xms512m -Xmx1g -XX:+UseG1GC -XX:MaxGCPauseMillis=200" - volumeMounts: - - name: config-volume - mountPath: /app/config - - name: data-volume - mountPath: /data - - name: logs-volume - mountPath: /data/logs - resources: - requests: - memory: "512Mi" - cpu: "250m" - limits: - memory: "1Gi" - cpu: "500m" - livenessProbe: - httpGet: - path: /actuator/health/liveness - port: 8080 - scheme: HTTP - initialDelaySeconds: 60 - periodSeconds: 10 - timeoutSeconds: 3 - failureThreshold: 3 - readinessProbe: - httpGet: - path: /actuator/health/readiness - port: 8080 - scheme: HTTP - initialDelaySeconds: 30 - periodSeconds: 5 - timeoutSeconds: 3 - failureThreshold: 3 - startupProbe: - httpGet: - path: /actuator/health - port: 8080 - scheme: HTTP - initialDelaySeconds: 0 - periodSeconds: 5 - timeoutSeconds: 3 - failureThreshold: 30 - volumes: - - name: config-volume - configMap: - name: wms-common-config - - name: data-volume - emptyDir: {} - - name: logs-volume - emptyDir: {} - restartPolicy: Always - terminationGracePeriodSeconds: 30 - dnsPolicy: ClusterFirst - securityContext: {} - schedulerName: default-scheduler ---- -apiVersion: policy/v1 -kind: PodDisruptionBudget -metadata: - name: wms-basic-pdb - namespace: wms-system -spec: - minAvailable: 1 - selector: - matchLabels: - app: wms-basic diff --git a/cpte-wms-service/cpte-wms-inbound-service/Dockerfile b/cpte-wms-service/cpte-wms-inbound-service/Dockerfile index 2587cc1..4d95b9d 100644 --- a/cpte-wms-service/cpte-wms-inbound-service/Dockerfile +++ b/cpte-wms-service/cpte-wms-inbound-service/Dockerfile @@ -1,68 +1,26 @@ -# 多阶段构建 - 入库服务 -FROM maven:3.9-eclipse-temurin-17 AS builder +FROM eclipse-temurin:17-jre-alpine LABEL maintainer="cpte@163.com" LABEL description="CPTE WMS Inbound Service" -WORKDIR /app - -# 复制 pom.xml 并下载依赖(利用 Docker 缓存) -COPY cpte-boot-base-core/pom.xml ./cpte-boot-base-core/ -COPY cpte-module-system/pom.xml ./cpte-module-system/ -COPY cpte-module-system/cpte-system-api/pom.xml ./cpte-module-system/cpte-system-api/ -COPY cpte-module-system/cpte-system-api/cpte-system-local-api/pom.xml ./cpte-module-system/cpte-system-api/cpte-system-local-api/ -COPY cpte-module-system/cpte-system-biz/pom.xml ./cpte-module-system/cpte-system-biz/ -COPY cpte-boot-module/pom.xml ./cpte-boot-module/ -COPY cpte-boot-module/cpte-module-wms/pom.xml ./cpte-boot-module/cpte-module-wms/ -COPY cpte-wms-service/pom.xml ./cpte-wms-service/ -COPY cpte-wms-service/cpte-wms-api/pom.xml ./cpte-wms-service/cpte-wms-api/ -COPY cpte-wms-service/cpte-wms-inbound-service/pom.xml ./cpte-wms-service/cpte-wms-inbound-service/ -COPY pom.xml ./ - -# 下载依赖 -RUN mvn dependency:go-offline -B - -# 复制源代码并构建 -COPY cpte-boot-base-core/src ./cpte-boot-base-core/src -COPY cpte-module-system/cpte-system-api/src ./cpte-module-system/cpte-system-api/src -COPY cpte-module-system/cpte-system-api/cpte-system-local-api/src ./cpte-module-system/cpte-system-api/cpte-system-local-api/src -COPY cpte-module-system/cpte-system-biz/src ./cpte-module-system/cpte-system-biz/src -COPY cpte-boot-module/cpte-module-wms/src ./cpte-boot-module/cpte-module-wms/src -COPY cpte-wms-service/cpte-wms-api/src ./cpte-wms-service/cpte-wms-api/src -COPY cpte-wms-service/cpte-wms-inbound-service/src ./cpte-wms-service/cpte-wms-inbound-service/src - -RUN mvn clean package -DskipTests -pl cpte-wms-service/cpte-wms-inbound-service -am -B - -# 运行阶段 -FROM eclipse-temurin:17-jre-alpine - -LABEL maintainer="cpte@163.com" -LABEL description="CPTE WMS Inbound Service Runtime" - -# 安装必要的工具 -RUN apk add --no-cache curl tzdata busybox-extras \ +RUN apk add --no-cache curl tzdata \ && cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime \ && echo "Asia/Shanghai" > /etc/timezone WORKDIR /app -# 从构建阶段复制 jar 包 -COPY --from=builder /app/cpte-wms-service/cpte-wms-inbound-service/target/*.jar app.jar +ARG JAR_FILE=target/*.jar +COPY ${JAR_FILE} app.jar -# 创建数据目录 -RUN mkdir -p /data/upload /data/webapp /data/logs +RUN mkdir -p /data/logs -# 设置环境变量 -ENV JAVA_OPTS="-Xms512m -Xmx1g -XX:+UseG1GC -XX:MaxGCPauseMillis=200 -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/data/logs" +ENV JAVA_OPTS="-Xms256m -Xmx512m -XX:+UseG1GC -XX:MaxGCPauseMillis=200" ENV SPRING_PROFILES_ACTIVE="k8s" ENV TZ="Asia/Shanghai" -# 暴露端口 -EXPOSE 8080 +EXPOSE 8002 -# 健康检查 -HEALTHCHECK --interval=30s --timeout=3s --start-period=60s --retries=3 \ - CMD curl -f http://localhost:8080/actuator/health || exit 1 +HEALTHCHECK --interval=30s --timeout=3s --start-period=90s --retries=3 \ + CMD curl -f http://localhost:8002/actuator/health || exit 1 -# 启动应用 ENTRYPOINT ["sh", "-c", "java $JAVA_OPTS -Dspring.profiles.active=$SPRING_PROFILES_ACTIVE -jar app.jar"] diff --git a/cpte-wms-service/cpte-wms-inbound-service/k8s/deployment.yaml b/cpte-wms-service/cpte-wms-inbound-service/k8s/deployment.yaml deleted file mode 100644 index f65fa48..0000000 --- a/cpte-wms-service/cpte-wms-inbound-service/k8s/deployment.yaml +++ /dev/null @@ -1,132 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: wms-inbound-service - namespace: wms-system - labels: - app: wms-inbound - version: v1 -spec: - replicas: 2 - selector: - matchLabels: - app: wms-inbound - template: - metadata: - labels: - app: wms-inbound - version: v1 - spec: - containers: - - name: wms-inbound - image: registry.cn-beijing.aliyuncs.com/cpte-wms/wms-inbound-service:latest - imagePullPolicy: Always - ports: - - containerPort: 8080 - name: http - protocol: TCP - env: - - name: SPRING_PROFILES_ACTIVE - value: "k8s" - - name: MYSQL_HOST - valueFrom: - secretKeyRef: - name: wms-secret - key: MYSQL_HOST - - name: MYSQL_PORT - valueFrom: - secretKeyRef: - name: wms-secret - key: MYSQL_PORT - - name: MYSQL_USERNAME - valueFrom: - secretKeyRef: - name: wms-secret - key: MYSQL_USERNAME - - name: MYSQL_PASSWORD - valueFrom: - secretKeyRef: - name: wms-secret - key: MYSQL_PASSWORD - - name: REDIS_HOST - valueFrom: - secretKeyRef: - name: wms-secret - key: REDIS_HOST - - name: REDIS_PORT - valueFrom: - secretKeyRef: - name: wms-secret - key: REDIS_PORT - - name: REDIS_PASSWORD - valueFrom: - secretKeyRef: - name: wms-secret - key: REDIS_PASSWORD - - name: JAVA_OPTS - value: "-Xms512m -Xmx1g -XX:+UseG1GC -XX:MaxGCPauseMillis=200" - volumeMounts: - - name: config-volume - mountPath: /app/config - - name: data-volume - mountPath: /data - - name: logs-volume - mountPath: /data/logs - resources: - requests: - memory: "512Mi" - cpu: "250m" - limits: - memory: "1Gi" - cpu: "500m" - livenessProbe: - httpGet: - path: /actuator/health/liveness - port: 8080 - scheme: HTTP - initialDelaySeconds: 60 - periodSeconds: 10 - timeoutSeconds: 3 - failureThreshold: 3 - readinessProbe: - httpGet: - path: /actuator/health/readiness - port: 8080 - scheme: HTTP - initialDelaySeconds: 30 - periodSeconds: 5 - timeoutSeconds: 3 - failureThreshold: 3 - startupProbe: - httpGet: - path: /actuator/health - port: 8080 - scheme: HTTP - initialDelaySeconds: 0 - periodSeconds: 5 - timeoutSeconds: 3 - failureThreshold: 30 - volumes: - - name: config-volume - configMap: - name: wms-common-config - - name: data-volume - emptyDir: {} - - name: logs-volume - emptyDir: {} - restartPolicy: Always - terminationGracePeriodSeconds: 30 - dnsPolicy: ClusterFirst - securityContext: {} - schedulerName: default-scheduler ---- -apiVersion: policy/v1 -kind: PodDisruptionBudget -metadata: - name: wms-inbound-pdb - namespace: wms-system -spec: - minAvailable: 1 - selector: - matchLabels: - app: wms-inbound diff --git a/cpte-wms-service/cpte-wms-inventory-service/Dockerfile b/cpte-wms-service/cpte-wms-inventory-service/Dockerfile index ea20e70..798824c 100644 --- a/cpte-wms-service/cpte-wms-inventory-service/Dockerfile +++ b/cpte-wms-service/cpte-wms-inventory-service/Dockerfile @@ -1,57 +1,26 @@ -# 多阶段构建 - 库存服务 -FROM maven:3.9-eclipse-temurin-17 AS builder +FROM eclipse-temurin:17-jre-alpine LABEL maintainer="cpte@163.com" LABEL description="CPTE WMS Inventory Service" -WORKDIR /app - -COPY cpte-boot-base-core/pom.xml ./cpte-boot-base-core/ -COPY cpte-module-system/pom.xml ./cpte-module-system/ -COPY cpte-module-system/cpte-system-api/pom.xml ./cpte-module-system/cpte-system-api/ -COPY cpte-module-system/cpte-system-api/cpte-system-local-api/pom.xml ./cpte-module-system/cpte-system-api/cpte-system-local-api/ -COPY cpte-module-system/cpte-system-biz/pom.xml ./cpte-module-system/cpte-system-biz/ -COPY cpte-boot-module/pom.xml ./cpte-boot-module/ -COPY cpte-boot-module/cpte-module-wms/pom.xml ./cpte-boot-module/cpte-module-wms/ -COPY cpte-wms-service/pom.xml ./cpte-wms-service/ -COPY cpte-wms-service/cpte-wms-api/pom.xml ./cpte-wms-service/cpte-wms-api/ -COPY cpte-wms-service/cpte-wms-inventory-service/pom.xml ./cpte-wms-service/cpte-wms-inventory-service/ -COPY pom.xml ./ - -RUN mvn dependency:go-offline -B - -COPY cpte-boot-base-core/src ./cpte-boot-base-core/src -COPY cpte-module-system/cpte-system-api/src ./cpte-module-system/cpte-system-api/src -COPY cpte-module-system/cpte-system-api/cpte-system-local-api/src ./cpte-module-system/cpte-system-api/cpte-system-local-api/src -COPY cpte-module-system/cpte-system-biz/src ./cpte-module-system/cpte-system-biz/src -COPY cpte-boot-module/cpte-module-wms/src ./cpte-boot-module/cpte-module-wms/src -COPY cpte-wms-service/cpte-wms-api/src ./cpte-wms-service/cpte-wms-api/src -COPY cpte-wms-service/cpte-wms-inventory-service/src ./cpte-wms-service/cpte-wms-inventory-service/src - -RUN mvn clean package -DskipTests -pl cpte-wms-service/cpte-wms-inventory-service -am -B - -FROM eclipse-temurin:17-jre-alpine - -LABEL maintainer="cpte@163.com" -LABEL description="CPTE WMS Inventory Service Runtime" - -RUN apk add --no-cache curl tzdata busybox-extras \ +RUN apk add --no-cache curl tzdata \ && cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime \ && echo "Asia/Shanghai" > /etc/timezone WORKDIR /app -COPY --from=builder /app/cpte-wms-service/cpte-wms-inventory-service/target/*.jar app.jar +ARG JAR_FILE=target/*.jar +COPY ${JAR_FILE} app.jar -RUN mkdir -p /data/upload /data/webapp /data/logs +RUN mkdir -p /data/logs -ENV JAVA_OPTS="-Xms512m -Xmx1g -XX:+UseG1GC -XX:MaxGCPauseMillis=200 -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/data/logs" +ENV JAVA_OPTS="-Xms256m -Xmx512m -XX:+UseG1GC -XX:MaxGCPauseMillis=200" ENV SPRING_PROFILES_ACTIVE="k8s" ENV TZ="Asia/Shanghai" -EXPOSE 8080 +EXPOSE 8004 -HEALTHCHECK --interval=30s --timeout=3s --start-period=60s --retries=3 \ - CMD curl -f http://localhost:8080/actuator/health || exit 1 +HEALTHCHECK --interval=30s --timeout=3s --start-period=90s --retries=3 \ + CMD curl -f http://localhost:8004/actuator/health || exit 1 ENTRYPOINT ["sh", "-c", "java $JAVA_OPTS -Dspring.profiles.active=$SPRING_PROFILES_ACTIVE -jar app.jar"] diff --git a/cpte-wms-service/cpte-wms-inventory-service/k8s/deployment.yaml b/cpte-wms-service/cpte-wms-inventory-service/k8s/deployment.yaml deleted file mode 100644 index 5384a39..0000000 --- a/cpte-wms-service/cpte-wms-inventory-service/k8s/deployment.yaml +++ /dev/null @@ -1,132 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: wms-inventory-service - namespace: wms-system - labels: - app: wms-inventory - version: v1 -spec: - replicas: 2 - selector: - matchLabels: - app: wms-inventory - template: - metadata: - labels: - app: wms-inventory - version: v1 - spec: - containers: - - name: wms-inventory - image: registry.cn-beijing.aliyuncs.com/cpte-wms/wms-inventory-service:latest - imagePullPolicy: Always - ports: - - containerPort: 8080 - name: http - protocol: TCP - env: - - name: SPRING_PROFILES_ACTIVE - value: "k8s" - - name: MYSQL_HOST - valueFrom: - secretKeyRef: - name: wms-secret - key: MYSQL_HOST - - name: MYSQL_PORT - valueFrom: - secretKeyRef: - name: wms-secret - key: MYSQL_PORT - - name: MYSQL_USERNAME - valueFrom: - secretKeyRef: - name: wms-secret - key: MYSQL_USERNAME - - name: MYSQL_PASSWORD - valueFrom: - secretKeyRef: - name: wms-secret - key: MYSQL_PASSWORD - - name: REDIS_HOST - valueFrom: - secretKeyRef: - name: wms-secret - key: REDIS_HOST - - name: REDIS_PORT - valueFrom: - secretKeyRef: - name: wms-secret - key: REDIS_PORT - - name: REDIS_PASSWORD - valueFrom: - secretKeyRef: - name: wms-secret - key: REDIS_PASSWORD - - name: JAVA_OPTS - value: "-Xms512m -Xmx1g -XX:+UseG1GC -XX:MaxGCPauseMillis=200" - volumeMounts: - - name: config-volume - mountPath: /app/config - - name: data-volume - mountPath: /data - - name: logs-volume - mountPath: /data/logs - resources: - requests: - memory: "512Mi" - cpu: "250m" - limits: - memory: "1Gi" - cpu: "500m" - livenessProbe: - httpGet: - path: /actuator/health/liveness - port: 8080 - scheme: HTTP - initialDelaySeconds: 60 - periodSeconds: 10 - timeoutSeconds: 3 - failureThreshold: 3 - readinessProbe: - httpGet: - path: /actuator/health/readiness - port: 8080 - scheme: HTTP - initialDelaySeconds: 30 - periodSeconds: 5 - timeoutSeconds: 3 - failureThreshold: 3 - startupProbe: - httpGet: - path: /actuator/health - port: 8080 - scheme: HTTP - initialDelaySeconds: 0 - periodSeconds: 5 - timeoutSeconds: 3 - failureThreshold: 30 - volumes: - - name: config-volume - configMap: - name: wms-common-config - - name: data-volume - emptyDir: {} - - name: logs-volume - emptyDir: {} - restartPolicy: Always - terminationGracePeriodSeconds: 30 - dnsPolicy: ClusterFirst - securityContext: {} - schedulerName: default-scheduler ---- -apiVersion: policy/v1 -kind: PodDisruptionBudget -metadata: - name: wms-inventory-pdb - namespace: wms-system -spec: - minAvailable: 1 - selector: - matchLabels: - app: wms-inventory diff --git a/cpte-wms-service/cpte-wms-outbound-service/Dockerfile b/cpte-wms-service/cpte-wms-outbound-service/Dockerfile index eea4375..ebf878a 100644 --- a/cpte-wms-service/cpte-wms-outbound-service/Dockerfile +++ b/cpte-wms-service/cpte-wms-outbound-service/Dockerfile @@ -1,61 +1,26 @@ -# 多阶段构建 - 出库服务 -FROM maven:3.9-eclipse-temurin-17 AS builder +FROM eclipse-temurin:17-jre-alpine LABEL maintainer="cpte@163.com" LABEL description="CPTE WMS Outbound Service" -WORKDIR /app - -# 复制 pom.xml 并下载依赖 -COPY cpte-boot-base-core/pom.xml ./cpte-boot-base-core/ -COPY cpte-module-system/pom.xml ./cpte-module-system/ -COPY cpte-module-system/cpte-system-api/pom.xml ./cpte-module-system/cpte-system-api/ -COPY cpte-module-system/cpte-system-api/cpte-system-local-api/pom.xml ./cpte-module-system/cpte-system-api/cpte-system-local-api/ -COPY cpte-module-system/cpte-system-biz/pom.xml ./cpte-module-system/cpte-system-biz/ -COPY cpte-boot-module/pom.xml ./cpte-boot-module/ -COPY cpte-boot-module/cpte-module-wms/pom.xml ./cpte-boot-module/cpte-module-wms/ -COPY cpte-wms-service/pom.xml ./cpte-wms-service/ -COPY cpte-wms-service/cpte-wms-api/pom.xml ./cpte-wms-service/cpte-wms-api/ -COPY cpte-wms-service/cpte-wms-outbound-service/pom.xml ./cpte-wms-service/cpte-wms-outbound-service/ -COPY pom.xml ./ - -# 下载依赖 -RUN mvn dependency:go-offline -B - -# 复制源代码并构建 -COPY cpte-boot-base-core/src ./cpte-boot-base-core/src -COPY cpte-module-system/cpte-system-api/src ./cpte-module-system/cpte-system-api/src -COPY cpte-module-system/cpte-system-api/cpte-system-local-api/src ./cpte-module-system/cpte-system-api/cpte-system-local-api/src -COPY cpte-module-system/cpte-system-biz/src ./cpte-module-system/cpte-system-biz/src -COPY cpte-boot-module/cpte-module-wms/src ./cpte-boot-module/cpte-module-wms/src -COPY cpte-wms-service/cpte-wms-api/src ./cpte-wms-service/cpte-wms-api/src -COPY cpte-wms-service/cpte-wms-outbound-service/src ./cpte-wms-service/cpte-wms-outbound-service/src - -RUN mvn clean package -DskipTests -pl cpte-wms-service/cpte-wms-outbound-service -am -B - -# 运行阶段 -FROM eclipse-temurin:17-jre-alpine - -LABEL maintainer="cpte@163.com" -LABEL description="CPTE WMS Outbound Service Runtime" - -RUN apk add --no-cache curl tzdata busybox-extras \ +RUN apk add --no-cache curl tzdata \ && cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime \ && echo "Asia/Shanghai" > /etc/timezone WORKDIR /app -COPY --from=builder /app/cpte-wms-service/cpte-wms-outbound-service/target/*.jar app.jar +ARG JAR_FILE=target/*.jar +COPY ${JAR_FILE} app.jar -RUN mkdir -p /data/upload /data/webapp /data/logs +RUN mkdir -p /data/logs -ENV JAVA_OPTS="-Xms512m -Xmx1g -XX:+UseG1GC -XX:MaxGCPauseMillis=200 -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/data/logs" +ENV JAVA_OPTS="-Xms256m -Xmx512m -XX:+UseG1GC -XX:MaxGCPauseMillis=200" ENV SPRING_PROFILES_ACTIVE="k8s" ENV TZ="Asia/Shanghai" -EXPOSE 8080 +EXPOSE 8003 -HEALTHCHECK --interval=30s --timeout=3s --start-period=60s --retries=3 \ - CMD curl -f http://localhost:8080/actuator/health || exit 1 +HEALTHCHECK --interval=30s --timeout=3s --start-period=90s --retries=3 \ + CMD curl -f http://localhost:8003/actuator/health || exit 1 ENTRYPOINT ["sh", "-c", "java $JAVA_OPTS -Dspring.profiles.active=$SPRING_PROFILES_ACTIVE -jar app.jar"] diff --git a/cpte-wms-service/cpte-wms-outbound-service/k8s/deployment.yaml b/cpte-wms-service/cpte-wms-outbound-service/k8s/deployment.yaml deleted file mode 100644 index 856d69d..0000000 --- a/cpte-wms-service/cpte-wms-outbound-service/k8s/deployment.yaml +++ /dev/null @@ -1,132 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: wms-outbound-service - namespace: wms-system - labels: - app: wms-outbound - version: v1 -spec: - replicas: 2 - selector: - matchLabels: - app: wms-outbound - template: - metadata: - labels: - app: wms-outbound - version: v1 - spec: - containers: - - name: wms-outbound - image: registry.cn-beijing.aliyuncs.com/cpte-wms/wms-outbound-service:latest - imagePullPolicy: Always - ports: - - containerPort: 8080 - name: http - protocol: TCP - env: - - name: SPRING_PROFILES_ACTIVE - value: "k8s" - - name: MYSQL_HOST - valueFrom: - secretKeyRef: - name: wms-secret - key: MYSQL_HOST - - name: MYSQL_PORT - valueFrom: - secretKeyRef: - name: wms-secret - key: MYSQL_PORT - - name: MYSQL_USERNAME - valueFrom: - secretKeyRef: - name: wms-secret - key: MYSQL_USERNAME - - name: MYSQL_PASSWORD - valueFrom: - secretKeyRef: - name: wms-secret - key: MYSQL_PASSWORD - - name: REDIS_HOST - valueFrom: - secretKeyRef: - name: wms-secret - key: REDIS_HOST - - name: REDIS_PORT - valueFrom: - secretKeyRef: - name: wms-secret - key: REDIS_PORT - - name: REDIS_PASSWORD - valueFrom: - secretKeyRef: - name: wms-secret - key: REDIS_PASSWORD - - name: JAVA_OPTS - value: "-Xms512m -Xmx1g -XX:+UseG1GC -XX:MaxGCPauseMillis=200" - volumeMounts: - - name: config-volume - mountPath: /app/config - - name: data-volume - mountPath: /data - - name: logs-volume - mountPath: /data/logs - resources: - requests: - memory: "512Mi" - cpu: "250m" - limits: - memory: "1Gi" - cpu: "500m" - livenessProbe: - httpGet: - path: /actuator/health/liveness - port: 8080 - scheme: HTTP - initialDelaySeconds: 60 - periodSeconds: 10 - timeoutSeconds: 3 - failureThreshold: 3 - readinessProbe: - httpGet: - path: /actuator/health/readiness - port: 8080 - scheme: HTTP - initialDelaySeconds: 30 - periodSeconds: 5 - timeoutSeconds: 3 - failureThreshold: 3 - startupProbe: - httpGet: - path: /actuator/health - port: 8080 - scheme: HTTP - initialDelaySeconds: 0 - periodSeconds: 5 - timeoutSeconds: 3 - failureThreshold: 30 - volumes: - - name: config-volume - configMap: - name: wms-common-config - - name: data-volume - emptyDir: {} - - name: logs-volume - emptyDir: {} - restartPolicy: Always - terminationGracePeriodSeconds: 30 - dnsPolicy: ClusterFirst - securityContext: {} - schedulerName: default-scheduler ---- -apiVersion: policy/v1 -kind: PodDisruptionBudget -metadata: - name: wms-outbound-pdb - namespace: wms-system -spec: - minAvailable: 1 - selector: - matchLabels: - app: wms-outbound diff --git a/cpte-wms-service/cpte-wms-schedule-service/k8s/deployment.yaml b/cpte-wms-service/cpte-wms-schedule-service/k8s/deployment.yaml deleted file mode 100644 index e737ee8..0000000 --- a/cpte-wms-service/cpte-wms-schedule-service/k8s/deployment.yaml +++ /dev/null @@ -1,132 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: wms-schedule-service - namespace: wms-system - labels: - app: wms-schedule - version: v1 -spec: - replicas: 2 - selector: - matchLabels: - app: wms-schedule - template: - metadata: - labels: - app: wms-schedule - version: v1 - spec: - containers: - - name: wms-schedule - image: registry.cn-beijing.aliyuncs.com/cpte-wms/wms-schedule-service:latest - imagePullPolicy: Always - ports: - - containerPort: 8080 - name: http - protocol: TCP - env: - - name: SPRING_PROFILES_ACTIVE - value: "k8s" - - name: MYSQL_HOST - valueFrom: - secretKeyRef: - name: wms-secret - key: MYSQL_HOST - - name: MYSQL_PORT - valueFrom: - secretKeyRef: - name: wms-secret - key: MYSQL_PORT - - name: MYSQL_USERNAME - valueFrom: - secretKeyRef: - name: wms-secret - key: MYSQL_USERNAME - - name: MYSQL_PASSWORD - valueFrom: - secretKeyRef: - name: wms-secret - key: MYSQL_PASSWORD - - name: REDIS_HOST - valueFrom: - secretKeyRef: - name: wms-secret - key: REDIS_HOST - - name: REDIS_PORT - valueFrom: - secretKeyRef: - name: wms-secret - key: REDIS_PORT - - name: REDIS_PASSWORD - valueFrom: - secretKeyRef: - name: wms-secret - key: REDIS_PASSWORD - - name: JAVA_OPTS - value: "-Xms512m -Xmx1g -XX:+UseG1GC -XX:MaxGCPauseMillis=200" - volumeMounts: - - name: config-volume - mountPath: /app/config - - name: data-volume - mountPath: /data - - name: logs-volume - mountPath: /data/logs - resources: - requests: - memory: "512Mi" - cpu: "250m" - limits: - memory: "1Gi" - cpu: "500m" - livenessProbe: - httpGet: - path: /actuator/health/liveness - port: 8080 - scheme: HTTP - initialDelaySeconds: 60 - periodSeconds: 10 - timeoutSeconds: 3 - failureThreshold: 3 - readinessProbe: - httpGet: - path: /actuator/health/readiness - port: 8080 - scheme: HTTP - initialDelaySeconds: 30 - periodSeconds: 5 - timeoutSeconds: 3 - failureThreshold: 3 - startupProbe: - httpGet: - path: /actuator/health - port: 8080 - scheme: HTTP - initialDelaySeconds: 0 - periodSeconds: 5 - timeoutSeconds: 3 - failureThreshold: 30 - volumes: - - name: config-volume - configMap: - name: wms-common-config - - name: data-volume - emptyDir: {} - - name: logs-volume - emptyDir: {} - restartPolicy: Always - terminationGracePeriodSeconds: 30 - dnsPolicy: ClusterFirst - securityContext: {} - schedulerName: default-scheduler ---- -apiVersion: policy/v1 -kind: PodDisruptionBudget -metadata: - name: wms-schedule-pdb - namespace: wms-system -spec: - minAvailable: 1 - selector: - matchLabels: - app: wms-schedule diff --git a/k8s/README.md b/k8s/README.md index 5455268..fb3a13b 100644 --- a/k8s/README.md +++ b/k8s/README.md @@ -1,450 +1,473 @@ -# WMS 微服务 Kubernetes + KubeSphere 部署文档 +# CPTE WMS KubeSphere 部署指南 -## 📋 目录 +本文档详细说明如何将 CPTE WMS 系统部署到 KubeSphere/Kubernetes 环境。 -1. [部署前准备](#部署前准备) -2. [扩展组件选择](#扩展组件选择) -3. [快速部署](#快速部署) -4. [分步部署](#分步部署) -5. [中间件部署](#中间件部署) -6. [验证和测试](#验证和测试) -7. [常见问题](#常见问题) +## 目录 + +- [环境要求](#环境要求) +- [架构概览](#架构概览) +- [部署步骤](#部署步骤) +- [配置说明](#配置说明) +- [常见问题](#常见问题) --- -## 部署前准备 +## 环境要求 -### 1. 环境要求 +### 服务器要求 -- Kubernetes 1.28.x -- KubeSphere 3.4.x -- Helm 3.x -- kubectl 已配置集群访问 -- 存储类(StorageClass):nfs-sc +| 组件 | 最低配置 | 推荐配置 | +|------|---------|---------| +| CPU | 4核 | 8核+ | +| 内存 | 16GB | 32GB+ | +| 存储 | 100GB | 500GB+ SSD | -### 2. 修改配置文件 +### 软件要求 -#### 2.1 修改 Secret(secrets.yaml) +- Kubernetes 1.20+ +- KubeSphere 3.3+ +- Docker 20.10+ +- kubectl 命令行工具 +- Helm 3.0+ (可选) -```yaml -# Redis 密码 -wms-redis-secret: - password: "修改为强密码" +### 存储类要求 -# MySQL 密码 -wms-mysql-secret: - password: "修改为强密码" - -# MinIO 密钥 -wms-minio-secret: - access-key: "修改为自定义密钥" - secret-key: "修改为强密钥" - -# TLS 证书 -wms-tls-secret: - tls.crt: "替换为实际证书" - tls.key: "替换为实际私钥" - -# 镜像仓库凭证 -wms-docker-registry-secret: - password: "修改为仓库密码" -``` - -#### 2.2 修改 Ingress 域名(ingress.yaml) - -```yaml -# 生产环境 -- host: wms.yourcompany.com # 修改为实际域名 - -# 开发环境 -- host: wms-dev.yourcompany.com # 修改为实际域名 -``` - -#### 2.3 修改镜像地址(deployments/*.yaml) - -```yaml -image: registry.yourcompany.com/wms/cpte-wms-basic-service:latest -# 修改为实际的镜像仓库地址 -``` - ---- - -## 扩展组件选择 - -### ✅ 必选组件(21 个) - -在 KubeSphere 扩展组件选择界面,勾选以下组件: - -#### 核心组件 -- [x] Metrics Server -- [x] KubeSphere 网关 -- [x] KubeSphere 网络 -- [x] KubeSphere 存储 - -#### 可观察性 -- [x] WizTelemetry 监控 -- [x] WizTelemetry 日志 -- [x] WizTelemetry 告警 -- [x] WizTelemetry 通知 -- [x] WizTelemetry 事件 -- [x] WizTelemetry 审计 -- [x] WizTelemetry 全局监控 -- [x] KubeEye 巡检 - -#### DevOps -- [x] DevOps -- [x] 镜像构建器 - -#### 安全和集成 -- [x] cert-manager -- [x] OAuth2-Proxy -- [x] Gatekeeper -- [x] KubeSphere Spring Cloud -- [x] KEDA for KubeSphere - -#### 应用管理 -- [x] KubeSphere 应用商店管理 -- [x] KubeSphere 应用路由工具 - -### ❌ 不需要的组件 - -以下组件**不要勾选**: - -- 所有 AI/ML 相关(算力设备管理、DeepSeek、KAITO、NVIDIA 相关) -- 多集群相关(Karmada、联邦集群) -- 专用数据库(ob-operator、OceanBase) -- 服务网格(Istio、KubeSphere 服务网格) - ---- - -## 快速部署 - -### 一键部署 +确保 Kubernetes 集群有可用的 StorageClass,用于持久化存储: ```bash -# 进入 k8s 目录 -cd k8s - -# 执行部署脚本 -chmod +x deploy.sh -./deploy.sh - -# 选择选项 1) 完整部署 +kubectl get storageclass ``` -### 部署后验证 +如果没有默认存储类,需要先创建。KubeSphere 默认提供 `local` 存储类。 + +--- + +## 架构概览 + +### 服务架构 + +``` +┌─────────────────────────────────────────────────────────────────┐ +│ Ingress (Nginx) │ +│ wms.yourdomain.com │ +└─────────────────────────────────────────────────────────────────┘ + │ + ┌───────────────────────┼───────────────────────┐ + │ │ │ + ▼ ▼ ▼ +┌───────────────┐ ┌───────────────┐ ┌───────────────┐ +│ cpte-wms- │ │ cpte-wms- │ │ cpte-wms- │ +│ system │ │ basic │ │ inbound │ +│ (8000) │ │ (8001) │ │ (8002) │ +│ 系统主服务 │ │ 基础服务 │ │ 入库服务 │ +└───────────────┘ └───────────────┘ └───────────────┘ + │ │ │ + └───────────────────────┼───────────────────────┘ + │ + ┌───────────────────────┼───────────────────────┐ + │ │ │ + ▼ ▼ ▼ +┌───────────────┐ ┌───────────────┐ ┌───────────────┐ +│ cpte-wms- │ │ cpte-wms- │ │ cpte-wms- │ +│ outbound │ │ inventory │ │ schedule │ +│ (8003) │ │ (8004) │ │ (8005) │ +│ 出库服务 │ │ 库存服务 │ │ 调度服务 │ +└───────────────┘ └───────────────┘ └───────────────┘ + │ │ │ + └───────────────────────┼───────────────────────┘ + │ + ┌───────────┴───────────┐ + │ │ + ▼ ▼ + ┌───────────────┐ ┌───────────────┐ + │ mysql-service │ │ redis-service │ + │ (3306) │ │ (6379) │ + │ NodePort:30926│ │ NodePort:30899│ + └───────────────┘ └───────────────┘ + │ + ▼ + ┌───────────────┐ + │ nginx-service │ + │ (80) │ + │ NodePort:30575│ + └───────────────┘ +``` + +### 文件结构 + +``` +k8s/ +├── namespace.yaml # 命名空间定义 +├── configmap/ +│ └── application-config.yaml # 应用配置 +├── secrets/ +│ └── application-secrets.yaml # 敏感信息配置 +├── manifests/ +│ ├── mysql.yaml # MySQL 部署 +│ ├── redis.yaml # Redis 部署 (Service: redis-service, NodePort: 30899) +│ └── nginx.yaml # Nginx 部署 (Service: nginx-service, NodePort: 30575) +├── services/ +│ ├── system-service.yaml # 系统主服务 +│ ├── basic-service.yaml # 基础服务 +│ ├── inbound-service.yaml # 入库服务 +│ ├── outbound-service.yaml # 出库服务 +│ ├── inventory-service.yaml # 库存服务 +│ └── schedule-service.yaml # 调度服务 +├── ingress/ +│ └── ingress.yaml # Ingress 路由配置 +└── scripts/ + ├── build-images.sh # Linux 构建脚本 + ├── build-images.bat # Windows 构建脚本 + ├── deploy.sh # Linux 部署脚本 + └── deploy.bat # Windows 部署脚本 +``` + +--- + +## 部署步骤 + +### 第一步:准备工作 + +#### 1.1 克隆项目到服务器 + +```bash +# 在服务器上 +git clone +cd Cpte-Boot +``` + +#### 1.2 配置域名和密钥 + +编辑 `k8s/secrets/application-secrets.yaml`,修改以下敏感信息: + +```yaml +stringData: + DB_USERNAME: "root" + DB_PASSWORD: "your_secure_password" # 修改为安全密码 + REDIS_PASSWORD: "" # 如需密码认证 + SIGNATURE_SECRET: "your_signature_key" # 修改签名密钥 +``` + +编辑 `k8s/ingress/ingress.yaml`,修改域名: + +```yaml +spec: + rules: + - host: wms.yourdomain.com # 修改为你的域名 +``` + +#### 1.3 配置 DNS 解析 + +在域名服务商处配置 DNS 解析,将域名指向 Kubernetes 集群的 Ingress IP: + +```bash +# 获取 Ingress IP +kubectl get svc -n ingress-nginx +``` + +### 第二步:构建 Docker 镜像 + +#### 方式一:在开发机构建后推送 + +```bash +# Windows +k8s\scripts\build-images.bat 3.8.3 your-registry.com + +# Linux/Mac +chmod +x k8s/scripts/build-images.sh +./k8s/scripts/build-images.sh 3.8.3 your-registry.com + +# 推送镜像 +docker push your-registry.com/cpte-wms-system:3.8.3 +docker push your-registry.com/cpte-wms-basic:3.8.3 +docker push your-registry.com/cpte-wms-inbound:3.8.3 +docker push your-registry.com/cpte-wms-outbound:3.8.3 +docker push your-registry.com/cpte-wms-inventory:3.8.3 +docker push your-registry.com/cpte-wms-schedule:3.8.3 +``` + +#### 方式二:在服务器本地构建 + +```bash +# 在服务器上执行 +cd Cpte-Boot +./k8s/scripts/build-images.sh +``` + +### 第三步:部署到 Kubernetes + +#### 方式一:使用部署脚本 + +```bash +# Linux/Mac +chmod +x k8s/scripts/deploy.sh +./k8s/scripts/deploy.sh cpte-wms + +# Windows +k8s\scripts\deploy.bat cpte-wms +``` + +#### 方式二:手动部署 + +```bash +# 1. 创建命名空间 +kubectl apply -f k8s/namespace.yaml + +# 2. 创建 Secrets 和 ConfigMaps +kubectl apply -f k8s/secrets/application-secrets.yaml +kubectl apply -f k8s/configmap/application-config.yaml + +# 3. 部署中间件 +kubectl apply -f k8s/manifests/mysql.yaml +kubectl apply -f k8s/manifests/redis.yaml +kubectl apply -f k8s/manifests/nginx.yaml + +# 4. 等待中间件就绪 +kubectl wait --for=condition=ready pod -l app=cpte-wms-mysql -n cpte-wms --timeout=300s +kubectl wait --for=condition=ready pod -l app=redis -n cpte-wms --timeout=300s +kubectl wait --for=condition=ready pod -l app=nginx -n cpte-wms --timeout=300s + +# 5. 部署应用服务 +kubectl apply -f k8s/services/system-service.yaml +kubectl apply -f k8s/services/basic-service.yaml +kubectl apply -f k8s/services/inbound-service.yaml +kubectl apply -f k8s/services/outbound-service.yaml +kubectl apply -f k8s/services/inventory-service.yaml +kubectl apply -f k8s/services/schedule-service.yaml + +# 6. 创建 Ingress +kubectl apply -f k8s/ingress/ingress.yaml +``` + +### 第四步:验证部署 ```bash # 查看所有 Pod 状态 -kubectl get pods -n wms-system +kubectl get pods -n cpte-wms # 查看服务状态 -kubectl get services -n wms-system +kubectl get svc -n cpte-wms # 查看 Ingress -kubectl get ingress -n wms-system +kubectl get ingress -n cpte-wms -# 查看 HPA -kubectl get hpa -n wms-system +# 查看日志 +kubectl logs -f deployment/cpte-wms-system -n cpte-wms +``` + +### 第五步:初始化数据库 + +首次部署需要初始化数据库: + +```bash +# 进入 MySQL Pod +kubectl exec -it -n cpte-wms $(kubectl get pod -n cpte-wms -l app=cpte-wms-mysql -o jsonpath='{.items[0].metadata.name}') -- mysql -uroot -p + +# 或者使用 port-forward +kubectl port-forward svc/cpte-wms-mysql 3306:3306 -n cpte-wms + +# 使用数据库客户端连接并执行 SQL 脚本 +# SQL 脚本位于项目的 db 目录 ``` --- -## 分步部署 +## KubeSphere 控制台操作 -### 步骤 1: 创建命名空间 +### 通过 KubeSphere 控制台部署 -```bash -kubectl apply -f namespace.yaml -``` +#### 1. 创建项目 -### 步骤 2: 创建 Secret +1. 登录 KubeSphere 控制台 +2. 进入「应用负载」→「项目」 +3. 点击「创建」,输入项目名称 `cpte-wms` -```bash -# 先修改 secrets.yaml 中的密码和证书 -kubectl apply -f secrets.yaml -``` +#### 2. 创建配置 -### 步骤 3: 创建 ConfigMap +1. 进入项目 `cpte-wms` +2. 点击「配置」→「配置字典」→「创建」 +3. 上传 `k8s/configmap/application-config.yaml` -```bash -kubectl apply -f configmap.yaml -``` +#### 3. 创建密钥 -### 步骤 4: 创建存储 +1. 点击「配置」→「密钥」→「创建」 +2. 上传 `k8s/secrets/application-secrets.yaml` -```bash -kubectl apply -f pvc.yaml -``` +#### 4. 创建应用负载 -### 步骤 5: 部署中间件 +1. 点击「应用负载」→「工作负载」→「创建」 +2. 选择「部署」,依次创建各服务 -详见 [中间件部署](#中间件部署) +#### 5. 创建服务 -### 步骤 6: 部署微服务 +1. 点击「应用负载」→「服务」→「创建」 +2. 配置服务端口映射 -```bash -# 部署所有微服务 -kubectl apply -f deployments/ +#### 6. 创建应用路由 -# 或逐个部署 -kubectl apply -f deployments/wms-basic-deployment.yaml -kubectl apply -f deployments/wms-inbound-deployment.yaml -kubectl apply -f deployments/wms-outbound-deployment.yaml -kubectl apply -f deployments/wms-inventory-deployment.yaml -kubectl apply -f deployments/wms-schedule-deployment.yaml -``` +1. 点击「应用负载」→「应用路由」→「创建」 +2. 配置域名和路由规则 -### 步骤 7: 部署网络和网关 +### 使用 KubeSphere 应用商店 -```bash -kubectl apply -f services.yaml -kubectl apply -f ingress.yaml -``` - -### 步骤 8: 配置自动扩缩容 - -```bash -kubectl apply -f hpa.yaml -``` +如果配置了应用商店,可以直接使用 Helm Chart 部署。 --- -## 中间件部署 +## 配置说明 -### 方式一:Helm 部署(推荐) +### 环境变量说明 -```bash -# 添加 Helm Repo -helm repo add bitnami https://charts.bitnami.com/bitnami -helm repo add minio https://charts.min.io/ -helm repo update +| 变量名 | 说明 | 默认值 | +|--------|------|--------| +| SPRING_PROFILES_ACTIVE | Spring 配置环境 | k8s | +| DB_HOST | 数据库主机 | cpte-wms-mysql | +| DB_PORT | 数据库端口 | 3306 | +| DB_NAME | 数据库名称 | cpte-wms | +| DB_USERNAME | 数据库用户名 | root | +| DB_PASSWORD | 数据库密码 | - | +| REDIS_HOST | Redis 主机 | redis-service | +| REDIS_PORT | Redis 端口 | 6379 | +| REDIS_PASSWORD | Redis 密码 | - | -# 部署 MySQL -helm install mysql bitnami/mysql \ - -f helm/mysql-values.yaml \ - -n wms-system +### 资源配置调整 -# 部署 Redis -helm install redis bitnami/redis \ - -f helm/redis-values.yaml \ - -n wms-system - -# 部署 MinIO -helm install minio minio/minio \ - -f helm/minio-values.yaml \ - -n wms-system -``` - -### 方式二:使用已有中间件 - -如果已有 MySQL/Redis/MinIO 服务,只需修改 `secrets.yaml` 中的连接信息: +根据实际负载调整各服务的资源配置: ```yaml -# wms-redis-secret -stringData: - host: "已有 Redis 服务地址" - port: "6379" - password: "Redis 密码" - -# wms-mysql-secret -stringData: - host: "已有 MySQL 服务地址" - port: "3306" - username: "数据库用户名" - password: "数据库密码" - -# wms-minio-secret -stringData: - access-key: "MinIO 访问密钥" - secret-key: "MinIO 密钥" - endpoint: "http://minio 地址:9000" +resources: + requests: + memory: "512Mi" + cpu: "250m" + limits: + memory: "1Gi" + cpu: "1000m" ``` ---- +### 副本数调整 -## 验证和测试 +修改 `replicas` 字段调整副本数: -### 1. 检查 Pod 状态 - -```bash -kubectl get pods -n wms-system -o wide -``` - -期望输出: -``` -NAME READY STATUS RESTARTS AGE -wms-basic-service-xxxxx-xxxxx 1/1 Running 0 5m -wms-inbound-service-xxxxx-xxxxx 1/1 Running 0 5m -wms-outbound-service-xxxxx-xxxxx 1/1 Running 0 5m -wms-inventory-service-xxxxx-xxxxx 1/1 Running 0 5m -wms-schedule-service-xxxxx-xxxxx 1/1 Running 0 5m -``` - -### 2. 检查服务连接 - -```bash -# 测试基础服务 -kubectl exec -it deployment/wms-basic-service -n wms-system -- \ - curl -s http://localhost:8080/actuator/health - -# 查看服务日志 -kubectl logs -f deployment/wms-basic-service -n wms-system -``` - -### 3. 访问 API 接口 - -```bash -# 获取 Ingress 地址 -kubectl get ingress -n wms-system - -# 测试 API(替换为实际域名) -curl -k https://wms.yourcompany.com/api/wms/basic/health -curl -k https://wms.yourcompany.com/doc.html -``` - -### 4. 访问 MinIO 控制台 - -```bash -# 获取 MinIO 控制台地址 -kubectl get ingress -n wms-system | grep minio - -# 浏览器访问:https://minio-console.yourcompany.com -# 默认账号密码:minioadmin / minioadmin123 -``` - -### 5. 测试自动扩缩容 - -```bash -# 查看 HPA 状态 -kubectl get hpa -n wms-system - -# 模拟负载测试 -kubectl run -i --tty load-tester --image=busybox --rm --restart=Never -- \ - while true; do wget -q -O- http://wms-basic-service.wms-system.svc.cluster.local/actuator/health; done +```yaml +spec: + replicas: 2 # 调整副本数 ``` --- ## 常见问题 -### Q1: Pod 无法启动 +### Q1: Pod 一直处于 Pending 状态 +**原因**:可能是存储类不存在或资源不足 + +**解决**: ```bash -# 查看 Pod 详情 -kubectl describe pod -n wms-system +# 检查存储类 +kubectl get storageclass -# 查看日志 -kubectl logs -n wms-system - -# 常见问题: -# 1. 镜像拉取失败 -> 检查镜像地址和仓库凭证 -# 2. 数据库连接失败 -> 检查 Secret 配置 -# 3. 健康检查失败 -> 增加 startupProbe 的 failureThreshold +# 检查事件 +kubectl describe pod -n cpte-wms ``` -### Q2: 无法访问服务 +### Q2: 服务无法启动 +**原因**:可能是数据库未就绪或配置错误 + +**解决**: +```bash +# 查看日志 +kubectl logs -n cpte-wms + +# 检查数据库连接 +kubectl exec -it -n cpte-wms -- mysql -uroot -p +``` + +### Q3: Ingress 无法访问 + +**原因**:可能是 Ingress Controller 未安装或域名解析问题 + +**解决**: ```bash # 检查 Ingress Controller -kubectl get pods -n ingress-nginx +kubectl get svc -n ingress-nginx -# 检查 Ingress 配置 -kubectl describe ingress wms-ingress -n wms-system - -# 检查 DNS 解析 -nslookup wms.yourcompany.com +# 检查 Ingress 状态 +kubectl describe ingress -n cpte-wms ``` -### Q3: HPA 不工作 +### Q4: 镜像拉取失败 +**原因**:镜像不存在或仓库认证问题 + +**解决**: ```bash -# 检查 Metrics Server -kubectl get pods -n kube-system | grep metrics-server +# 创建镜像拉取密钥 +kubectl create secret docker-registry regcred \ + --docker-server= \ + --docker-username= \ + --docker-password= \ + -n cpte-wms -# 查看 HPA 详情 -kubectl describe hpa wms-basic-hpa -n wms-system - -# 确保 Pod 有 resources 配置 -kubectl get deployment wms-basic-service -n wms-system -o yaml +# 在 Deployment 中添加 imagePullSecrets ``` -### Q4: 存储卷挂载失败 +### Q5: 数据库连接超时 -```bash -# 检查 StorageClass -kubectl get sc +**原因**:MySQL 未完全启动 -# 检查 PVC 状态 -kubectl get pvc -n wms-system - -# 查看 NFS Provisioner 日志 -kubectl logs -n kube-system -l app=nfs-subdir-external-provisioner -``` - -### Q5: 数据库初始化 - -```bash -# 连接 MySQL -kubectl run -it --rm --image=mysql:8.0 --restart=Never mysql-client \ - -- mysql -h mysql-primary.wms-system.svc.cluster.local -u root -p - -# 创建数据库 -CREATE DATABASE IF NOT EXISTS `cpte-wms` DEFAULT CHARACTER SET utf8mb4; -``` +**解决**:检查 initContainers 是否正常等待 MySQL 就绪 --- -## 监控和运维 +## 运维命令 -### 查看监控指标 - -1. 登录 KubeSphere 控制台 -2. 进入"可观察性" -> "监控" -3. 选择 wms-system 命名空间 - -### 配置告警 - -1. 进入"告警管理" -> "告警策略" -2. 创建新的告警规则 -3. 配置通知渠道(邮件/钉钉/企业微信) - -### 日志查询 - -1. 进入"可观察性" -> "日志" -2. 选择命名空间:wms-system -3. 选择容器进行查询 - ---- - -## 升级和回滚 - -### 升级微服务 +### 日常运维 ```bash -# 更新镜像版本 -kubectl set image deployment/wms-basic-service \ - wms-basic=registry.yourcompany.com/wms/cpte-wms-basic-service:v3.8.4 \ - -n wms-system +# 查看所有资源状态 +kubectl get all -n cpte-wms -# 查看升级状态 -kubectl rollout status deployment/wms-basic-service -n wms-system +# 重启服务 +kubectl rollout restart deployment/cpte-wms-system -n cpte-wms + +# 扩缩容 +kubectl scale deployment/cpte-wms-system --replicas=3 -n cpte-wms + +# 查看资源使用 +kubectl top pods -n cpte-wms + +# 进入容器 +kubectl exec -it -n cpte-wms -- /bin/sh ``` -### 回滚 +### 备份与恢复 ```bash -# 回滚到上一版本 -kubectl rollout undo deployment/wms-basic-service -n wms-system +# 备份 MySQL +kubectl exec -n cpte-wms -- mysqldump -uroot -p cpte-wms > backup.sql -# 回滚到指定版本 -kubectl rollout undo deployment/wms-basic-service:2 -n wms-system +# 备份 PVC +kubectl get pvc -n cpte-wms -o yaml > pvc-backup.yaml +``` + +### 日志查看 + +```bash +# 查看服务日志 +kubectl logs -f deployment/cpte-wms-system -n cpte-wms + +# 查看最近 100 行日志 +kubectl logs --tail=100 deployment/cpte-wms-system -n cpte-wms + +# 查看所有容器日志 +kubectl logs -f deployment/cpte-wms-system -n cpte-wms --all-containers ``` --- ## 联系支持 -如有问题,请联系: -- 技术支持:cpte@163.com -- 文档:http://www.cpte.com/docs +如有问题,请联系: +- 邮箱:cpte@163.com +- 网站:http://www.cpte.com diff --git a/k8s/configmap.yaml b/k8s/configmap.yaml deleted file mode 100644 index 445e308..0000000 --- a/k8s/configmap.yaml +++ /dev/null @@ -1,155 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: wms-common-config - namespace: wms-system - labels: - app: cpte-wms -data: - APPLICATION_YML: | - spring: - application: - name: cpte-wms - profiles: - active: k8s - - jackson: - date-format: yyyy-MM-dd HH:mm:ss - time-zone: GMT+8 - - servlet: - multipart: - max-file-size: 10MB - max-request-size: 10MB - - data: - redis: - host: ${REDIS_HOST:redis-master.wms-system.svc.cluster.local} - port: ${REDIS_PORT:6379} - password: ${REDIS_PASSWORD:} - database: 0 - timeout: 5000ms - lettuce: - pool: - max-active: 8 - max-idle: 8 - min-idle: 0 - - datasource: - type: com.alibaba.druid.pool.DruidDataSource - driver-class-name: com.mysql.cj.jdbc.Driver - url: jdbc:mysql://${MYSQL_HOST:mysql-primary.wms-system.svc.cluster.local}:${MYSQL_PORT:3306}/cpte-wms?characterEncoding=UTF-8&useUnicode=true&useSSL=false&tinyInt1isBit=false&allowPublicKeyRetrieval=true&serverTimezone=Asia/Shanghai&rewriteBatchedStatements=true - username: ${MYSQL_USERNAME:wms_user} - password: ${MYSQL_PASSWORD:} - druid: - initial-size: 5 - min-idle: 5 - max-active: 20 - max-wait: 60000 - time-between-eviction-runs-millis: 60000 - min-evictable-idle-time-millis: 300000 - validation-query: SELECT 1 - test-while-idle: true - test-on-borrow: false - test-on-return: false - pool-prepared-statements: true - max-pool-prepared-statement-per-connection-size: 20 - filters: stat,slf4j - stat: - slow-sql-millis: 5000 - merge-sql: true - - mybatis-plus: - mapper-locations: classpath*:org/jeecg/**/xml/*Mapper.xml,classpath*:org/cpte/**/xml/*Mapper.xml - global-config: - banner: false - db-config: - id-type: ASSIGN_ID - table-underline: true - configuration: - call-setters-on-nulls: true - - jeecg: - signatureSecret: dd05f1c54d63749eda95f9fa6d49v442a - uploadType: minio - domainUrl: - pc: http://wms-gateway.wms-system.svc.cluster.local - app: http://wms-gateway.wms-system.svc.cluster.local - path: - upload: /data/upload - webapp: /data/webapp - minio: - minio_url: ${MINIO_ENDPOINT:http://minio.wms-system.svc.cluster.local:9000} - minio_name: ${MINIO_ACCESS_KEY:minioadmin} - minio_pass: ${MINIO_SECRET_KEY:minioadmin123} - bucketName: wms-files - - minidao: - base-package: org.jeecg.modules.jmreport.*,org.jeecg.modules.drag.* - - knife4j: - enable: true - production: false - - logging: - level: - root: INFO - org.jeecg: INFO - org.cpte: INFO - com.alibaba.druid: DEBUG - pattern: - console: "%d{yyyy-MM-dd HH:mm:ss.SSS} [%thread] %-5level %logger{50} - %msg%n" - file: "%d{yyyy-MM-dd HH:mm:ss.SSS} [%thread] %-5level %logger{50} - %msg%n" - file: - name: /app/logs/application.log - max-size: 100MB - max-history: 30 - - FEIGN_CONFIG: | - feign: - client: - config: - default: - connectTimeout: 5000 - readTimeout: 10000 - loggerLevel: BASIC - compression: - request: - enabled: true - response: - enabled: true - okhttp: - enabled: true - - spring: - cloud: - loadbalancer: - retry: - enabled: true - cache: - ttl: 30000 - - ACTUATOR_CONFIG: | - management: - endpoints: - web: - exposure: - include: health,info,metrics,prometheus - endpoint: - health: - show-details: always - probes: - enabled: true - metrics: - export: - prometheus: - enabled: true - health: - livenessState: - enabled: true - readinessState: - enabled: true - - MINIO_ENDPOINT: "http://minio.wms-system.svc.cluster.local:9000" - WMS_VERSION: "3.8.3" - ENVIRONMENT: "kubernetes" diff --git a/k8s/deploy.sh b/k8s/deploy.sh deleted file mode 100644 index 2c1665e..0000000 --- a/k8s/deploy.sh +++ /dev/null @@ -1,320 +0,0 @@ -#!/bin/bash - -############################################################################### -# WMS 微服务 Kubernetes 部署脚本 -# 适用于 KubeSphere 3.4.x + Kubernetes 1.28.x -############################################################################### - -set -e - -# 颜色定义 -RED='\033[0;31m' -GREEN='\033[0;32m' -YELLOW='\033[1;33m' -BLUE='\033[0;34m' -NC='\033[0m' # No Color - -# 日志函数 -log_info() { - echo -e "${GREEN}[INFO]${NC} $1" -} - -log_warn() { - echo -e "${YELLOW}[WARN]${NC} $1" -} - -log_error() { - echo -e "${RED}[ERROR]${NC} $1" -} - -log_step() { - echo -e "${BLUE}[STEP]${NC} $1" -} - -# 检查 kubectl 连接 -check_kubectl() { - log_step "检查 kubectl 连接..." - if ! kubectl cluster-info &> /dev/null; then - log_error "无法连接到 Kubernetes 集群,请检查 kubeconfig 配置" - exit 1 - fi - log_info "Kubernetes 集群连接正常" -} - -# 创建命名空间和资源配额 -create_namespace() { - log_step "创建命名空间和资源配额..." - kubectl apply -f namespace.yaml - log_info "命名空间 wms-system 创建完成" -} - -# 创建 Secret -create_secrets() { - log_step "创建 Secret 配置..." - - # 提示用户修改敏感信息 - log_warn "请确保已修改 secrets.yaml 中的敏感信息(密码、证书等)" - read -p "按回车键继续创建 Secret..." - - kubectl apply -f secrets.yaml - log_info "Secret 创建完成" -} - -# 创建 ConfigMap -create_configmap() { - log_step "创建 ConfigMap..." - kubectl apply -f configmap.yaml - log_info "ConfigMap 创建完成" -} - -# 创建 PVC -create_pvc() { - log_step "创建持久化存储..." - kubectl apply -f pvc.yaml - log_info "PVC 创建完成" -} - -# 部署中间件(MySQL/Redis/MinIO) -deploy_middleware() { - log_step "部署中间件..." - - echo "选择部署方式:" - echo "1) 使用 Helm 部署(推荐)" - echo "2) 手动部署(已有中间件)" - echo "3) 跳过中间件部署" - read -p "请选择 [1-3]: " middleware_choice - - case $middleware_choice in - 1) - log_info "使用 Helm 部署中间件..." - - # 添加 Helm Repo - helm repo add bitnami https://charts.bitnami.com/bitnami - helm repo add minio https://charts.min.io/ - helm repo update - - # 部署 MySQL - log_step "部署 MySQL..." - helm install mysql bitnami/mysql -f helm/mysql-values.yaml -n wms-system - - # 部署 Redis - log_step "部署 Redis..." - helm install redis bitnami/redis -f helm/redis-values.yaml -n wms-system - - # 部署 MinIO - log_step "部署 MinIO..." - helm install minio minio/minio -f helm/minio-values.yaml -n wms-system - - log_info "等待中间件就绪..." - kubectl rollout status deployment/mysql-primary -n wms-system - kubectl rollout status statefulset/redis-master -n wms-system - kubectl rollout status statefulset/minio -n wms-system - ;; - 2) - log_warn "请确保已有 MySQL/Redis/MinIO 服务,并修改 secrets.yaml 中的连接信息" - read -p "按回车键继续..." - ;; - 3) - log_warn "跳过中间件部署" - ;; - *) - log_error "无效选择" - exit 1 - ;; - esac -} - -# 部署微服务 -deploy_services() { - log_step "部署 WMS 微服务..." - - # 应用所有 Deployment - for file in deployments/*.yaml; do - log_info "部署:$file" - kubectl apply -f "$file" - done - - log_info "等待 Deployment 就绪..." - kubectl rollout status deployment/wms-basic-service -n wms-system - kubectl rollout status deployment/wms-inbound-service -n wms-system - kubectl rollout status deployment/wms-outbound-service -n wms-system - kubectl rollout status deployment/wms-inventory-service -n wms-system - kubectl rollout status deployment/wms-schedule-service -n wms-system -} - -# 部署 Service 和 Ingress -deploy_network() { - log_step "部署 Service 和 Ingress..." - kubectl apply -f services.yaml - kubectl apply -f ingress.yaml - log_info "网络和网关配置完成" -} - -# 部署 HPA -deploy_hpa() { - log_step "配置自动扩缩容..." - kubectl apply -f hpa.yaml - log_info "HPA 配置完成" -} - -# 检查部署状态 -check_status() { - log_step "检查部署状态..." - echo "" - echo "=== Pod 状态 ===" - kubectl get pods -n wms-system - echo "" - echo "=== Service 状态 ===" - kubectl get services -n wms-system - echo "" - echo "=== Ingress 状态 ===" - kubectl get ingress -n wms-system - echo "" - echo "=== HPA 状态 ===" - kubectl get hpa -n wms-system - echo "" - echo "=== PVC 状态 ===" - kubectl get pvc -n wms-system -} - -# 查看日志 -view_logs() { - echo "选择要查看日志的服务:" - echo "1) wms-basic-service" - echo "2) wms-inbound-service" - echo "3) wms-outbound-service" - echo "4) wms-inventory-service" - echo "5) wms-schedule-service" - echo "6) 全部服务" - read -p "请选择 [1-6]: " log_choice - - case $log_choice in - 1) - kubectl logs -f deployment/wms-basic-service -n wms-system - ;; - 2) - kubectl logs -f deployment/wms-inbound-service -n wms-system - ;; - 3) - kubectl logs -f deployment/wms-outbound-service -n wms-system - ;; - 4) - kubectl logs -f deployment/wms-inventory-service -n wms-system - ;; - 5) - kubectl logs -f deployment/wms-schedule-service -n wms-system - ;; - 6) - kubectl logs -l app.kubernetes.io/part-of=cpte-wms -f -n wms-system - ;; - *) - log_error "无效选择" - ;; - esac -} - -# 卸载部署 -uninstall() { - log_warn "此操作将卸载所有 WMS 相关资源!" - read -p "确认继续?[y/N]: " confirm - - if [ "$confirm" = "y" ] || [ "$confirm" = "Y" ]; then - log_step "卸载 WMS 微服务..." - kubectl delete -f deployments/ -n wms-system - kubectl delete -f hpa.yaml -n wms-system - kubectl delete -f ingress.yaml -n wms-system - kubectl delete -f services.yaml -n wms-system - kubectl delete -f configmap.yaml -n wms-system - kubectl delete -f secrets.yaml -n wms-system - kubectl delete -f pvc.yaml -n wms-system - kubectl delete -f namespace.yaml - - log_info "卸载完成" - else - log_info "取消卸载" - fi -} - -# 主菜单 -show_menu() { - echo "" - echo "=========================================" - echo " WMS 微服务 Kubernetes 部署脚本" - echo "=========================================" - echo "1) 完整部署(一键部署所有组件)" - echo "2) 创建命名空间" - echo "3) 创建 Secret 和 ConfigMap" - echo "4) 部署中间件(MySQL/Redis/MinIO)" - echo "5) 部署微服务" - echo "6) 部署网络和网关" - echo "7) 配置 HPA" - echo "8) 查看部署状态" - echo "9) 查看日志" - echo "10) 卸载部署" - echo "0) 退出" - echo "=========================================" -} - -# 主函数 -main() { - cd "$(dirname "$0")" - - while true; do - show_menu - read -p "请选择操作 [0-10]: " choice - - case $choice in - 1) - check_kubectl - create_namespace - create_secrets - create_configmap - create_pvc - deploy_middleware - deploy_services - deploy_network - deploy_hpa - check_status - log_info "🎉 部署完成!" - ;; - 2) - create_namespace - ;; - 3) - create_secrets - create_configmap - ;; - 4) - deploy_middleware - ;; - 5) - deploy_services - ;; - 6) - deploy_network - ;; - 7) - deploy_hpa - ;; - 8) - check_status - ;; - 9) - view_logs - ;; - 10) - uninstall - ;; - 0) - log_info "退出" - exit 0 - ;; - *) - log_error "无效选择,请重新输入" - ;; - esac - done -} - -# 执行主函数 -main diff --git a/k8s/deployments/wms-basic-deployment.yaml b/k8s/deployments/wms-basic-deployment.yaml deleted file mode 100644 index 1af3d69..0000000 --- a/k8s/deployments/wms-basic-deployment.yaml +++ /dev/null @@ -1,156 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: wms-basic-service - namespace: wms-system - labels: - app: wms-basic - version: v1 - app.kubernetes.io/name: wms-basic - app.kubernetes.io/part-of: cpte-wms -spec: - replicas: 2 - selector: - matchLabels: - app: wms-basic - version: v1 - template: - metadata: - labels: - app: wms-basic - version: v1 - annotations: - prometheus.io/scrape: "true" - prometheus.io/port: "8080" - prometheus.io/path: "/actuator/prometheus" - spec: - containers: - - name: wms-basic - image: registry.yourcompany.com/wms/cpte-wms-basic-service:latest - imagePullPolicy: Always - ports: - - containerPort: 8080 - name: http - protocol: TCP - - containerPort: 8080 - name: http-metrics - protocol: TCP - env: - - name: SPRING_PROFILES_ACTIVE - value: "k8s" - - name: SERVER_PORT - value: "8080" - - name: REDIS_HOST - valueFrom: - secretKeyRef: - name: wms-redis-secret - key: host - - name: REDIS_PORT - valueFrom: - secretKeyRef: - name: wms-redis-secret - key: port - - name: REDIS_PASSWORD - valueFrom: - secretKeyRef: - name: wms-redis-secret - key: password - - name: MYSQL_HOST - valueFrom: - secretKeyRef: - name: wms-mysql-secret - key: host - - name: MYSQL_PORT - valueFrom: - secretKeyRef: - name: wms-mysql-secret - key: port - - name: MYSQL_USERNAME - valueFrom: - secretKeyRef: - name: wms-mysql-secret - key: username - - name: MYSQL_PASSWORD - valueFrom: - secretKeyRef: - name: wms-mysql-secret - key: password - - name: MINIO_ENDPOINT - valueFrom: - configMapKeyRef: - name: wms-common-config - key: MINIO_ENDPOINT - - name: MINIO_ACCESS_KEY - valueFrom: - secretKeyRef: - name: wms-minio-secret - key: access-key - - name: MINIO_SECRET_KEY - valueFrom: - secretKeyRef: - name: wms-minio-secret - key: secret-key - resources: - requests: - cpu: "500m" - memory: "512Mi" - limits: - cpu: "2" - memory: "4Gi" - livenessProbe: - httpGet: - path: /actuator/health/liveness - port: 8080 - initialDelaySeconds: 60 - periodSeconds: 10 - timeoutSeconds: 5 - failureThreshold: 3 - readinessProbe: - httpGet: - path: /actuator/health/readiness - port: 8080 - initialDelaySeconds: 30 - periodSeconds: 10 - timeoutSeconds: 5 - failureThreshold: 3 - startupProbe: - httpGet: - path: /actuator/health - port: 8080 - initialDelaySeconds: 0 - periodSeconds: 5 - timeoutSeconds: 3 - failureThreshold: 60 - volumeMounts: - - name: upload-volume - mountPath: /data/upload - - name: logs-volume - mountPath: /app/logs - - name: config-volume - mountPath: /app/config - volumes: - - name: upload-volume - persistentVolumeClaim: - claimName: wms-upload-pvc - - name: logs-volume - emptyDir: {} - - name: config-volume - configMap: - name: wms-common-config - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 100 - podAffinityTerm: - labelSelector: - matchExpressions: - - key: app - operator: In - values: - - wms-basic - topologyKey: kubernetes.io/hostname - terminationGracePeriodSeconds: 30 - serviceAccountName: default - securityContext: - runAsNonRoot: true - fsGroup: 1000 diff --git a/k8s/deployments/wms-inbound-deployment.yaml b/k8s/deployments/wms-inbound-deployment.yaml deleted file mode 100644 index 9f55ed5..0000000 --- a/k8s/deployments/wms-inbound-deployment.yaml +++ /dev/null @@ -1,147 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: wms-inbound-service - namespace: wms-system - labels: - app: wms-inbound - version: v1 - app.kubernetes.io/name: wms-inbound - app.kubernetes.io/part-of: cpte-wms -spec: - replicas: 2 - selector: - matchLabels: - app: wms-inbound - version: v1 - template: - metadata: - labels: - app: wms-inbound - version: v1 - annotations: - prometheus.io/scrape: "true" - prometheus.io/port: "8080" - prometheus.io/path: "/actuator/prometheus" - spec: - containers: - - name: wms-inbound - image: registry.yourcompany.com/wms/cpte-wms-inbound-service:latest - imagePullPolicy: Always - ports: - - containerPort: 8080 - name: http - protocol: TCP - env: - - name: SPRING_PROFILES_ACTIVE - value: "k8s" - - name: SERVER_PORT - value: "8080" - - name: REDIS_HOST - valueFrom: - secretKeyRef: - name: wms-redis-secret - key: host - - name: REDIS_PORT - valueFrom: - secretKeyRef: - name: wms-redis-secret - key: port - - name: REDIS_PASSWORD - valueFrom: - secretKeyRef: - name: wms-redis-secret - key: password - - name: MYSQL_HOST - valueFrom: - secretKeyRef: - name: wms-mysql-secret - key: host - - name: MYSQL_PORT - valueFrom: - secretKeyRef: - name: wms-mysql-secret - key: port - - name: MYSQL_USERNAME - valueFrom: - secretKeyRef: - name: wms-mysql-secret - key: username - - name: MYSQL_PASSWORD - valueFrom: - secretKeyRef: - name: wms-mysql-secret - key: password - - name: MINIO_ENDPOINT - valueFrom: - configMapKeyRef: - name: wms-common-config - key: MINIO_ENDPOINT - - name: MINIO_ACCESS_KEY - valueFrom: - secretKeyRef: - name: wms-minio-secret - key: access-key - - name: MINIO_SECRET_KEY - valueFrom: - secretKeyRef: - name: wms-minio-secret - key: secret-key - resources: - requests: - cpu: "500m" - memory: "512Mi" - limits: - cpu: "2" - memory: "4Gi" - livenessProbe: - httpGet: - path: /actuator/health/liveness - port: 8080 - initialDelaySeconds: 60 - periodSeconds: 10 - timeoutSeconds: 5 - failureThreshold: 3 - readinessProbe: - httpGet: - path: /actuator/health/readiness - port: 8080 - initialDelaySeconds: 30 - periodSeconds: 10 - timeoutSeconds: 5 - failureThreshold: 3 - startupProbe: - httpGet: - path: /actuator/health - port: 8080 - initialDelaySeconds: 0 - periodSeconds: 5 - timeoutSeconds: 3 - failureThreshold: 60 - volumeMounts: - - name: logs-volume - mountPath: /app/logs - - name: config-volume - mountPath: /app/config - volumes: - - name: logs-volume - emptyDir: {} - - name: config-volume - configMap: - name: wms-common-config - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 100 - podAffinityTerm: - labelSelector: - matchExpressions: - - key: app - operator: In - values: - - wms-inbound - topologyKey: kubernetes.io/hostname - terminationGracePeriodSeconds: 30 - securityContext: - runAsNonRoot: true - fsGroup: 1000 diff --git a/k8s/deployments/wms-inventory-deployment.yaml b/k8s/deployments/wms-inventory-deployment.yaml deleted file mode 100644 index 8499145..0000000 --- a/k8s/deployments/wms-inventory-deployment.yaml +++ /dev/null @@ -1,147 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: wms-inventory-service - namespace: wms-system - labels: - app: wms-inventory - version: v1 - app.kubernetes.io/name: wms-inventory - app.kubernetes.io/part-of: cpte-wms -spec: - replicas: 2 - selector: - matchLabels: - app: wms-inventory - version: v1 - template: - metadata: - labels: - app: wms-inventory - version: v1 - annotations: - prometheus.io/scrape: "true" - prometheus.io/port: "8080" - prometheus.io/path: "/actuator/prometheus" - spec: - containers: - - name: wms-inventory - image: registry.yourcompany.com/wms/cpte-wms-inventory-service:latest - imagePullPolicy: Always - ports: - - containerPort: 8080 - name: http - protocol: TCP - env: - - name: SPRING_PROFILES_ACTIVE - value: "k8s" - - name: SERVER_PORT - value: "8080" - - name: REDIS_HOST - valueFrom: - secretKeyRef: - name: wms-redis-secret - key: host - - name: REDIS_PORT - valueFrom: - secretKeyRef: - name: wms-redis-secret - key: port - - name: REDIS_PASSWORD - valueFrom: - secretKeyRef: - name: wms-redis-secret - key: password - - name: MYSQL_HOST - valueFrom: - secretKeyRef: - name: wms-mysql-secret - key: host - - name: MYSQL_PORT - valueFrom: - secretKeyRef: - name: wms-mysql-secret - key: port - - name: MYSQL_USERNAME - valueFrom: - secretKeyRef: - name: wms-mysql-secret - key: username - - name: MYSQL_PASSWORD - valueFrom: - secretKeyRef: - name: wms-mysql-secret - key: password - - name: MINIO_ENDPOINT - valueFrom: - configMapKeyRef: - name: wms-common-config - key: MINIO_ENDPOINT - - name: MINIO_ACCESS_KEY - valueFrom: - secretKeyRef: - name: wms-minio-secret - key: access-key - - name: MINIO_SECRET_KEY - valueFrom: - secretKeyRef: - name: wms-minio-secret - key: secret-key - resources: - requests: - cpu: "500m" - memory: "512Mi" - limits: - cpu: "2" - memory: "4Gi" - livenessProbe: - httpGet: - path: /actuator/health/liveness - port: 8080 - initialDelaySeconds: 60 - periodSeconds: 10 - timeoutSeconds: 5 - failureThreshold: 3 - readinessProbe: - httpGet: - path: /actuator/health/readiness - port: 8080 - initialDelaySeconds: 30 - periodSeconds: 10 - timeoutSeconds: 5 - failureThreshold: 3 - startupProbe: - httpGet: - path: /actuator/health - port: 8080 - initialDelaySeconds: 0 - periodSeconds: 5 - timeoutSeconds: 3 - failureThreshold: 60 - volumeMounts: - - name: logs-volume - mountPath: /app/logs - - name: config-volume - mountPath: /app/config - volumes: - - name: logs-volume - emptyDir: {} - - name: config-volume - configMap: - name: wms-common-config - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 100 - podAffinityTerm: - labelSelector: - matchExpressions: - - key: app - operator: In - values: - - wms-inventory - topologyKey: kubernetes.io/hostname - terminationGracePeriodSeconds: 30 - securityContext: - runAsNonRoot: true - fsGroup: 1000 diff --git a/k8s/deployments/wms-outbound-deployment.yaml b/k8s/deployments/wms-outbound-deployment.yaml deleted file mode 100644 index 115c681..0000000 --- a/k8s/deployments/wms-outbound-deployment.yaml +++ /dev/null @@ -1,147 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: wms-outbound-service - namespace: wms-system - labels: - app: wms-outbound - version: v1 - app.kubernetes.io/name: wms-outbound - app.kubernetes.io/part-of: cpte-wms -spec: - replicas: 2 - selector: - matchLabels: - app: wms-outbound - version: v1 - template: - metadata: - labels: - app: wms-outbound - version: v1 - annotations: - prometheus.io/scrape: "true" - prometheus.io/port: "8080" - prometheus.io/path: "/actuator/prometheus" - spec: - containers: - - name: wms-outbound - image: registry.yourcompany.com/wms/cpte-wms-outbound-service:latest - imagePullPolicy: Always - ports: - - containerPort: 8080 - name: http - protocol: TCP - env: - - name: SPRING_PROFILES_ACTIVE - value: "k8s" - - name: SERVER_PORT - value: "8080" - - name: REDIS_HOST - valueFrom: - secretKeyRef: - name: wms-redis-secret - key: host - - name: REDIS_PORT - valueFrom: - secretKeyRef: - name: wms-redis-secret - key: port - - name: REDIS_PASSWORD - valueFrom: - secretKeyRef: - name: wms-redis-secret - key: password - - name: MYSQL_HOST - valueFrom: - secretKeyRef: - name: wms-mysql-secret - key: host - - name: MYSQL_PORT - valueFrom: - secretKeyRef: - name: wms-mysql-secret - key: port - - name: MYSQL_USERNAME - valueFrom: - secretKeyRef: - name: wms-mysql-secret - key: username - - name: MYSQL_PASSWORD - valueFrom: - secretKeyRef: - name: wms-mysql-secret - key: password - - name: MINIO_ENDPOINT - valueFrom: - configMapKeyRef: - name: wms-common-config - key: MINIO_ENDPOINT - - name: MINIO_ACCESS_KEY - valueFrom: - secretKeyRef: - name: wms-minio-secret - key: access-key - - name: MINIO_SECRET_KEY - valueFrom: - secretKeyRef: - name: wms-minio-secret - key: secret-key - resources: - requests: - cpu: "500m" - memory: "512Mi" - limits: - cpu: "2" - memory: "4Gi" - livenessProbe: - httpGet: - path: /actuator/health/liveness - port: 8080 - initialDelaySeconds: 60 - periodSeconds: 10 - timeoutSeconds: 5 - failureThreshold: 3 - readinessProbe: - httpGet: - path: /actuator/health/readiness - port: 8080 - initialDelaySeconds: 30 - periodSeconds: 10 - timeoutSeconds: 5 - failureThreshold: 3 - startupProbe: - httpGet: - path: /actuator/health - port: 8080 - initialDelaySeconds: 0 - periodSeconds: 5 - timeoutSeconds: 3 - failureThreshold: 60 - volumeMounts: - - name: logs-volume - mountPath: /app/logs - - name: config-volume - mountPath: /app/config - volumes: - - name: logs-volume - emptyDir: {} - - name: config-volume - configMap: - name: wms-common-config - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 100 - podAffinityTerm: - labelSelector: - matchExpressions: - - key: app - operator: In - values: - - wms-outbound - topologyKey: kubernetes.io/hostname - terminationGracePeriodSeconds: 30 - securityContext: - runAsNonRoot: true - fsGroup: 1000 diff --git a/k8s/deployments/wms-schedule-deployment.yaml b/k8s/deployments/wms-schedule-deployment.yaml deleted file mode 100644 index 462febb..0000000 --- a/k8s/deployments/wms-schedule-deployment.yaml +++ /dev/null @@ -1,147 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: wms-schedule-service - namespace: wms-system - labels: - app: wms-schedule - version: v1 - app.kubernetes.io/name: wms-schedule - app.kubernetes.io/part-of: cpte-wms -spec: - replicas: 2 - selector: - matchLabels: - app: wms-schedule - version: v1 - template: - metadata: - labels: - app: wms-schedule - version: v1 - annotations: - prometheus.io/scrape: "true" - prometheus.io/port: "8080" - prometheus.io/path: "/actuator/prometheus" - spec: - containers: - - name: wms-schedule - image: registry.yourcompany.com/wms/cpte-wms-schedule-service:latest - imagePullPolicy: Always - ports: - - containerPort: 8080 - name: http - protocol: TCP - env: - - name: SPRING_PROFILES_ACTIVE - value: "k8s" - - name: SERVER_PORT - value: "8080" - - name: REDIS_HOST - valueFrom: - secretKeyRef: - name: wms-redis-secret - key: host - - name: REDIS_PORT - valueFrom: - secretKeyRef: - name: wms-redis-secret - key: port - - name: REDIS_PASSWORD - valueFrom: - secretKeyRef: - name: wms-redis-secret - key: password - - name: MYSQL_HOST - valueFrom: - secretKeyRef: - name: wms-mysql-secret - key: host - - name: MYSQL_PORT - valueFrom: - secretKeyRef: - name: wms-mysql-secret - key: port - - name: MYSQL_USERNAME - valueFrom: - secretKeyRef: - name: wms-mysql-secret - key: username - - name: MYSQL_PASSWORD - valueFrom: - secretKeyRef: - name: wms-mysql-secret - key: password - - name: MINIO_ENDPOINT - valueFrom: - configMapKeyRef: - name: wms-common-config - key: MINIO_ENDPOINT - - name: MINIO_ACCESS_KEY - valueFrom: - secretKeyRef: - name: wms-minio-secret - key: access-key - - name: MINIO_SECRET_KEY - valueFrom: - secretKeyRef: - name: wms-minio-secret - key: secret-key - resources: - requests: - cpu: "500m" - memory: "512Mi" - limits: - cpu: "2" - memory: "4Gi" - livenessProbe: - httpGet: - path: /actuator/health/liveness - port: 8080 - initialDelaySeconds: 60 - periodSeconds: 10 - timeoutSeconds: 5 - failureThreshold: 3 - readinessProbe: - httpGet: - path: /actuator/health/readiness - port: 8080 - initialDelaySeconds: 30 - periodSeconds: 10 - timeoutSeconds: 5 - failureThreshold: 3 - startupProbe: - httpGet: - path: /actuator/health - port: 8080 - initialDelaySeconds: 0 - periodSeconds: 5 - timeoutSeconds: 3 - failureThreshold: 60 - volumeMounts: - - name: logs-volume - mountPath: /app/logs - - name: config-volume - mountPath: /app/config - volumes: - - name: logs-volume - emptyDir: {} - - name: config-volume - configMap: - name: wms-common-config - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 100 - podAffinityTerm: - labelSelector: - matchExpressions: - - key: app - operator: In - values: - - wms-schedule - topologyKey: kubernetes.io/hostname - terminationGracePeriodSeconds: 30 - securityContext: - runAsNonRoot: true - fsGroup: 1000 diff --git a/k8s/extension-config.yaml b/k8s/extension-config.yaml deleted file mode 100644 index 371f89c..0000000 --- a/k8s/extension-config.yaml +++ /dev/null @@ -1,84 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: extension-configuration - namespace: wms-system - labels: - app: cpte-wms -data: - enabled-extensions: | - { - "core": [ - "Metrics Server", - "KubeSphere 网关", - "KubeSphere 网络", - "KubeSphere 存储" - ], - "observability": [ - "WizTelemetry 监控", - "WizTelemetry 日志", - "WizTelemetry 告警", - "WizTelemetry 通知", - "WizTelemetry 事件", - "WizTelemetry 审计", - "WizTelemetry 全局监控", - "KubeEye 巡检" - ], - "devops": [ - "DevOps", - "镜像构建器" - ], - "security": [ - "cert-manager", - "OAuth2-Proxy", - "Gatekeeper" - ], - "application": [ - "KubeSphere 应用商店管理", - "KubeSphere 应用路由工具" - ], - "integration": [ - "KubeSphere Spring Cloud", - "KEDA for KubeSphere" - ], - "optional": [ - "WizTelemetry 链路追踪" - ] - } - - recommended-for-wms: | - # WMS 微服务推荐启用的扩展组件 - - ## 必需组件 (必须启用) - 1. Metrics Server - HPA 自动扩缩容基础 - 2. KubeSphere 网关 - 服务暴露和路由 - 3. KubeSphere 网络 - 网络策略管理 - 4. KubeSphere 存储 - 动态存储卷供应 - 5. WizTelemetry 监控 - 指标收集和可视化 - 6. WizTelemetry 日志 - 日志集中管理 - 7. WizTelemetry 告警 - 告警规则管理 - 8. WizTelemetry 通知 - 告警通知渠道 - 9. DevOps - CI/CD流水线 - 10. 镜像构建器 - 自动构建镜像 - - ## 推荐组件 (强烈建议启用) - 11. WizTelemetry 事件 - K8s 事件管理 - 12. WizTelemetry 审计 - 操作审计 - 13. WizTelemetry 全局监控 - 全局视图 - 14. KubeEye 巡检 - 集群健康检查 - 15. cert-manager - TLS 证书自动管理 - 16. OAuth2-Proxy - 统一认证代理 - 17. KubeSphere Spring Cloud - Spring 微服务集成 - 18. KEDA for KubeSphere - 事件驱动自动扩缩容 - - ## 可选组件 (按需启用) - 19. KubeSphere 应用商店管理 - 应用生命周期管理 - 20. KubeSphere 应用路由工具 - 应用级路由 - 21. WizTelemetry 链路追踪 - 分布式链路追踪 - 22. Gatekeeper - 策略管理(生产环境) - - ## 不需要启用的组件 - - 所有 AI/ML 相关组件(算力设备管理、DeepSeek、KAITO、NVIDIA 相关) - - 多集群相关组件(Karmada、联邦集群) - - 专用数据库(ob-operator、OceanBase) - - 服务网格(Istio、KubeSphere 服务网格)- 复杂度高 diff --git a/k8s/helm/minio-values.yaml b/k8s/helm/minio-values.yaml deleted file mode 100644 index f70ca51..0000000 --- a/k8s/helm/minio-values.yaml +++ /dev/null @@ -1,95 +0,0 @@ -# MinIO Helm Chart Values for WMS - -mode: distributed - -replicas: 4 - -resources: - requests: - cpu: 250m - memory: 1Gi - limits: - cpu: 1 - memory: 4Gi - -persistence: - enabled: true - size: 100Gi - storageClass: nfs-sc - -rootUser: minioadmin -rootPassword: minioadmin123 - -defaultBucket: - enabled: true - name: wms-files - policy: none - purge: false - -buckets: - - name: wms-files - - name: wms-backup - - name: wms-temp - -environment: - MINIO_BROWSER: "on" - MINIO_UPDATE: "off" - MINIO_PROMETHEUS_URL: "http://prometheus-k8s.monitoring.svc.cluster.local:9090" - -metrics: - serviceMonitor: - enabled: true - namespace: wms-system - interval: 30s - -ingress: - enabled: true - ingressClassName: nginx - hosts: - - minio.yourcompany.com - tls: [] - -console: - enabled: true - servicePort: 9001 - ingress: - enabled: true - ingressClassName: nginx - hosts: - - minio-console.yourcompany.com - -service: - type: ClusterIP - port: 9000 - -podSecurityContext: - enabled: true - fsGroup: 1000 - runAsUser: 1000 - runAsNonRoot: true - -containerSecurityContext: - enabled: true - runAsUser: 1000 - runAsNonRoot: true - -livenessProbe: - enabled: true - initialDelaySeconds: 60 - periodSeconds: 10 - timeoutSeconds: 5 - failureThreshold: 3 - -readinessProbe: - enabled: true - initialDelaySeconds: 30 - periodSeconds: 10 - timeoutSeconds: 5 - failureThreshold: 3 - -startupProbe: - enabled: true - initialDelaySeconds: 0 - periodSeconds: 5 - timeoutSeconds: 3 - failureThreshold: 30 diff --git a/k8s/helm/mysql-values.yaml b/k8s/helm/mysql-values.yaml deleted file mode 100644 index 9995ee9..0000000 --- a/k8s/helm/mysql-values.yaml +++ /dev/null @@ -1,114 +0,0 @@ -# MySQL Helm Chart Values for WMS -# 使用 Bitnami MySQL Chart - -primary: - persistence: - enabled: true - storageClass: nfs-sc - size: 50Gi - - resources: - requests: - cpu: 500m - memory: 1Gi - limits: - cpu: 2 - memory: 4Gi - - configuration: | - [mysqld] - default_authentication_plugin=mysql_native_password - skip-name-resolve - explicit_defaults_for_timestamp - basedir=/opt/bitnami/mysql - plugin_dir=/opt/bitnami/mysql/lib/plugin - port=3306 - socket=/opt/bitnami/mysql/tmp/mysql.sock - datadir=/bitnami/mysql/data - tmpdir=/opt/bitnami/mysql/tmp - max_allowed_packet=16M - bind-address=* - pid-file=/opt/bitnami/mysql/tmp/mysqld.pid - log-error=/opt/bitnami/mysql/logs/mysqld.log - character-set-server=UTF8 - collation-server=utf8_general_ci - - [client] - port=3306 - socket=/opt/bitnami/mysql/tmp/mysql.sock - default-character-set=UTF8 - plugin_dir=/opt/bitnami/mysql/lib/plugin - - [manager] - port=3306 - socket=/opt/bitnami/mysql/tmp/mysql.sock - pid-file=/opt/bitnami/mysql/tmp/mysqld.pid - - mysqlDatabase: cpte-wms - mysqlUser: wms_user - mysqlPassword: cpte@mysql123 - mysqlRootPassword: root@mysql123 - -secondary: - enabled: true - replicas: 1 - - persistence: - enabled: true - storageClass: nfs-sc - size: 50Gi - - resources: - requests: - cpu: 500m - memory: 1Gi - limits: - cpu: 2 - memory: 4Gi - -metrics: - enabled: true - serviceMonitor: - enabled: true - namespace: wms-system - interval: 30s - -service: - type: ClusterIP - ports: - mysql: 3306 - -volumePermissions: - enabled: true - -podSecurityContext: - enabled: true - fsGroup: 1001 - -containerSecurityContext: - enabled: true - runAsUser: 1001 - runAsNonRoot: true - -livenessProbe: - enabled: true - initialDelaySeconds: 60 - periodSeconds: 10 - timeoutSeconds: 5 - failureThreshold: 3 - successThreshold: 1 - -readinessProbe: - enabled: true - initialDelaySeconds: 30 - periodSeconds: 10 - timeoutSeconds: 5 - failureThreshold: 3 - successThreshold: 1 - -startupProbe: - enabled: true - initialDelaySeconds: 0 - periodSeconds: 5 - timeoutSeconds: 3 - failureThreshold: 60 diff --git a/k8s/helm/redis-values.yaml b/k8s/helm/redis-values.yaml deleted file mode 100644 index a14f94a..0000000 --- a/k8s/helm/redis-values.yaml +++ /dev/null @@ -1,126 +0,0 @@ -# Redis Helm Chart Values for WMS -# 使用 Bitnami Redis Chart - -architecture: replication - -auth: - enabled: true - sentinel: true - password: cpte@redis123 - -master: - count: 1 - - persistence: - enabled: true - storageClass: nfs-sc - size: 10Gi - - resources: - requests: - cpu: 250m - memory: 512Mi - limits: - cpu: 1 - memory: 2Gi - - configuration: | - maxmemory 1gb - maxmemory-policy allkeys-lru - appendonly yes - appendfsync everysec - - extraFlags: - - --maxmemory-policy allkeys-lru - - --appendonly yes - - --appendfsync everysec - -replica: - replicaCount: 2 - - persistence: - enabled: true - storageClass: nfs-sc - size: 10Gi - - resources: - requests: - cpu: 250m - memory: 512Mi - limits: - cpu: 1 - memory: 2Gi - - configuration: | - maxmemory 1gb - maxmemory-policy allkeys-lru - appendonly yes - appendfsync everysec - -sentinel: - enabled: true - masterSet: mymaster - initialCheckTimeout: 5 - quorum: 2 - downAfterMilliseconds: 5000 - failoverTimeout: 180000 - parallelSyncs: 1 - - persistence: - enabled: true - storageClass: nfs-sc - size: 1Gi - - resources: - requests: - cpu: 100m - memory: 128Mi - limits: - cpu: 500m - memory: 256Mi - -metrics: - enabled: true - serviceMonitor: - enabled: true - namespace: wms-system - interval: 30s - -service: - type: ClusterIP - -tls: - enabled: false - -volumePermissions: - enabled: true - -podSecurityContext: - enabled: true - fsGroup: 1001 - -containerSecurityContext: - enabled: true - runAsUser: 1001 - runAsNonRoot: true - -livenessProbe: - enabled: true - initialDelaySeconds: 30 - periodSeconds: 10 - timeoutSeconds: 5 - failureThreshold: 3 - -readinessProbe: - enabled: true - initialDelaySeconds: 15 - periodSeconds: 10 - timeoutSeconds: 5 - failureThreshold: 3 - -startupProbe: - enabled: true - initialDelaySeconds: 0 - periodSeconds: 5 - timeoutSeconds: 3 - failureThreshold: 30 diff --git a/k8s/hpa.yaml b/k8s/hpa.yaml deleted file mode 100644 index 1752796..0000000 --- a/k8s/hpa.yaml +++ /dev/null @@ -1,224 +0,0 @@ -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: wms-basic-hpa - namespace: wms-system - labels: - app: wms-basic -spec: - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: wms-basic-service - minReplicas: 2 - maxReplicas: 10 - metrics: - - type: Resource - resource: - name: cpu - target: - type: Utilization - averageUtilization: 70 - - type: Resource - resource: - name: memory - target: - type: Utilization - averageUtilization: 80 - behavior: - scaleDown: - stabilizationWindowSeconds: 300 - policies: - - type: Percent - value: 50 - periodSeconds: 60 - scaleUp: - stabilizationWindowSeconds: 0 - policies: - - type: Percent - value: 100 - periodSeconds: 15 - - type: Pods - value: 2 - periodSeconds: 15 - selectPolicy: Max ---- -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: wms-inbound-hpa - namespace: wms-system - labels: - app: wms-inbound -spec: - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: wms-inbound-service - minReplicas: 2 - maxReplicas: 10 - metrics: - - type: Resource - resource: - name: cpu - target: - type: Utilization - averageUtilization: 70 - - type: Resource - resource: - name: memory - target: - type: Utilization - averageUtilization: 80 - behavior: - scaleDown: - stabilizationWindowSeconds: 300 - policies: - - type: Percent - value: 50 - periodSeconds: 60 - scaleUp: - stabilizationWindowSeconds: 0 - policies: - - type: Percent - value: 100 - periodSeconds: 15 - - type: Pods - value: 2 - periodSeconds: 15 - selectPolicy: Max ---- -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: wms-outbound-hpa - namespace: wms-system - labels: - app: wms-outbound -spec: - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: wms-outbound-service - minReplicas: 2 - maxReplicas: 10 - metrics: - - type: Resource - resource: - name: cpu - target: - type: Utilization - averageUtilization: 70 - - type: Resource - resource: - name: memory - target: - type: Utilization - averageUtilization: 80 - behavior: - scaleDown: - stabilizationWindowSeconds: 300 - policies: - - type: Percent - value: 50 - periodSeconds: 60 - scaleUp: - stabilizationWindowSeconds: 0 - policies: - - type: Percent - value: 100 - periodSeconds: 15 - - type: Pods - value: 2 - periodSeconds: 15 - selectPolicy: Max ---- -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: wms-inventory-hpa - namespace: wms-system - labels: - app: wms-inventory -spec: - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: wms-inventory-service - minReplicas: 2 - maxReplicas: 10 - metrics: - - type: Resource - resource: - name: cpu - target: - type: Utilization - averageUtilization: 70 - - type: Resource - resource: - name: memory - target: - type: Utilization - averageUtilization: 80 - behavior: - scaleDown: - stabilizationWindowSeconds: 300 - policies: - - type: Percent - value: 50 - periodSeconds: 60 - scaleUp: - stabilizationWindowSeconds: 0 - policies: - - type: Percent - value: 100 - periodSeconds: 15 - - type: Pods - value: 2 - periodSeconds: 15 - selectPolicy: Max ---- -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: wms-schedule-hpa - namespace: wms-system - labels: - app: wms-schedule -spec: - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: wms-schedule-service - minReplicas: 2 - maxReplicas: 10 - metrics: - - type: Resource - resource: - name: cpu - target: - type: Utilization - averageUtilization: 70 - - type: Resource - resource: - name: memory - target: - type: Utilization - averageUtilization: 80 - behavior: - scaleDown: - stabilizationWindowSeconds: 300 - policies: - - type: Percent - value: 50 - periodSeconds: 60 - scaleUp: - stabilizationWindowSeconds: 0 - policies: - - type: Percent - value: 100 - periodSeconds: 15 - - type: Pods - value: 2 - periodSeconds: 15 - selectPolicy: Max diff --git a/k8s/ingress.yaml b/k8s/ingress.yaml deleted file mode 100644 index 382cb6c..0000000 --- a/k8s/ingress.yaml +++ /dev/null @@ -1,149 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: wms-ingress - namespace: wms-system - labels: - app: cpte-wms - annotations: - kubernetes.io/ingress.class: "nginx" - nginx.ingress.kubernetes.io/rewrite-target: /$2 - nginx.ingress.kubernetes.io/ssl-redirect: "true" - nginx.ingress.kubernetes.io/force-ssl-redirect: "true" - nginx.ingress.kubernetes.io/proxy-body-size: "50m" - nginx.ingress.kubernetes.io/proxy-connect-timeout: "60" - nginx.ingress.kubernetes.io/proxy-send-timeout: "60" - nginx.ingress.kubernetes.io/proxy-read-timeout: "60" - nginx.ingress.kubernetes.io/proxy-buffer-size: "128k" - nginx.ingress.kubernetes.io/proxy-buffers-number: "4" - nginx.ingress.kubernetes.io/enable-cors: "true" - nginx.ingress.kubernetes.io/cors-allow-origin: "*" - nginx.ingress.kubernetes.io/cors-allow-methods: "PUT, GET, POST, DELETE, PATCH, OPTIONS" - nginx.ingress.kubernetes.io/cors-allow-headers: "DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization" - nginx.ingress.kubernetes.io/cors-allow-credentials: "true" - nginx.ingress.kubernetes.io/cors-max-age: "1728000" - nginx.ingress.kubernetes.io/health-check-path: "/actuator/health" - nginx.ingress.kubernetes.io/health-check-interval: "30s" - nginx.ingress.kubernetes.io/health-check-timeout: "5s" -spec: - ingressClassName: nginx - tls: - - hosts: - - wms.yourcompany.com - secretName: wms-tls-secret - rules: - - host: wms.yourcompany.com - http: - paths: - - path: /api/wms/basic(/|$)(.*) - pathType: Prefix - backend: - service: - name: wms-basic-service - port: - number: 80 - - path: /api/wms/inbound(/|$)(.*) - pathType: Prefix - backend: - service: - name: wms-inbound-service - port: - number: 80 - - path: /api/wms/outbound(/|$)(.*) - pathType: Prefix - backend: - service: - name: wms-outbound-service - port: - number: 80 - - path: /api/wms/inventory(/|$)(.*) - pathType: Prefix - backend: - service: - name: wms-inventory-service - port: - number: 80 - - path: /api/wms/schedule(/|$)(.*) - pathType: Prefix - backend: - service: - name: wms-schedule-service - port: - number: 80 - - path: /doc.html - pathType: Prefix - backend: - service: - name: wms-inbound-service - port: - number: 80 - - path: /actuator(/|$)(.*) - pathType: Prefix - backend: - service: - name: wms-inbound-service - port: - number: 80 ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: wms-ingress-http - namespace: wms-system - labels: - app: cpte-wms - annotations: - kubernetes.io/ingress.class: "nginx" - nginx.ingress.kubernetes.io/rewrite-target: /$2 - nginx.ingress.kubernetes.io/proxy-body-size: "50m" - nginx.ingress.kubernetes.io/proxy-connect-timeout: "60" - nginx.ingress.kubernetes.io/proxy-send-timeout: "60" - nginx.ingress.kubernetes.io/proxy-read-timeout: "60" -spec: - ingressClassName: nginx - rules: - - host: wms-dev.yourcompany.com - http: - paths: - - path: /api/wms/basic(/|$)(.*) - pathType: Prefix - backend: - service: - name: wms-basic-service - port: - number: 80 - - path: /api/wms/inbound(/|$)(.*) - pathType: Prefix - backend: - service: - name: wms-inbound-service - port: - number: 80 - - path: /api/wms/outbound(/|$)(.*) - pathType: Prefix - backend: - service: - name: wms-outbound-service - port: - number: 80 - - path: /api/wms/inventory(/|$)(.*) - pathType: Prefix - backend: - service: - name: wms-inventory-service - port: - number: 80 - - path: /api/wms/schedule(/|$)(.*) - pathType: Prefix - backend: - service: - name: wms-schedule-service - port: - number: 80 - - path: /doc.html - pathType: Prefix - backend: - service: - name: wms-inbound-service - port: - number: 80 diff --git a/k8s/kubekey-config-fixed.yaml b/k8s/kubekey-config-fixed.yaml deleted file mode 100644 index d50ef4f..0000000 --- a/k8s/kubekey-config-fixed.yaml +++ /dev/null @@ -1,84 +0,0 @@ -apiVersion: kubekey.kubesphere.io/v1 -kind: Config -spec: - cni: - calico_version: v3.31.3 - cilium_version: 1.18.5 - hybridnet_version: 0.6.8 - kubeovn_version: v1.15.0 - flannel_version: v0.27.4 - multus: - image: - tag: v4.3.0 - cri: - container_manager: containerd - containerd_version: v1.7.13 - crictl_version: v1.33.0 - cridockerd_version: v0.3.21 - docker_version: 25.0.5 - runc_version: v1.1.12 - dns: - dns_cache_image: - tag: 1.25.0 - dns_image: - tag: v1.12.0 - etcd: - etcd_version: v3.5.24 - download: - arch: - - amd64 - image_registry: - docker_registry_version: 2.8.3 - dockercompose_version: v2.20.3 - harbor_version: v2.10.2 - keepalived_version: 2.0.20 - kubernetes: - sandbox_image: - tag: "3.10" - helm_version: v3.18.5 - kube_version: v1.33.3 - control_plane_endpoint: - kube_vip: - image: - tag: v0.7.2 - haproxy: - image: - tag: 2.9.6-alpine - storage_class: - localpv_provisioner_version: 4.4.0 - nfs_provisioner_version: 4.0.18 - image_manifests: - # kubernetes-v1.33.3 - - quay.io/tigera/operator:v1.40.3 - - docker.io/calico/apiserver:v3.31.3 - - docker.io/calico/cni:v3.31.3 - - docker.io/calico/ctl:v3.31.3 - - docker.io/calico/csi:v3.31.3 - - docker.io/calico/goldmane:v3.31.3 - - docker.io/calico/kube-controllers:v3.31.3 - - docker.io/calico/node-driver-registrar:v3.31.3 - - docker.io/calico/node:v3.31.3 - - docker.io/calico/pod2daemon-flexvol:v3.31.3 - - docker.io/calico/typha:v3.31.3 - - docker.io/calico/whisker-backend:v3.31.3 - - docker.io/calico/whisker:v3.31.3 - - registry.k8s.io/coredns/coredns:v1.12.0 - - registry.k8s.io/dns/k8s-dns-node-cache:1.25.0 - - registry.k8s.io/kube-apiserver:v1.33.3 - - registry.k8s.io/kube-controller-manager:v1.33.3 - - registry.k8s.io/kube-proxy:v1.33.3 - - registry.k8s.io/kube-scheduler:v1.33.3 - - registry.k8s.io/pause:3.10 - - docker.io/openebs/linux-utils:4.3.0 - - docker.io/openebs/provisioner-localpv:4.4.0 - - docker.io/library/haproxy:2.9.6-alpine - - docker.io/plndr/kube-vip:v0.7.2 - # ks-core - - registry.cn-beijing.aliyuncs.com/kse/ks-apiserver:v4.2.1 - - registry.cn-beijing.aliyuncs.com/kse/ks-console:v4.2.1 - - registry.cn-beijing.aliyuncs.com/kse/ks-controller-manager:v4.2.1 - - registry.cn-beijing.aliyuncs.com/kubesphereio/kubectl:v1.33.1 - - registry.cn-beijing.aliyuncs.com/kubesphereio/redis:7.2.12-alpine - - registry.cn-beijing.aliyuncs.com/kse/extensions-museum:v11.1.3 - - registry.cn-beijing.aliyuncs.com/kse/ks-console-embed:v4.2.1 - - registry.cn-beijing.aliyuncs.com/kse/ks-posthog:v2.0.0 diff --git a/k8s/kubepi-serviceaccount.yaml b/k8s/kubepi-serviceaccount.yaml deleted file mode 100644 index 8fb4257..0000000 --- a/k8s/kubepi-serviceaccount.yaml +++ /dev/null @@ -1,37 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - name: kubepi-admin - namespace: wms-system - labels: - app: kubepi ---- -apiVersion: v1 -kind: Secret -metadata: - name: kubepi-admin-token - namespace: wms-system - annotations: - kubernetes.io/service-account.name: kubepi-admin -type: kubernetes.io/service-account-token ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: kubepi-admin-binding - labels: - app: kubepi -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: cluster-admin -subjects: - - kind: ServiceAccount - name: kubepi-admin - namespace: wms-system ---- -# 应用配置后,执行以下命令获取长期有效的 Bearer Token: -# kubectl -n wms-system get secret kubepi-admin-token -o jsonpath='{.data.token}' | base64 -d -# -# 获取 API Server 地址: -# kubectl cluster-info diff --git a/k8s/kubesphere-config.yaml b/k8s/kubesphere-config.yaml deleted file mode 100644 index cfc9ef0..0000000 --- a/k8s/kubesphere-config.yaml +++ /dev/null @@ -1,123 +0,0 @@ -apiVersion: installer.kubesphere.io/v1alpha1 -kind: ClusterConfiguration -metadata: - name: ks-installer - namespace: kubesphere-system - labels: - version: v3.4.1 -spec: - persistence: - storageClass: nfs-sc - - authentication: - jwtSecret: "" - - regionConfig: - enabled: false - - alerting: - enabled: true - thanosRuler: - replicas: 1 - resources: {} - - auditing: - enabled: true - operator: - replicas: 1 - resources: {} - - devops: - enabled: true - jenkinsMemoryLim: 2Gi - jenkinsMemoryReq: 1Gi - jenkinsVolumeSize: 8Gi - - events: - enabled: true - operator: - replicas: 1 - resources: {} - - logging: - enabled: true - containerruntime: containerd - logsidecar: - enabled: true - replicas: 2 - fluentbit: - enabled: true - - monitoring: - enabled: true - storageClass: nfs-sc - kubeRbacEnabled: true - thanosRuler: - replicas: 1 - resources: {} - - network: - networkpolicy: - enabled: true - ingressNamespace: "kubesphere-contro-ller-namespace" - ingressController: - enabled: true - isDefault: true - ippool: - enabled: true - topology: - enabled: true - - notification: - enabled: true - - openpitrix: - enabled: true - store: - enabled: true - - servicemesh: - enabled: false - - istio: - enabled: false - - kubesphere: - enabled: true - console: - enableMultiLogin: true - port: 30880 - type: NodePort - - features: - allowEmptyRequest: true - - alerting: - enabled: true - - auditing: - enabled: true - - devops: - enabled: true - - events: - enabled: true - - logging: - enabled: true - - monitoring: - enabled: true - - notification: - enabled: true - - openpitrix: - enabled: true - - servicemesh: - enabled: false - - istio: - enabled: false diff --git a/k8s/manifests/mysql.yaml b/k8s/manifests/mysql.yaml new file mode 100644 index 0000000..f037461 --- /dev/null +++ b/k8s/manifests/mysql.yaml @@ -0,0 +1,255 @@ +# ===== 1. Secret - MySQL 认证信息 ===== +kind: Secret +apiVersion: v1 +metadata: + name: mysql-secret + namespace: cpte-wms + annotations: + kubesphere.io/creator: admin + kubesphere.io/description: MySQL 认证信息 +data: + MYSQL_ROOT_PASSWORD: Y3B0ZUAxMjM= + MYSQL_DATABASE: Y3B0ZS13bXM= +type: Opaque + +--- +# ===== 2. ConfigMap - MySQL 配置文件 ===== +kind: ConfigMap +apiVersion: v1 +metadata: + name: mysql-conf + namespace: cpte-wms + creationTimestamp: '2026-03-16T13:31:47Z' + annotations: + kubesphere.io/creator: admin + kubesphere.io/description: 配置文件 +data: + my.cnf: | + [client] + default-character-set = utf8mb4 + socket = /tmp/mysql.sock + + [mysql] + default-character-set = utf8mb4 + + [mysqld] + # ===== 基础设置 ===== + user = mysql + datadir = /var/lib/mysql + socket = /tmp/mysql.sock + pid-file = /var/run/mysqld/mysqld.pid + secure-file-priv = /var/lib/mysql-files + + # ===== 连接设置 ===== + max_connections = 200 + max_connect_errors = 100 + max_allowed_packet = 512M + + # ===== 字符集设置 ===== + character-set-server = utf8mb4 + default_authentication_plugin = mysql_native_password + lower_case_table_names = 1 + + # ===== 缓存和缓冲区设置 ===== + # 线程缓存 + thread_cache_size = 512 + thread_stack = 256K + + # 表缓存 + table_open_cache = 8192 + table_definition_cache = 4096 + tmp_table_size = 1G + + # 键缓存 + key_buffer_size = 256M + + # 查询缓存 + join_buffer_size = 4M + sort_buffer_size = 8M + read_buffer_size = 2M + read_rnd_buffer_size = 4M + + # MyISAM + myisam_sort_buffer_size = 256M + + # ===== InnoDB 设置 ===== + default-storage-engine = INNODB + innodb_buffer_pool_size = 40G + innodb_log_file_size = 4G + innodb_log_buffer_size = 256M + innodb_flush_log_at_trx_commit = 1 + + + # ===== 日志设置 ===== + log-bin = mysql-bin + binlog_format = ROW + server-id = 1 + max_binlog_cache_size = 2G + max_binlog_size = 1G + expire_logs_days = 7 + + # 慢查询日志 + slow-query-log=1 + slow-query-log-file = /var/lib/mysql/mysql-slow.log + long_query_time = 5 + + + # ===== 其他设置 ===== + sql-mode="STRICT_TRANS_TABLES,NO_ENGINE_SUBSTITUTION" + open_files_limit = 8192 + +--- +# ===== 3. Headless Service - 用于 StatefulSet ===== +apiVersion: v1 +kind: Service +metadata: + name: mysql-headless + namespace: cpte-wms + labels: + app: mysql +spec: + clusterIP: None + selector: + app: mysql + ports: + - port: 3306 + targetPort: 3306 + name: mysql + +--- +# ===== 4. StatefulSet - MySQL 主容器 ===== +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: mysql + namespace: cpte-wms + labels: + app: mysql + annotations: + kubesphere.io/description: "8.0.39" +spec: + serviceName: mysql-headless + replicas: 1 + selector: + matchLabels: + app: mysql + template: + metadata: + labels: + app: mysql + spec: + # ===== Pod 级别安全上下文 ===== + securityContext: + fsGroup: 999 + containers: + - name: mysql + image: docker.io/library/mysql:8.0.39 + imagePullPolicy: IfNotPresent + ports: + - containerPort: 3306 + name: mysql + env: + - name: MYSQL_ROOT_PASSWORD + valueFrom: + secretKeyRef: + name: mysql-secret + key: MYSQL_ROOT_PASSWORD + - name: MYSQL_DATABASE + valueFrom: + secretKeyRef: + name: mysql-secret + key: MYSQL_DATABASE + volumeMounts: + - name: mysql-data + mountPath: /var/lib/mysql + - name: mysql-conf + mountPath: /etc/mysql/conf.d/my.cnf + subPath: my.cnf + readOnly: true + - name: mysql-log + mountPath: /var/log/mysql + - name: mysql-run + mountPath: /var/run/mysqld + - name: host-time + mountPath: /etc/localtime + readOnly: true + livenessProbe: + exec: + command: ['sh', '-c', 'mysqladmin ping -h localhost -u root -p"$MYSQL_ROOT_PASSWORD" | grep -q alive'] + initialDelaySeconds: 60 + periodSeconds: 10 + failureThreshold: 3 + readinessProbe: + exec: + command: ['sh', '-c', 'mysqladmin ping -h localhost -u root -p"$MYSQL_ROOT_PASSWORD" | grep -q alive'] + initialDelaySeconds: 30 + periodSeconds: 5 + failureThreshold: 3 + startupProbe: + exec: + command: ['sh', '-c', 'mysqladmin ping -h localhost -u root -p"$MYSQL_ROOT_PASSWORD" | grep -q alive'] + initialDelaySeconds: 0 + periodSeconds: 5 + failureThreshold: 30 + resources: + requests: + memory: "4Gi" + cpu: "500m" + limits: + memory: "8Gi" + cpu: "2000m" + # ===== 容器级别安全上下文 ===== + securityContext: + runAsUser: 999 + runAsGroup: 999 + volumes: + - name: mysql-conf + configMap: + name: mysql-conf + - name: mysql-log + emptyDir: {} + - name: mysql-run + emptyDir: {} + - name: host-time + hostPath: + path: /etc/localtime + type: File + volumeClaimTemplates: + - metadata: + name: mysql-data + spec: + accessModes: ["ReadWriteOnce"] + storageClassName: local + resources: + requests: + storage: 20Gi + +--- +# ===== 5. ClusterIP Service - 用于集群内访问 ===== +kind: Service +apiVersion: v1 +metadata: + name: mysql-service + namespace: cpte-wms + creationTimestamp: '2026-03-16T14:34:50Z' + labels: + app: mysql +spec: + ports: + - name: mysql + protocol: TCP + port: 3306 + targetPort: 3306 + nodePort: 30926 + selector: + app: mysql + clusterIP: 10.233.28.135 + clusterIPs: + - 10.233.28.135 + type: NodePort + sessionAffinity: None + externalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + internalTrafficPolicy: Cluster \ No newline at end of file diff --git a/k8s/manifests/namespace.yaml b/k8s/manifests/namespace.yaml new file mode 100644 index 0000000..4acaffc --- /dev/null +++ b/k8s/manifests/namespace.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: cpte-wms + labels: + name: cpte-wms + app: cpte-wms + environment: production diff --git a/k8s/manifests/nginx.yaml b/k8s/manifests/nginx.yaml new file mode 100644 index 0000000..ef71e90 --- /dev/null +++ b/k8s/manifests/nginx.yaml @@ -0,0 +1,254 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: nginx-conf + namespace: cpte-wms + annotations: + kubesphere.io/creator: admin + kubesphere.io/description: 配置文件 +data: + nginx.conf: | + worker_processes 1; + + events { + worker_connections 1024; + } + + http { + include mime.types; + default_type application/octet-stream; + + # ✅ 字符编码设置 + charset utf-8; + charset_types text/html text/plain text/css application/javascript application/json; + + sendfile on; + keepalive_timeout 65; + + gzip on; + gzip_static on; + gzip_buffers 4 16k; + gzip_comp_level 5; + gzip_types text/plain application/javascript text/css application/xml text/javascript application/x-httpd-php image/jpeg image/gif image/png; + + server { + listen 80; + listen [::]:80; + server_name 101.35.253.46; + + # 前端配置 + location / { + root /html/dist; + try_files $uri $uri/ /index.html last; + index index.html; + expires -1; + } + + # 后端api配置 + location /cpte-wms/ { + # 反向代理的java地址 + proxy_pass http://101.35.253.46:8000/cpte-wms/; + proxy_redirect off; + + # 设置代理消息头 + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header Host $http_host; + + # 设置没有缓存 + expires -1; + + # 安全配置 + add_header Set-Cookie "Path=/; HttpOnly; Secure"; + add_header X-Content-Type-Options "nosniff"; + add_header X-XSS-Protection "1; mode=block"; + add_header X-Frame-Options "ALLOW-FROM 101.35.253.46"; + add_header Content-Security-Policy "frame-ancestors 101.35.253.46"; + } + + # 健康检查端点 + location /health { + access_log off; + return 200 "healthy\n"; + add_header Content-Type text/plain; + } + + # 就绪检查端点 + location /ready { + access_log off; + return 200 "ready\n"; + add_header Content-Type text/plain; + } + } + } + + default.html: | + + + + + + Nginx - CPTE WMS + + + +
+

✅ Nginx 部署成功!

+
+

项目: CPTE WMS

+

环境: Production

+

时间:

+
+
+ + + + +--- +# 2. Deployment +apiVersion: apps/v1 +kind: Deployment +metadata: + name: nginx + namespace: cpte-wms + labels: + app: nginx + annotations: + kubesphere.io/description: "1.28.0" +spec: + replicas: 1 + strategy: + type: RollingUpdate + rollingUpdate: + maxSurge: 1 + maxUnavailable: 0 + selector: + matchLabels: + app: nginx + template: + metadata: + labels: + app: nginx + version: v1 + annotations: + prometheus.io/scrape: "true" + prometheus.io/port: "80" + spec: + containers: + - name: nginx + image: docker.io/library/nginx:1.28.0 + imagePullPolicy: IfNotPresent + + ports: + - name: http + containerPort: 80 + protocol: TCP + + resources: + requests: + cpu: "50m" + memory: "64Mi" + limits: + cpu: "500m" + memory: "256Mi" + + livenessProbe: + httpGet: + path: /health + port: 80 + initialDelaySeconds: 10 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 3 + + readinessProbe: + httpGet: + path: /ready + port: 80 + initialDelaySeconds: 5 + periodSeconds: 5 + timeoutSeconds: 3 + failureThreshold: 3 + + startupProbe: + httpGet: + path: /health + port: 80 + initialDelaySeconds: 0 + periodSeconds: 5 + timeoutSeconds: 3 + failureThreshold: 30 + + volumeMounts: + - name: nginx-conf + mountPath: /etc/nginx/nginx.conf + subPath: nginx.conf + readOnly: true + - name: nginx-html + mountPath: /html/dist + readOnly: true + - name: nginx-cache + mountPath: /var/cache/nginx + - name: nginx-log + mountPath: /var/log/nginx + + env: + - name: NGINX_ENTRYPOINT_QUIET_LOGS + value: "true" + + # ⚠️ 修复重点:volumes 配置 + volumes: + - name: nginx-conf + configMap: + name: nginx-conf + items: + - key: nginx.conf + path: nginx.conf + - name: nginx-html + configMap: + name: nginx-conf + items: + - key: default.html + path: index.html + - name: nginx-cache + emptyDir: {} + - name: nginx-log + emptyDir: {} + + restartPolicy: Always + +--- +# 3. Service +kind: Service +apiVersion: v1 +metadata: + name: nginx-service + namespace: cpte-wms + creationTimestamp: '2026-03-16T11:55:00Z' + labels: + app: nginx +spec: + ports: + - name: nginx + protocol: TCP + port: 80 + targetPort: 80 + nodePort: 30575 + selector: + app: nginx + clusterIP: 10.233.51.227 + clusterIPs: + - 10.233.51.227 + type: NodePort + sessionAffinity: None + externalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + internalTrafficPolicy: Cluster diff --git a/k8s/manifests/redis.yaml b/k8s/manifests/redis.yaml new file mode 100644 index 0000000..54be11c --- /dev/null +++ b/k8s/manifests/redis.yaml @@ -0,0 +1,275 @@ +kind: Secret +apiVersion: v1 +metadata: + name: redis-secret + namespace: cpte-wms + creationTimestamp: '2026-03-16T07:02:43Z' + annotations: + kubesphere.io/creator: admin + kubesphere.io/description: 信息配置 +data: + REDIS_IP: MC4wLjAuMA== + REDIS_PASSWORD: Y3B0ZUAxMjM= + REDIS_PORT: NjM3OQ== +type: Opaque + +--- +kind: ConfigMap +apiVersion: v1 +metadata: + name: redis-conf + namespace: cpte-wms + creationTimestamp: '2026-03-16T07:04:50Z' + annotations: + kubesphere.io/creator: admin + kubesphere.io/description: 配置文件 +data: + redis.conf: |- + bind 0.0.0.0 + + protected-mode yes + + tcp-backlog 511 + + timeout 0 + + daemonize no + + pidfile /data/redis.pid + + loglevel notice + + logfile "" + + databases 16 + + always-show-logo no + + set-proc-title yes + + proc-title-template "{title} {listen-addr} {server-mode}" + + stop-writes-on-bgsave-error yes + + rdbcompression yes + + rdbchecksum yes + + dbfilename dump.rdb + + rdb-del-sync-files no + + dir /data + + replica-serve-stale-data yes + + replica-read-only yes + + repl-diskless-sync yes + + repl-diskless-sync-delay 5 + + repl-diskless-load disabled + + repl-disable-tcp-nodelay no + + replica-priority 100 + + acllog-max-len 128 + + lazyfree-lazy-eviction no + lazyfree-lazy-expire no + lazyfree-lazy-server-del no + replica-lazy-flush no + + lazyfree-lazy-user-del no + + lazyfree-lazy-user-flush no + + oom-score-adj no + + oom-score-adj-values 0 200 800 + + disable-thp yes + + appendonly yes + + appendfilename "appendonly.aof" + + appendfsync everysec + + no-appendfsync-on-rewrite no + + auto-aof-rewrite-percentage 100 + auto-aof-rewrite-min-size 64mb + + aof-load-truncated yes + + aof-use-rdb-preamble yes + + slowlog-log-slower-than 10000 + + slowlog-max-len 128 + + latency-monitor-threshold 0 + + notify-keyspace-events "" + + list-compress-depth 0 + + set-max-intset-entries 512 + + hll-sparse-max-bytes 3000 + + stream-node-max-bytes 4096 + stream-node-max-entries 100 + + activerehashing yes + + client-output-buffer-limit normal 0 0 0 + client-output-buffer-limit replica 256mb 64mb 60 + client-output-buffer-limit pubsub 32mb 8mb 60 + + hz 10 + + dynamic-hz yes + + aof-rewrite-incremental-fsync yes + + rdb-save-incremental-fsync yes + + jemalloc-bg-thread yes + +--- +apiVersion: v1 +kind: Service +metadata: + name: redis-headless + namespace: cpte-wms + labels: + app: redis +spec: + clusterIP: None + selector: + app: redis + ports: + - port: 6379 + targetPort: 6379 + name: redis + +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: redis + namespace: cpte-wms + labels: + app: redis + annotations: + kubesphere.io/description: "6.2.19" +spec: + serviceName: redis-headless + replicas: 1 + selector: + matchLabels: + app: redis + template: + metadata: + labels: + app: redis + spec: + containers: + - name: redis + image: docker.io/library/redis:6.2.19 + imagePullPolicy: IfNotPresent + command: ['sh', '-c', 'exec redis-server /etc/redis/redis.conf --requirepass "$REDIS_PASSWORD"'] + ports: + - containerPort: 6379 + name: redis + env: + - name: REDIS_PASSWORD + valueFrom: + secretKeyRef: + name: redis-secret + key: REDIS_PASSWORD + volumeMounts: + - name: redis-data + mountPath: /data + - name: redis-config + mountPath: /etc/redis/redis.conf + subPath: redis.conf + readOnly: true + - name: host-time + mountPath: /etc/localtime + readOnly: true + livenessProbe: + exec: + command: ['sh', '-c', 'redis-cli -a "$REDIS_PASSWORD" ping | grep -q PONG'] + initialDelaySeconds: 30 + periodSeconds: 10 + failureThreshold: 3 + readinessProbe: + exec: + command: ['sh', '-c', 'redis-cli -a "$REDIS_PASSWORD" ping | grep -q PONG'] + initialDelaySeconds: 5 + periodSeconds: 5 + failureThreshold: 3 + startupProbe: + exec: + command: ['sh', '-c', 'redis-cli -a "$REDIS_PASSWORD" ping | grep -q PONG'] + initialDelaySeconds: 0 + periodSeconds: 5 + failureThreshold: 30 + resources: + requests: + memory: "256Mi" + cpu: "100m" + limits: + memory: "1Gi" + cpu: "500m" + volumes: + - name: redis-config + configMap: + name: redis-conf + - name: host-time + hostPath: + path: /etc/localtime + type: File + volumeClaimTemplates: + - metadata: + name: redis-data + spec: + accessModes: ["ReadWriteOnce"] + storageClassName: local + resources: + requests: + storage: 10Gi + +--- +kind: Service +apiVersion: v1 +metadata: + name: redis-service + namespace: cpte-wms + creationTimestamp: '2026-03-16T10:47:03Z' + labels: + app: redis +spec: + ports: + - name: redis + protocol: TCP + port: 6379 + targetPort: 6379 + nodePort: 30899 + selector: + app: redis + clusterIP: 10.233.50.165 + clusterIPs: + - 10.233.50.165 + type: NodePort + sessionAffinity: None + externalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + internalTrafficPolicy: Cluster diff --git a/k8s/namespace.yaml b/k8s/namespace.yaml deleted file mode 100644 index e065a32..0000000 --- a/k8s/namespace.yaml +++ /dev/null @@ -1,49 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - name: wms-system - labels: - name: wms-system - kubesphere.io/workspace: wms-workspace ---- -apiVersion: v1 -kind: ResourceQuota -metadata: - name: wms-resource-quota - namespace: wms-system -spec: - hard: - requests.cpu: "20" - requests.memory: 40Gi - limits.cpu: "40" - limits.memory: 80Gi - pods: "50" - services: "20" - secrets: "30" - configmaps: "30" ---- -apiVersion: v1 -kind: LimitRange -metadata: - name: wms-limit-range - namespace: wms-system -spec: - limits: - - type: Container - default: - cpu: "1" - memory: 1Gi - defaultRequest: - cpu: "500m" - memory: 512Mi - max: - cpu: "4" - memory: 8Gi - min: - cpu: "100m" - memory: 128Mi - - type: PersistentVolumeClaim - max: - storage: 100Gi - min: - storage: 1Gi diff --git a/k8s/pvc.yaml b/k8s/pvc.yaml deleted file mode 100644 index f72ad38..0000000 --- a/k8s/pvc.yaml +++ /dev/null @@ -1,41 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: wms-upload-pvc - namespace: wms-system - labels: - app: cpte-wms -spec: - accessModes: - - ReadWriteMany - storageClassName: nfs-sc - resources: - requests: - storage: 50Gi ---- -apiVersion: v1 -kind: StorageClass -metadata: - name: nfs-sc - labels: - app: cpte-wms -provisioner: k8s-sigs.io/nfs-subdir-external-provisioner -parameters: - archiveOnDelete: "false" -reclaimPolicy: Delete -volumeBindingMode: Immediate ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: wms-logs-pvc - namespace: wms-system - labels: - app: cpte-wms -spec: - accessModes: - - ReadWriteMany - storageClassName: nfs-sc - resources: - requests: - storage: 20Gi diff --git a/k8s/secret.yaml b/k8s/secret.yaml deleted file mode 100644 index a5735ce..0000000 --- a/k8s/secret.yaml +++ /dev/null @@ -1,33 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: wms-secret - namespace: wms-system - labels: - app: cpte-wms -type: Opaque -stringData: - # 数据库配置 - MYSQL_HOST: "mysql-service" - MYSQL_PORT: "3306" - MYSQL_USERNAME: "root" - MYSQL_PASSWORD: "Youchain@56" - - # Redis 配置 - REDIS_HOST: "redis-service" - REDIS_PORT: "6379" - REDIS_PASSWORD: "cpte@123" - - # JWT 密钥 - JWT_SECRET: "cpte-wms-jwt-secret-key-2024" - - # 签名密钥 - SIGNATURE_SECRET: "dd05f1c54d63749eda95f9fa6d49v442a" - - # MinIO 配置(可选) - MINIO_URL: "http://minio-service:9000" - MINIO_ACCESS_KEY: "minioadmin" - MINIO_SECRET_KEY: "minioadmin" - - # 其他敏感信息 - ENCRYPTION_KEY: "your-encryption-key-here" diff --git a/k8s/secrets.yaml b/k8s/secrets.yaml deleted file mode 100644 index aa5a39c..0000000 --- a/k8s/secrets.yaml +++ /dev/null @@ -1,76 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: wms-redis-secret - namespace: wms-system - labels: - app: cpte-wms -type: Opaque -stringData: - host: "redis-master.wms-system.svc.cluster.local" - port: "6379" - password: "cpte@redis123" ---- -apiVersion: v1 -kind: Secret -metadata: - name: wms-mysql-secret - namespace: wms-system - labels: - app: cpte-wms -type: Opaque -stringData: - host: "mysql-primary.wms-system.svc.cluster.local" - port: "3306" - username: "wms_user" - password: "cpte@mysql123" ---- -apiVersion: v1 -kind: Secret -metadata: - name: wms-minio-secret - namespace: wms-system - labels: - app: cpte-wms -type: Opaque -stringData: - access-key: "minioadmin" - secret-key: "minioadmin123" - endpoint: "http://minio.wms-system.svc.cluster.local:9000" ---- -apiVersion: v1 -kind: Secret -metadata: - name: wms-tls-secret - namespace: wms-system - labels: - app: cpte-wms -type: kubernetes.io/tls -stringData: - tls.crt: | - # 替换为实际的 TLS 证书内容 - # 可以使用 cert-manager 自动管理或使用以下命令创建自签名证书: - # kubectl create secret tls wms-tls-secret --cert=path/to/tls.crt --key=path/to/tls.key -n wms-system - PLACEHOLDER_CERTIFICATE - tls.key: | - PLACEHOLDER_KEY ---- -apiVersion: v1 -kind: Secret -metadata: - name: wms-docker-registry-secret - namespace: wms-system - labels: - app: cpte-wms -type: kubernetes.io/dockerconfigjson -stringData: - .dockerconfigjson: | - { - "auths": { - "registry.yourcompany.com": { - "username": "wms_deployer", - "password": "YOUR_REGISTRY_PASSWORD", - "auth": "BASE64_ENCODED_CREDENTIALS" - } - } - } diff --git a/k8s/services.yaml b/k8s/services.yaml deleted file mode 100644 index 215b20e..0000000 --- a/k8s/services.yaml +++ /dev/null @@ -1,114 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: wms-basic-service - namespace: wms-system - labels: - app: wms-basic - version: v1 - annotations: - prometheus.io/scrape: "true" - prometheus.io/port: "8080" - prometheus.io/path: "/actuator/prometheus" -spec: - type: ClusterIP - ports: - - port: 80 - targetPort: 8080 - protocol: TCP - name: http - selector: - app: wms-basic - sessionAffinity: None ---- -apiVersion: v1 -kind: Service -metadata: - name: wms-inbound-service - namespace: wms-system - labels: - app: wms-inbound - version: v1 - annotations: - prometheus.io/scrape: "true" - prometheus.io/port: "8080" - prometheus.io/path: "/actuator/prometheus" -spec: - type: ClusterIP - ports: - - port: 80 - targetPort: 8080 - protocol: TCP - name: http - selector: - app: wms-inbound - sessionAffinity: None ---- -apiVersion: v1 -kind: Service -metadata: - name: wms-outbound-service - namespace: wms-system - labels: - app: wms-outbound - version: v1 - annotations: - prometheus.io/scrape: "true" - prometheus.io/port: "8080" - prometheus.io/path: "/actuator/prometheus" -spec: - type: ClusterIP - ports: - - port: 80 - targetPort: 8080 - protocol: TCP - name: http - selector: - app: wms-outbound - sessionAffinity: None ---- -apiVersion: v1 -kind: Service -metadata: - name: wms-inventory-service - namespace: wms-system - labels: - app: wms-inventory - version: v1 - annotations: - prometheus.io/scrape: "true" - prometheus.io/port: "8080" - prometheus.io/path: "/actuator/prometheus" -spec: - type: ClusterIP - ports: - - port: 80 - targetPort: 8080 - protocol: TCP - name: http - selector: - app: wms-inventory - sessionAffinity: None ---- -apiVersion: v1 -kind: Service -metadata: - name: wms-schedule-service - namespace: wms-system - labels: - app: wms-schedule - version: v1 - annotations: - prometheus.io/scrape: "true" - prometheus.io/port: "8080" - prometheus.io/path: "/actuator/prometheus" -spec: - type: ClusterIP - ports: - - port: 80 - targetPort: 8080 - protocol: TCP - name: http - selector: - app: wms-schedule - sessionAffinity: None diff --git a/k8s/services/basic-service.yaml b/k8s/services/basic-service.yaml new file mode 100644 index 0000000..391aec0 --- /dev/null +++ b/k8s/services/basic-service.yaml @@ -0,0 +1,92 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: cpte-wms-basic + namespace: cpte-wms + labels: + app: cpte-wms-basic +spec: + replicas: 2 + selector: + matchLabels: + app: cpte-wms-basic + template: + metadata: + labels: + app: cpte-wms-basic + spec: + initContainers: + - name: wait-for-mysql + image: busybox:1.36 + command: ['sh', '-c', 'until nc -z mysql-service 3306; do echo waiting for mysql; sleep 2; done;'] + - name: wait-for-redis + image: busybox:1.36 + command: ['sh', '-c', 'until nc -z redis-service 6379; do echo waiting for redis; sleep 2; done;'] + containers: + - name: cpte-wms-basic + image: cpte-wms-basic:3.8.3 + imagePullPolicy: IfNotPresent + ports: + - containerPort: 8001 + envFrom: + - configMapRef: + name: cpte-wms-config + - secretRef: + name: cpte-wms-secrets + env: + - name: SERVER_PORT + value: "8001" + - name: DB_URL + value: "jdbc:mysql://$(DB_HOST):$(DB_PORT)/$(DB_NAME)?characterEncoding=UTF-8&useUnicode=true&useSSL=false&tinyInt1isBit=false&allowPublicKeyRetrieval=true&serverTimezone=Asia/Shanghai" + - name: JAVA_OPTS + value: "$(JAVA_OPTS_SERVICES)" + resources: + requests: + memory: "256Mi" + cpu: "100m" + limits: + memory: "512Mi" + cpu: "500m" + volumeMounts: + - name: upload-path + mountPath: /data/upload + - name: logs-path + mountPath: /data/logs + livenessProbe: + httpGet: + path: /cpte-wms-basic/actuator/health + port: 8001 + initialDelaySeconds: 90 + periodSeconds: 30 + timeoutSeconds: 10 + failureThreshold: 3 + readinessProbe: + httpGet: + path: /cpte-wms-basic/actuator/health + port: 8001 + initialDelaySeconds: 45 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 3 + volumes: + - name: upload-path + emptyDir: {} + - name: logs-path + emptyDir: {} +--- +apiVersion: v1 +kind: Service +metadata: + name: cpte-wms-basic + namespace: cpte-wms + labels: + app: cpte-wms-basic +spec: + type: ClusterIP + ports: + - port: 8001 + targetPort: 8001 + protocol: TCP + name: http + selector: + app: cpte-wms-basic diff --git a/k8s/services/inbound-service.yaml b/k8s/services/inbound-service.yaml new file mode 100644 index 0000000..2f74e68 --- /dev/null +++ b/k8s/services/inbound-service.yaml @@ -0,0 +1,88 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: cpte-wms-inbound + namespace: cpte-wms + labels: + app: cpte-wms-inbound +spec: + replicas: 2 + selector: + matchLabels: + app: cpte-wms-inbound + template: + metadata: + labels: + app: cpte-wms-inbound + spec: + initContainers: + - name: wait-for-mysql + image: busybox:1.36 + command: ['sh', '-c', 'until nc -z mysql-service 3306; do echo waiting for mysql; sleep 2; done;'] + - name: wait-for-redis + image: busybox:1.36 + command: ['sh', '-c', 'until nc -z redis-service 6379; do echo waiting for redis; sleep 2; done;'] + containers: + - name: cpte-wms-inbound + image: cpte-wms-inbound:3.8.3 + imagePullPolicy: IfNotPresent + ports: + - containerPort: 8002 + envFrom: + - configMapRef: + name: cpte-wms-config + - secretRef: + name: cpte-wms-secrets + env: + - name: SERVER_PORT + value: "8002" + - name: DB_URL + value: "jdbc:mysql://$(DB_HOST):$(DB_PORT)/$(DB_NAME)?characterEncoding=UTF-8&useUnicode=true&useSSL=false&tinyInt1isBit=false&allowPublicKeyRetrieval=true&serverTimezone=Asia/Shanghai" + - name: JAVA_OPTS + value: "$(JAVA_OPTS_SERVICES)" + resources: + requests: + memory: "256Mi" + cpu: "100m" + limits: + memory: "512Mi" + cpu: "500m" + volumeMounts: + - name: logs-path + mountPath: /data/logs + livenessProbe: + httpGet: + path: /actuator/health + port: 8002 + initialDelaySeconds: 90 + periodSeconds: 30 + timeoutSeconds: 10 + failureThreshold: 3 + readinessProbe: + httpGet: + path: /actuator/health + port: 8002 + initialDelaySeconds: 45 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 3 + volumes: + - name: logs-path + emptyDir: {} +--- +apiVersion: v1 +kind: Service +metadata: + name: cpte-wms-inbound + namespace: cpte-wms + labels: + app: cpte-wms-inbound +spec: + type: ClusterIP + ports: + - port: 8002 + targetPort: 8002 + protocol: TCP + name: http + selector: + app: cpte-wms-inbound diff --git a/k8s/services/inventory-service.yaml b/k8s/services/inventory-service.yaml new file mode 100644 index 0000000..2e63f10 --- /dev/null +++ b/k8s/services/inventory-service.yaml @@ -0,0 +1,88 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: cpte-wms-inventory + namespace: cpte-wms + labels: + app: cpte-wms-inventory +spec: + replicas: 2 + selector: + matchLabels: + app: cpte-wms-inventory + template: + metadata: + labels: + app: cpte-wms-inventory + spec: + initContainers: + - name: wait-for-mysql + image: busybox:1.36 + command: ['sh', '-c', 'until nc -z mysql-service 3306; do echo waiting for mysql; sleep 2; done;'] + - name: wait-for-redis + image: busybox:1.36 + command: ['sh', '-c', 'until nc -z redis-service 6379; do echo waiting for redis; sleep 2; done;'] + containers: + - name: cpte-wms-inventory + image: cpte-wms-inventory:3.8.3 + imagePullPolicy: IfNotPresent + ports: + - containerPort: 8004 + envFrom: + - configMapRef: + name: cpte-wms-config + - secretRef: + name: cpte-wms-secrets + env: + - name: SERVER_PORT + value: "8004" + - name: DB_URL + value: "jdbc:mysql://$(DB_HOST):$(DB_PORT)/$(DB_NAME)?characterEncoding=UTF-8&useUnicode=true&useSSL=false&tinyInt1isBit=false&allowPublicKeyRetrieval=true&serverTimezone=Asia/Shanghai" + - name: JAVA_OPTS + value: "$(JAVA_OPTS_SERVICES)" + resources: + requests: + memory: "256Mi" + cpu: "100m" + limits: + memory: "512Mi" + cpu: "500m" + volumeMounts: + - name: logs-path + mountPath: /data/logs + livenessProbe: + httpGet: + path: /actuator/health + port: 8004 + initialDelaySeconds: 90 + periodSeconds: 30 + timeoutSeconds: 10 + failureThreshold: 3 + readinessProbe: + httpGet: + path: /actuator/health + port: 8004 + initialDelaySeconds: 45 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 3 + volumes: + - name: logs-path + emptyDir: {} +--- +apiVersion: v1 +kind: Service +metadata: + name: cpte-wms-inventory + namespace: cpte-wms + labels: + app: cpte-wms-inventory +spec: + type: ClusterIP + ports: + - port: 8004 + targetPort: 8004 + protocol: TCP + name: http + selector: + app: cpte-wms-inventory diff --git a/k8s/services/outbound-service.yaml b/k8s/services/outbound-service.yaml new file mode 100644 index 0000000..7c8f6f8 --- /dev/null +++ b/k8s/services/outbound-service.yaml @@ -0,0 +1,88 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: cpte-wms-outbound + namespace: cpte-wms + labels: + app: cpte-wms-outbound +spec: + replicas: 2 + selector: + matchLabels: + app: cpte-wms-outbound + template: + metadata: + labels: + app: cpte-wms-outbound + spec: + initContainers: + - name: wait-for-mysql + image: busybox:1.36 + command: ['sh', '-c', 'until nc -z mysql-service 3306; do echo waiting for mysql; sleep 2; done;'] + - name: wait-for-redis + image: busybox:1.36 + command: ['sh', '-c', 'until nc -z redis-service 6379; do echo waiting for redis; sleep 2; done;'] + containers: + - name: cpte-wms-outbound + image: cpte-wms-outbound:3.8.3 + imagePullPolicy: IfNotPresent + ports: + - containerPort: 8003 + envFrom: + - configMapRef: + name: cpte-wms-config + - secretRef: + name: cpte-wms-secrets + env: + - name: SERVER_PORT + value: "8003" + - name: DB_URL + value: "jdbc:mysql://$(DB_HOST):$(DB_PORT)/$(DB_NAME)?characterEncoding=UTF-8&useUnicode=true&useSSL=false&tinyInt1isBit=false&allowPublicKeyRetrieval=true&serverTimezone=Asia/Shanghai" + - name: JAVA_OPTS + value: "$(JAVA_OPTS_SERVICES)" + resources: + requests: + memory: "256Mi" + cpu: "100m" + limits: + memory: "512Mi" + cpu: "500m" + volumeMounts: + - name: logs-path + mountPath: /data/logs + livenessProbe: + httpGet: + path: /actuator/health + port: 8003 + initialDelaySeconds: 90 + periodSeconds: 30 + timeoutSeconds: 10 + failureThreshold: 3 + readinessProbe: + httpGet: + path: /actuator/health + port: 8003 + initialDelaySeconds: 45 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 3 + volumes: + - name: logs-path + emptyDir: {} +--- +apiVersion: v1 +kind: Service +metadata: + name: cpte-wms-outbound + namespace: cpte-wms + labels: + app: cpte-wms-outbound +spec: + type: ClusterIP + ports: + - port: 8003 + targetPort: 8003 + protocol: TCP + name: http + selector: + app: cpte-wms-outbound diff --git a/k8s/services/schedule-service.yaml b/k8s/services/schedule-service.yaml new file mode 100644 index 0000000..7e7be80 --- /dev/null +++ b/k8s/services/schedule-service.yaml @@ -0,0 +1,88 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: cpte-wms-schedule + namespace: cpte-wms + labels: + app: cpte-wms-schedule +spec: + replicas: 1 + selector: + matchLabels: + app: cpte-wms-schedule + template: + metadata: + labels: + app: cpte-wms-schedule + spec: + initContainers: + - name: wait-for-mysql + image: busybox:1.36 + command: ['sh', '-c', 'until nc -z mysql-service 3306; do echo waiting for mysql; sleep 2; done;'] + - name: wait-for-redis + image: busybox:1.36 + command: ['sh', '-c', 'until nc -z redis-service 6379; do echo waiting for redis; sleep 2; done;'] + containers: + - name: cpte-wms-schedule + image: cpte-wms-schedule:3.8.3 + imagePullPolicy: IfNotPresent + ports: + - containerPort: 8005 + envFrom: + - configMapRef: + name: cpte-wms-config + - secretRef: + name: cpte-wms-secrets + env: + - name: SERVER_PORT + value: "8005" + - name: DB_URL + value: "jdbc:mysql://$(DB_HOST):$(DB_PORT)/$(DB_NAME)?characterEncoding=UTF-8&useUnicode=true&useSSL=false&tinyInt1isBit=false&allowPublicKeyRetrieval=true&serverTimezone=Asia/Shanghai" + - name: JAVA_OPTS + value: "$(JAVA_OPTS_SERVICES)" + resources: + requests: + memory: "256Mi" + cpu: "100m" + limits: + memory: "512Mi" + cpu: "500m" + volumeMounts: + - name: logs-path + mountPath: /data/logs + livenessProbe: + httpGet: + path: /actuator/health + port: 8005 + initialDelaySeconds: 90 + periodSeconds: 30 + timeoutSeconds: 10 + failureThreshold: 3 + readinessProbe: + httpGet: + path: /actuator/health + port: 8005 + initialDelaySeconds: 45 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 3 + volumes: + - name: logs-path + emptyDir: {} +--- +apiVersion: v1 +kind: Service +metadata: + name: cpte-wms-schedule + namespace: cpte-wms + labels: + app: cpte-wms-schedule +spec: + type: ClusterIP + ports: + - port: 8005 + targetPort: 8005 + protocol: TCP + name: http + selector: + app: cpte-wms-schedule diff --git a/k8s/services/system-service.yaml b/k8s/services/system-service.yaml new file mode 100644 index 0000000..ce0e0a9 --- /dev/null +++ b/k8s/services/system-service.yaml @@ -0,0 +1,94 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: cpte-wms-system + namespace: cpte-wms + labels: + app: cpte-wms-system +spec: + replicas: 2 + selector: + matchLabels: + app: cpte-wms-system + template: + metadata: + labels: + app: cpte-wms-system + spec: + initContainers: + - name: wait-for-mysql + image: busybox:1.36 + command: ['sh', '-c', 'until nc -z mysql-service 3306; do echo waiting for mysql; sleep 2; done;'] + - name: wait-for-redis + image: busybox:1.36 + command: ['sh', '-c', 'until nc -z redis-service 6379; do echo waiting for redis; sleep 2; done;'] + containers: + - name: cpte-wms-system + image: cpte-wms-system:3.8.3 + imagePullPolicy: IfNotPresent + ports: + - containerPort: 8000 + envFrom: + - configMapRef: + name: cpte-wms-config + - secretRef: + name: cpte-wms-secrets + env: + - name: SERVER_PORT + value: "8000" + - name: DB_URL + value: "jdbc:mysql://$(DB_HOST):$(DB_PORT)/$(DB_NAME)?characterEncoding=UTF-8&useUnicode=true&useSSL=false&tinyInt1isBit=false&allowPublicKeyRetrieval=true&serverTimezone=Asia/Shanghai" + resources: + requests: + memory: "512Mi" + cpu: "250m" + limits: + memory: "1Gi" + cpu: "1000m" + volumeMounts: + - name: upload-path + mountPath: /data/upload + - name: webapp-path + mountPath: /data/webapp + - name: logs-path + mountPath: /data/logs + livenessProbe: + httpGet: + path: /cpte-wms/actuator/health + port: 8000 + initialDelaySeconds: 120 + periodSeconds: 30 + timeoutSeconds: 10 + failureThreshold: 3 + readinessProbe: + httpGet: + path: /cpte-wms/actuator/health + port: 8000 + initialDelaySeconds: 60 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 3 + volumes: + - name: upload-path + emptyDir: {} + - name: webapp-path + emptyDir: {} + - name: logs-path + emptyDir: {} +--- +apiVersion: v1 +kind: Service +metadata: + name: cpte-wms-system + namespace: cpte-wms + labels: + app: cpte-wms-system +spec: + type: ClusterIP + ports: + - port: 8000 + targetPort: 8000 + protocol: TCP + name: http + selector: + app: cpte-wms-system