@[TOC](Antd Pro V5、Django、uWSGI(TCP/IP socket)、前后端分离镜像生产部署及性能调优)
最后更新 2020.12.25
前言:自己写的前后端项目有了雏形,在部署实践中可谓五味杂陈,常有山重水复疑无路、拨开云雾见青天等感觉;只希望自己的实践能让更多人少踩坑
1. 技术架构说明
- 后端开发语言python3.6(windows最高小版本3.6.8、linux最高小版本3.6.12),为了使用celery实现异步和定时任务没选择更高版本;
- 后端框架Django2,小版本是当前最新版本2.2.17,未选择dj3版本是因为小版本太少,不安全不稳重(当然后面会持续关注dj3版本有机会则升级一波框架);
- 前端开发语言react、typescript,没有选择js,因为被ts的类型系统打动;UI框架是阿里的预览版Antd Pro V5,V5版本的都是ts去写的,打动我的点也是v5较前代稳定版前端框架来讲组件易用、数据流转更清晰;
- 最终生产部署场景是k8s集群,前端基础镜像是nginx,后端基础镜像是python3;
2. 多种部署方式说明
2.1. 本地测试部署(centos7)
本地部署尝试过一台centos7机子上同时部署前后端,现在也尝试了两台机子分别部署前后端(两台机子互通);
centos7 192.168.190.129 放前端
upstream husky {
server 192.168.190.128:3033;
}
server {
listen 80;
server_name localhost;
# gzip config
gzip on;
gzip_min_length 1k;
gzip_comp_level 9;
gzip_types text/plain application/javascript application/x-javascript text/css application/xml text/javascript application/x-httpd-php image/jpeg image/gif image/png;
gzip_vary on;
gzip_disable "MSIE [1-6]\.";
root /usr/share/nginx/html;
location / {
try_files $uri $uri/ /index.html;
}
location /api {
uwsgi_pass husky; # 连接远程uWSGI服务器的socket
include /etc/nginx/uwsgi_params;
uwsgi_connect_timeout 2;
}
# 静态文件
location /static {
root /usr/share/nginx/html;
}
}
centos7 192.168.190.128 放后端
uwsgi.ini
[uwsgi]
socket=:3033
chdir=/opt/husky-back/husky
wsgi-file=husky/wsgi.py
processes=4
threads=2
chmod-socket=660
stats=127.0.0.1:9191
2.2. k8s生产部署
2.2.1. uwsgi TCP/IP socket通信方式
husky-web-uwsgi
# Please edit the object below. Lines beginning with a '#' will be ignored,
# and an empty file will abort the edit. If an error occurs while saving this file will be
# reopened with the relevant failures.
#
apiVersion: v1
data:
uwsgi.ini: |-
[uwsgi]
socket=:3033
chdir=/opt/husky-back/husky
wsgi-file=husky/wsgi.py
processes=4
threads=2
chmod-socket=660
master=true
stats=127.0.0.1:9191
kind: ConfigMap
metadata:
name: husky-web-uwsgi
namespace: XXXX
husky-nginx-config
# Please edit the object below. Lines beginning with a '#' will be ignored,
# and an empty file will abort the edit. If an error occurs while saving this file will be
# reopened with the relevant failures.
#
apiVersion: v1
data:
default.conf: |-
upstream husky {
server XX.XX.XX.XX:XX;
}
server {
listen 80;
server_name localhost;
# gzip config
gzip on;
gzip_min_length 1k;
gzip_comp_level 9;
gzip_types text/plain application/javascript application/x-javascript text/css application/xml text/javascript application/x-httpd-php image/jpeg image/gif image/png;
gzip_vary on;
gzip_disable "MSIE [1-6]\.";
location / {
root /usr/share/nginx/html;
try_files $uri $uri/ /index.html;
}
location /api {
uwsgi_pass husky;
include /etc/nginx/uwsgi_params;
uwsgi_connect_timeout 2;
uwsgi_param Host $host;
uwsgi_param X-Real-IP $remote_addr;
uwsgi_param X-Forwarded-For $proxy_add_x_forwarded_for;
uwsgi_param X-Forwarded-Proto $http_x_forwarded_proto;
}
# 静态文件
location /static {
root /usr/share/nginx/html;
}
}
kind: ConfigMap
metadata:
name: husky-nginx-config
namespace: XXXX
2.2.2. uwsgi http通信方式
http协议通信方式不建议上生产,只建议用来测后端服务究竟有没有跑起来,能不能看到接口
后端uwsgi配置
# Please edit the object below. Lines beginning with a '#' will be ignored,
# and an empty file will abort the edit. If an error occurs while saving this file will be
# reopened with the relevant failures.
#
apiVersion: v1
data:
uwsgi.ini: |-
[uwsgi]
http=:3033
static-map=/static=static
master=true
file=/opt/husky-back/husky/husky/wsgi.py
module=husky.wsgi
buffer-size=65536
kind: ConfigMap
metadata:
name: husky-web-uwsgi
namespace: XXXX
前端nginx配置文件
# Please edit the object below. Lines beginning with a '#' will be ignored,
# and an empty file will abort the edit. If an error occurs while saving this file will be
# reopened with the relevant failures.
#
apiVersion: v1
data:
default.conf: |-
upstream husky {
server XX.XX.XX.XX:XX;
}
server {
listen 80;
server_name localhost;
# gzip config
gzip on;
gzip_min_length 1k;
gzip_comp_level 9;
gzip_types text/plain application/javascript application/x-javascript text/css application/xml text/javascript application/x-httpd-php image/jpeg image/gif image/png;
gzip_vary on;
gzip_disable "MSIE [1-6]\.";
location / {
root /usr/share/nginx/html;
try_files $uri $uri/ /index.html;
}
location /api {
proxy_pass http://husky;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_http_version 1.1;
proxy_set_header Connection "";
}
# 静态文件
location /static {
root /usr/share/nginx/html;
}
}
kind: ConfigMap
metadata:
name: husky-nginx-config
namespace: XXXX
3. 待改进点
首当其冲的就是CI/CD环节,其次是安全层面(要求nginx可以记录访问客户端的真实ip)。
4. 坑点总结
待补充完善,需要生产先调优总结下配置