1.nginx反向代理配置
apiVersion: v1
kind: ConfigMap
metadata:
name: nginx-reverse-proxy-configmap
data:
nginx.conf: |
user nginx;
worker_processes 1;
worker_rlimit_nofile 262144; # 增加文件描述符限制
error_log /etc/nginx/logs/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 65536; # 每个worker最大连接数
multi_accept on;
use epoll;
accept_mutex off; # 在高并发时关闭互斥锁
}
http {
server_tokens off;
include mime.types;
default_type application/octet-stream;
client_max_body_size 10G; # 设置请求体最大为 10G
# 1. 调整上游服务配置,使用连接池
upstream spring_cloud_backend {
server 10.247.194.211:8080; # 你的 Spring Cloud 服务地址
# 可选:设置长连接数量,对于 HTTP/1.1 很重要
keepalive 64; # 每个 Worker 进程与上游服务保持的空闲长连接数量
}
server {
listen 80;
location /gwadmin/ {
if ($request_method = OPTIONS) {
add_header Access-Control-Allow-Origin $http_origin;
add_header "Access-Control-Allow-Headers" "Authorization, Origin, X-Requested-With, Content-Type, Accept";
add_header Access-Control-Allow-Methods GET,POST,OPTIONS,HEAD,PUT,DELETE;
add_header Access-Control-Allow-Credentials true;
return 200;
}
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://10.247.149.252:7000/;
#proxy_pass http://www.baidu.com/;
}
#官网后台管理前端页面
location /guanwangadmin/ {
alias html/guanwangadmin/;
# VUE History 模式下刷新网页404问题
try_files $uri $uri/ /guanwangadmin/index.html;
index index.html;
#expires 12h;
add_header Cache-Control "no-cache,must-revalidate";
error_log off;
access_log off;
}
location /gwapi/ {
if ($request_method = OPTIONS) {
add_header Access-Control-Allow-Origin $http_origin;
add_header "Access-Control-Allow-Headers" "Authorization, Origin, X-Requested-With, Content-Type, Accept";
add_header Access-Control-Allow-Methods GET,POST,OPTIONS,HEAD,PUT,DELETE;
add_header Access-Control-Allow-Credentials true;
return 200;
}
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://10.247.163.240:7002/;
#proxy_pass http://www.baidu.com/;
}
#名门望族app接口
location /mmwzGateWay/ {
if ($request_method = OPTIONS) {
add_header Access-Control-Allow-Origin $http_origin;
add_header "Access-Control-Allow-Headers" "Authorization, Origin, X-Requested-With, Content-Type, Accept";
add_header Access-Control-Allow-Methods GET,POST,OPTIONS,HEAD,PUT,DELETE;
add_header Access-Control-Allow-Credentials true;
return 200;
}
# 去掉 /mmwzGateWay/ 前缀
rewrite ^/mmwzGateWay/(.*)$ /$1 break;
proxy_pass http://spring_cloud_backend;
# 2. 核心:调整超时时间
proxy_connect_timeout 60s; # Nginx 与上游服务器建立连接的超时时间
proxy_send_timeout 60s; # Nginx 向上游服务器发送请求的超时时间
proxy_read_timeout 60s; # Nginx 等待上游服务器响应的超时时间
# 3. 错误处理:当上游返回特定错误时,可以重试或展示友好页面
proxy_next_upstream error timeout http_502 http_503 http_504;
proxy_next_upstream_tries 2; # 重试次数
proxy_next_upstream_timeout 10s; # 重试超时
# 4. 优化缓冲区与头部传递
proxy_buffering on;
proxy_buffer_size 128k;
proxy_buffers 8 256k;
proxy_busy_buffers_size 256k;
# 非常重要:传递真实客户端 IP 和 Host 信息
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# 5. 启用 HTTP/1.1 到上游服务,支持 keepalive
proxy_http_version 1.1;
proxy_set_header Connection "";
}
#mmwz后台管理
location /mmwzadmin/ {
alias html/mmwzadmin/;
# VUE History 模式下刷新网页404问题
try_files $uri $uri/ /mmwzadmin/index.html;
index index.html;
#expires 12h;
add_header Cache-Control "no-cache,must-revalidate";
error_log off;
access_log off;
}
#apph
location /apph/ {
alias html/apph/;
# VUE History 模式下刷新网页404问题
try_files $uri $uri/ /apph/index.html;
index index.html;
#expires 12h;
add_header Cache-Control "no-cache,must-revalidate";
error_log off;
access_log off;
}
#public_static
location /public_static/ {
alias html/public_static/;
# VUE History 模式下刷新网页404问题
try_files $uri $uri/ /public_static/index.html;
index index.html;
#expires 12h;
add_header Cache-Control "no-cache,must-revalidate";
error_log off;
access_log off;
}
location / {
root html/guanwangweb;
index index.html;
try_files $uri $uri/ /index.html;
}
}
}主要看 location /mmwzGateWay/ 这个反向代理
2.Spring cloud 网关配置
bootstrap.yml # Tomcat
server:
port: 8080
# Spring
spring:
application:
# 应用名称
name: ruoyi-gateway
profiles:
# 环境配置
active: dev
cloud:
nacos:
discovery:
# 服务注册地址
server-addr: 127.0.0.1:8848
# #命名空间
# namespace: e4fe4f1f-0f94-44b8-9004-d116d5735d7e
config:
# 配置中心地址
server-addr: 127.0.0.1:8848
# 配置文件格式
file-extension: yml
# 共享配置
shared-configs:
- application-${spring.profiles.active}.${spring.cloud.nacos.config.file-extension}
# #命名空间
# namespace: e4fe4f1f-0f94-44b8-9004-d116d5735d7e
sentinel:
# 取消控制台懒加载
eager: true
transport:
# 控制台地址
dashboard: 127.0.0.1:8718
# nacos配置持久化
datasource:
ds1:
nacos:
server-addr: 127.0.0.1:8848
dataId: sentinel-ruoyi-gateway
groupId: DEFAULT_GROUP
data-type: json
rule-type: gw-flownacos 配置中心 ruoyi-gateway-prod.yml
server:
tomcat:
# 连接数配置(关键!)
max-connections: 5000
# 线程池配置(核心优化)
max-threads: 500
min-spare-threads: 50
# 等待队列
accept-count: 10000
# 连接超时
connection-timeout: 180s
# 保持连接
keep-alive-timeout: 180s
max-keep-alive-requests: 20000
threads:
max: 5000 # 如果 gateway 用 tomcat,线程也要够
netty:
worker-count: 1 # 0=CPU 核数,也可手动调大
spring:
redis:
host: 10.247.94.224
#port: 6379
port: 6379
# 数据库索引
database: 1
# password:
password: JZoxuxAKkH24qLCFH9AG
cloud:
sentinel:
enabled: true
transport:
#port: 8723
dashboard: 10.247.53.215:8858
#clientIp: 127.0.0.1
log:
dir: /opt/jars/sentinelLog
# nacos配置持久化
datasource:
ds1:
nacos:
server-addr: 10.247.155.16:8848
dataId: sentinel-ruoyi-gateway
groupId: DEFAULT_GROUP
data-type: json
rule-type: gw-flow
gateway:
httpclient:
# 连接超时(单位毫秒)
connect-timeout: 2000
# 响应超时(单位秒)
response-timeout: 2000s
keep-alive: false
# 连接池配置
pool:
type: elastic # 连接池类型
name: gateway-http-client-pool
max-connections: 100000 # 最大连接数
acquire-timeout: 450000 # 获取连接超时时间
max-idle-time: 600s # 最大空闲时间
max-life-time: 600s # 建议添加:最大生存时间
pending-acquire-timeout: 60s # 等待获取连接超时
evict-in-background: true # 后台清理空闲连接
default-filters:
- DedupeResponseHeader=Access-Control-Allow-Credentials Access-Control-Allow-Origin
discovery:
locator:
lowerCaseServiceId: true
enabled: true
http:
initial-connections: 100 # 每个客户端的初始连接数
max-initial-connections: 1000 # 每个客户端的最大初始连接数
max-initial-connections-per-host: 500 # 每个主机的最大初始连接数
max-initial-connections-per-destination: 500 # 每个目的地的最大初始连接数
thread-pool:
fixed:
core-size: 32 # 核心线程数
max-size: 64 # 最大线程数
queue-capacity: 2048 # 队列容量
routes:
# 认证中心
- id: ruoyi-auth
uri: lb://ruoyi-auth
predicates:
- Path=/auth/**
filters:
# 验证码处理
- CacheRequestFilter
- ValidateCodeFilter
- StripPrefix=1
# 代码生成
- id: ruoyi-gen
uri: lb://ruoyi-gen
predicates:
- Path=/code/**
filters:
- StripPrefix=1
# 定时任务
- id: ruoyi-job
uri: lb://ruoyi-job
predicates:
- Path=/schedule/**
filters:
- StripPrefix=1
# 系统模块
- id: ruoyi-system
uri: lb://ruoyi-system
predicates:
- Path=/system/**
filters:
- StripPrefix=1
# 文件服务
- id: ruoyi-file
uri: lb://ruoyi-file
predicates:
- Path=/file/**
filters:
- StripPrefix=1
# 用户服务
- id: ruoyi-user
uri: lb://ruoyi-user
predicates:
- Path=/user/**
filters:
- StripPrefix=1
- id: ruoyi-userSocket
uri: lb:ws://ruoyi-user
predicates:
- Path=/userWebSocket/**
filters:
- StripPrefix=1
# 家族传承服务
- id: ruoyi-inherit
uri: lb://ruoyi-inherit
predicates:
- Path=/inherit/**
filters:
- StripPrefix=1
- id: ruoyi-inheritSocket
uri: lb:ws://ruoyi-inherit
predicates:
- Path=/inheritWebSocket/**
filters:
- StripPrefix=1
# 图库服务
- id: ruoyi-image
uri: lb://ruoyi-image
predicates:
- Path=/image/**
filters:
- StripPrefix=1
# 根基服务
- id: ruoyi-foundation
uri: lb://ruoyi-foundation
predicates:
- Path=/foundation/**
filters:
- StripPrefix=1
- id: ruoyi-foundationWebSocket
uri: lb:ws://ruoyi-foundation
predicates:
- Path=/foundationWebSocket/**
filters:
- StripPrefix=1
# 商城服务
- id: ruoyi-mall
uri: lb://ruoyi-mall
predicates:
- Path=/mall/**
filters:
- StripPrefix=1
# ai服务
- id: ruoyi-ai
uri: lb://ruoyi-ai
predicates:
- Path=/ai/**
filters:
- StripPrefix=1
# 安全配置
security:
# 验证码
captcha:
enabled: true
type: math
# 防止XSS攻击
xss:
enabled: true
excludeUrls:
- /system/notice
- /user/mingmenSysInfo
# 不校验白名单
ignore:
whites:
- /auth/logout
- /auth/login
- /auth/register
- /*/v2/api-docs
- /*/v3/api-docs
- /csrf
- /auth/app/login
- /auth/app/register
- /auth/app/logout
- /user/api/user/loginSendSMSVerificationCode
- /user/api/user/registerSendSMSVerificationCode
- /auth/app/loginSmsVerificationCode
- /user/api/test/test1
- /user/api/user/forgotPasswordSendSMSVerificationCode
- /user/api/user/rechargePassword
- /user/api/mingmenSysInfo/getByKey
- /foundationWebSocket/api/**
- /file/statics/**
- /user/api/user/checkPhoneRegistrable
- /ai/api/mingmenAiRole/downloadOutputDetailsFileKey
- /inherit/api/ffmpeg/avatarAndPhotoFrame
- /foundation/api/generateImages/getTitle
- /foundation/api/generateImages/getEllipseHead
- /inheritWebSocket/api/**
- /userWebSocket/api/**
- /user/api/mmBusinessRecitationCache/getCacheById
- /user/api/dict/list/*
- /foundation/api/generateImages/getGravestoneImageOne
- /foundation/api/generateImages/getGravestoneImageTwo
# - /image/api/mingmenGenerateVideo/test1
# - /image/api/mingmenGenerateVideo/test2
# - /image/api/mingmenGenerateVideo/test3
- /*/public/**
- /user/payment/alipay/notify
- /auth/app/loginWeiXinCode
# springdoc配置
springdoc:
webjars:
# 访问前缀
prefix:3.业务模块配置
bootstrap.yml# Tomcat
server:
port: 9204
# Spring
spring:
application:
# 应用名称
name: ruoyi-inherit
profiles:
# 环境配置
active: dev
cloud:
nacos:
discovery:
# 服务注册地址
server-addr: 127.0.0.1:8848
#命名空间
#namespace: e4fe4f1f-0f94-44b8-9004-d116d5735d7e
config:
# 配置中心地址
server-addr: 127.0.0.1:8848
# 配置文件格式
file-extension: yml
# 共享配置
shared-configs:
- application-${spring.profiles.active}.${spring.cloud.nacos.config.file-extension}
#命名空间
#namespace: e4fe4f1f-0f94-44b8-9004-d116d5735d7e
image:
maxsize: 8
video:
maxsize: 50
OSS:
endpoint: oss-cn-beijing.aliyuncs.com
bucketName: ja-oss
accessKeyId: LTAIUc1dQa8ct
accessKeySecret: WjIoFLHnacos配置中心 ruoyi-inherit-prod.yml
#I/O 密集型业务
server:
tomcat:
max-threads: 20000 # 可以设置更多线程等待 I/O
min-spare-threads: 200
max-connections: 10000
accept-count: 500
keep-alive-timeout: 120s
max-keep-alive-requests: 10000
connection-timeout: 60s
# spring配置
spring:
servlet:
multipart:
max-file-size: 10GB
max-request-size: 10GB
cloud:
sentinel:
enabled: true
transport:
#port: 8719
dashboard: 10.247.53.215:8858
#clientIp: 127.0.0.1
log:
dir: /opt/jars/sentinelLog
redis:
host: 10.247.94.224
#port: 6379
port: 6379
# 数据库索引
database: 1
# password:
password: JZoxuxAKkH24qLCFH9AG
datasource:
druid:
stat-view-servlet:
enabled: true
loginUsername: admin
loginPassword: 123456
dynamic:
druid:
initial-size: 5
min-idle: 5
maxActive: 20
maxWait: 60000
timeBetweenEvictionRunsMillis: 60000
minEvictableIdleTimeMillis: 300000
validationQuery: SELECT 1 FROM DUAL
testWhileIdle: true
testOnBorrow: true
testOnReturn: false
poolPreparedStatements: true
maxPoolPreparedStatementPerConnectionSize: 20
filters: stat,slf4j
connectionProperties: druid.stat.mergeSql\=true;druid.stat.slowSqlMillis\=5000
datasource:
# 主库数据源
master:
driver-class-name: com.mysql.cj.jdbc.Driver
url: jdbc:mysql://1:3306/mmwz_inherit_prod?useUnicode=true&characterEncoding=utf8&zeroDateTimeBehavior=convertToNull&useSSL=true&serverTimezone=GMT%2B8&autoReconnect=true&autoReconnectForPools=true&connectTimeout=30000&socketTimeout=60000
username: rt
password: As34
# 从库数据源
# slave:
# username:
# password:
# url:
# driver-class-name:
seata: true # 开启seata代理,开启后默认每个数据源都代理,如果某个不需要代理可单独关闭
# mybatis配置
mybatis-plus:
# 搜索指定包别名
typeAliasesPackage: com.ruoyi.inherit.domain
# 配置mapper的扫描,找到所有的mapper.xml映射文件
mapperLocations: classpath:mapper/**/*.xml
global-config:
db-config:
logic-delete-field: del_flag
logic-delete-value: 1
logic-not-delete-value: 0
configuration:
log-impl: org.apache.ibatis.logging.stdout.StdOutImpl
logging:
enableSqlLog: true
# swagger配置
swagger:
title: 系统模块接口文档
license: Powered By ruoyi
licenseUrl: https://ruoyi.vip
# seata配置
seata:
# 默认关闭,如需启用spring.datasource.dynami.seata需要同时开启
enabled: true
# Seata 应用编号,默认为 ${spring.application.name}
application-id: seata-server
# Seata 事务组编号,用于 TC 集群名
tx-service-group: default_tx_group
# 关闭自动代理
enable-auto-data-source-proxy: false
# 服务配置项
service:
# 虚拟组和分组的映射
vgroup-mapping:
default_tx_group: DEFAULT
registry:
type: nacos
nacos:
application: seata-server
server-addr: 10.247.155.16:8848
namespace:
username: nacos
password: nacos
group: DEFAULT_GROUP
data-source-proxy-mode: XA
#image:
# maxsize: 8
#video:
# maxsize: 50
#OSS:
# endpoint: oss-cnuncs.com
# bucketName: jav-oss
# accessKeyId: LTAI8ct
# accessKeySecret: WjIoXhFLH
huawei:
cloud:
accessKeyId: HPUAACOAP
accessKeySecret: 4BQ2xS72ZLsqhG
content-review:
moderationRegion: cnh-4
projectId: 716922ba88d8 项目基于若依微服务版,nginx spring cloud网关和微服务,都是1核2G的配置 qps达到600 - 700左右