docs: 整理认证授权产品的部署文档;将云平台的部署文档迁移至 deploy-admin-platform
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/1.thirdparty-agent-service/4.2.thirdparty-agent-service.yaml b/deploy-manifests/k8s-rancher/1.authx-service/1.thirdparty-agent-service/4.2.thirdparty-agent-service.yaml
index 9d68a04..4eb005e 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/1.thirdparty-agent-service/4.2.thirdparty-agent-service.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/1.thirdparty-agent-service/4.2.thirdparty-agent-service.yaml
@@ -14,10 +14,16 @@
SERVER_MAXHTTPHEADERSIZE: "10240"
- # SERVER_TOMCAT_ACCEPT_COUNT: "1000"
- # SERVER_TOMCAT_MAX_CONNECTIONS: "10000"
- # SERVER_TOMCAT_MAX_THREADS: "1000"
- # SERVER_TOMCAT_MIN_SPARE_THREADS: "10"
+ SERVER_TOMCAT_ACCEPT_COUNT: "5000"
+ SERVER_TOMCAT_MAX_CONNECTIONS: "10000"
+ SERVER_TOMCAT_MAX_THREADS: "800"
+ SERVER_TOMCAT_MIN_SPARE_THREADS: "100"
+
+
+ SPRING_DATASOURCE_DRUID_INITIAL_SIZE: "10"
+ SPRING_DATASOURCE_DRUID_MAX_ACTIVE: "20"
+ SPRING_DATASOURCE_DRUID_MIN_IDLE: "10"
+
## file-db
FILE_DB_AUTOCONFIGURE_ENABLED: "false"
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/2.user-data-service/4.2.user-data-service-goa.yaml b/deploy-manifests/k8s-rancher/1.authx-service/2.user-data-service/4.2.user-data-service-goa.yaml
index 982b380..d8ae7b2 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/2.user-data-service/4.2.user-data-service-goa.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/2.user-data-service/4.2.user-data-service-goa.yaml
@@ -16,12 +16,12 @@
SERVER_MAXHTTPHEADERSIZE: "10240"
-
SERVER_TOMCAT_ACCEPT_COUNT: "5000"
SERVER_TOMCAT_MAX_CONNECTIONS: "10000"
SERVER_TOMCAT_MAX_THREADS: "800"
SERVER_TOMCAT_MIN_SPARE_THREADS: "100"
+
SPRING_DATASOURCE_DRUID_INITIAL_SIZE: "10"
SPRING_DATASOURCE_DRUID_MAX_ACTIVE: "20"
SPRING_DATASOURCE_DRUID_MIN_IDLE: "10"
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/2.user-data-service/4.3.user-data-service-biz.yaml b/deploy-manifests/k8s-rancher/1.authx-service/2.user-data-service/4.3.user-data-service-biz.yaml
index c2f1c21..b1669ef 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/2.user-data-service/4.3.user-data-service-biz.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/2.user-data-service/4.3.user-data-service-biz.yaml
@@ -16,6 +16,11 @@
SERVER_MAXHTTPHEADERSIZE: "10240"
+ SERVER_TOMCAT_ACCEPT_COUNT: "5000"
+ SERVER_TOMCAT_MAX_CONNECTIONS: "10000"
+ SERVER_TOMCAT_MAX_THREADS: "800"
+ SERVER_TOMCAT_MIN_SPARE_THREADS: "100"
+
SPRING_DATASOURCE_DRUID_INITIAL_SIZE: "10"
SPRING_DATASOURCE_DRUID_MAX_ACTIVE: "20"
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/3.user-authorization-service/4.2.user-authorization-sa.yaml b/deploy-manifests/k8s-rancher/1.authx-service/3.user-authorization-service/4.2.user-authorization-sa.yaml
index cbe4218..4cf624a 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/3.user-authorization-service/4.2.user-authorization-sa.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/3.user-authorization-service/4.2.user-authorization-sa.yaml
@@ -16,6 +16,12 @@
SERVER_MAXHTTPHEADERSIZE: "10240"
+ SERVER_TOMCAT_ACCEPT_COUNT: "5000"
+ SERVER_TOMCAT_MAX_CONNECTIONS: "10000"
+ SERVER_TOMCAT_MAX_THREADS: "800"
+ SERVER_TOMCAT_MIN_SPARE_THREADS: "100"
+
+ # LOGGING_LEVEL_COM_SUPWISDOM_INSTITUTE_USER_AUTHORIZATION_SERVICE_SA_MANGRANTED: debug
SPRING_DATASOURCE_DRUID_INITIAL_SIZE: "10"
SPRING_DATASOURCE_DRUID_MAX_ACTIVE: "20"
@@ -24,7 +30,6 @@
# SBA_URL: http://spring-boot-admin-svc.base.svc.cluster.local:8080
- # LOGGING_LEVEL_COM_SUPWISDOM_INSTITUTE_USER_AUTHORIZATION_SERVICE_SA_MANGRANTED: debug
---
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.2.cas-server-sa-api.yaml b/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.2.cas-server-sa-api.yaml
index f8e1452..1ab37de 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.2.cas-server-sa-api.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.2.cas-server-sa-api.yaml
@@ -16,11 +16,20 @@
SERVER_MAXHTTPHEADERSIZE: "10240"
+ SERVER_TOMCAT_ACCEPT_COUNT: "5000"
+ SERVER_TOMCAT_MAX_CONNECTIONS: "10000"
+ SERVER_TOMCAT_MAX_THREADS: "800"
+ SERVER_TOMCAT_MIN_SPARE_THREADS: "100"
- # SERVER_TOMCAT_ACCEPT_COUNT: "100"
- # SERVER_TOMCAT_MAX_CONNECTIONS: "10000"
- # SERVER_TOMCAT_MAX_THREADS: "200"
- # SERVER_TOMCAT_MIN_SPARE_THREADS: "10"
+
+ SPRING_DATASOURCE_DRUID_INITIAL_SIZE: "10"
+ SPRING_DATASOURCE_DRUID_MAX_ACTIVE: "20"
+ SPRING_DATASOURCE_DRUID_MIN_IDLE: "10"
+
+ SPRING_REDIS_JEDIS_POOL_MAXACTIVE: "800"
+ SPRING_REDIS_JEDIS_POOL_MAXIDLE: "100"
+ SPRING_REDIS_JEDIS_POOL_MINIDLE: "100"
+
SERVICE_REFRESH_REDIS_TIMER_ENABLED: "true"
ACCOUNT_REFRESH_REDIS_TIMER_ENABLED: "false"
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.5.cas-server-site-webapp.yaml b/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.5.cas-server-site-webapp.yaml
index cbd694e..b780c22 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.5.cas-server-site-webapp.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.5.cas-server-site-webapp.yaml
@@ -20,6 +20,7 @@
SERVER_TOMCAT_MAX_THREADS: "800"
SERVER_TOMCAT_MIN_SPARE_THREADS: "100"
+
SPRING_REDIS_JEDIS_POOL_MAXACTIVE: "800"
SPRING_REDIS_JEDIS_POOL_MAXIDLE: "100"
SPRING_REDIS_JEDIS_POOL_MINIDLE: "100"
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/5.token-server/4.1.token-server.yaml b/deploy-manifests/k8s-rancher/1.authx-service/5.token-server/4.1.token-server.yaml
index 612a50b..d5e219e 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/5.token-server/4.1.token-server.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/5.token-server/4.1.token-server.yaml
@@ -20,12 +20,17 @@
SERVER_TOMCAT_MAX_THREADS: "800"
SERVER_TOMCAT_MIN_SPARE_THREADS: "100"
+ LOGGING_LEVEL_COM_SUPWISDOM_INSITITUTE_TOKEN_SERVER: INFO
+
+
+ SPRING_DATASOURCE_DRUID_INITIAL_SIZE: "10"
+ SPRING_DATASOURCE_DRUID_MAX_ACTIVE: "50"
+ SPRING_DATASOURCE_DRUID_MIN_IDLE: "10"
+
SPRING_REDIS_JEDIS_POOL_MAXACTIVE: "800"
SPRING_REDIS_JEDIS_POOL_MAXIDLE: "100"
SPRING_REDIS_JEDIS_POOL_MINIDLE: "100"
- LOGGING_LEVEL_COM_SUPWISDOM_INSITITUTE_TOKEN_SERVER: INFO
-
# **修改** 从消息中心申请
MESSAGECENTER_ENABLED: "false"
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/6.personal-security-center/4.4.personal-security-center-bff.yaml b/deploy-manifests/k8s-rancher/1.authx-service/6.personal-security-center/4.4.personal-security-center-bff.yaml
index 3c380e6..dc93b54 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/6.personal-security-center/4.4.personal-security-center-bff.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/6.personal-security-center/4.4.personal-security-center-bff.yaml
@@ -68,12 +68,13 @@
SERVER_TOMCAT_MAX_THREADS: "800"
SERVER_TOMCAT_MIN_SPARE_THREADS: "100"
+ LOGGING_LEVEL_COM_SUPWISDOM_INSTITUTE_PERSONAL_SECURITY_CENTER_BFF: INFO
+
+
SPRING_REDIS_JEDIS_POOL_MAXACTIVE: "800"
SPRING_REDIS_JEDIS_POOL_MAXIDLE: "100"
SPRING_REDIS_JEDIS_POOL_MINIDLE: "100"
- LOGGING_LEVEL_COM_SUPWISDOM_INSTITUTE_PERSONAL_SECURITY_CENTER_BFF: INFO
-
# 修改为学校的 personal-security-center 的访问域名
PERSONAL_SECURITY_CENTER_SERVER_PREFIX: http://personal-security-center.paas.xxx.edu.cn
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/6.personal-security-center/4.5.personal-security-center-zuul.yaml b/deploy-manifests/k8s-rancher/1.authx-service/6.personal-security-center/4.5.personal-security-center-zuul.yaml
index 19aa3a3..edd1b43 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/6.personal-security-center/4.5.personal-security-center-zuul.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/6.personal-security-center/4.5.personal-security-center-zuul.yaml
@@ -21,13 +21,14 @@
SERVER_TOMCAT_MAX_THREADS: "800"
SERVER_TOMCAT_MIN_SPARE_THREADS: "100"
+ LOGGING_LEVEL_COM_SUPWISDOM_INSTITUTE_PERSONAL_SECURITY_CENTER: INFO
+
+
ZUUL_HOST_MAX_PER_ROUTE_CONNECTIONS: "1000"
ZUUL_HOST_MAX_TOTAL_CONNECTIONS: "1000"
ZUUL_SEMAPHORE_MAX_SEMAPHORES: "10000"
- LOGGING_LEVEL_COM_SUPWISDOM_INSTITUTE_PERSONAL_SECURITY_CENTER: INFO
-
ZUUL_ROUTES_PERSONAL_ME_URL: http://personal-security-center-bff-svc.personal-security-center.svc.cluster.local:8080/api/v1/me
ZUUL_ROUTES_PERSONAL_BFF_URL: http://personal-security-center-bff-svc.personal-security-center.svc.cluster.local:8080/api/v1
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/8.communicate-center/0.communicate-center-base.yaml b/deploy-manifests/k8s-rancher/1.authx-service/8.communicate-center/0.communicate-center-base.yaml
deleted file mode 100644
index 4181e1c..0000000
--- a/deploy-manifests/k8s-rancher/1.authx-service/8.communicate-center/0.communicate-center-base.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-# communicate-center-base.yaml
-
-####################################################
-# supwisdom harbor private docker registry
-####################################################
----
-apiVersion: v1
-kind: Secret
-type: kubernetes.io/dockerconfigjson
-metadata:
- name: harbor-registry
- namespace: communicate-center
-data:
- # 修改harbor仓库配置,并使用 base64 工具进行编码
- # {"auths":{"harbor.supwisdom.com":{"password":"PWMgP85qiLFC","username":"rancher.devops"}}}
- .dockerconfigjson: eyJhdXRocyI6eyJoYXJib3Iuc3Vwd2lzZG9tLmNvbSI6eyJwYXNzd29yZCI6IlBXTWdQODVxaUxGQyIsInVzZXJuYW1lIjoicmFuY2hlci5kZXZvcHMifX19
-
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/8.communicate-center/1.communicate-center-env.yaml b/deploy-manifests/k8s-rancher/1.authx-service/8.communicate-center/1.communicate-center-env.yaml
deleted file mode 100644
index 3e23835..0000000
--- a/deploy-manifests/k8s-rancher/1.authx-service/8.communicate-center/1.communicate-center-env.yaml
+++ /dev/null
@@ -1,27 +0,0 @@
-# communicate-center-env.yaml
-
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- namespace: communicate-center
- name: jvm-env
-data:
- MAX_RAM_PERCENTAGE: "75.0"
-
----
-apiVersion: v1
-kind: Secret
-metadata:
- namespace: communicate-center
- name: datasource-env-secret
-type: Opaque
-data:
- # jdbc:mysql://mysql-server.authx-service.svc.cluster.local:3306/communicate_center?serverTimezone=Asia/Shanghai
- JDBC_URL: amRiYzpteXNxbDovL215c3FsLXNlcnZlci5hdXRoeC1zZXJ2aWNlLnN2Yy5jbHVzdGVyLmxvY2FsOjMzMDYvY29tbXVuaWNhdGVfY2VudGVyP3NlcnZlclRpbWV6b25lPUFzaWEvU2hhbmdoYWk=
- # communicate_center
- JDBC_USERNAME: Y29tbXVuaWNhdGVfY2VudGVy
- # 修改为实际的数据库密码,并使用 base64 工具进行编码
- # kingstar
- JDBC_PASSWORD: a2luZ3N0YXI=
-
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/8.communicate-center/2.communicate-center-ingresses.yaml b/deploy-manifests/k8s-rancher/1.authx-service/8.communicate-center/2.communicate-center-ingresses.yaml
deleted file mode 100644
index 354aeeb..0000000
--- a/deploy-manifests/k8s-rancher/1.authx-service/8.communicate-center/2.communicate-center-ingresses.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-# communicate-center-ingresses.yaml
-
-# 暂时不使用,直接使用内部地址
-# ---
-# apiVersion: extensions/v1beta1
-# kind: Ingress
-# metadata:
-# namespace: communicate-center
-# name: communicate-center-api-ingress
-# spec:
-# rules:
-# # 修改为学校的根域名
-# - host: communicate-center-api.paas.xxx.edu.cn
-# http:
-# paths:
-# - path: /
-# backend:
-# serviceName: communicate-center-poa-svc
-# servicePort: http
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/8.communicate-center/4.0.communicate-center-installer.yaml b/deploy-manifests/k8s-rancher/1.authx-service/8.communicate-center/4.0.communicate-center-installer.yaml
deleted file mode 100644
index 0c3c84f..0000000
--- a/deploy-manifests/k8s-rancher/1.authx-service/8.communicate-center/4.0.communicate-center-installer.yaml
+++ /dev/null
@@ -1,46 +0,0 @@
-# communicate-center-installer.yaml
-
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- namespace: communicate-center
- name: communicate-center-installer-env
-data:
- DB_TYPE: mysql8
-
-
----
-apiVersion: batch/v1
-kind: Job
-metadata:
- name: communicate-center-installer
- namespace: communicate-center
-spec:
- completions: 1
- parallelism: 1
- template:
- metadata:
- labels:
- app: communicate-center-installer
- spec:
- restartPolicy: Never
- containers:
- - name: communicate-center-installer
- # 若使用了学校搭设的私有仓库,请修改
- image: harbor.supwisdom.com/communicate-center/communicate-center-installer:1.0.0-SNAPSHOT
- imagePullPolicy: Always
- envFrom:
- - configMapRef:
- name: jvm-env
- - secretRef:
- name: datasource-env-secret
- - configMapRef:
- name: communicate-center-installer-env
- resources:
- requests:
- memory: "256Mi"
- limits:
- memory: "256Mi"
- imagePullSecrets:
- - name: harbor-registry
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/8.communicate-center/4.1.communicate-center-poa.yaml b/deploy-manifests/k8s-rancher/1.authx-service/8.communicate-center/4.1.communicate-center-poa.yaml
deleted file mode 100644
index f20140a..0000000
--- a/deploy-manifests/k8s-rancher/1.authx-service/8.communicate-center/4.1.communicate-center-poa.yaml
+++ /dev/null
@@ -1,111 +0,0 @@
-# communicate-center-poa.yaml
-
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- namespace: communicate-center
- name: communicate-center-poa-env
-data:
- SERVER_PORT: "8080"
- SSL_ENABLED: "false"
- #SSL_KEYSTORE_FILE: file:/certs/server/server.keystore
- #SSL_KEYSTORE_PASSWORD: ""
- #SSL_TRUSTSTORE_FILE: file:/certs/server/server.truststore
- #SSL_TRUSTSTORE_PASSWORD: ""
-
- SERVER_MAXHTTPHEADERSIZE: "10240"
-
-
- USER_DATA_SERVICE_SERVER_URL: http://user-data-service-goa-svc.user-data-service.svc.cluster.local:8080
- USER_DATA_SERVICE_CLIENT_AUTH_ENABLED: "false"
- #USER_DATA_SERVICE_CLIENT_AUTH_KEY_PASSWORD: ""
- #USER_DATA_SERVICE_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/client/client.keystore
- #USER_DATA_SERVICE_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
- #USER_DATA_SERVICE_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/client/client.truststore
- #USER_DATA_SERVICE_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
-
- # 若须对接邮件服务,须提供 SMTP 帐号
- TPAS_MAIL_API_URL: http://agent-service-svc.thirdparty-agent-service.svc.cluster.local:8080/api/v1/tpas/mail/console
- # 若须对接sms 接口,须进行二开定制
- TPAS_SMS_API_URL: http://agent-service-svc.thirdparty-agent-service.svc.cluster.local:8080/api/v1/tpas/sms/console
-
- TPAS_CLIENT_AUTH_ENABLED: "false"
- #TPAS_CLIENT_AUTH_KEY_PASSWORD: ""
- #TPAS_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/client/client.keystore
- #TPAS_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
- #TPAS_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/client/client.truststore
- #TPAS_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
-
-
----
-apiVersion: v1
-kind: Service
-metadata:
- namespace: communicate-center
- name: communicate-center-poa-svc
- labels:
- app: communicate-center-poa
- needMonitor: 'true'
-spec:
- ports:
- - port: 8080
- targetPort: http
- protocol: TCP
- name: http
- - port: 6060
- targetPort: http-metrics
- protocol: TCP
- name: http-metrics
- selector:
- app: communicate-center-poa
-
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- namespace: communicate-center
- name: communicate-center-poa
-spec:
- selector:
- matchLabels:
- app: communicate-center-poa
- replicas: 1
- template:
- metadata:
- labels:
- app: communicate-center-poa
- spec:
- containers:
- - name: communicate-center-poa
- # 若使用了学校搭设的私有仓库,请修改
- image: harbor.supwisdom.com/communicate-center/communicate-center-poa:1.0.0-SNAPSHOT
- imagePullPolicy: Always
- ports:
- - containerPort: 8080
- name: http
- - containerPort: 6060
- name: http-metrics
- envFrom:
- - configMapRef:
- name: jvm-env
- - secretRef:
- name: datasource-env-secret
- - configMapRef:
- name: communicate-center-poa-env
- resources:
- requests:
- memory: "512Mi"
- limits:
- memory: "512Mi"
- readinessProbe:
- httpGet:
- path: /actuator/health
- port: 8080
- initialDelaySeconds: 20
- periodSeconds: 5
- timeoutSeconds: 5
- successThreshold: 1
- failureThreshold: 10
- imagePullSecrets:
- - name: harbor-registry