diff --git a/deploy/k8s/bytedesk-deployment.yaml b/deploy/k8s/bytedesk-deployment.yaml new file mode 100644 index 0000000000..c7b5e5a670 --- /dev/null +++ b/deploy/k8s/bytedesk-deployment.yaml @@ -0,0 +1,445 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: bytedesk + namespace: bytedesk + labels: + app: bytedesk +spec: + replicas: 1 + selector: + matchLabels: + app: bytedesk + template: + metadata: + labels: + app: bytedesk + spec: + containers: + - name: bytedesk + image: registry.cn-hangzhou.aliyuncs.com/bytedesk/bytedesk:latest + ports: + - containerPort: 9003 + name: http + - containerPort: 9885 + name: websocket + env: + # 基础配置 + - name: TZ + value: "Asia/Shanghai" + - name: SERVER_PORT + value: "9003" + + # 微语配置 + - name: BYTEDESK_DEBUG + value: "false" + - name: BYTEDESK_VERSION + value: "0.9.0" + - name: BYTEDESK_LICENSE_KEY + value: "" # 请配置您的许可证密钥 + + # 自定义配置 + - name: BYTEDESK_CUSTOM_ENABLED + value: "false" + - name: BYTEDESK_CUSTOM_NAME + value: "" + - name: BYTEDESK_CUSTOM_LOGO + value: "" + - name: BYTEDESK_CUSTOM_DESCRIPTION + value: "" + - name: BYTEDESK_CUSTOM_SHOW_RIGHT_CORNER_CHAT + value: "false" + - name: BYTEDESK_CUSTOM_SHOW_DEMO + value: "false" + - name: BYTEDESK_CUSTOM_PRIVACY_POLICY_URL + value: "https://www.weiyuai.cn/privacy.html" + - name: BYTEDESK_CUSTOM_TERMS_OF_SERVICE_URL + value: "https://www.weiyuai.cn/terms.html" + - name: BYTEDESK_CUSTOM_LOGIN_USERNAME_ENABLE + value: "true" + - name: BYTEDESK_CUSTOM_LOGIN_MOBILE_ENABLE + value: "true" + - name: BYTEDESK_CUSTOM_LOGIN_SCAN_ENABLE + value: "true" + - name: BYTEDESK_CUSTOM_DOC_URL_SHOW + value: "true" + - name: BYTEDESK_CUSTOM_DOC_URL + value: "https://www.weiyuai.cn/docs/zh-CN/" + - name: BYTEDESK_CUSTOM_LANG + value: "zh-CN" + - name: BYTEDESK_CUSTOM_ALLOW_REGISTER + value: "true" + - name: BYTEDESK_CUSTOM_FORCE_VALIDATE_MOBILE + value: "true" + - name: BYTEDESK_CUSTOM_FORCE_VALIDATE_EMAIL + value: "true" + + # 管理员配置 + - name: BYTEDESK_ADMIN_EMAIL + value: "admin@email.com" + - name: BYTEDESK_ADMIN_PASSWORD + value: "admin" + - name: BYTEDESK_ADMIN_NICKNAME + value: "SuperAdmin" + - name: BYTEDESK_ADMIN_MOBILE + value: "13345678000" + - name: BYTEDESK_ADMIN_MOBILE_WHITELIST + value: "18888888000,18888888001,18888888002,18888888003,18888888004,18888888005" + - name: BYTEDESK_ADMIN_EMAIL_WHITELIST + value: "100@email.com,101@email.com,102@email.com,103@email.com,104@email.com,105@email.com" + - name: BYTEDESK_ADMIN_VALIDATE_CODE + value: "123456" + + # 成员配置 + - name: BYTEDESK_MEMBER_PASSWORD + value: "123456" + + # 组织配置 + - name: BYTEDESK_ORGANIZATION_NAME + value: "MyCompany" + - name: BYTEDESK_ORGANIZATION_CODE + value: "bytedesk" + + # 功能配置 + - name: BYTEDESK_FEATURES_JAVA_AI + value: "true" + - name: BYTEDESK_FEATURES_EMAIL_TYPE + value: "javamail" + - name: BYTEDESK_FEATURES_AVATAR_BASE_URL + value: "http://bytedesk-service:9003" + + # JWT 配置 + - name: BYTEDESK_JWT_SECRET_KEY + valueFrom: + secretKeyRef: + name: bytedesk-secrets + key: jwt-secret-key + - name: BYTEDESK_JWT_EXPIRATION + value: "2592000000" + - name: BYTEDESK_JWT_REFRESH_TOKEN_EXPIRATION + value: "5184000000" + + # 数据库配置 + - name: SPRING_DATASOURCE_URL + value: "jdbc:mysql://mysql-service:3306/bytedesk?useUnicode=true&characterEncoding=UTF-8&serverTimezone=GMT%2B8&nullCatalogMeansCurrent=true" + - name: SPRING_DATASOURCE_USERNAME + valueFrom: + secretKeyRef: + name: bytedesk-secrets + key: mysql-username + - name: SPRING_DATASOURCE_PASSWORD + valueFrom: + secretKeyRef: + name: bytedesk-secrets + key: mysql-root-password + - name: SPRING_JPA_HIBERNATE_DDL_AUTO + value: "update" + + # Redis 配置 + - name: SPRING_DATA_REDIS_DATABASE + value: "0" + - name: SPRING_DATA_REDIS_HOST + value: "redis-service" + - name: SPRING_DATA_REDIS_PORT + value: "6379" + - name: SPRING_DATA_REDIS_PASSWORD + valueFrom: + secretKeyRef: + name: bytedesk-secrets + key: redis-password + - name: SPRING_DATA_REDIS_TIMEOUT + value: "10000" + - name: SPRING_DATA_REDIS_REPOSITORIES_ENABLED + value: "false" + + # 缓存配置 + - name: BYTEDESK_CACHE_LEVEL + value: "0" + - name: BYTEDESK_CACHE_PREFIX + value: "bytedeskim" + - name: BYTEDESK_CACHE_REDIS_STREAM_KEY + value: "bytedeskim:stream" + + # 文件上传配置 + - name: BYTEDESK_UPLOAD_TYPE + value: "local" + - name: BYTEDESK_UPLOAD_DIR + value: "/app/uploads" + - name: BYTEDESK_UPLOAD_URL + value: "http://bytedesk-service:9003" + + # MinIO 配置 + - name: BYTEDESK_MINIO_ENABLED + value: "false" + - name: BYTEDESK_MINIO_ENDPOINT + value: "http://minio-service:9000" + - name: BYTEDESK_MINIO_ACCESS_KEY + valueFrom: + secretKeyRef: + name: bytedesk-secrets + key: minio-access-key + - name: BYTEDESK_MINIO_SECRET_KEY + valueFrom: + secretKeyRef: + name: bytedesk-secrets + key: minio-secret-key + - name: BYTEDESK_MINIO_BUCKET_NAME + value: "bytedesk" + - name: BYTEDESK_MINIO_REGION + value: "us-east-1" + - name: BYTEDESK_MINIO_SECURE + value: "false" + + # 知识库配置 + - name: BYTEDESK_KBASE_THEME + value: "default" + - name: BYTEDESK_KBASE_HTML_PATH + value: "helpcenter" + - name: BYTEDESK_KBASE_API_URL + value: "http://bytedesk-service:9003" + + # WebSocket 配置 + - name: BYTEDESK_SOCKET_HOST + value: "0.0.0.0" + - name: BYTEDESK_SOCKET_WEBSOCKET_PORT + value: "9885" + - name: BYTEDESK_SOCKET_LEAK_DETECTOR_LEVEL + value: "SIMPLE" + - name: BYTEDESK_SOCKET_PARENT_EVENT_LOOP_GROUP_THREAD_COUNT + value: "1" + - name: BYTEDESK_SOCKET_CHILD_EVENT_LOOP_GROUP_THREAD_COUNT + value: "8" + - name: BYTEDESK_SOCKET_MAX_PAYLOAD_SIZE + value: "10240" + + # 集群配置 + - name: BYTEDESK_CLUSTER_ENABLED + value: "false" + + # Elasticsearch 配置 + - name: SPRING_ELASTICSEARCH_URIS + value: "http://elasticsearch-service:9200" + - name: SPRING_ELASTICSEARCH_USERNAME + valueFrom: + secretKeyRef: + name: bytedesk-secrets + key: elasticsearch-username + - name: SPRING_ELASTICSEARCH_PASSWORD + valueFrom: + secretKeyRef: + name: bytedesk-secrets + key: elasticsearch-password + - name: SPRING_AI_VECTORSTORE_ELASTICSEARCH_ENABLED + value: "true" + - name: SPRING_AI_VECTORSTORE_ELASTICSEARCH_INITIALIZE_SCHEMA + value: "true" + - name: SPRING_AI_VECTORSTORE_ELASTICSEARCH_INDEX_NAME + value: "bytedesk_vs_index" + - name: SPRING_AI_VECTORSTORE_ELASTICSEARCH_DIMENSIONS + value: "1024" + - name: SPRING_AI_VECTORSTORE_ELASTICSEARCH_SIMILARITY + value: "cosine" + + # Artemis JMS 配置 + - name: SPRING_ARTEMIS_MODE + value: "native" + - name: SPRING_ARTEMIS_BROKER_URL + value: "tcp://artemis-service:61616" + - name: SPRING_ARTEMIS_USER + valueFrom: + secretKeyRef: + name: bytedesk-secrets + key: artemis-username + - name: SPRING_ARTEMIS_PASSWORD + valueFrom: + secretKeyRef: + name: bytedesk-secrets + key: artemis-password + - name: SPRING_JMS_LISTENER_CONCURRENCY + value: "1" + - name: SPRING_JMS_LISTENER_MAX_CONCURRENCY + value: "10" + - name: SPRING_JMS_LISTENER_ACKNOWLEDGE_MODE + value: "client" + - name: SPRING_JMS_LISTENER_AUTO_STARTUP + value: "true" + - name: SPRING_JMS_LISTENER_MAX_ATTEMPTS + value: "5" + - name: SPRING_JMS_LISTENER_INITIAL_INTERVAL + value: "1000" + - name: SPRING_JMS_LISTENER_MAX_INTERVAL + value: "10000" + - name: SPRING_JMS_LISTENER_MULTIPLIER + value: "2.0" + - name: SPRING_JMS_LISTENER_RECEIVE_TIMEOUT + value: "1000" + - name: SPRING_ARTEMIS_EMBEDDED_QUEUES + value: "DLQ" + - name: SPRING_JMS_LISTENER_MISSING_QUEUES_FATAL + value: "false" + + # AI 模型配置 + - name: SPRING_AI_MODEL_CHAT + value: "zhipuai" + - name: SPRING_AI_MODEL_EMBEDDING + value: "zhipuai" + - name: SPRING_AI_MODEL_VISION + value: "zhipuai" + - name: SPRING_AI_MODEL_AUDIO + value: "zhipuai" + - name: SPRING_AI_MODEL_RERANK + value: "dashscope" + + # 智谱AI配置 + - name: SPRING_AI_ZHIPUAI_API_KEY + valueFrom: + secretKeyRef: + name: bytedesk-secrets + key: zhipuai-api-key + - name: SPRING_AI_ZHIPUAI_CHAT_ENABLED + value: "true" + - name: SPRING_AI_ZHIPUAI_CHAT_OPTIONS_MODEL + value: "glm-4-flash" + - name: SPRING_AI_ZHIPUAI_CHAT_OPTIONS_TEMPERATURE + value: "0.7" + - name: SPRING_AI_ZHIPUAI_CHAT_OPTIONS_TOP_P + value: "0.9" + - name: SPRING_AI_ZHIPUAI_CHAT_OPTIONS_MAX_TOKENS + value: "4096" + - name: SPRING_AI_ZHIPUAI_CONNECTION_TIMEOUT + value: "30" + - name: SPRING_AI_ZHIPUAI_READ_TIMEOUT + value: "10" + - name: SPRING_AI_ZHIPUAI_WRITE_TIMEOUT + value: "10" + - name: SPRING_AI_ZHIPUAI_PING_INTERVAL + value: "10" + - name: SPRING_AI_ZHIPUAI_MAX_IDLE_CONNECTIONS + value: "8" + - name: SPRING_AI_ZHIPUAI_KEEP_ALIVE_DURATION + value: "1" + - name: SPRING_AI_ZHIPUAI_EMBEDDING_ENABLED + value: "true" + - name: SPRING_AI_ZHIPUAI_EMBEDDING_OPTIONS_MODEL + value: "embedding-2" + + # 其他AI提供商配置(默认禁用) + - name: SPRING_AI_OPENAI_CHAT_ENABLED + value: "false" + - name: SPRING_AI_DEEPSEEK_CHAT_ENABLED + value: "false" + - name: SPRING_AI_DASHSCOPE_ENABLED + value: "false" + - name: SPRING_AI_SILICONFLOW_CHAT_ENABLED + value: "false" + - name: SPRING_AI_GITEE_CHAT_ENABLED + value: "false" + - name: SPRING_AI_TENCENT_CHAT_ENABLED + value: "false" + - name: SPRING_AI_BAIDU_CHAT_ENABLED + value: "false" + - name: SPRING_AI_VOLCENGINE_CHAT_ENABLED + value: "false" + + # 数据库连接池配置 + - name: SPRING_DATASOURCE_HIKARI_CONNECTION_TIMEOUT + value: "60000" + - name: SPRING_DATASOURCE_HIKARI_MAXIMUM_POOL_SIZE + value: "10" + + # Druid 配置 + - name: SPRING_DATASOURCE_DRUID_STAT_VIEW_SERVLET_LOGIN_USERNAME + value: "admin@email.com" + - name: SPRING_DATASOURCE_DRUID_STAT_VIEW_SERVLET_LOGIN_PASSWORD + value: "admin" + + # Actuator 配置 + - name: MANAGEMENT_ENDPOINTS_ENABLED_BY_DEFAULT + value: "false" + - name: MANAGEMENT_ENDPOINTS_WEB_EXPOSURE_INCLUDE + value: "" + - name: MANAGEMENT_ENDPOINTS_WEB_EXPOSURE_EXCLUDE + value: "*" + - name: MANAGEMENT_ENDPOINT_HEALTH_ENABLED + value: "false" + - name: MANAGEMENT_ENDPOINT_INFO_ENABLED + value: "false" + - name: MANAGEMENT_SERVER_PORT + value: "-1" + - name: MANAGEMENT_ENDPOINTS_WEB_BASE_PATH + value: "/management" + - name: SPRING_SECURITY_BASIC_ENABLED + value: "true" + + # 分布式追踪配置 + - name: MANAGEMENT_TRACING_ENABLED + value: "false" + - name: MANAGEMENT_ZIPKIN_TRACING_ENABLED + value: "false" + - name: MANAGEMENT_TRACING_SAMPLING_PROBABILITY + value: "0.0" + + # 文档配置 + - name: SPRINGDOC_SHOW_ACTUATOR + value: "false" + - name: SPRINGDOC_SWAGGER_UI_ENABLED + value: "true" + - name: SPRINGDOC_SWAGGER_UI_PATH + value: "/index.html" + - name: SPRINGDOC_API_DOCS_ENABLED + value: "true" + - name: SPRINGDOC_API_DOCS_PATH + value: "/v3/api-docs" + - name: KNIFE4J_ENABLED + value: "true" + - name: KNIFE4J_SETTING_LANGUAGE + value: "zh_cn" + + # 日志配置 + - name: LOGGING_LEVEL_COM_BYTEDESK_AI + value: "DEBUG" + - name: LOGGING_LEVEL_COM_BYTEDESK_CORE + value: "DEBUG" + - name: LOGGING_LEVEL_COM_BYTEDESK_KBASE + value: "DEBUG" + - name: LOGGING_LEVEL_COM_BYTEDESK_SERVICE + value: "DEBUG" + - name: LOGGING_LEVEL_COM_BYTEDESK_SOCIAL + value: "DEBUG" + - name: LOGGING_LEVEL_COM_BYTEDESK_WECHAT + value: "DEBUG" + - name: LOGGING_LEVEL_COM_BYTEDESK_SHOP + value: "DEBUG" + - name: LOGGING_LEVEL_COM_BYTEDESK_TEAM + value: "DEBUG" + - name: LOGGING_LEVEL_COM_BYTEDESK_TICKET + value: "DEBUG" + - name: LOGGING_LEVEL_COM_BYTEDESK_STARTER + value: "DEBUG" + + volumeMounts: + - name: uploads-data + mountPath: /app/uploads + resources: + requests: + memory: "2Gi" + cpu: "1000m" + limits: + memory: "4Gi" + cpu: "2000m" + livenessProbe: + httpGet: + path: /actuator/health + port: 9003 + initialDelaySeconds: 60 + periodSeconds: 30 + readinessProbe: + httpGet: + path: /actuator/health + port: 9003 + initialDelaySeconds: 30 + periodSeconds: 10 + volumes: + - name: uploads-data + persistentVolumeClaim: + claimName: uploads-pvc \ No newline at end of file diff --git a/deploy/k8s/mysql-deployment.yaml b/deploy/k8s/mysql-deployment.yaml new file mode 100644 index 0000000000..1e32fb62fe --- /dev/null +++ b/deploy/k8s/mysql-deployment.yaml @@ -0,0 +1,73 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: mysql + namespace: bytedesk + labels: + app: mysql +spec: + replicas: 1 + selector: + matchLabels: + app: mysql + template: + metadata: + labels: + app: mysql + spec: + containers: + - name: mysql + image: mysql:latest + ports: + - containerPort: 3306 + env: + - name: MYSQL_DATABASE + valueFrom: + secretKeyRef: + name: bytedesk-secrets + key: mysql-database + - name: MYSQL_ROOT_PASSWORD + valueFrom: + secretKeyRef: + name: bytedesk-secrets + key: mysql-root-password + - name: TZ + value: "Asia/Shanghai" + volumeMounts: + - name: mysql-data + mountPath: /var/lib/mysql + resources: + requests: + memory: "1Gi" + cpu: "500m" + limits: + memory: "2Gi" + cpu: "1000m" + livenessProbe: + exec: + command: + - mysqladmin + - ping + - -h + - localhost + - -u + - root + - -p$(MYSQL_ROOT_PASSWORD) + initialDelaySeconds: 30 + periodSeconds: 10 + readinessProbe: + exec: + command: + - mysqladmin + - ping + - -h + - localhost + - -u + - root + - -p$(MYSQL_ROOT_PASSWORD) + initialDelaySeconds: 5 + periodSeconds: 5 + volumes: + - name: mysql-data + persistentVolumeClaim: + claimName: mysql-pvc \ No newline at end of file diff --git a/deploy/k8s/mysql-service.yaml b/deploy/k8s/mysql-service.yaml new file mode 100644 index 0000000000..4745792d40 --- /dev/null +++ b/deploy/k8s/mysql-service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: mysql-service + namespace: bytedesk + labels: + app: mysql +spec: + selector: + app: mysql + ports: + - port: 3306 + targetPort: 3306 + protocol: TCP + type: ClusterIP \ No newline at end of file diff --git a/deploy/k8s/namespace.yaml b/deploy/k8s/namespace.yaml new file mode 100644 index 0000000000..3dec1fe072 --- /dev/null +++ b/deploy/k8s/namespace.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: bytedesk + labels: + name: bytedesk + app: bytedesk \ No newline at end of file diff --git a/deploy/k8s/pvc-mysql.yaml b/deploy/k8s/pvc-mysql.yaml new file mode 100644 index 0000000000..c799b38f82 --- /dev/null +++ b/deploy/k8s/pvc-mysql.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: mysql-pvc + namespace: bytedesk +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 20Gi + storageClassName: "" # 使用默认存储类,请根据实际情况修改 \ No newline at end of file diff --git a/deploy/k8s/readme.md b/deploy/k8s/readme.md index d749e727ec..487f5514bb 100644 --- a/deploy/k8s/readme.md +++ b/deploy/k8s/readme.md @@ -1 +1,416 @@ -# k8s + +# Kubernetes 部署微语系统 + +## 文件说明 + +```bash +. +├── namespace.yaml # 创建微语系统专用命名空间 +├── configmap.yaml # 应用配置映射 +├── secret.yaml # 敏感信息密钥 +├── mysql-deployment.yaml # MySQL 数据库部署 +├── mysql-service.yaml # MySQL 服务 +├── redis-deployment.yaml # Redis 缓存部署 +├── redis-service.yaml # Redis 服务 +├── elasticsearch-deployment.yaml # Elasticsearch 向量数据库部署 +├── elasticsearch-service.yaml # Elasticsearch 服务 +├── artemis-deployment.yaml # ActiveMQ Artemis 消息队列部署 +├── artemis-service.yaml # Artemis 服务 +├── minio-deployment.yaml # MinIO 对象存储部署 +├── minio-service.yaml # MinIO 服务 +├── zipkin-deployment.yaml # Zipkin 分布式追踪部署 +├── zipkin-service.yaml # Zipkin 服务 +├── bytedesk-deployment.yaml # 微语主应用部署 +├── bytedesk-service.yaml # 微语服务 +├── ingress.yaml # Ingress 路由配置 +├── pvc-mysql.yaml # MySQL 持久化存储 +├── pvc-redis.yaml # Redis 持久化存储 +├── pvc-elasticsearch.yaml # Elasticsearch 持久化存储 +├── pvc-artemis.yaml # Artemis 持久化存储 +├── pvc-minio.yaml # MinIO 持久化存储 +├── pvc-zipkin.yaml # Zipkin 持久化存储 +├── pvc-uploads.yaml # 文件上传持久化存储 +└── ollama-deployment.yaml # Ollama AI 模型服务(可选) +``` + +## 前置要求 + +### 1. Kubernetes 集群 +- Kubernetes 1.20+ +- kubectl 命令行工具 +- 至少 4GB 可用内存 +- 至少 20GB 可用存储空间 + +### 2. 存储类 +确保集群中有可用的 StorageClass,用于动态创建持久化卷: + +```bash +# 查看可用的存储类 +kubectl get storageclass + +# 如果没有默认存储类,需要设置一个 +kubectl patch storageclass -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}' +``` + +### 3. Ingress Controller +如果使用 Ingress 进行外部访问,需要安装 Ingress Controller: + +```bash +# 安装 NGINX Ingress Controller +kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.8.2/deploy/static/provider/cloud/deploy.yaml + +# 或者使用 Helm 安装 +helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx +helm install ingress-nginx ingress-nginx/ingress-nginx +``` + +## 部署步骤 + +### 1. 克隆项目并进入 K8s 目录 + +```bash +# 克隆项目 +git clone https://github.com/Bytedesk/bytedesk.git + +# 进入 K8s 部署目录 +cd bytedesk/deploy/k8s +``` + +### 2. 创建命名空间 + +```bash +# 创建微语系统专用命名空间 +kubectl apply -f namespace.yaml +``` + +### 3. 配置敏感信息 + +```bash +# 编辑 secret.yaml 文件,配置数据库密码、API密钥等敏感信息 +# 注意:请修改默认密码和密钥 +vim secret.yaml + +# 应用密钥配置 +kubectl apply -f secret.yaml +``` + +### 4. 部署中间件服务 + +```bash +# 部署持久化存储 +kubectl apply -f pvc-mysql.yaml +kubectl apply -f pvc-redis.yaml +kubectl apply -f pvc-elasticsearch.yaml +kubectl apply -f pvc-artemis.yaml +kubectl apply -f pvc-minio.yaml +kubectl apply -f pvc-zipkin.yaml +kubectl apply -f pvc-uploads.yaml + +# 部署 MySQL +kubectl apply -f mysql-deployment.yaml +kubectl apply -f mysql-service.yaml + +# 部署 Redis +kubectl apply -f redis-deployment.yaml +kubectl apply -f redis-service.yaml + +# 部署 Elasticsearch +kubectl apply -f elasticsearch-deployment.yaml +kubectl apply -f elasticsearch-service.yaml + +# 部署 ActiveMQ Artemis +kubectl apply -f artemis-deployment.yaml +kubectl apply -f artemis-service.yaml + +# 部署 MinIO +kubectl apply -f minio-deployment.yaml +kubectl apply -f minio-service.yaml + +# 部署 Zipkin +kubectl apply -f zipkin-deployment.yaml +kubectl apply -f zipkin-service.yaml +``` + +### 5. 等待中间件服务就绪 + +```bash +# 查看所有 Pod 状态 +kubectl get pods -n bytedesk + +# 等待所有中间件服务 Running 状态 +kubectl wait --for=condition=ready pod -l app=mysql -n bytedesk --timeout=300s +kubectl wait --for=condition=ready pod -l app=redis -n bytedesk --timeout=300s +kubectl wait --for=condition=ready pod -l app=elasticsearch -n bytedesk --timeout=300s +kubectl wait --for=condition=ready pod -l app=artemis -n bytedesk --timeout=300s +kubectl wait --for=condition=ready pod -l app=minio -n bytedesk --timeout=300s +``` + +### 6. 部署微语主应用 + +```bash +# 应用配置映射 +kubectl apply -f configmap.yaml + +# 部署微语应用 +kubectl apply -f bytedesk-deployment.yaml +kubectl apply -f bytedesk-service.yaml +``` + +### 7. 配置外部访问 + +```bash +# 部署 Ingress(可选) +kubectl apply -f ingress.yaml + +# 或者使用 NodePort 服务直接访问 +kubectl get svc -n bytedesk +``` + +### 8. 可选:部署 Ollama AI 服务 + +如果需要使用本地 AI 模型,可以部署 Ollama: + +```bash +# 部署 Ollama +kubectl apply -f ollama-deployment.yaml + +# 拉取 AI 模型 +kubectl exec -it deployment/ollama -n bytedesk -- ollama pull qwen3:0.6b +kubectl exec -it deployment/ollama -n bytedesk -- ollama pull bge-m3:latest +kubectl exec -it deployment/ollama -n bytedesk -- ollama pull linux6200/bge-reranker-v2-m3:latest +``` + +## 配置说明 + +### 环境变量配置 + +主要配置项在 `configmap.yaml` 中,包括: + +- **数据库配置**:MySQL 连接信息 +- **Redis 配置**:缓存和会话存储 +- **Elasticsearch 配置**:向量数据库 +- **AI 模型配置**:支持多种 AI 提供商 +- **文件上传配置**:本地存储或 MinIO +- **自定义配置**:品牌、功能开关等 + +### 资源限制 + +建议的资源分配: + +- **微语主应用**:CPU 1-2核,内存 2-4GB +- **MySQL**:CPU 1核,内存 1-2GB +- **Redis**:CPU 0.5核,内存 1GB +- **Elasticsearch**:CPU 1-2核,内存 2-4GB +- **MinIO**:CPU 0.5核,内存 1GB + +### 存储配置 + +- **MySQL 数据**:10-50GB +- **Redis 数据**:1-5GB +- **Elasticsearch 数据**:10-50GB +- **文件上传**:根据业务需求,建议 50GB+ +- **MinIO 数据**:根据业务需求 + +## 访问地址 + +部署完成后,可以通过以下方式访问: + +### 微语系统 +- **Web 界面**:http://your-domain 或 http://your-node-ip:30090 +- **API 文档**:http://your-domain/swagger-ui/index.html +- **Knife4j 文档**:http://your-domain/doc.html + +### 管理界面 +- **MinIO Console**:http://your-domain:30091 +- **ActiveMQ Artemis Console**:http://your-domain:30181 +- **Zipkin**:http://your-domain:30411 + +### 默认管理员账户 +- **邮箱**:admin@email.com +- **密码**:admin +- **手机号**:13345678000 +- **验证码**:123456 + +## 监控和日志 + +### 查看应用状态 + +```bash +# 查看所有资源状态 +kubectl get all -n bytedesk + +# 查看 Pod 状态 +kubectl get pods -n bytedesk + +# 查看服务状态 +kubectl get svc -n bytedesk + +# 查看持久化卷 +kubectl get pvc -n bytedesk +``` + +### 查看日志 + +```bash +# 查看微语应用日志 +kubectl logs -f deployment/bytedesk -n bytedesk + +# 查看 MySQL 日志 +kubectl logs -f deployment/mysql -n bytedesk + +# 查看 Redis 日志 +kubectl logs -f deployment/redis -n bytedesk + +# 查看 Elasticsearch 日志 +kubectl logs -f deployment/elasticsearch -n bytedesk +``` + +### 进入容器调试 + +```bash +# 进入微语应用容器 +kubectl exec -it deployment/bytedesk -n bytedesk -- /bin/bash + +# 进入 MySQL 容器 +kubectl exec -it deployment/mysql -n bytedesk -- mysql -u root -p + +# 进入 Redis 容器 +kubectl exec -it deployment/redis -n bytedesk -- redis-cli -a +``` + +## 升级和回滚 + +### 升级应用 + +```bash +# 更新镜像版本 +kubectl set image deployment/bytedesk bytedesk=registry.cn-hangzhou.aliyuncs.com/bytedesk/bytedesk:latest -n bytedesk + +# 查看升级状态 +kubectl rollout status deployment/bytedesk -n bytedesk +``` + +### 回滚应用 + +```bash +# 查看部署历史 +kubectl rollout history deployment/bytedesk -n bytedesk + +# 回滚到上一个版本 +kubectl rollout undo deployment/bytedesk -n bytedesk + +# 回滚到指定版本 +kubectl rollout undo deployment/bytedesk --to-revision=2 -n bytedesk +``` + +## 备份和恢复 + +### 数据库备份 + +```bash +# 备份 MySQL 数据 +kubectl exec deployment/mysql -n bytedesk -- mysqldump -u root -p bytedesk > backup.sql + +# 备份 Redis 数据 +kubectl exec deployment/redis -n bytedesk -- redis-cli -a BGSAVE +``` + +### 数据恢复 + +```bash +# 恢复 MySQL 数据 +kubectl exec -i deployment/mysql -n bytedesk -- mysql -u root -p bytedesk < backup.sql +``` + +## 故障排除 + +### 常见问题 + +1. **Pod 启动失败** + ```bash + # 查看 Pod 详细状态 + kubectl describe pod -n bytedesk + + # 查看 Pod 日志 + kubectl logs -n bytedesk + ``` + +2. **服务无法访问** + ```bash + # 检查服务状态 + kubectl get svc -n bytedesk + + # 检查 Endpoints + kubectl get endpoints -n bytedesk + ``` + +3. **存储问题** + ```bash + # 检查 PVC 状态 + kubectl get pvc -n bytedesk + + # 检查 PV 状态 + kubectl get pv + ``` + +4. **网络问题** + ```bash + # 检查网络策略 + kubectl get networkpolicy -n bytedesk + + # 测试服务连通性 + kubectl run test-pod --image=busybox -n bytedesk --rm -it --restart=Never -- nslookup mysql-service + ``` + +### 性能优化 + +1. **资源调优** + - 根据实际负载调整 CPU 和内存限制 + - 配置合适的副本数 + +2. **存储优化** + - 使用 SSD 存储类提高 I/O 性能 + - 配置合适的存储大小 + +3. **网络优化** + - 使用 Service Mesh 进行流量管理 + - 配置合适的网络策略 + +## 清理资源 + +```bash +# 删除所有微语相关资源 +kubectl delete namespace bytedesk + +# 或者逐个删除 +kubectl delete -f . -n bytedesk + +# 删除持久化存储(谨慎操作,会删除所有数据) +kubectl delete pvc --all -n bytedesk +``` + +## 许可证说明 + +请遵守 Business Source License 1.1 许可证条款: +- 不得销售、转售或将微语系统作为服务托管 +- 违反条款将自动终止您的许可证权利 +- 详细条款:https://github.com/Bytedesk/bytedesk/blob/main/LICENSE + +## 技术支持 + +- **官方网站**:https://www.weiyuai.cn +- **文档地址**:https://www.weiyuai.cn/docs +- **GitHub**:https://github.com/Bytedesk/bytedesk +- **联系方式**:270580156@qq.com diff --git a/deploy/k8s/secret.yaml b/deploy/k8s/secret.yaml new file mode 100644 index 0000000000..2ef12d3111 --- /dev/null +++ b/deploy/k8s/secret.yaml @@ -0,0 +1,40 @@ +apiVersion: v1 +kind: Secret +metadata: + name: bytedesk-secrets + namespace: bytedesk +type: Opaque +data: + # MySQL 密码 (base64 encoded) + mysql-root-password: cjhGcWZkYldVYU4z # r8FqfdbWUaN3 + mysql-database: bytedesk + mysql-username: cm9vdA== # root + + # Redis 密码 (base64 encoded) + redis-password: cWZSeHozdFZUOE5o # qfRxz3tVT8Nh + + # Elasticsearch 密码 (base64 encoded) + elasticsearch-password: Ynl0ZWRlc2sxMjM= # bytedesk123 + elasticsearch-username: ZWxhc3RpYw== # elastic + + # JWT 密钥 (base64 encoded) + jwt-secret-key: MWRmYWY4ZDAwNDIwN2I2MjhhOWE2Yjg1OWM0MjlmNDlhOWE3ZWFkOWZkODE2MWMxZTYwODQ3YWVlZjA2ZGJkMg== # 1dfaf8d004207b628a9a6b859c429f49a9a7ead9fd8161c1e60847aeef06dbd2 + + # MinIO 配置 (base64 encoded) + minio-access-key: bWluaW9hZG1pbg== # minioadmin + minio-secret-key: bWluaW9hZG1pbjEyMw== # minioadmin123 + + # Artemis 配置 (base64 encoded) + artemis-username: YWRtaW4= # admin + artemis-password: YWRtaW4= # admin + + # AI API Keys (请替换为实际的 API 密钥) + zhipuai-api-key: c2steHh4 # sk-xxx (请替换) + openai-api-key: c2steHh4 # sk-xxx (请替换) + deepseek-api-key: c2steHh4 # sk-xxx (请替换) + dashscope-api-key: c2steHh4 # sk-xxx (请替换) + siliconflow-api-key: c2steHh4 # sk-xxx (请替换) + gitee-api-key: c2steHh4 # sk-xxx (请替换) + tencent-api-key: c2steHh4 # sk-xxx (请替换) + baidu-api-key: YmNlLXYzL3h4eA== # bce-v3/xxx (请替换) + volcengine-api-key: c2steHh4 # sk-xxx (请替换) \ No newline at end of file