build: update kubernetes deployment Run. (#2919)

* build: k8s improve. * refactor: update docker image contents. * rename seq file. * build: update k8s origin deploys. * update check logic. * update magefile * update image name. * update readme * update Kubernetes Discovery. * revert pkg. * update create in k8s * update service image release CI. * update deployment image source. * update mage contents. * update pkg source. * update go get pkg. * fix test file. * update discovery register. * update * update deploy yaml. * update replica. * update deployment. * remove notfication config. * remove notification and zookeeper. * update discovery in kubernetes. * build: improve kubernetes deployment. * update config field in discovery. * update ReadMe in deployments. * update go mod. * update const quote. * fix test fields. * remove unused method. * remove unused contents.
2026-04-28 06:19:20 +08:00 · 2024-12-13 11:02:45 +08:00
parent 1eaae5f980
commit 7c7a99f801
192 changed files with 2520 additions and 7897 deletions
@@ -0,0 +1,85 @@
+# Kubernetes Deployment
+
+## Resource Requests
+
+- CPU: 2 cores
+- Memory: 4 GiB
+- Disk usage: 20 GiB (on Node)
+
+## Origin Deploy
+
+1. Enter the target dir
+   `cd ./deployments/deploy/`
+
+2. Deploy configs and dependencies
+   Upate your `openim-config.yml`
+
+Apply all config and dependencies
+`kubectl apply -f ./openim-config.yml`
+
+> Attation: If you use `default` namespace, you can excute `clusterRile.yml` to create a cluster role binding for default service account.
+>
+> Namespace is modify to `discovery.yml` in `openim-config.yml`, you can change `kubernetes.namespace` to your namespace.
+
+Excute `clusterRole.yml`
+`kubectl apply -f ./clusterRole.yml`
+
+Run infrasturcture components.
+
+`kubectl apply -f minio-service.yml -f minio-statefulset.yml -f mongo-service.yml -f mongo-statefulset.yml -f redis-service.yml -f redis-statefulset.yml -f kafka-service.yml -f kafka-statefulset.yml`
+
+> Note: Ensure that infrastructure services like MinIO, Redis, and Kafka are running before deploying the main applications.
+
+3. run all deployments and services
+
+```bash
+kubectl apply \
+  -f openim-api-deployment.yml \
+  -f openim-api-service.yml \
+  -f openim-crontask-deployment.yml \
+  -f openim-rpc-user-deployment.yml \
+  -f openim-rpc-user-service.yml \
+  -f openim-msggateway-deployment.yml \
+  -f openim-msggateway-service.yml \
+  -f openim-push-deployment.yml \
+  -f openim-push-service.yml \
+  -f openim-msgtransfer-service.yml \
+  -f openim-msgtransfer-deployment.yml \
+  -f openim-rpc-conversation-deployment.yml \
+  -f openim-rpc-conversation-service.yml \
+  -f openim-rpc-auth-deployment.yml \
+  -f openim-rpc-auth-service.yml \
+  -f openim-rpc-group-deployment.yml \
+  -f openim-rpc-group-service.yml \
+  -f openim-rpc-friend-deployment.yml \
+  -f openim-rpc-friend-service.yml \
+  -f openim-rpc-msg-deployment.yml \
+  -f openim-rpc-msg-service.yml \
+  -f openim-rpc-third-deployment.yml \
+  -f openim-rpc-third-service.yml
+```
+
+4. Verification
+   After deploying the services, verify that everything is running smoothly:
+
+```bash
+# Check the status of all pods
+kubectl get pods
+
+# Check the status of services
+kubectl get svc
+
+# Check the status of deployments
+kubectl get deployments
+
+# View all resources
+kubectl get all
+```
+
+5. clean all
+
+`kubectl delete -f ./`
+
+### Notes:
+
+- If you use a specific namespace for your deployment, be sure to append the -n <namespace> flag to your kubectl commands.
@@ -0,0 +1,24 @@
+# ClusterRole.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: service-reader
+rules:
+  - apiGroups: [""]
+    resources: ["services", "endpoints"]
+    verbs: ["get", "list", "watch"]
+
+---
+# ClusterRoleBinding.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: default-service-reader-binding
+subjects:
+  - kind: ServiceAccount
+    name: default
+    namespace: default
+roleRef:
+  kind: ClusterRole
+  name: service-reader
+  apiGroup: rbac.authorization.k8s.io
@@ -0,0 +1,25 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: openim-ingress
+  annotations:
+    nginx.ingress.kubernetes.io/rewrite-target: /
+spec:
+  ingressClassName: openim-nginx
+  rules:
+    - http:
+        paths:
+          - path: /openim-api
+            pathType: Prefix
+            backend:
+              service:
+                name: openim-api-service
+                port:
+                  number: 10002
+          - path: /openim-msggateway
+            pathType: Prefix
+            backend:
+              service:
+                name: openim-msggateway-service
+                port:
+                  number: 10001
@@ -0,0 +1,20 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: kafka-service
+  labels:
+    app: kafka
+spec:
+  ports:
+    - name: plaintext
+      port: 9092
+      targetPort: 9092
+    - name: controller
+      port: 9093
+      targetPort: 9093
+    - name: external
+      port: 19094
+      targetPort: 9094
+  selector:
+    app: kafka
+  type: ClusterIP
@@ -0,0 +1,71 @@
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: kafka-statefulset
+  labels:
+    app: kafka
+spec:
+  replicas: 2
+  selector:
+    matchLabels:
+      app: kafka
+  serviceName: "kafka-service"
+  template:
+    metadata:
+      labels:
+        app: kafka
+    spec:
+      containers:
+        - name: kafka
+          image: bitnami/kafka:3.5.1
+          imagePullPolicy: IfNotPresent
+          resources:
+            limits:
+              memory: "2Gi"
+              cpu: "1000m"
+            requests:
+              memory: "1Gi"
+              cpu: "500m"
+          ports:
+            - containerPort: 9092 # PLAINTEXT
+            - containerPort: 9093 # CONTROLLER
+            - containerPort: 9094 # EXTERNAL
+          env:
+            - name: TZ
+              value: "Asia/Shanghai"
+            - name: KAFKA_CFG_NODE_ID
+              value: "0"
+            - name: KAFKA_CFG_PROCESS_ROLES
+              value: "controller,broker"
+            - name: KAFKA_CFG_CONTROLLER_QUORUM_VOTERS
+              value: "0@kafka-service:9093"
+            - name: KAFKA_CFG_LISTENERS
+              value: "PLAINTEXT://:9092,CONTROLLER://:9093,EXTERNAL://:9094"
+            - name: KAFKA_CFG_ADVERTISED_LISTENERS
+              value: "PLAINTEXT://kafka-service:9092,EXTERNAL://kafka-service:19094"
+            - name: KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP
+              value: "CONTROLLER:PLAINTEXT,EXTERNAL:PLAINTEXT,PLAINTEXT:PLAINTEXT"
+            - name: KAFKA_CFG_CONTROLLER_LISTENER_NAMES
+              value: "CONTROLLER"
+            - name: KAFKA_CFG_AUTO_CREATE_TOPICS_ENABLE
+              value: "true"
+          volumeMounts:
+            - name: kafka-data
+              mountPath: /bitnami/kafka
+
+      volumes:
+        - name: kafka-data
+          persistentVolumeClaim:
+            claimName: kafka-pvc
+
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: kafka-pvc
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 10Gi
@@ -0,0 +1,18 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: minio-service
+spec:
+  selector:
+    app: minio
+  ports:
+    - name: minio
+      protocol: TCP
+      port: 10005 # External port for accessing MinIO service
+      targetPort: 9000 # Container port for MinIO service
+    - name: minio-console
+      protocol: TCP
+      port: 19090 # External port for accessing MinIO console
+      targetPort: 9090 # Container port for MinIO console
+  type: NodePort
@@ -0,0 +1,87 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: minio
+  labels:
+    app: minio
+spec:
+  replicas: 2
+  selector:
+    matchLabels:
+      app: minio
+  template:
+    metadata:
+      labels:
+        app: minio
+    spec:
+      containers:
+        - name: minio
+          image: minio/minio:RELEASE.2024-01-11T07-46-16Z
+          ports:
+            - containerPort: 9000 # MinIO service port
+            - containerPort: 9090 # MinIO console port
+          volumeMounts:
+            - name: minio-data
+              mountPath: /data
+            - name: minio-config
+              mountPath: /root/.minio
+          env:
+            - name: TZ
+              value: "Asia/Shanghai"
+            - name: MINIO_ROOT_USER
+              valueFrom:
+                secretKeyRef:
+                  name: minio-secret
+                  key: minio-root-user
+            - name: MINIO_ROOT_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: minio-secret
+                  key: minio-root-password
+          command:
+            - "/bin/sh"
+            - "-c"
+            - |
+              mkdir -p /data && \
+              minio server /data --console-address ":9090"
+      volumes:
+        - name: minio-data
+          persistentVolumeClaim:
+            claimName: minio-pvc
+        - name: minio-config
+          persistentVolumeClaim:
+            claimName: minio-config-pvc
+
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: minio-pvc
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 10Gi
+
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: minio-config-pvc
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 2Gi
+
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: minio-secret
+type: Opaque
+data:
+  minio-root-user: cm9vdA== # Base64 encoded "root"
+  minio-root-password: b3BlbklNMTIz # Base64 encoded "openIM123"
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: mongo-service
+spec:
+  selector:
+    app: mongo
+  ports:
+    - name: mongodb-port
+      protocol: TCP
+      port: 37017
+      targetPort: 27017
+  type: NodePort
@@ -0,0 +1,95 @@
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: mongo-statefulset
+spec:
+  serviceName: "mongo"
+  replicas: 2
+  selector:
+    matchLabels:
+      app: mongo
+  template:
+    metadata:
+      labels:
+        app: mongo
+    spec:
+      containers:
+        - name: mongo
+          image: mongo:7.0
+          command: ["/bin/bash", "-c"]
+          args:
+            - >
+              docker-entrypoint.sh mongod --wiredTigerCacheSizeGB ${wiredTigerCacheSizeGB} --auth &
+              until mongosh -u ${MONGO_INITDB_ROOT_USERNAME} -p ${MONGO_INITDB_ROOT_PASSWORD} --authenticationDatabase admin --eval "db.runCommand({ ping: 1 })" &>/dev/null; do
+                echo "Waiting for MongoDB to start...";
+                sleep 1;
+              done &&
+              mongosh -u ${MONGO_INITDB_ROOT_USERNAME} -p ${MONGO_INITDB_ROOT_PASSWORD} --authenticationDatabase admin --eval "
+              db = db.getSiblingDB(\"${MONGO_INITDB_DATABASE}\");
+              if (!db.getUser(\"${MONGO_OPENIM_USERNAME}\")) {
+                db.createUser({
+                  user: \"${MONGO_OPENIM_USERNAME}\",
+                  pwd: \"${MONGO_OPENIM_PASSWORD}\",
+                  roles: [{role: \"readWrite\", db: \"${MONGO_INITDB_DATABASE}\"}]
+                });
+                print(\"User created successfully: \");
+                print(\"Username: ${MONGO_OPENIM_USERNAME}\");
+                print(\"Password: ${MONGO_OPENIM_PASSWORD}\");
+                print(\"Database: ${MONGO_INITDB_DATABASE}\");
+              } else {
+                print(\"User already exists in database: ${MONGO_INITDB_DATABASE}, Username: ${MONGO_OPENIM_USERNAME}\");
+              }
+              " &&
+              tail -f /dev/null
+          ports:
+            - containerPort: 27017
+          env:
+            - name: MONGO_INITDB_ROOT_USERNAME
+              valueFrom:
+                secretKeyRef:
+                  name: mongo-secret
+                  key: mongo_initdb_root_username
+            - name: MONGO_INITDB_ROOT_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: mongo-secret
+                  key: mongo_initdb_root_password
+            - name: MONGO_INITDB_DATABASE
+              valueFrom:
+                secretKeyRef:
+                  name: mongo-secret
+                  key: mongo_initdb_database
+            - name: MONGO_OPENIM_USERNAME
+              valueFrom:
+                secretKeyRef:
+                  name: mongo-secret
+                  key: mongo_openim_username
+            - name: MONGO_OPENIM_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: mongo-secret
+                  key: mongo_openim_password
+            - name: TZ
+              value: "Asia/Shanghai"
+            - name: wiredTigerCacheSizeGB
+              value: "1"
+          volumeMounts:
+            - name: mongo-storage
+              mountPath: /data/db
+
+      volumes:
+        - name: mongo-storage
+          persistentVolumeClaim:
+            claimName: mongo-pvc
+
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: mongo-pvc
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 5Gi
@@ -0,0 +1,49 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: openim-api
+spec:
+  replicas: 2
+  selector:
+    matchLabels:
+      app: openim-api
+  template:
+    metadata:
+      labels:
+        app: openim-api
+    spec:
+      containers:
+        - name: openim-api-container
+          image: openim/openim-api:v3.8.3
+          env:
+            - name: CONFIG_PATH
+              value: "/config"
+            - name: IMENV_REDIS_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: redis-secret
+                  key: redis-password
+
+            - name: IMENV_MONGODB_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: mongo-secret
+                  key: mongo_openim_password
+
+            - name: IMENV_MONGODB_USERNAME
+              valueFrom:
+                secretKeyRef:
+                  name: mongo-secret
+                  key: mongo_openim_username
+
+          volumeMounts:
+            - name: openim-config
+              mountPath: "/config"
+              readOnly: true
+          ports:
+            - containerPort: 10002
+            - containerPort: 12002
+      volumes:
+        - name: openim-config
+          configMap:
+            name: openim-config
@@ -0,0 +1,17 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: openim-api-service
+spec:
+  selector:
+    app: openim-api
+  ports:
+    - name: http-10002
+      protocol: TCP
+      port: 10002
+      targetPort: 10002
+    - name: prometheus-12002
+      protocol: TCP
+      port: 12002
+      targetPort: 12002
+  type: NodePort
@@ -0,0 +1,28 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: openim-crontask
+spec:
+  replicas: 2
+  selector:
+    matchLabels:
+      app: crontask
+  template:
+    metadata:
+      labels:
+        app: crontask
+    spec:
+      containers:
+        - name: crontask-container
+          image: openim/openim-crontask:v3.8.3
+          env:
+            - name: CONFIG_PATH
+              value: "/config"
+          volumeMounts:
+            - name: openim-config
+              mountPath: "/config"
+              readOnly: true
+      volumes:
+        - name: openim-config
+          configMap:
+            name: openim-config
@@ -0,0 +1,36 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: messagegateway-rpc-server
+spec:
+  replicas: 2
+  selector:
+    matchLabels:
+      app: messagegateway-rpc-server
+  template:
+    metadata:
+      labels:
+        app: messagegateway-rpc-server
+    spec:
+      containers:
+        - name: openim-msggateway-container
+          image: openim/openim-msggateway:v3.8.3
+          env:
+            - name: CONFIG_PATH
+              value: "/config"
+            - name: IMENV_REDIS_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: redis-secret
+                  key: redis-password
+          volumeMounts:
+            - name: openim-config
+              mountPath: "/config"
+              readOnly: true
+          ports:
+            - containerPort: 10140
+            - containerPort: 12001
+      volumes:
+        - name: openim-config
+          configMap:
+            name: openim-config
@@ -0,0 +1,21 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: messagegateway-rpc-service
+spec:
+  selector:
+    app: messagegateway-rpc-server
+  ports:
+    - name: longConnServer-10001
+      protocol: TCP
+      port: 10001
+      targetPort: 10001
+    - name: grpc-10140
+      protocol: TCP
+      port: 10140
+      targetPort: 10140
+    - name: prometheus-12001
+      protocol: TCP
+      port: 12001
+      targetPort: 12001
+  type: NodePort
@@ -0,0 +1,40 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: openim-msgtransfer-server
+spec:
+  replicas: 2
+  selector:
+    matchLabels:
+      app: openim-msgtransfer-server
+  template:
+    metadata:
+      labels:
+        app: openim-msgtransfer-server
+    spec:
+      containers:
+        - name: openim-msgtransfer-container
+          image: openim/openim-msgtransfer:v3.8.3
+          env:
+            - name: CONFIG_PATH
+              value: "/config"
+            - name: IMENV_REDIS_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: redis-secret
+                  key: redis-password
+            - name: IMENV_MONGODB_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: mongo-secret
+                  key: mongo_openim_password
+          volumeMounts:
+            - name: openim-config
+              mountPath: "/config"
+              readOnly: true
+          ports:
+            - containerPort: 12020
+      volumes:
+        - name: openim-config
+          configMap:
+            name: openim-config
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: openim-msgtransfer-service
+spec:
+  selector:
+    app: openim-msgtransfer-server
+  ports:
+    - name: prometheus-12020
+      protocol: TCP
+      port: 12020
+      targetPort: 12020
+  type: ClusterIP
@@ -0,0 +1,36 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: push-rpc-server
+spec:
+  replicas: 2
+  selector:
+    matchLabels:
+      app: push-rpc-server
+  template:
+    metadata:
+      labels:
+        app: push-rpc-server
+    spec:
+      containers:
+        - name: push-rpc-server-container
+          image: openim/openim-push:v3.8.3
+          env:
+            - name: CONFIG_PATH
+              value: "/config"
+            - name: IMENV_REDIS_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: redis-secret
+                  key: redis-password
+          volumeMounts:
+            - name: openim-config
+              mountPath: "/config"
+              readOnly: true
+          ports:
+            - containerPort: 10170
+            - containerPort: 12170
+      volumes:
+        - name: openim-config
+          configMap:
+            name: openim-config
@@ -0,0 +1,17 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: push-rpc-service
+spec:
+  selector:
+    app: push-rpc-server
+  ports:
+    - name: http-10170
+      protocol: TCP
+      port: 10170
+      targetPort: 10170
+    - name: prometheus-12170
+      protocol: TCP
+      port: 12170
+      targetPort: 12170
+  type: ClusterIP
@@ -0,0 +1,37 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: auth-rpc-server
+spec:
+  replicas: 2
+  selector:
+    matchLabels:
+      app: auth-rpc-server
+  template:
+    metadata:
+      labels:
+        app: auth-rpc-server
+    spec:
+      containers:
+        - name: auth-rpc-server-container
+          image: openim/openim-rpc-auth:v3.8.3
+          imagePullPolicy: Never
+          env:
+            - name: CONFIG_PATH
+              value: "/config"
+            - name: IMENV_REDIS_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: redis-secret
+                  key: redis-password
+          volumeMounts:
+            - name: openim-config
+              mountPath: "/config"
+              readOnly: true
+          ports:
+            - containerPort: 10200
+            - containerPort: 12200
+      volumes:
+        - name: openim-config
+          configMap:
+            name: openim-config
@@ -0,0 +1,17 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: auth-rpc-service
+spec:
+  selector:
+    app: auth-rpc-server
+  ports:
+    - name: http-10200
+      protocol: TCP
+      port: 10200
+      targetPort: 10200
+    - name: prometheus-12200
+      protocol: TCP
+      port: 12200
+      targetPort: 12200
+  type: ClusterIP
@@ -0,0 +1,41 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: conversation-rpc-server
+spec:
+  replicas: 2
+  selector:
+    matchLabels:
+      app: conversation-rpc-server
+  template:
+    metadata:
+      labels:
+        app: conversation-rpc-server
+    spec:
+      containers:
+        - name: conversation-rpc-server-container
+          image: openim/openim-rpc-conversation:v3.8.3
+          env:
+            - name: CONFIG_PATH
+              value: "/config"
+            - name: IMENV_REDIS_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: redis-secret
+                  key: redis-password
+            - name: IMENV_MONGODB_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: mongo-secret
+                  key: mongo_openim_password
+          volumeMounts:
+            - name: openim-config
+              mountPath: "/config"
+              readOnly: true
+          ports:
+            - containerPort: 10220
+            - containerPort: 12220
+      volumes:
+        - name: openim-config
+          configMap:
+            name: openim-config
@@ -0,0 +1,17 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: conversation-rpc-service
+spec:
+  selector:
+    app: conversation-rpc-server
+  ports:
+    - name: http-10220
+      protocol: TCP
+      port: 10220
+      targetPort: 10220
+    - name: prometheus-12220
+      protocol: TCP
+      port: 12220
+      targetPort: 12220
+  type: ClusterIP
@@ -0,0 +1,41 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: friend-rpc-server
+spec:
+  replicas: 2
+  selector:
+    matchLabels:
+      app: friend-rpc-server
+  template:
+    metadata:
+      labels:
+        app: friend-rpc-server
+    spec:
+      containers:
+        - name: friend-rpc-server-container
+          image: openim/openim-rpc-friend:v3.8.3      
+          env:
+            - name: CONFIG_PATH
+              value: "/config"
+            - name: IMENV_REDIS_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: redis-secret
+                  key: redis-password
+            - name: IMENV_MONGODB_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: mongo-secret
+                  key: mongo_openim_password
+          volumeMounts:
+            - name: openim-config
+              mountPath: "/config"
+              readOnly: true
+          ports:
+            - containerPort: 10240
+            - containerPort: 12240
+      volumes:
+        - name: openim-config
+          configMap:
+            name: openim-config
@@ -0,0 +1,17 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: friend-rpc-service
+spec:
+  selector:
+    app: friend-rpc-server
+  ports:
+    - name: http-10240
+      protocol: TCP
+      port: 10240
+      targetPort: 10240
+    - name: prometheus-12240
+      protocol: TCP
+      port: 12240
+      targetPort: 12240
+  type: ClusterIP
@@ -0,0 +1,42 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: group-rpc-server
+spec:
+  replicas: 2
+  selector:
+    matchLabels:
+      app: group-rpc-server
+  template:
+    metadata:
+      labels:
+        app: group-rpc-server
+    spec:
+      containers:
+        - name: group-rpc-server-container
+          image: openim/openim-rpc-group:v3.8.3
+          
+          env:
+            - name: CONFIG_PATH
+              value: "/config"
+            - name: IMENV_REDIS_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: redis-secret
+                  key: redis-password
+            - name: IMENV_MONGODB_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: mongo-secret
+                  key: mongo_openim_password
+          volumeMounts:
+            - name: openim-config
+              mountPath: "/config"
+              readOnly: true
+          ports:
+            - containerPort: 10260
+            - containerPort: 12260
+      volumes:
+        - name: openim-config
+          configMap:
+            name: openim-config
@@ -0,0 +1,17 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: group-rpc-service
+spec:
+  selector:
+    app: group-rpc-server
+  ports:
+    - name: http-10260
+      protocol: TCP
+      port: 10260
+      targetPort: 10260
+    - name: prometheus-12260
+      protocol: TCP
+      port: 12260
+      targetPort: 12260
+  type: ClusterIP
@@ -0,0 +1,41 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: msg-rpc-server
+spec:
+  replicas: 2
+  selector:
+    matchLabels:
+      app: msg-rpc-server
+  template:
+    metadata:
+      labels:
+        app: msg-rpc-server
+    spec:
+      containers:
+        - name: msg-rpc-server-container
+          image: openim/openim-rpc-msg:v3.8.3    
+          env:
+            - name: CONFIG_PATH
+              value: "/config"
+            - name: IMENV_REDIS_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: redis-secret
+                  key: redis-password
+            - name: IMENV_MONGODB_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: mongo-secret
+                  key: mongo_openim_password
+          volumeMounts:
+            - name: openim-config
+              mountPath: "/config"
+              readOnly: true
+          ports:
+            - containerPort: 10280
+            - containerPort: 12280
+      volumes:
+        - name: openim-config
+          configMap:
+            name: openim-config
@@ -0,0 +1,17 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: msg-rpc-service
+spec:
+  selector:
+    app: msg-rpc-server
+  ports:
+    - name: http-10280
+      protocol: TCP
+      port: 10280
+      targetPort: 10280
+    - name: prometheus-12280
+      protocol: TCP
+      port: 12280
+      targetPort: 12280
+  type: ClusterIP
@@ -0,0 +1,51 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: third-rpc-server
+spec:
+  replicas: 2
+  selector:
+    matchLabels:
+      app: third-rpc-server
+  template:
+    metadata:
+      labels:
+        app: third-rpc-server
+    spec:
+      containers:
+        - name: third-rpc-server-container
+          image: openim/openim-rpc-third:v3.8.3          
+          env:
+            - name: CONFIG_PATH
+              value: "/config"
+            - name: IMENV_MINIO_ACCESSKEYID
+              valueFrom:
+                secretKeyRef:
+                  name: minio-secret
+                  key: minio-root-user
+            - name: IMENV_MINIO_SECRETACCESSKEY
+              valueFrom:
+                secretKeyRef:
+                  name: minio-secret
+                  key: minio-root-password
+            - name: IMENV_REDIS_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: redis-secret
+                  key: redis-password
+            - name: IMENV_MONGODB_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: mongo-secret
+                  key: mongo_openim_password
+          volumeMounts:
+            - name: openim-config
+              mountPath: "/config"
+              readOnly: true
+          ports:
+            - containerPort: 10300
+            - containerPort: 12300
+      volumes:
+        - name: openim-config
+          configMap:
+            name: openim-config
@@ -0,0 +1,17 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: third-rpc-service
+spec:
+  selector:
+    app: third-rpc-server
+  ports:
+    - name: http-10300
+      protocol: TCP
+      port: 10300
+      targetPort: 10300
+    - name: prometheus-12300
+      protocol: TCP
+      port: 12300
+      targetPort: 12300
+  type: ClusterIP
@@ -0,0 +1,41 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: user-rpc-server
+spec:
+  replicas: 2
+  selector:
+    matchLabels:
+      app: user-rpc-server
+  template:
+    metadata:
+      labels:
+        app: user-rpc-server
+    spec:
+      containers:
+        - name: user-rpc-server-container
+          image: openim/openim-rpc-user:v3.8.3
+          env:
+            - name: CONFIG_PATH
+              value: "/config"
+            - name: IMENV_REDIS_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: redis-secret
+                  key: redis-password
+            - name: IMENV_MONGODB_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: mongo-secret
+                  key: mongo_openim_password
+          volumeMounts:
+            - name: openim-config
+              mountPath: "/config"
+              readOnly: true
+          ports:
+            - containerPort: 10320
+            - containerPort: 12320
+      volumes:
+        - name: openim-config
+          configMap:
+            name: openim-config
@@ -0,0 +1,17 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: user-rpc-service
+spec:
+  selector:
+    app: user-rpc-server
+  ports:
+    - name: http-10320
+      protocol: TCP
+      port: 10320
+      targetPort: 10320
+    - name: prometheus-12320
+      protocol: TCP
+      port: 12320
+      targetPort: 12320
+  type: ClusterIP
@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: redis-service
+  labels:
+    app: redis
+spec:
+  type: ClusterIP
+  selector:
+    app: redis
+  ports:
+    - name: redis-port
+      protocol: TCP
+      port: 16379
+      targetPort: 6379
@@ -0,0 +1,66 @@
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: redis-statefulset
+spec:
+  serviceName: "redis"
+  replicas: 2
+  selector:
+    matchLabels:
+      app: redis
+  template:
+    metadata:
+      labels:
+        app: redis
+    spec:
+      containers:
+        - name: redis
+          image: redis:7.0.0
+          ports:
+            - containerPort: 6379
+          env:
+            - name: TZ
+              value: "Asia/Shanghai"
+            - name: REDIS_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: redis-secret
+                  key: redis-password
+          volumeMounts:
+            - name: redis-data
+              mountPath: /data
+            # - name: redis-config-volume
+            #   mountPath: /usr/local/redis/config/redis.conf
+            #   subPath: redis.conf
+          command:
+            [
+              "/bin/sh",
+              "-c",
+              'redis-server  --requirepass "$REDIS_PASSWORD" --appendonly yes',
+            ]
+      volumes:
+        - name: redis-config-volume
+          configMap:
+            name: openim-config
+        - name: redis-data
+          persistentVolumeClaim:
+            claimName: redis-pvc
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: redis-pvc
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 5Gi
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: redis-secret
+type: Opaque
+data:
+  redis-password: b3BlbklNMTIz # "openIM123" in base64