XW-AIOT/aiot-platform-cloud
4
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
8148bf7471b47a5e4c8269a3f99d4c58687ef6b4
aiot-platform-cloud/docker-compose.release.yml
lzh 8148bf7471
Some checks failed
Java CI with Maven / build (11) (push) Has been cancelled
Details
Java CI with Maven / build (17) (push) Has been cancelled
Details
Java CI with Maven / build (8) (push) Has been cancelled
Details
fix(ci): 修 release/next 误部署到 PROD 的严重 bug + 容器名 -release 物理隔离 
事故复盘:build #5 触发 release/next 部署,但 Initialize 阶段
  env.DEPLOY_HOST = env.RELEASE_DEPLOY_HOST
没有生效,DEPLOY_HOST 保持 environment 块默认值 172.17.16.14(PROD),导致
release.yml 被部署到 PROD 服务器;同时容器名与 prod 同名(aiot-gateway 等),
docker compose up -d 直接 force-recreate prod 容器,配置切到 release 库 / Nacos
namespace / Redis db1 — prod 业务断了。

根因:Jenkins declarative pipeline 的 environment 块声明的变量是 build-scope
constant,在 script 块里 env.X = ... 的赋值在某些场景不生效。

修复:
1. environment 块只声明常量 PROD_DEPLOY_HOST/PROD_DEPLOY_PATH/RELEASE_DEPLOY_HOST/
   RELEASE_DEPLOY_PATH,DEPLOY_HOST/DEPLOY_PATH/COMPOSE_FILE/CONTAINER_NAME_SUFFIX
   全部在 Initialize 阶段动态创建(不在 environment 声明则 env.X = 赋值生效)
2. 增加防呆:未知分支(既不是 master 也不是 release/next)DEPLOY_HOST 设空,
   后续 ssh 命令会因目标空直接报错,不会误伤任何机器
3. release 容器名加 -release 后缀(aiot-gateway-release 等),物理隔离:
   即便部署目标 host 错了,容器名不与 prod 重叠,docker compose 不会 recreate
   prod 同名容器
4. getContainerNameForService 改读 env.CONTAINER_NAME_SUFFIX(Initialize 阶段写入),
   不再依赖 @NonCPS 函数里访问 env.BRANCH_NAME

prod 影响:master 分支行为完全不变(DEPLOY_HOST→PROD_DEPLOY_HOST 同值、容器名
suffix='')。
2026-04-28 17:38:17 +08:00

239 lines
7.8 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# ============================================
# 后端核心服务 - RELEASE 环境172.17.16.7
# ============================================
# 由 Jenkins release/next 分支自动同步到部署机后用:
# docker compose -f docker-compose.release.yml up -d
# 与 docker-compose.core.yml 区别:
# - MySQL 库aiot-platform-test → aiot-platform-release
# - Nacos namespace8efd6d96-... → e635b215-...
# - TDengine databaseaiot_platform → aiot_platform_release
# - XXL-Job executor IP.14 → .7、appname 加 -release 后缀
# - RocketMQ腾讯云外网 → staging 服务器内网 172.17.16.7:9876无 ACL
# 其余密码/凭据沿用 prod同 docker-compose.core.yml
# ============================================
version: '3.8'
networks:
default:
name: 1panel-network
external: true
volumes:
app-logs:
# ============================================
# 公共环境变量片段YAML anchor
# ============================================
x-common-env: &common-env
TZ: Asia/Shanghai
SPRING_PROFILES_ACTIVE: prod
# ===== Nacos独立 namespace =====
NACOS_USERNAME: nacos
NACOS_PASSWORD: "9oDxX~}e7DeP"
NACOS_ADDR: 172.17.16.7:8848
NACOS_DISCOVERY_NAMESPACE: "e635b215-913e-4bc8-8867-2fbf7d5134aa"
NACOS_CONFIG_NAMESPACE: "e635b215-913e-4bc8-8867-2fbf7d5134aa"
# ===== MySQL同实例独立库 aiot-platform-release =====
SPRING_DATASOURCE_DYNAMIC_DATASOURCE_MASTER_URL: jdbc:mysql://172.17.16.8:3306/aiot-platform-release?useSSL=false&serverTimezone=Asia/Shanghai&allowPublicKeyRetrieval=true&nullCatalogMeansCurrent=true&rewriteBatchedStatements=true
SPRING_DATASOURCE_DYNAMIC_DATASOURCE_MASTER_USERNAME: root
SPRING_DATASOURCE_DYNAMIC_DATASOURCE_MASTER_PASSWORD: "tKi8rfUJjVrf@"
# ===== Redis同 prod 实例,靠 db 索引隔离prod=db0、release=db1 =====
SPRING_DATA_REDIS_HOST: 172.17.16.13
SPRING_DATA_REDIS_PORT: 6379
SPRING_DATA_REDIS_PASSWORD: "HkVZkVnn1"
SPRING_DATA_REDIS_DATABASE: 1
# ===== RocketMQrelease 服务器本地实例,内网,无 ACL =====
ROCKETMQ_NAMESRV_ADDR: 172.17.16.7:9876
ROCKETMQ_ACCESS_KEY: ""
ROCKETMQ_SECRET_KEY: ""
# ===== XXL-Job同 adminexecutor IP=.7、appname 加 -release 后缀) =====
XXL_JOB_ADMIN_ADDRESSES: http://172.17.16.7:19090/xxl-job-admin
XXL_JOB_EXECUTOR_IP: 172.17.16.7
XXL_JOB_EXECUTOR_APPNAME_SUFFIX: "-release"
services:
viewsh-gateway:
image: ${REGISTRY_HOST:-172.17.16.7:5000}/viewsh-gateway:${IMAGE_TAG:-latest}
container_name: aiot-gateway-release
restart: on-failure:5
ports:
- "48080:48080"
environment:
<<: *common-env
JAVA_OPTS: "-Xms512m -Xmx1024m -XX:+UseContainerSupport -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/app/logs"
volumes:
- app-logs:/app/logs
deploy:
resources:
limits:
memory: 1536m
cpus: '1.0'
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:48080/actuator/health"]
interval: 10s
timeout: 5s
retries: 12
start_period: 120s
viewsh-module-system-server:
image: ${REGISTRY_HOST:-172.17.16.7:5000}/viewsh-module-system-server:${IMAGE_TAG:-latest}
container_name: aiot-system-server-release
restart: on-failure:5
ports:
- "48081:48081"
- "9901:9901"
environment:
<<: *common-env
JAVA_OPTS: "-Xms512m -Xmx1024m -XX:+UseContainerSupport -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/app/logs"
# 微信配置system-server 独有,沿用 prod
WX_MP_APP_ID: "wx5b23ba7a5589ecbb"
WX_MP_SECRET: "2a7b3b20c537e52e74afd395eb85f61f"
WX_MINIAPP_APPID: "wxc4598c446f8a9cb3"
WX_MINIAPP_SECRET: "4a1a04e07f6a4a0751b39c3064a92c8b"
XXL_JOB_EXECUTOR_PORT: 9901
volumes:
- app-logs:/app/logs
deploy:
resources:
limits:
memory: 1536m
cpus: '1.0'
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:48081/actuator/health"]
interval: 10s
timeout: 5s
retries: 12
start_period: 120s
depends_on:
viewsh-gateway:
condition: service_healthy
viewsh-module-infra-server:
image: ${REGISTRY_HOST:-172.17.16.7:5000}/viewsh-module-infra-server:${IMAGE_TAG:-latest}
container_name: aiot-infra-server-release
restart: on-failure:5
ports:
- "48082:48082"
- "9902:9902"
environment:
<<: *common-env
JAVA_OPTS: "-Xms512m -Xmx1024m -XX:+UseContainerSupport -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/app/logs"
XXL_JOB_EXECUTOR_PORT: 9902
volumes:
- app-logs:/app/logs
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:48082/actuator/health"]
interval: 10s
timeout: 5s
retries: 12
start_period: 120s
depends_on:
viewsh-module-system-server:
condition: service_healthy
viewsh-module-iot-server:
image: ${REGISTRY_HOST:-172.17.16.7:5000}/viewsh-module-iot-server:${IMAGE_TAG:-latest}
container_name: aiot-iot-server-release
restart: on-failure:5
ports:
- "48091:48091"
- "9903:9903"
environment:
<<: *common-env
JAVA_OPTS: "-Xms1024m -Xmx2048m -XX:+UseContainerSupport -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/app/logs"
# ===== 时序库(共享 prod TDengine 实例,独立 database aiot_platform_release =====
TSDB_TYPE: tdengine
TDENGINE_HOST: 172.17.16.7
TDENGINE_PORT: 6041
TDENGINE_USERNAME: root
TDENGINE_PASSWORD: taosdata
TDENGINE_DATABASE: aiot_platform_release
# CTSDB 切换 follow-up暂留空
CTSDB_URL: ""
CTSDB_USERNAME: ""
CTSDB_PASSWORD: ""
CTSDB_DATABASE: ""
XXL_JOB_EXECUTOR_PORT: 9903
volumes:
- app-logs:/app/logs
deploy:
resources:
limits:
memory: 2560m
cpus: '1.5'
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:48091/actuator/health"]
interval: 10s
timeout: 5s
retries: 12
start_period: 120s
depends_on:
viewsh-module-infra-server:
condition: service_healthy
viewsh-module-iot-gateway:
image: ${REGISTRY_HOST:-172.17.16.7:5000}/viewsh-module-iot-gateway:${IMAGE_TAG:-latest}
container_name: aiot-iot-gateway-release
restart: on-failure:5
ports:
- "1883:1883"
- "8092:8092"
- "8091:8091"
environment:
IOT_TCP_ENABLED: "true"
TZ: Asia/Shanghai
SPRING_PROFILES_ACTIVE: prod
JAVA_OPTS: "-Xms1024m -Xmx2048m -XX:+UseContainerSupport -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/app/logs"
SPRING_DATA_REDIS_HOST: 172.17.16.13
SPRING_DATA_REDIS_PORT: 6379
SPRING_DATA_REDIS_PASSWORD: "HkVZkVnn1"
SPRING_DATA_REDIS_DATABASE: 1
ROCKETMQ_NAMESRV_ADDR: 172.17.16.7:9876
ROCKETMQ_ACCESS_KEY: ""
ROCKETMQ_SECRET_KEY: ""
VIEWSH_IOT_GATEWAY_RPC_URL: "http://aiot-iot-server-release:48091"
volumes:
- app-logs:/app/logs
deploy:
resources:
limits:
memory: 2560m
cpus: '1.5'
depends_on:
- viewsh-module-iot-server
viewsh-module-ops-server:
image: ${REGISTRY_HOST:-172.17.16.7:5000}/viewsh-module-ops-server:${IMAGE_TAG:-latest}
container_name: aiot-ops-server-release
restart: on-failure:5
ports:
- "48092:48092"
- "9904:9904"
environment:
<<: *common-env
JAVA_OPTS: "-Xms512m -Xmx1024m -XX:+UseContainerSupport -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/app/logs"
XXL_JOB_EXECUTOR_PORT: 9904
volumes:
- app-logs:/app/logs
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:48092/actuator/health"]
interval: 10s
timeout: 5s
retries: 12
start_period: 120s
depends_on:
viewsh-module-iot-server:
condition: service_healthy
Reference in New Issue View Git Blame Copy Permalink