后端部署相关,前端未部署
diff --git a/deploy-manifests/k8s-rancher/open-platfprm/0.developer-center-base.yaml b/deploy-manifests/k8s-rancher/open-platfprm/0.developer-center-base.yaml
new file mode 100644
index 0000000..5c4a5a8
--- /dev/null
+++ b/deploy-manifests/k8s-rancher/open-platfprm/0.developer-center-base.yaml
@@ -0,0 +1,176 @@
+# 0.developer-center-base.yaml
+
+####################################################
+# namespace
+####################################################
+apiVersion: v1
+kind: Namespace
+metadata:
+ name: develop-center-test
+ # labels:
+ # istio-injection: enabled
+
+####################################################
+# supwisdom harbor private docker registry
+####################################################
+---
+apiVersion: v1
+kind: Secret
+type: kubernetes.io/dockerconfigjson
+metadata:
+ namespace: develop-center-test
+ name: harbor-registry
+data:
+ # 修改harbor仓库配置,并使用 base64 工具进行编码
+ # {"auths":{"harbor.supwisdom.com":{"password":"PWMgP85qiLFC","username":"rancher.devops"}}}
+ .dockerconfigjson: eyJhdXRocyI6eyJoYXJib3Iuc3Vwd2lzZG9tLmNvbSI6eyJwYXNzd29yZCI6IlBXTWdQODVxaUxGQzIwIiwidXNlcm5hbWUiOiJyYW5jaGVyLmRldm9wcyJ9fX0=
+
+####################################################
+# mysql-server
+####################################################
+---
+apiVersion: v1
+kind: Service
+metadata:
+ namespace: develop-center-test
+ name: mysql-server
+spec:
+ ports:
+ - name: tcp-mysql
+ port: 3306
+ protocol: TCP
+ targetPort: 3306
+---
+kind: Endpoints
+apiVersion: v1
+metadata:
+ namespace: develop-center-test
+ name: mysql-server
+subsets:
+ - addresses:
+ - ip: 192.168.116.91
+ ports:
+ - name: tcp-mysql
+ port: 3306
+ protocol: TCP
+
+
+
+####################################################
+# redis-server
+####################################################
+
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ labels:
+ app: redis
+ release: redis-server
+ name: redis-server
+ namespace: develop-center-test
+type: Opaque
+data:
+ REDIS_PASSWORD: OEt1d29zbE9pdXc3SA==
+---
+apiVersion: v1
+kind: Service
+metadata:
+ labels:
+ app: redis
+ release: redis-server
+ name: redis-server
+ namespace: develop-center-test
+spec:
+ ports:
+ - name: redis
+ port: 6379
+ protocol: TCP
+ targetPort: redis
+ selector:
+ app: redis
+ release: redis-server
+ role: master
+ type: ClusterIP
+---
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+ labels:
+ app: redis
+ release: redis-server
+ name: redis-server
+ namespace: develop-center-test
+spec:
+ podManagementPolicy: OrderedReady
+ replicas: 1
+ revisionHistoryLimit: 10
+ selector:
+ matchLabels:
+ app: redis
+ release: redis-server
+ role: master
+ serviceName: redis-master
+ template:
+ metadata:
+ labels:
+ app: redis
+ release: redis-server
+ role: master
+ spec:
+ containers:
+ - name: redis-server
+ env:
+ - name: REDIS_DISABLE_COMMANDS
+ value: FLUSHDB,FLUSHALL
+ - name: REDIS_REPLICATION_MODE
+ value: master
+ - name: REDIS_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: redis-server
+ key: REDIS_PASSWORD
+ image: bitnami/redis:4.0
+ imagePullPolicy: IfNotPresent
+ livenessProbe:
+ exec:
+ command:
+ - redis-cli
+ - ping
+ failureThreshold: 5
+ initialDelaySeconds: 30
+ periodSeconds: 10
+ successThreshold: 1
+ timeoutSeconds: 5
+ ports:
+ - containerPort: 6379
+ name: redis
+ protocol: TCP
+ readinessProbe:
+ exec:
+ command:
+ - redis-cli
+ - ping
+ failureThreshold: 5
+ initialDelaySeconds: 5
+ periodSeconds: 10
+ successThreshold: 1
+ timeoutSeconds: 1
+ volumeMounts:
+ - mountPath: /bitnami/redis/data
+ name: redis-data
+ dnsPolicy: ClusterFirst
+ restartPolicy: Always
+ securityContext:
+ fsGroup: 1001
+ # runAsUser: 1001
+ # https://github.com/bitnami/bitnami-docker-redis/issues/106#issuecomment-388884372
+ runAsUser: 0
+ terminationGracePeriodSeconds: 30
+ volumes:
+ - emptyDir: {}
+ name: redis-data
+ updateStrategy:
+ rollingUpdate:
+ partition: 0
+ type: RollingUpdate
diff --git a/deploy-manifests/k8s-rancher/open-platfprm/1.developer-center-env.yaml b/deploy-manifests/k8s-rancher/open-platfprm/1.developer-center-env.yaml
new file mode 100644
index 0000000..18b64db
--- /dev/null
+++ b/deploy-manifests/k8s-rancher/open-platfprm/1.developer-center-env.yaml
@@ -0,0 +1,50 @@
+# 1.developer-center-env.yaml
+
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ namespace: develop-center-test
+ name: jvm-env
+data:
+ MAX_RAM_PERCENTAGE: "75.0"
+
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ namespace: develop-center-test
+ name: datasource-env-secret
+type: Opaque
+data:
+ # jdbc:mysql://mysql-server:3306/developer_center?serverTimezone=Asia/Shanghai
+ JDBC_URL: amRiYzpteXNxbDovLzE5Mi4xNjguMTE2LjkxOjMzMDYvZGV2ZWxvcGVyX2NlbnRlcj9zZXJ2ZXJUaW1lem9uZT1Bc2lhL1NoYW5naGFp
+ # developer_center
+ JDBC_USERNAME: ZGV2ZWxvcGVyX2NlbnRlcg==
+ # password
+ JDBC_PASSWORD: S2luZ3N0YXJAMjAyMA==
+
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ namespace: develop-center-test
+ name: redis-env-secret
+type: Opaque
+data:
+ SPRING_REDIS_HOST: cmVkaXMtc2VydmVy
+ SPRING_REDIS_PORT: NjM3OQ==
+ SPRING_REDIS_PASSWORD: OEt1d29zbE9pdXc3SA==
+
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ namespace: develop-center-test
+ name: rabbitmq-env-secret
+type: Opaque
+data:
+ SPRING_RABBITMQ_HOST: cmFiYml0bXEtc2VydmVy
+ SPRING_RABBITMQ_PORT: NTY3Mg==
+ SPRING_RABBITMQ_USERNAME: Z3Vlc3Q=
+ SPRING_RABBITMQ_PASSWORD: Z3Vlc3Q=
diff --git a/deploy-manifests/k8s-rancher/open-platfprm/2.developer-center-ingresses.yaml b/deploy-manifests/k8s-rancher/open-platfprm/2.developer-center-ingresses.yaml
new file mode 100644
index 0000000..ee03194
--- /dev/null
+++ b/deploy-manifests/k8s-rancher/open-platfprm/2.developer-center-ingresses.yaml
@@ -0,0 +1,85 @@
+# 2.developer-center-ingresses.yaml
+
+---
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+ namespace: develop-center-test
+ name: developer-center-backend-sa-ingress
+spec:
+ rules:
+ - host: dev-sa-test.paas.newcapec.cn
+ http:
+ paths:
+ - path: /
+ backend:
+ serviceName: developer-center-backend-sa-svc
+ servicePort: http
+
+---
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+ namespace: develop-center-test
+ name: developer-center-bff-ingress
+spec:
+ rules:
+ - host: dev-bff-test.paas.newcapec.cn
+ http:
+ paths:
+ - path: /
+ backend:
+ serviceName: developer-center-bff-svc
+ servicePort: http
+
+
+
+---
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+ namespace: develop-center-test
+ name: developer-center-gateway-zuul-ingress
+spec:
+ rules:
+ - host: dev-center-test.paas.newcapec.cn
+ http:
+ paths:
+ - path: /
+ backend:
+ serviceName: developer-center-gateway-zuul-svc
+ servicePort: http
+
+
+---
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+ namespace: develop-center-test
+ name: developer-center-portal-ui-ingress
+spec:
+ rules:
+ - host: dev-portal-test.paas.newcapec.cn
+ http:
+ paths:
+ - path: /
+ backend:
+ serviceName: developer-center-portal-ui-svc
+ servicePort: http
+
+
+---
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+ namespace: develop-center-test
+ name: developer-center-admin-ui-ingress
+spec:
+ rules:
+ - host: dev-admin-test.paas.newcapec.cn
+ http:
+ paths:
+ - path: /
+ backend:
+ serviceName: developer-center-admin-ui-svc
+ servicePort: http
diff --git a/deploy-manifests/k8s-rancher/open-platfprm/4.0.developer-center-backend-installer.yaml b/deploy-manifests/k8s-rancher/open-platfprm/4.0.developer-center-backend-installer.yaml
new file mode 100644
index 0000000..87ea714
--- /dev/null
+++ b/deploy-manifests/k8s-rancher/open-platfprm/4.0.developer-center-backend-installer.yaml
@@ -0,0 +1,47 @@
+# 4.0.developer-center-backend-installer.yaml
+
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ namespace: develop-center-test
+ name: developer-center-backend-installer-env
+data:
+ DB_TYPE: mysql8
+
+
+---
+# 这个任务用来初始化数据库脚本,执行这里前请确定数据连接配置信息正确,并且已经有了相应的数据库
+apiVersion: batch/v1
+kind: Job
+metadata:
+ name: developer-center-backend-installer
+ namespace: develop-center-test
+spec:
+ completions: 1
+ parallelism: 1
+ template:
+ metadata:
+ labels:
+ app: developer-center-backend-installer
+ spec:
+ restartPolicy: Never
+ containers:
+ - name: developer-center-backend-installer
+ # 若使用了学校搭设的私有仓库,请修改
+ image: harbor.supwisdom.com/developer-center/developer-center-backend-installer:1.0.0-SNAPSHOT
+ imagePullPolicy: Always
+ envFrom:
+ - configMapRef:
+ name: jvm-env
+ - secretRef:
+ name: datasource-env-secret
+ - configMapRef:
+ name: developer-center-backend-installer-env
+ resources:
+ requests:
+ memory: "256Mi"
+ limits:
+ memory: "256Mi"
+ imagePullSecrets:
+ - name: harbor-registry
diff --git a/deploy-manifests/k8s-rancher/open-platfprm/4.2.developer-center-backend-sa.yaml b/deploy-manifests/k8s-rancher/open-platfprm/4.2.developer-center-backend-sa.yaml
new file mode 100644
index 0000000..c3a2e98
--- /dev/null
+++ b/deploy-manifests/k8s-rancher/open-platfprm/4.2.developer-center-backend-sa.yaml
@@ -0,0 +1,100 @@
+# 4.2.developer-center-backend-sa.yaml
+
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ namespace: develop-center-test
+ name: developer-center-backend-sa-env
+data:
+ SERVER_PORT: "8080"
+ SSL_ENABLED: "false"
+ #SSL_KEYSTORE_FILE: file:/certs/server/server.keystore
+ #SSL_TRUSTSTORE_FILE: file:/certs/server/server.truststore
+
+ SERVER_MAXHTTPHEADERSIZE: "10240"
+
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ namespace: develop-center-test
+ name: developer-center-backend-sa-env-secret
+type: Opaque
+data:
+ #SSL_KEYSTORE_PASSWORD: ""
+ #SSL_TRUSTSTORE_PASSWORD: ""
+
+
+---
+apiVersion: v1
+kind: Service
+metadata:
+ namespace: develop-center-test
+ name: developer-center-backend-sa-svc
+ labels:
+ app: developer-center-backend-sa
+ needMonitor: 'true'
+spec:
+ ports:
+ - port: 8080
+ targetPort: http
+ protocol: TCP
+ name: http
+ - port: 6060
+ targetPort: http-metrics
+ protocol: TCP
+ name: http-metrics
+ selector:
+ app: developer-center-backend-sa
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ namespace: develop-center-test
+ name: developer-center-backend-sa
+spec:
+ selector:
+ matchLabels:
+ app: developer-center-backend-sa
+ replicas: 1
+ template:
+ metadata:
+ labels:
+ app: developer-center-backend-sa
+ spec:
+ containers:
+ - name: developer-center-backend-sa
+ image: harbor.supwisdom.com/developer-center/developer-center-backend-sa:1.0.0-SNAPSHOT-DEV
+ imagePullPolicy: Always
+ ports:
+ - containerPort: 8080
+ name: http
+ - containerPort: 6060
+ name: http-metrics
+ envFrom:
+ - configMapRef:
+ name: jvm-env
+ - secretRef:
+ name: datasource-env-secret
+ - secretRef:
+ name: developer-center-backend-sa-env-secret
+ - configMapRef:
+ name: developer-center-backend-sa-env
+ resources:
+ requests:
+ memory: "400Mi"
+ limits:
+ memory: "400Mi"
+ readinessProbe:
+ httpGet:
+ path: /actuator/health
+ port: 8080
+ initialDelaySeconds: 20
+ periodSeconds: 5
+ timeoutSeconds: 5
+ successThreshold: 1
+ failureThreshold: 10
+ imagePullSecrets:
+ - name: harbor-registry
+
diff --git a/deploy-manifests/k8s-rancher/open-platfprm/4.4.developer-center-bff.yaml b/deploy-manifests/k8s-rancher/open-platfprm/4.4.developer-center-bff.yaml
new file mode 100644
index 0000000..cc17d3f
--- /dev/null
+++ b/deploy-manifests/k8s-rancher/open-platfprm/4.4.developer-center-bff.yaml
@@ -0,0 +1,193 @@
+# 4.4.developer-center-bff.yaml
+
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ namespace: develop-center-test
+ name: developer-center-bff-env
+data:
+ SERVER_PORT: "8080"
+ SSL_ENABLED: "false"
+ #SSL_KEYSTORE_FILE: file:/certs/server/server.keystore
+ #SSL_TRUSTSTORE_FILE: file:/certs/server/server.truststore
+
+ SERVER_MAXHTTPHEADERSIZE: "10240"
+
+ LOGGING_LEVEL_ROOT: INFO
+
+ #同环境中backend服务的地址
+ DEVELOPER_CENTER_SA_SERVER_URL: http://developer-center-backend-sa-svc.develop-center-test.svc.cluster.local:8080
+ DEVELOPER_CENTER_SA_CLIENT_AUTH_ENABLED: "false"
+ # DEVELOPER_CENTER_SA_CLIENT_AUTH_KEY_PASSWORD: ""
+ # DEVELOPER_CENTER_SA_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/common/common.keystore
+ # DEVELOPER_CENTER_SA_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
+ # DEVELOPER_CENTER_SA_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/common/common.truststore
+ # DEVELOPER_CENTER_SA_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
+
+ #同环境中poa服务的地址
+ PLATFORM_OPENAPI_SA_SERVER_URL: http://poa-sa-test.paas.newcapec.cn
+ PLATFORM_OPENAPI_SA_CLIENT_AUTH_ENABLED: "false"
+ # PLATFORM_OPENAPI_SA_CLIENT_AUTH_KEY_PASSWORD: ""
+ # PLATFORM_OPENAPI_SA_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/common/common.keystore
+ # PLATFORM_OPENAPI_SA_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
+ # PLATFORM_OPENAPI_SA_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/common/common.truststore
+ # PLATFORM_OPENAPI_SA_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
+
+ #同环境中授权服务的地址
+ USER_AUTHZ_SA_SERVICE_URL: http://user-authz-sa-test.paas.newcapec.cn
+ USER_AUTHZ_SA_CLIENT_AUTH_ENABLED: "false"
+ # USER_AUTHZ_SA_CLIENT_AUTH_KEY_PASSWORD: ""
+ # USER_AUTHZ_SA_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/common/common.keystore
+ # USER_AUTHZ_SA_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
+ # USER_AUTHZ_SA_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/common/common.truststore
+ # USER_AUTHZ_SA_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
+
+ #同环境中用户服务的地址
+ USER_DATA_SERVICE_SERVICE_URL: http://user-data-service-goa-svc.user-data-service-test.svc.cluster.local:8080
+ USER_DATA_SERVICE_CLIENT_AUTH_ENABLED: "false"
+ # USER_DATA_SERVICE_CLIENT_AUTH_KEY_PASSWORD: ""
+ # USER_DATA_SERVICE_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/common/common.keystore
+ # USER_DATA_SERVICE_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
+ # USER_DATA_SERVICE_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/common/common.truststore
+ # USER_DATA_SERVICE_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
+
+ #同环境中认证服务的地址
+ CAS_SA_SERVICE_URL: http://cas-sa-test.paas.newcapec.cn/
+ CAS_SA_CLIENT_AUTH_ENABLED: "false"
+ # CAS_SA_CLIENT_AUTH_KEY_PASSWORD: ""
+ # CAS_SA_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/common/common.keystore
+ # CAS_SA_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
+ # CAS_SA_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/common/common.truststore
+ # CAS_SA_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
+
+ #同环境中消息服务的地址
+ MESSAGE_MANAGER_SA_SERVICE_URL: https://message-manager-test.paas.newcapec.cn
+ MESSAGE_MANAGER_SA_CLIENT_AUTH_ENABLED: "false"
+ # MESSAGE_MANAGER_SA_AUTH_KEY_PASSWORD: ""
+ # MESSAGE_MANAGER_SA_AUTH_KEYSTORE_FILE: file:/certs/common/common.keystore
+ # MESSAGE_MANAGER_SA_AUTH_KEYSTORE_PASSWORD: ""
+ # MESSAGE_MANAGER_SA_AUTH_TRUSTSTORE_FILE: file:/certs/common/common.truststore
+ # MESSAGE_MANAGER_SA_AUTH_TRUSTSTORE_PASSWORD: ""
+
+ #同环境中文件服务的地址
+ MINIO_SA_SERVICE_URL: https://minio-sa.dev.supwisdom.com
+ MINIO_SA_CLIENT_AUTH_ENABLED: "false"
+ # MINIO_SA_CLIENT_AUTH_KEY_PASSWORD: ""
+ # MINIO_SA_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/common/common.keystore
+ # MINIO_SA_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
+ # MINIO_SA_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/common/common.truststore
+ # MINIO_SA_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
+
+ #本服务依赖到的文件上传服务
+ TPAS_FILE_API_URL: http://agent-service-svc.thirdparty-agent-service-test.svc.cluster.local:8080/api/v1/tpas/file/minio
+ TPAS_CLIENT_AUTH_ENABLED: "false"
+ #TPAS_CLIENT_AUTH_KEY_PASSWORD: ""
+ #TPAS_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/client/client.keystore
+ #TPAS_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
+ #TPAS_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/client/client.truststore
+ #TPAS_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
+
+
+ MINIO_BASIC_AUTH_SA_PASSWORD: saadmin
+ MINIO_BASIC_AUTH_SA_USERNAME: saadmin
+
+ POA_DOCS_URL: https://poa-docs-test.paas.newcapec.cn
+ POA_SA_API_SEPCS_UPLOAD_CHECK_STYLE: "true"
+
+ USER_AUTHZ_BUSINESSDOMAINID: "1"
+ USER_AUTHZ_SYSTEMID: "1"
+
+ USER_IDENTITY_TYPE_DEVELOPER_ENTERPRISE: D02
+ USER_IDENTITY_TYPE_DEVELOPER_INDIVIDUAL: D01
+ USER_ORGANIZATION: "1"
+
+ DEVELOPER-CENTER-BFF.NONCE.STORE.IMPL: map
+ DEVELOPER-CENTER-BFF_SERVER_PREFIX: http://localhost:8080
+
+ SMS_TEMPLATE_APPLY_ACCOUNT_REGISTER_SEND_CODE_BY_MOBILE : {prefix}:您当前正在注册账号,须验证手机有效,验证码{code},有效期5分钟,请尽快完成验证。
+
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ namespace: develop-center-test
+ name: developer-center-bff-env-secret
+type: Opaque
+data:
+ #SSL_KEYSTORE_PASSWORD: ""
+ #SSL_TRUSTSTORE_PASSWORD: ""
+
+
+---
+apiVersion: v1
+kind: Service
+metadata:
+ namespace: develop-center-test
+ name: developer-center-bff-svc
+ labels:
+ app: developer-center-bff
+ needMonitor: 'true'
+spec:
+ ports:
+ - port: 8080
+ targetPort: http
+ protocol: TCP
+ name: http
+ - port: 6060
+ targetPort: http-metrics
+ protocol: TCP
+ name: http-metrics
+ selector:
+ app: developer-center-bff
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ namespace: develop-center-test
+ name: developer-center-bff
+spec:
+ selector:
+ matchLabels:
+ app: developer-center-bff
+ replicas: 1
+ template:
+ metadata:
+ labels:
+ app: developer-center-bff
+ spec:
+ containers:
+ - name: developer-center-bff
+ image: harbor.supwisdom.com/developer-center/developer-center-bff:1.0.0-SNAPSHOT-DEV
+ imagePullPolicy: Always
+ ports:
+ - containerPort: 8080
+ name: http
+ - containerPort: 6060
+ name: http-metrics
+ envFrom:
+ - configMapRef:
+ name: jvm-env
+ - secretRef:
+ name: redis-env-secret
+ - secretRef:
+ name: developer-center-bff-env-secret
+ - configMapRef:
+ name: developer-center-bff-env
+ resources:
+ requests:
+ memory: "400Mi"
+ limits:
+ memory: "400Mi"
+ readinessProbe:
+ httpGet:
+ path: /actuator/health
+ port: 8080
+ initialDelaySeconds: 20
+ periodSeconds: 5
+ timeoutSeconds: 5
+ successThreshold: 1
+ failureThreshold: 10
+ imagePullSecrets:
+ - name: harbor-registry
+
diff --git a/deploy-manifests/k8s-rancher/open-platfprm/4.5.developer-center-gateway-zuul.yaml b/deploy-manifests/k8s-rancher/open-platfprm/4.5.developer-center-gateway-zuul.yaml
new file mode 100644
index 0000000..5635f16
--- /dev/null
+++ b/deploy-manifests/k8s-rancher/open-platfprm/4.5.developer-center-gateway-zuul.yaml
@@ -0,0 +1,175 @@
+# 4.5.developer-center-gateway-zuul.yaml
+
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ namespace: develop-center-test
+ name: developer-center-gateway-zuul-env
+data:
+ SERVER_PORT: "8080"
+ SSL_ENABLED: "false"
+ #SSL_KEYSTORE_FILE: file:/certs/server/server.keystore
+ #SSL_TRUSTSTORE_FILE: file:/certs/server/server.truststore
+
+ SERVER_MAXHTTPHEADERSIZE: "10240"
+
+ # SERVER_TOMCAT_MAX_CONNECTIONS: "10000"
+ # SERVER_TOMCAT_ACCEPT_COUNT: "5000"
+ # SERVER_TOMCAT_MAX_THREADS: "800"
+ # SERVER_TOMCAT_MIN_SPARE_THREADS: "100"
+ # SPRING_REDIS_JEDIS_POOL_MAXACTIVE: "800"
+
+ ZUUL_HOST_MAX_PER_ROUTE_CONNECTIONS: "1000"
+ ZUUL_HOST_MAX_TOTAL_CONNECTIONS: "1000"
+ ZUUL_SEMAPHORE_MAX_SEMAPHORES: "10000"
+
+
+ INFRAS_SECURITY_BASIC_ENABLED: "false"
+ INFRAS_SECURITY_JWT_ENABLED: "true"
+
+ INFRAS_SECURITY_JWT_TOKEN_GENERATE_TYPE: cas
+ INFRAS_SECURITY_JWT_TOKEN_DECRYPT_KEY_PRIVATE_KEY_PEM_PKCS8: ""
+ INFRAS_SECURITY_JWT_TOKEN_SIGNING_KEY_URL: "https://cas-test.paas.newcapec.cn/cas/jwt/publicKey"
+ INFRAS_SECURITY_JWT_PUBLIC_KEY_PEM: ""
+ INFRAS_SECURITY_JWT_PRIVATE_KEY_PEM_PKCS8: ""
+
+
+ INFRAS_SECURITY_CAS_ENABLED: "true"
+ #这里的地址对应ingress配置文件里网关服务的对外地址
+ APP_SERVER_HOST_URL: "https://dev-center-test.paas.newcapec.cn"
+ #APP_LOGIN_URL: "/cas/login"
+ #APP_LOGOUT_URL: "/cas/logout"
+ CAS_SERVER_HOST_URL: "https://cas-test.paas.newcapec.cn/cas"
+
+
+ ##
+ # userDetailsService 的实现配置
+ # memery,基于内存,用户名任意,角色固定,一般用于开发调试
+ # authn, 基于后端管理,采用本地帐号、角色的数据接口
+ # sa, 中台后端服务,建议和cas一起使用
+ #
+ DEVELOPER_CENTER_GATEWAY_ZUUL_SECURITY_USERDETAILS_SERVICE_IMPL: sa
+
+
+ ## 用户授权服务
+ # USER_AUTHORIZATION_SERVICE_APPLICATION_ID: "6"
+
+
+ ZUUL_HTTPCLIENT_CLIENT_AUTH_ENABLED: "false"
+ #ZUUL_HTTPCLIENT_CLIENT_AUTH_KEY_PASSWORD: ""
+ #ZUUL_HTTPCLIENT_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/common/common.keystore
+ #ZUUL_HTTPCLIENT_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
+
+ DEVELOPER_CENTER_SA_SERVER_URL: http://developer-center-backend-sa-svc.develop-center-test.svc.cluster.local:8080
+ DEVELOPER_CENTER_SA_CLIENT_AUTH_ENABLED: "false"
+ #DEVELOPER_CENTER_SA_CLIENT_AUTH_KEY_PASSWORD: ""
+ #DEVELOPER_CENTER_SA_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/common/common.keystore
+ #DEVELOPER_CENTER_SA_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
+ #DEVELOPER_CENTER_SA_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/common/common.truststore
+ #DEVELOPER_CENTER_SA_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
+
+ USER_DATA_SERVICE_SERVER_URL: http://user-data-service-goa-svc.user-data-service-test.svc.cluster.local:8080
+ USER_DATA_SERVICE_CLIENT_AUTH_ENABLED: "false"
+ #USER_DATA_SERVICE_CLIENT_AUTH_KEY_PASSWORD: ""
+ #USER_DATA_SERVICE_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/common/common.keystore
+ #USER_DATA_SERVICE_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
+ #USER_DATA_SERVICE_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/common/common.truststore
+ #USER_DATA_SERVICE_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
+
+ USER_AUTHZ_SERVICE_SERVER_URL: http://user-authorization-sa-svc.user-authorization-service-test.svc.cluster.local:8080
+ USER_AUTHZ_SERVICE_CLIENT_AUTH_ENABLED: "false"
+ #USER_AUTHZ_SERVICE_CLIENT_AUTH_KEY_PASSWORD: ""
+ #USER_AUTHZ_SERVICE_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/common/common.keystore
+ #USER_AUTHZ_SERVICE_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
+ #USER_AUTHZ_SERVICE_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/common/common.truststore
+ #USER_AUTHZ_SERVICE_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
+
+ ZUUL_ROUTES_BFF_ABILITY_MESSAGE_URL: http://message-manager-test.paas.newcapec.cn/manager/api/v1
+ ZUUL_ROUTES_BFF_ADMIN_URL: http://developer-center-bff-svc.develop-center-test.svc.cluster.local:8080
+ ZUUL_ROUTES_BFF_PORTAL_URL: http://developer-center-bff-svc.develop-center-test.svc.cluster.local:8080
+
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ namespace: develop-center-test
+ name: developer-center-gateway-zuul-env-secret
+type: Opaque
+data:
+ #SSL_KEYSTORE_PASSWORD: ""
+ #SSL_TRUSTSTORE_PASSWORD: ""
+
+
+---
+apiVersion: v1
+kind: Service
+metadata:
+ namespace: develop-center-test
+ name: developer-center-gateway-zuul-svc
+ labels:
+ app: developer-center-gateway-zuul
+ needMonitor: 'true'
+spec:
+ ports:
+ - port: 8080
+ targetPort: http
+ protocol: TCP
+ name: http
+ - port: 6060
+ targetPort: http-metrics
+ protocol: TCP
+ name: http-metrics
+ selector:
+ app: developer-center-gateway-zuul
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ namespace: develop-center-test
+ name: developer-center-gateway-zuul
+spec:
+ selector:
+ matchLabels:
+ app: developer-center-gateway-zuul
+ replicas: 1
+ template:
+ metadata:
+ labels:
+ app: developer-center-gateway-zuul
+ spec:
+ containers:
+ - name: developer-center-gateway-zuul
+ image: harbor.supwisdom.com/developer-center/developer-center-gateway-zuul:1.0.0-SNAPSHOT-DEV
+ imagePullPolicy: Always
+ ports:
+ - containerPort: 8080
+ name: http
+ - containerPort: 6060
+ name: http-metrics
+ envFrom:
+ - configMapRef:
+ name: jvm-env
+ - secretRef:
+ name: datasource-env-secret
+ - secretRef:
+ name: developer-center-gateway-zuul-env-secret
+ - configMapRef:
+ name: developer-center-gateway-zuul-env
+ resources:
+ requests:
+ memory: "400Mi"
+ limits:
+ memory: "400Mi"
+ readinessProbe:
+ httpGet:
+ path: /actuator/health
+ port: 8080
+ initialDelaySeconds: 20
+ periodSeconds: 5
+ timeoutSeconds: 5
+ successThreshold: 1
+ failureThreshold: 10
+ imagePullSecrets:
+ - name: harbor-registry
+