| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159 |
- apiVersion: apps/v1
- kind: Deployment
- metadata:
- name: shop-recycle-gateway
- namespace: default
- labels:
- app: shop-recycle-gateway
- service: gateway
- version: "1.0.0"
- spec:
- replicas: 2 # 根据环境调整:dev=1, staging=2, prod=3
- strategy:
- type: RollingUpdate
- rollingUpdate:
- maxSurge: 1
- maxUnavailable: 0
- selector:
- matchLabels:
- app: shop-recycle-gateway
- template:
- metadata:
- labels:
- app: shop-recycle-gateway
- service: gateway
- version: "1.0.0"
- annotations:
- prometheus.io/scrape: "true"
- prometheus.io/port: "1211"
- prometheus.io/path: "/actuator/prometheus"
- spec:
- containers:
- - name: shop-recycle-gateway
- image: shop-recycle-gateway:1.0.0 # 使用本地镜像或修改为完整镜像路径
- imagePullPolicy: IfNotPresent
-
- # 端口配置
- ports:
- - name: http
- containerPort: 1211
- protocol: TCP
- - name: sentinel
- containerPort: 8005
- protocol: TCP
-
- # 环境变量
- env:
- - name: JAVA_OPTS
- value: "-Djava.awt.headless=true -Djava.net.preferIPv4Stack=true -Xss256k -XX:+DisableExplicitGC"
- - name: TZ
- value: "Asia/Shanghai"
-
- # Redis 凭证(从 common-redis-credentials Secret)
- - name: REDIS_PASSWORD
- valueFrom:
- secretKeyRef:
- name: common-redis-credentials
- key: redis-password
- - name: REDIS_DATABASE
- valueFrom:
- secretKeyRef:
- name: common-redis-credentials
- key: redis-database
-
- # 挂载配置文件
- volumeMounts:
- - name: config-volume
- mountPath: /app/conf
- readOnly: true
-
- # 资源限制
- resources:
- requests:
- cpu: 250m
- memory: 512Mi
- limits:
- cpu: 1000m
- memory: 1024Mi
-
- # 健康检查 - 就绪检查
- readinessProbe:
- httpGet:
- path: /actuator/health/readiness
- port: http
- scheme: HTTP
- initialDelaySeconds: 30
- periodSeconds: 10
- timeoutSeconds: 5
- successThreshold: 1
- failureThreshold: 3
-
- # 健康检查 - 存活检查
- livenessProbe:
- httpGet:
- path: /actuator/health/liveness
- port: http
- scheme: HTTP
- initialDelaySeconds: 60
- periodSeconds: 15
- timeoutSeconds: 5
- successThreshold: 1
- failureThreshold: 3
-
- # 启动检查(K8S 1.16+)
- startupProbe:
- httpGet:
- path: /actuator/health
- port: http
- scheme: HTTP
- initialDelaySeconds: 0
- periodSeconds: 5
- timeoutSeconds: 3
- successThreshold: 1
- failureThreshold: 30 # 最多等待 30*5=150 秒启动
-
- # 生命周期钩子
- lifecycle:
- preStop:
- exec:
- command: ["/bin/sh", "-c", "sleep 15"] # 优雅关闭延迟
-
- # 配置卷
- volumes:
- - name: config-volume
- configMap:
- name: shop-recycle-gateway-config
- items:
- - key: application.yml
- path: application.yml
- - key: application.properties
- path: application.properties
-
- # Pod 调度策略
- affinity:
- podAntiAffinity:
- preferredDuringSchedulingIgnoredDuringExecution:
- - weight: 100
- podAffinityTerm:
- labelSelector:
- matchExpressions:
- - key: app
- operator: In
- values:
- - shop-recycle-gateway
- topologyKey: kubernetes.io/hostname
-
- # 容忍污点
- tolerations:
- - key: "apps"
- operator: "Equal"
- value: "true"
- effect: "NoSchedule"
-
- # 安全上下文
- securityContext:
- runAsNonRoot: false
- runAsUser: 0
-
- # 终止宽限期(等待优雅关闭的时间)
- terminationGracePeriodSeconds: 30
|
