From 5d36a471a6f83f58fa261d93d27da5a2a721a298 Mon Sep 17 00:00:00 2001 From: huangzhiqiang Date: Mon, 9 Jun 2025 13:29:58 +0800 Subject: [PATCH] debug actions --- k8s/deploy.sh | 8 ++- k8s/nginx-deployment.yaml | 128 +++++++++++++++++++------------------- 2 files changed, 69 insertions(+), 67 deletions(-) diff --git a/k8s/deploy.sh b/k8s/deploy.sh index c2a47e4..d9b18dd 100644 --- a/k8s/deploy.sh +++ b/k8s/deploy.sh @@ -121,14 +121,16 @@ update_deployment_image() { # 使用 sed 替换镜像标签 local full_image="${HARBOR_REGISTRY}/test/nginx:${image_tag}" + print_info "使用镜像: $full_image" # 备份原文件 cp "$deployment_file" "${deployment_file}.bak" - # 替换镜像标签 (假设镜像行包含 harbor-registry/test/nginx) - sed -i.tmp "s|${HARBOR_REGISTRY}/test/nginx:[^[:space:]]*|${full_image}|g" "$deployment_file" + # 使用 envsubst 替换环境变量 + envsubst < "${deployment_file}.bak" > "$deployment_file.tmp" + mv "$deployment_file.tmp" "$deployment_file" - print_success "镜像标签更新为: $full_image" + print_success "镜像标签和环境变量替换完成,使用镜像: $full_image" } # 应用 Kubernetes 配置 diff --git a/k8s/nginx-deployment.yaml b/k8s/nginx-deployment.yaml index 42b944b..2ead073 100644 --- a/k8s/nginx-deployment.yaml +++ b/k8s/nginx-deployment.yaml @@ -35,77 +35,44 @@ metadata: namespace: default data: nginx.conf: | - user nginx; - worker_processes auto; - error_log /var/log/nginx/error.log warn; - pid /var/run/nginx.pid; - + user nginx; + worker_processes auto; + + error_log /var/log/nginx/error.log notice; + pid /var/run/nginx.pid; + events { - worker_connections 1024; + worker_connections 1024; } - + http { - include /etc/nginx/mime.types; - default_type application/octet-stream; - - log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + include /usr/local/nginx/conf/mime.types; + default_type application/octet-stream; + + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; + + access_log /var/log/nginx/access.log main; + + sendfile on; + keepalive_timeout 65; + + server { + listen 80; + server_name localhost; - access_log /var/log/nginx/access.log main; - - sendfile on; - tcp_nopush on; - tcp_nodelay on; - keepalive_timeout 65; - types_hash_max_size 2048; - - # 基本安全头 - add_header X-Frame-Options "SAMEORIGIN" always; - add_header X-Content-Type-Options "nosniff" always; - add_header X-XSS-Protection "1; mode=block" always; - - # Gzip 压缩 - gzip on; - gzip_vary on; - gzip_min_length 1024; - gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; - - server { - listen 80; - server_name _; - root /usr/share/nginx/html; - index index.html index.htm; - - # 健康检查端点 - location /health { - access_log off; - return 200 "healthy\n"; - add_header Content-Type text/plain; - } - - # 状态监控端点 - location /nginx_status { - stub_status on; - access_log off; - allow 127.0.0.1; - allow 10.0.0.0/8; - allow 172.16.0.0/12; - allow 192.168.0.0/16; - deny all; - } - - location / { - try_files $uri $uri/ =404; - } - - # 错误页面 - error_page 404 /404.html; - error_page 500 502 503 504 /50x.html; - location = /50x.html { - root /usr/share/nginx/html; - } + location / { + root /usr/local/nginx/html; + index index.html index.htm; } + + # 健康检查端点 + location /health { + return 200 'ok'; + add_header Content-Type text/plain; + } + } } --- @@ -294,6 +261,39 @@ spec: value: 100 periodSeconds: 15 +--- +# 6. PodDisruptionBudget - Pod 中断预算 +apiVersion: policy/v1 +kind: PodDisruptionBudget +metadata: + name: nginx-pdb + namespace: default +spec: + minAvailable: 1 + selector: + matchLabels: + app: nginx + averageUtilization: 70 + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: 80 + behavior: + scaleDown: + stabilizationWindowSeconds: 300 + policies: + - type: Percent + value: 50 + periodSeconds: 60 + scaleUp: + stabilizationWindowSeconds: 60 + policies: + - type: Percent + value: 100 + periodSeconds: 15 + --- # 6. PodDisruptionBudget - Pod 中断预算 apiVersion: policy/v1