k8s--ruoyi
前言
kubesphere部署ruoyi-cloud,及其配置集(config-map)
版本:
mysql:5.7.42
RuoYi v3.6.2
redis latest
nacos v2.2.2(nacos/nacos-server:v2.2.2)
ruoyi上云
mysql配置集
my.cnf
[client]
default-character-set=utf8mb4
[mysql]
default-character-set=utf8mb4
[mysqld]
init_connect='SET collation_connection = utf8mb4_unicode_ci'
init_connect='SET NAMES utf8mb4'
character-set-server=utf8mb4
collation-server=utf8mb4_unicode_ci
skip-character-set-client-handshake
skip-name-resolve
mysql 环境变量
docker run -p 3306:3306 --name mysql-01 \
-v /mydata/mysql/log:/var/log/mysql \
-v /mydata/mysql/data:/var/lib/mysql \
-v /mydata/mysql/conf:/etc/mysql/conf.d \
-e MYSQL_ROOT_PASSWORD=root \
--restart=always \
-d mysql:5.7
-e MYSQL_ROOT_PASSWORD=my-secret-pw
redis配置集
#docker启动redis
docker run -d -p 6379:6379 --restart=always \
-v /mydata/redis/conf/redis.conf:/etc/redis/redis.conf \
-v /mydata/redis-01/data:/data \
--name redis-01 redis:6.2.5 \
redis-server /etc/redis/redis.conf
redis.conf
appendonly yes
port 6379
bind 0.0.0.0
elasticsearch 配置集
容器启动
docker run --restart=always -d -p 9200:9200 -p 9300:9300
-e “discovery.type=single-node”
-e ES_JAVA_OPTS=“-Xms512m -Xmx512m”
-v es-config:/usr/share/elasticsearch/config
-v /mydata/es-01/data:/usr/share/elasticsearch/data
–name es-01
elasticsearch:7.13.4
jvm.options
8-13:-XX:+UseConcMarkSweepGC
8-13:-XX:CMSInitiatingOccupancyFraction=75
8-13:-XX:+UseCMSInitiatingOccupancyOnly
14-:-XX:+UseG1GC
-Djava.io.tmpdir=${
ES_TMPDIR}
-XX:+HeapDumpOnOutOfMemoryError
-XX:HeapDumpPath=data
-XX:ErrorFile=logs/hs_err_pid%p.log
8:-XX:+PrintGCDetails
8:-XX:+PrintGCDateStamps
8:-XX:+PrintTenuringDistribution
8:-XX:+PrintGCApplicationStoppedTime
8:-Xloggc:logs/gc.log
8:-XX:+UseGCLogFileRotation
8:-XX:NumberOfGCLogFiles=32
8:-XX:GCLogFileSize=64m
9-:-Xlog:gc*,gc+age=trace,safepoint:file=logs/gc.log:utctime,pid,tags:filecount=32,filesize=64m
elasticsearch.yml
cluster.name: "docker-cluster"
network.host: 0.0.0.0
微服务上云
1、中间件,有状态,数据导入
2、无状态,制作镜像,配置文件
3、网络,中间件及微服务访问地址
pod名.服务名.项目名(所在的名称空间).集群内固定地址
his-nacos-v1-1.his-nacos.his.svc…cluster.local
4、配置、生成配置分离、URL
nacos/nacos-server:v2.2.2
/home/nacos/conf/ application.properties cluster.conf
需修改数据库配置。
CREATE SCHEMA nacos;
CREATE USER 'nacos'@'%' identified BY 'nacos';
GRANT ALL PRIVILEGES ON nacos.* TO 'nacos'@'localhost';
flush PRIVILEGES;
server.servlet.contextPath=/nacos
server.error.include-message=ALWAYS
server.port=8848
spring.datasource.platform=mysql
spring.sql.init.platform=mysql
db.num=1
db.url.0=jdbc:mysql://192.168.220.134:32473/ry-config?characterEncoding=utf8&connectTimeout=1000&socketTimeout=3000&autoReconnect=true&useUnicode=true&useSSL=false&serverTimezone=UTC
db.user.0=root
db.password.0=123456
db.pool.config.connectionTimeout=30000
db.pool.config.validationTimeout=10000
db.pool.config.maximumPoolSize=20
db.pool.config.minimumIdle=2
management.metrics.export.elastic.enabled=false
management.metrics.export.influx.enabled=false
server.tomcat.accesslog.enabled=true
server.tomcat.accesslog.pattern=%h %l %u %t "%r" %s %b %D %{
User-Agent}i %{
Request-Source}i
server.tomcat.basedir=file:.
nacos.security.ignore.urls=/,/error,/**/*.css,/**/*.js,/**/*.html,/**/*.map,/**/*.svg,/**/*.png,/**/*.ico,/console-ui/public/**,/v1/auth/**,/v1/console/health/**,/actuator/**,/v1/console/server/**
nacos.core.auth.system.type=nacos
nacos.core.auth.enabled=false
nacos.core.auth.caching.enabled=true
nacos.core.auth.enable.userAgentAuthWhite=false
nacos.core.auth.server.identity.key=serverIdentity
nacos.core.auth.server.identity.value=security
nacos.core.auth.plugin.nacos.token.cache.enable=false
nacos.core.auth.plugin.nacos.token.expire.seconds=18000
nacos.core.auth.plugin.nacos.token.secret.key=VGhpc0lzTXlDdXN0b21TZWNyZXRLZXkwMTIzNDU2Nzg=
nacos.istio.mcp.server.enabled=false
cluster.conf
his-nacos-v1-0.his-nacos.edu.svc..cluster.local:8848
his-nacos-v1-1.his-nacos.edu.svc..cluster.local:8848
his-nacos-v1-2.his-nacos.edu.svc..cluster.local:8848
微服务:Dockerfile
FROM openjdk:8-jdk
LABEL maintainer=w
#docker run -e PARAMS="--server.port 9090"
ENV PARAMS="--server.port=8080 --spring.profiles.active=prod --spring.cloud.nacos.discovery.server-addr=his-nacos.his:8848 --spring.cloud.nacos.config.server-addr=his-nacos.his:8848 --spring.cloud.nacos.config.namespace=prod --spring.cloud.nacos.config.file-extension=yml"
RUN /bin/cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && echo 'Asia/Shanghai' >/etc/timezone
COPY target/*.jar /app.jar
EXPOSE 8080
#
ENTRYPOINT ["/bin/sh","-c","java -Dfile.encoding=utf8 -Djava.security.egd=file:/dev/./urandom -jar app.jar ${PARAMS}"]
k8s部署
1、打包:maven打成可执行jar包,上传服务器
2、制作镜像: docker根据Dockerfile把包打成指定镜像
FROM openjdk:8-jdk
LABEL maintainer=wangjc
#docker run -e PARAMS="--server.port 9090"
ENV PARAMS="--server.port=8080 --spring.profiles.active=prod --spring.cloud.nacos.discovery.server-addr=his-nacos.edu:8848 --spring.cloud.nacos.config.server-addr=his-nacos.edu:8848 --spring.cloud.nacos.config.namespace=prod --spring.cloud.nacos.config.file-extension=yml"
RUN /bin/cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && echo 'Asia/Shanghai' >/etc/timezone
COPY target/*.jar /app.jar
EXPOSE 8080
#
ENTRYPOINT ["/bin/sh","-c","java -Dfile.encoding=utf-8 -Djava.security.egd=file:/dev/./urandom -jar app.jar ${PARAMS}"]
docker build -t ruoiyi-auth:v1.0 -f Dockerfile .
3、镜像推送: 将镜像推送到docker hub(阿里云镜像仓库、私有harbor)
docker tag ruoyi-auth:v1.0 registry.cn-hangzhou.aliyuncs.com/wjc-ruoyi/ruoyi-auth:v1.0
docker push registry.cn-hangzhou.aliyuncs.com/wjc-ruoyi/ruoyi-auth:v1.0
4、应用部署: k8s部署应用。
部署规则:
1.应用一启动会获取到“application-prod.yml”
2.每次部署应用的时候,需要提前修改nacos线上配置,
ruoyi-ui发布:
“”# 构建生产环境
npm run build:prod
健康检查
尚医通–devops笔记,流程自动化
应用仓库:https://charts.bitnami.com/bitnami
生产环境:jar包yml配置,nacos
1、修改maven,使其从aliyun下载(admin)
配置中心-配置字典(ks-devops-agent)-Mavensetting
<mirrors>
<mirror>
<id>nexus-aliyun</id>
<name>Nexus aliyun</name>
<url>http://maven.aliyun.com/nexus/content/groups/public</url>
<mirrorOf>central</mirrorOf>
</mirror>
</mirrors>
2、查看jenkins初始密码
// jenkins用命令查看
kubectl logs -n kubesphere-system $(kubectl get pod -n kubesphere-system -l app=ks-installer -o jsonpath='{.items[0].metadata.name}') -f
kubectl logs -n kubesphere-system $(kubectl get pod -n kubesphere-system -l 'app in (ks-install, ks-installer)' -o jsonpath='{
.items[0].metadata.name}') -f
jenkins 基本语义:
pipeline: 定义一个流水线脚本
agent: 指示 Jenkins 为整个流水线分配一个执行器(在 Jenkins 环境中的任何可用代理/节点上)和工作区。
stages: 全部的工作都在这里执行
stage: 每个工作开始
steps: jenkinsfile 声明式脚本往这里面写
echo: 写一个简单的字符串到控制台输出。
一:克隆代码
https://gitee.com/Wjc_project/yygh-parent.git
jenkins报错:
1、验证此作业的存储库和分支配置。
解决:切换分支
Couldn't find any revision to build. **Verify the repository and branch configuration for this job.** See stage logs for more detail.
2、克隆远程存储“原点”时出错
ERROR: Error cloning remote repo 'origin'
解决:输入正确的用户密码或者换ssh协议
ssh-keygen -t rsa
生成id_rsa.pub
ssh-copyid 目标ip
3、kubesphere上流水线管理员admin账户运行成功,项目admin账户不成功。懵为啥呢。