From a6a39280918b7ef555cc6d78545ba054d3ac589a Mon Sep 17 00:00:00 2001 From: zyc <1439655764@qq.com> Date: Mon, 13 Apr 2026 11:29:24 +0800 Subject: [PATCH] =?UTF-8?q?perf:=20kubectl=204s=20=E8=B6=85=E6=97=B6=20+?= =?UTF-8?q?=205=20=E6=AC=A1=E9=87=8D=E8=AF=95=EF=BC=8C=E9=81=BF=E5=85=8D?= =?UTF-8?q?=20K3s=20=E5=86=85=E7=BD=91=E6=8A=96=E5=8A=A8=E5=8D=A1=E6=AD=BB?= =?UTF-8?q?=E9=83=A8=E7=BD=B2?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-Authored-By: Claude Opus 4.6 (1M context) --- .gitea/workflows/deploy.yaml | 34 ++++++++++++++++++---------------- 1 file changed, 18 insertions(+), 16 deletions(-) diff --git a/.gitea/workflows/deploy.yaml b/.gitea/workflows/deploy.yaml index b7dfcbb..2d23ab6 100644 --- a/.gitea/workflows/deploy.yaml +++ b/.gitea/workflows/deploy.yaml @@ -133,41 +133,43 @@ jobs: sed -i "s|redis://zyc:Zyc188208@redis-shzlsczo52dft8mia.redis.ivolces.com:6379/0|${{ env.REDIS_URL }}|g" k8s/celery-deployment.yaml # All kubectl operations with retry (K3s 内网连接可能抖动) - for attempt in 1 2 3; do - echo "Deploy attempt $attempt/3..." + export KUBECTL_TIMEOUT="--request-timeout=4s" + + for attempt in 1 2 3 4 5; do + echo "Deploy attempt $attempt/5..." { # Create/update image pull secret for CR - kubectl create secret docker-registry cr-pull-secret \ + kubectl $KUBECTL_TIMEOUT create secret docker-registry cr-pull-secret \ --docker-server="${{ env.CR_SERVER_ACTIVE }}" \ --docker-username="${{ env.CR_USERNAME_ACTIVE }}" \ --docker-password="${{ env.CR_PASSWORD_ACTIVE }}" \ - --dry-run=client -o yaml | kubectl apply -f - + --dry-run=client -o yaml | kubectl $KUBECTL_TIMEOUT apply -f - # Create/update secrets (业务密钥,DB 已写在 yaml 里) - kubectl create secret generic video-backend-secrets \ + kubectl $KUBECTL_TIMEOUT create secret generic video-backend-secrets \ --from-literal=ARK_API_KEY='${{ secrets.ARK_API_KEY }}' \ --from-literal=TOS_ACCESS_KEY='${{ secrets.TOS_ACCESS_KEY }}' \ --from-literal=TOS_SECRET_KEY='${{ secrets.TOS_SECRET_KEY }}' \ --from-literal=DJANGO_SECRET_KEY='${{ secrets.DJANGO_SECRET_KEY }}' \ --from-literal=ALIYUN_SMS_ACCESS_KEY='${{ secrets.ALIYUN_SMS_ACCESS_KEY }}' \ --from-literal=ALIYUN_SMS_ACCESS_SECRET='${{ secrets.ALIYUN_SMS_ACCESS_SECRET }}' \ - --dry-run=client -o yaml | kubectl apply -f - + --dry-run=client -o yaml | kubectl $KUBECTL_TIMEOUT apply -f - # Apply manifests - kubectl apply -f k8s/backend-deployment.yaml - kubectl apply -f k8s/celery-deployment.yaml - kubectl apply -f k8s/web-deployment.yaml - kubectl apply -f k8s/ingress.yaml + kubectl $KUBECTL_TIMEOUT apply -f k8s/backend-deployment.yaml + kubectl $KUBECTL_TIMEOUT apply -f k8s/celery-deployment.yaml + kubectl $KUBECTL_TIMEOUT apply -f k8s/web-deployment.yaml + kubectl $KUBECTL_TIMEOUT apply -f k8s/ingress.yaml # Preserve real client IP - kubectl patch svc traefik -n kube-system -p '{"spec":{"externalTrafficPolicy":"Local"}}' 2>/dev/null || true + kubectl $KUBECTL_TIMEOUT patch svc traefik -n kube-system -p '{"spec":{"externalTrafficPolicy":"Local"}}' 2>/dev/null || true - kubectl rollout restart deployment/video-backend - kubectl rollout restart deployment/celery-worker - kubectl rollout restart deployment/video-web + kubectl $KUBECTL_TIMEOUT rollout restart deployment/video-backend + kubectl $KUBECTL_TIMEOUT rollout restart deployment/celery-worker + kubectl $KUBECTL_TIMEOUT rollout restart deployment/video-web } 2>&1 | tee /tmp/deploy.log && break - echo "Attempt $attempt failed, retrying in 10s..." - sleep 10 + echo "Attempt $attempt failed, retrying in 30s..." + sleep 30 done # ===== Log Center: failure reporting =====