huojin
/
Cpte-Boot
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Cpte-Boot/k8s/services/inbound-service.yaml

463 lines
14 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters!

This file contains ambiguous Unicode characters that may be confused with others in your current locale. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to highlight these characters.

# ===== 1. Secret - 应用敏感信息 =====
kind: Secret
apiVersion: v1
metadata:
name: cpte-wms-inbound-secret
namespace: cpte-wms
annotations:
kubesphere.io/creator: admin
kubesphere.io/description: 入库服务
type: Opaque
stringData:
MYSQL_HOST: "47.103.100.52"
MYSQL_PORT: "53306"
MYSQL_DATABASE: "cpte-wms"
MYSQL_USERNAME: "root"
MYSQL_PASSWORD: "Youchain@56"
REDIS_HOST: "redis-service"
REDIS_PORT: "6379"
REDIS_PASSWORD: "cpte@123"
MAIL_HOST: "smtp.163.com"
MAIL_USERNAME: "cpteos@163.com"
MAIL_PASSWORD: "cpte@123"
DRUID_LOGIN_PASSWORD: "cpte@123"
SIGNATURE_SECRET: "dd05f1c54d63749eda95f9fa6d49v442a"
---
# ===== 2. ConfigMap - 应用配置文件(修复 Shiro 格式)=====
kind: ConfigMap
apiVersion: v1
metadata:
name: cpte-wms-inbound-conf
namespace: cpte-wms
annotations:
kubesphere.io/creator: admin
kubesphere.io/description: 基础服务配置文件
data:
application.yml: |
server:
port: 8002
tomcat:
max-swallow-size: -1
error:
include-exception: true
include-stacktrace: ALWAYS
include-message: ALWAYS
servlet:
context-path: /cpte-wms-inbound
compression:
enabled: true
min-response-size: 1024
mime-types: application/javascript,application/json,application/xml,text/html,text/xml,text/plain,text/css,image/*
management:
endpoints:
web:
exposure:
include: health,info,prometheus,metrics
base-path: /actuator
endpoint:
health:
show-details: when_authorized
probes:
enabled: true
info:
enabled: true
prometheus:
enabled: true
security:
enabled: false
spring:
application:
name: cpte-wms-inbound
flyway:
enabled: false
clean-disabled: true
servlet:
multipart:
max-file-size: 10MB
max-request-size: 10MB
mail:
timeJobSend: false
host: ${MAIL_HOST}
username: ${MAIL_USERNAME}
password: ${MAIL_PASSWORD}
properties:
mail.smtp.timeout: 10000
mail.smtp.connectiontimeout: 10000
mail.smtp.writetimeout: 10000
mail.smtp.auth: true
mail.smtp.ssl.enable: true
jackson:
date-format: yyyy-MM-dd HH:mm:ss
time-zone: GMT+8
jpa:
open-in-view: false
aop:
proxy-target-class: true
freemarker:
suffix: .ftl
content-type: text/html
charset: UTF-8
cache: false
prefer-file-system-access: false
template-loader-path:
- classpath:/templates
template_update_delay: 0
mvc:
static-path-pattern: /**
pathmatch:
matching-strategy: ant_path_matcher
resource:
static-locations: classpath:/static/,classpath:/public/
autoconfigure:
exclude:
- com.alibaba.druid.spring.boot3.autoconfigure.DruidDataSourceAutoConfigure
- org.springframework.boot.autoconfigure.flyway.FlywayAutoConfiguration
datasource:
druid:
stat-view-servlet:
enabled: true
loginUsername: admin
loginPassword: ${DRUID_LOGIN_PASSWORD}
web-stat-filter:
enabled: true
dynamic:
druid:
initial-size: 5
min-idle: 5
maxActive: 1000
maxWait: 60000
timeBetweenEvictionRunsMillis: 60000
minEvictableIdleTimeMillis: 300000
validationQuery: SELECT 1
testWhileIdle: true
testOnBorrow: false
testOnReturn: false
poolPreparedStatements: true
maxPoolPreparedStatementPerConnectionSize: 20
filters: stat,slf4j
wall:
selectWhereAlwayTrueCheck: false
stat:
slow-sql-millis: 5000
merge-sql: true
datasource:
master:
url: jdbc:mysql://${MYSQL_HOST}:${MYSQL_PORT}/${MYSQL_DATABASE}?characterEncoding=UTF-8&useUnicode=true&useSSL=false&tinyInt1isBit=false&allowPublicKeyRetrieval=true&serverTimezone=Asia/Shanghai&rewriteBatchedStatements=true
username: ${MYSQL_USERNAME}
password: ${MYSQL_PASSWORD}
driver-class-name: com.mysql.cj.jdbc.Driver
data:
redis:
database: 0
host: ${REDIS_HOST}
port: ${REDIS_PORT}
password: ${REDIS_PASSWORD}
mybatis-plus:
mapper-locations: classpath*:org/jeecg/**/xml/*Mapper.xml,classpath*:org/cpte/**/xml/*Mapper.xml
global-config:
banner: false
db-config:
id-type: ASSIGN_ID
table-underline: true
configuration:
log-impl: org.apache.ibatis.logging.stdout.StdOutImpl
call-setners-on-nulls: true
minidao:
base-package: org.jeecg.modules.jmreport.*,org.jeecg.modules.drag.*
# ========== 关键修复Shiro excludeUrls 改为单行 ==========
jeecg:
firewall:
dataSourceSafe: false
lowCodeMode: dev
signatureSecret: ${SIGNATURE_SECRET}
signUrls: /sys/dict/getDictItems/*,/sys/dict/loadDict/*,/sys/dict/loadDictOrderByValue/*,/sys/dict/loadDictItem/*,/sys/dict/loadTreeData,/sys/api/queryTableDictItemsByCode,/sys/api/queryFilterTableDictInfo,/sys/api/queryTableDictByKeys,/sys/api/translateDictFromTable,/sys/api/translateDictFromTableByKeys,/sys/sendChangePwdSms,/sys/user/sendChangePhoneSms,/sys/sms,/desform/api/sendVerifyCode
uploadType: local
domainUrl:
pc: http://101.35.253.46:8002/cpte-wms-inbound/sys/common/upload
app: http://101.35.253.46:8051
path:
upload: /home/wms/upload
webapp: /home/wms/webapp
shiro:
excludeUrls: /test/cpteDemo/demo3,/test/cpteDemo/redisDemo/**,/bigscreen/category/**,/bigscreen/visual/**,/bigscreen/map/**,/jmreport/bigscreen2/**,/cpte-wms-inbound/actuator/**,/actuator/**
oss:
accessKey: ??
secretKey: ??
endpoint: oss-cn-beijing.aliyuncs.com
bucketName: cptedev
sms-template:
signature:
templateCode:
SMS_175435174:
SMS_465391221:
SMS_175430166:
file-view-domain: http://fileview.cpte.com
minio:
minio_url: http://minio.cpte.com
minio_name: ??
minio_pass: ??
bucketName: otatest
jmreport:
saasMode:
firewall:
dataSourceSafe: false
lowCodeMode: dev
gao-de-api:
api-key: ??
secret-key: ??
redisson:
address: ${REDIS_HOST}:${REDIS_PORT}
password: ${REDIS_PASSWORD}
type: STANDALONE
enabled: true
baidu-api:
app-id: ??
api-key: ??
secret-key: ??
cas:
prefixUrl: http://cas.example.org:8443/cas
logging:
level:
org.springframework.context.support.PostProcessorRegistrationDelegate: error
org.flywaydb: debug
org.jeecg.modules.system.mapper: info
org.jeecg.modules.demo.test.mapper: info
knife4j:
enable: true
production: false
basic:
enable: false
username: cpte
password: cpte1314
# ========== 修复 Feign 配置 ==========
feign:
client:
wms-basic:
url: http://cpte-wms-basic:8001/cpte-wms-basic
config:
default:
connectTimeout: 5000
readTimeout: 10000
loggerLevel: INFO
---
# ===== 3. PersistentVolumeClaim - 文件存储 =====
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: cpte-wms-inbound-data
namespace: cpte-wms
annotations:
kubesphere.io/creator: admin
kubesphere.io/description: 文件上传存储
spec:
accessModes:
- ReadWriteOnce
storageClassName: local
resources:
requests:
storage: 10Gi
---
# ===== 4. Deployment - 系统服务(修复探针路径)=====
apiVersion: apps/v1
kind: Deployment
metadata:
name: cpte-wms-inbound
namespace: cpte-wms
labels:
app: cpte-wms-inbound
version: v1
annotations:
kubesphere.io/description: "WMS-入库服务"
spec:
replicas: 1
strategy:
type: RollingUpdate
rollingUpdate:
maxSurge: 1
maxUnavailable: 0
selector:
matchLabels:
app: cpte-wms-inbound
template:
metadata:
labels:
app: cpte-wms-inbound
version: v1
annotations:
prometheus.io/scrape: "true"
prometheus.io/port: "8002"
prometheus.io/path: "/cpte-wms-inbound/actuator/prometheus"
spec:
containers:
- name: cpte-wms-inbound
image: docker.io/library/cpte-wms-inbound:2.0
imagePullPolicy: IfNotPresent
ports:
- name: http
containerPort: 8002
protocol: TCP
env:
- name: MYSQL_HOST
valueFrom:
secretKeyRef:
name: cpte-wms-inbound-secret
key: MYSQL_HOST
- name: MYSQL_PORT
valueFrom:
secretKeyRef:
name: cpte-wms-inbound-secret
key: MYSQL_PORT
- name: MYSQL_DATABASE
valueFrom:
secretKeyRef:
name: cpte-wms-inbound-secret
key: MYSQL_DATABASE
- name: MYSQL_USERNAME
valueFrom:
secretKeyRef:
name: cpte-wms-inbound-secret
key: MYSQL_USERNAME
- name: MYSQL_PASSWORD
valueFrom:
secretKeyRef:
name: cpte-wms-inbound-secret
key: MYSQL_PASSWORD
- name: REDIS_HOST
valueFrom:
secretKeyRef:
name: cpte-wms-inbound-secret
key: REDIS_HOST
- name: REDIS_PORT
valueFrom:
secretKeyRef:
name: cpte-wms-inbound-secret
key: REDIS_PORT
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: cpte-wms-inbound-secret
key: REDIS_PASSWORD
- name: MAIL_HOST
valueFrom:
secretKeyRef:
name: cpte-wms-inbound-secret
key: MAIL_HOST
- name: MAIL_USERNAME
valueFrom:
secretKeyRef:
name: cpte-wms-inbound-secret
key: MAIL_USERNAME
- name: MAIL_PASSWORD
valueFrom:
secretKeyRef:
name: cpte-wms-inbound-secret
key: MAIL_PASSWORD
- name: DRUID_LOGIN_PASSWORD
valueFrom:
secretKeyRef:
name: cpte-wms-inbound-secret
key: DRUID_LOGIN_PASSWORD
- name: SIGNATURE_SECRET
valueFrom:
secretKeyRef:
name: cpte-wms-inbound-secret
key: SIGNATURE_SECRET
- name: JAVA_OPTS
value: "-Xms512m -Xmx2048m -XX:+UseG1GC -XX:MaxGCPauseMillis=200 -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/app/logs/heapdump.hprof"
resources:
requests:
cpu: "500m"
memory: "1Gi"
limits:
cpu: "2000m"
memory: "2Gi"
# ========== 关键修复 3: 探针路径 ==========
livenessProbe:
httpGet:
path: /cpte-wms-inbound/actuator/health/liveness # ✅ 包含 context-path
port: 8002
initialDelaySeconds: 180
periodSeconds: 20
timeoutSeconds: 10
failureThreshold: 3
readinessProbe:
httpGet:
path: /cpte-wms-inbound/actuator/health/readiness # ✅ 包含 context-path
port: 8002
initialDelaySeconds: 120
periodSeconds: 15
timeoutSeconds: 10
failureThreshold: 3
startupProbe:
httpGet:
path: /cpte-wms-inbound/actuator/health/liveness # ✅ 包含 context-path
port: 8002
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 90
volumeMounts:
- name: cpte-wms-inbound-conf
mountPath: /app/application.yml
subPath: application.yml
readOnly: true
- name: cpte-wms-inbound-data
mountPath: /home/wms
- name: host-time
mountPath: /etc/localtime
readOnly: true
securityContext:
runAsNonRoot: false
volumes:
- name: cpte-wms-inbound-conf
configMap:
name: cpte-wms-inbound-conf
items:
- key: application.yml
path: application.yml
- name: cpte-wms-inbound-data
persistentVolumeClaim:
claimName: cpte-wms-inbound-data
- name: host-time
hostPath:
path: /etc/localtime
type: File
restartPolicy: Always
---
# ===== 5. Service - ClusterIP 集群内访问 =====
kind: Service
apiVersion: v1
metadata:
name: cpte-wms-inbound
namespace: cpte-wms
labels:
app: cpte-wms-inbound
annotations:
spec:
ports:
- name: cpte-wms-inbound
protocol: TCP
port: 8002
targetPort: 8002
selector:
app: cpte-wms-inbound
clusterIP: 10.233.51.195
clusterIPs:
- 10.233.51.195
type: ClusterIP
sessionAffinity: None
ipFamilies:
- IPv4
ipFamilyPolicy: SingleStack
internalTrafficPolicy: Cluster
Reference in New Issue View Git Blame Copy Permalink