一、Pig架构(该图来自Pig白皮书中的基础架构图)
二、CI/CD架构图
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 | # 服务Jenkins流水线pipeline { agent { label "master" } tools { maven 'maven3' jdk 'java1.8' } options { ansiColor('xterm') timestamps() disableConcurrentBuilds() buildDiscarder(logRotator(numToKeepStr: '3',artifactDaysToKeepStr: '3')) } parameters { gitParameter branchFilter: 'origin/(.*)', defaultValue: 'master', name: 'BRANCH', type: 'PT_BRANCH' choice choices: ['uat', 'prod'], description: '选择部署环境', name: 'ENV' choice choices: ['uat', 'prod'], description: '选择部署namespace,UAT环境选择uat,PROD环境选择prod', name: 'NS' } environment { APP_NAME = "pig-register" REGISTRY = "reg.istak.com" HARBOR_NAMESPACE = "demo" HARBOR_KEY = "harborkey" } stages { stage('Git clone') { steps { git branch: "${params.BRANCH}", credentialsId: 'root', url: 'https://gitlab.istack.com/pig/pig-register.git' } } stage('Maven pack') { steps { sh 'mvn clean install -Dmaven.test.skip=true -gs /root/maven/conf/settings-pig.xml' } post { success { archiveArtifacts allowEmptyArchive: true, artifacts: '**/target/*.jar', fingerprint: true, followSymlinks: false } } } stage('Docker image build') { steps { echo 'Build images' sh ''' cd $WORKSPACE docker build -t $REGISTRY/$HARBOR_NAMESPACE/$APP_NAME:v$BUILD_NUMBER -f ./pig-register/Dockerfile ./pig-register/target ''' echo 'Push images' sh 'docker push $REGISTRY/$HARBOR_NAMESPACE/$APP_NAME:v$BUILD_NUMBER' echo 'Clean images' sh 'docker rmi $REGISTRY/$HARBOR_NAMESPACE/$APP_NAME:v$BUILD_NUMBER' } } stage('Deploy') { when { expression { currentBuild.result == null || currentBuild.result == 'SUCCESS' } } steps { script { if ( "${params.ENV}" == "uat" ) { echo ('Deploy to uat') sh """ cd $WORKSPACE sed -i -e 's#{APP_NAME}#${env.APP_NAME}#g;s#{NS}#${params.NS}#g;s#{REGISTRY}#${env.REGISTRY}#g;s#{HARBOR_NAMESPACE}#${env.HARBOR_NAMESPACE}#g;s#{BUILD_NUMBER}#${env.BUILD_NUMBER}#g;s#{HARBOR_KEY}#${env.HARBOR_KEY}#g' ./pig-register/deploy/*.yaml /usr/local/bin/kubectl --kubeconfig /tke/uat-config apply -f ./pig-register/deploy/ """ } else { echo ('Deploy to prod') sh """ cd $WORKSPACE sed -i -e 's#{APP_NAME}#${env.APP_NAME}#g;s#{NS}#${params.NS}#g;s#{REGISTRY}#${env.REGISTRY}#g;s#{HARBOR_NAMESPACE}#${env.HARBOR_NAMESPACE}#g;s#{BUILD_NUMBER}#${env.BUILD_NUMBER}#g;s#{HARBOR_KEY}#${env.HARBOR_KEY}#g' ./pig-register/deploy/*.yaml /usr/local/bin/kubectl --kubeconfig /tke/prod-config apply -f ./pig-register/deploy/ """ } } } } }} |
三、云端与IDC数据中心网络架构图
云端访问IDC数据中心网络,配置云端子网路由指向云端N2N服务器;IDC数据中心访问云端网络,配置IDC子网指向数据中心N2N服务器
四、TKE集群创建(托管集群类型/区域:北京/运行时:Docker/GlobalRouter网络模式/集群规格:L20)
1、集群Woker节点资源规划
2、购买(组件:TCR)
参考:https://cloud.tencent.com/document/product/457
3、MySQL、Redis、Ckafka、Elasticsearch、EMR等产品购买参考腾讯云网关(产品购买时注意选择事先规划好的子网及安全组)
五、Pig部署
1、根据Pig服务启动顺序部署服务(register-->stellar-upms-->gateway-->auth)
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 | # Register服务Deployment和ServiceapiVersion: apps/v1kind: Deploymentmetadata: name: pix-registerspec: selector: matchLabels: app: pix-register replicas: 1 template: metadata: labels: app: pix-register spec: containers: - name: pix-register image: reg.istack.com/demo/pix-register:v1 env: - name: MYSQL_USER value: "root" - name: MYSQL_PWD value: "root" imagePullPolicy: Always ports: - containerPort: 8848 protocol: TCP livenessProbe: failureThreshold: 3 tcpSocket: port: 8848 initialDelaySeconds: 60 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 readinessProbe: failureThreshold: 3 tcpSocket: port: 8848 initialDelaySeconds: 60 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 resources: requests: cpu: "1000m" memory: "1Gi" limits: cpu: "2000m" memory: "4Gi" imagePullSecrets: - name: harborkey hostAliases: - ip: "10.16.10.143" hostnames: - "pig-mysql"---apiVersion: v1kind: Servicemetadata: name: pix-register labels: app: pix-registerspec: selector: app: pix-register type: NodePort ports: - port: 8848 protocol: TCP targetPort: 8848# 其他后端服务Deployment和Service模板apiVersion: apps/v1kind: Deploymentmetadata: name: {APP_NAME}spec: selector: matchLabels: app: {APP_NAME} replicas: 1 template: metadata: labels: app: {APP_NAME} spec: containers: - name: {APP_NAME} image: {REGISTRY}/{HARBOR_NAMESPACE}/{APP_NAME}:v{BUILD_NUMBER} imagePullPolicy: Always ports: - containerPort: 4000 protocol: TCP livenessProbe: failureThreshold: 3 tcpSocket: port: 4000 initialDelaySeconds: 60 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 readinessProbe: failureThreshold: 3 tcpSocket: port: 4000 initialDelaySeconds: 60 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 resources: requests: cpu: "1000m" memory: "1Gi" limits: cpu: "2000m" memory: "4Gi" imagePullSecrets: - name: {HARBOR_KEY}---apiVersion: v1kind: Servicemetadata: name: {APP_NAME} labels: app: {APP_NAME}spec: selector: app: {APP_NAME} type: NodePort ports: - port: 4000 protocol: TCP targetPort: 4000 |
2、pig-ui服务
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 | apiVersion: apps/v1kind: Deploymentmetadata: name: pig-uispec: selector: matchLabels: app: pig-ui replicas: 1 template: metadata: labels: app: pig-ui spec: containers: - name: pig-ui image: reg.istack.com/demo/pig-ui:v1 imagePullPolicy: Always ports: - containerPort: 80 protocol: TCP livenessProbe: failureThreshold: 3 tcpSocket: port: 80 initialDelaySeconds: 30 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 readinessProbe: failureThreshold: 3 tcpSocket: port: 80 initialDelaySeconds: 30 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 resources: requests: cpu: "1000m" memory: "1Gi" limits: cpu: "2000m" memory: "4Gi" volumeMounts: - name: timezone mountPath: /etc/localtime imagePullSecrets: - name: harborkey volumes: - name: timezone hostPath: path: /usr/share/zoneinfo/Asia/Shanghai---apiVersion: v1kind: Servicemetadata: name: pig-ui labels: app: pig-uispec: selector: app: pig-ui type: NodePort ports: - name: http port: 80 protocol: TCP targetPort: 80 nodePort: 30080 |
六、Pod水平自动伸缩(基于内存和CPU)
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 | apiVersion: autoscaling/v2beta2kind: HorizontalPodAutoscalermetadata: name: {APP_NAME}spec: scaleTargetRef: apiVersion: apps/v1 kind: Deployment name: {APP_NAME} minReplicas: 2 maxReplicas: 4 metrics: - type: Resource resource: name: cpu target: type: Utilization averageUtilization: 60 - type: Resource resource: name: memory target: type: AverageValue averageValue: 3072Mi |
七、Pod垂直伸缩
1 2 3 4 5 6 7 8 9 10 11 | apiVersion: autoscaling.k8s.io/v1kind: VerticalPodAutoscalermetadata: name: {APP_NAME}spec: targetRef: apiVersion: "apps/v1" kind: Deployment name: {APP_NAME} updatePolicy: updateMode: "Off" |
八、TKE接入Kuboard
1 | 参考:https://kuboard.cn/install/v3/install.html |
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· Manus重磅发布:全球首款通用AI代理技术深度解析与实战指南
· 被坑几百块钱后,我竟然真的恢复了删除的微信聊天记录!
· 没有Manus邀请码?试试免邀请码的MGX或者开源的OpenManus吧
· 园子的第一款AI主题卫衣上架——"HELLO! HOW CAN I ASSIST YOU TODAY
· 【自荐】一款简洁、开源的在线白板工具 Drawnix