feat: 完成Rust User API完整开发
Some checks failed
Deploy to Production / Run Tests (push) Failing after 16m35s
Deploy to Production / Security Scan (push) Has been skipped
Deploy to Production / Build Docker Image (push) Has been skipped
Deploy to Production / Deploy to Staging (push) Has been skipped
Deploy to Production / Deploy to Production (push) Has been skipped
Deploy to Production / Notify Results (push) Successful in 31s
Some checks failed
Deploy to Production / Run Tests (push) Failing after 16m35s
Deploy to Production / Security Scan (push) Has been skipped
Deploy to Production / Build Docker Image (push) Has been skipped
Deploy to Production / Deploy to Staging (push) Has been skipped
Deploy to Production / Deploy to Production (push) Has been skipped
Deploy to Production / Notify Results (push) Successful in 31s
✨ 新功能: - SQLite数据库集成和持久化存储 - 数据库迁移系统和版本管理 - API分页功能和高效查询 - 用户搜索和过滤机制 - 完整的RBAC角色权限系统 - 结构化日志记录和系统监控 - API限流和多层安全防护 - Docker容器化和生产部署配置 🔒 安全特性: - JWT认证和授权 - 限流和防暴力破解 - 安全头和CORS配置 - 输入验证和XSS防护 - 审计日志和安全监控 📊 监控和运维: - Prometheus指标收集 - 健康检查和系统监控 - 自动化备份和恢复 - 完整的运维文档和脚本 - CI/CD流水线配置 🚀 部署支持: - 多环境Docker配置 - 生产环境部署指南 - 性能优化和安全加固 - 故障排除和应急响应 - 自动化运维脚本 📚 文档完善: - API使用文档 - 部署检查清单 - 运维操作手册 - 性能和安全指南 - 故障排除指南
This commit is contained in:
207
README-Docker.md
Normal file
207
README-Docker.md
Normal file
@@ -0,0 +1,207 @@
|
||||
# Rust User API - Docker 容器化
|
||||
|
||||
## 🐳 Docker 配置概览
|
||||
|
||||
本项目提供完整的Docker容器化解决方案,支持开发、测试和生产环境部署。
|
||||
|
||||
## 📁 Docker 相关文件
|
||||
|
||||
```
|
||||
├── Dockerfile # 多阶段构建配置
|
||||
├── docker-compose.yml # 完整部署配置(含监控)
|
||||
├── docker-compose.simple.yml # 简化部署配置
|
||||
├── .dockerignore # 构建优化配置
|
||||
└── docs/
|
||||
└── docker-deployment.md # 详细部署文档
|
||||
```
|
||||
|
||||
## 🚀 快速启动
|
||||
|
||||
### 方式一:简单部署(推荐新手)
|
||||
|
||||
```bash
|
||||
# 构建并启动应用
|
||||
docker-compose -f docker-compose.simple.yml up --build
|
||||
|
||||
# 后台运行
|
||||
docker-compose -f docker-compose.simple.yml up -d --build
|
||||
```
|
||||
|
||||
### 方式二:完整部署(包含监控)
|
||||
|
||||
```bash
|
||||
# 仅启动主应用
|
||||
docker-compose up rust-user-api --build
|
||||
|
||||
# 启动应用 + 监控服务
|
||||
docker-compose --profile monitoring up --build
|
||||
```
|
||||
|
||||
## 🔧 主要特性
|
||||
|
||||
### ✅ 已实现功能
|
||||
|
||||
- **多阶段构建**: 优化镜像大小(使用Rust 1.88)
|
||||
- **安全运行**: 非root用户,最小权限
|
||||
- **健康检查**: 自动监控应用状态
|
||||
- **数据持久化**: Docker卷管理数据
|
||||
- **环境配置**: 灵活的环境变量配置
|
||||
- **日志管理**: 结构化日志输出
|
||||
- **监控集成**: 可选的Prometheus + Grafana
|
||||
|
||||
### 🛡️ 安全特性
|
||||
|
||||
- 使用非root用户运行
|
||||
- 安全头中间件
|
||||
- API限流保护
|
||||
- JWT认证
|
||||
- 暴力破解检测
|
||||
- 审计日志记录
|
||||
|
||||
## 🌐 服务端口
|
||||
|
||||
| 服务 | 端口 | 描述 |
|
||||
|------|------|------|
|
||||
| 主应用 | 3000 | REST API服务 |
|
||||
| Prometheus | 9090 | 监控数据收集 |
|
||||
| Grafana | 3001 | 监控仪表板 |
|
||||
|
||||
## 📊 API 端点
|
||||
|
||||
### 核心功能
|
||||
- `GET /health` - 健康检查
|
||||
- `GET /api/users` - 用户列表
|
||||
- `POST /api/users` - 创建用户
|
||||
- `POST /api/auth/login` - 用户登录
|
||||
|
||||
### 监控端点
|
||||
- `GET /monitoring/dashboard` - 监控仪表板
|
||||
- `GET /monitoring/metrics/system` - 系统指标
|
||||
- `GET /monitoring/metrics/app` - 应用指标
|
||||
|
||||
## 🔧 环境变量
|
||||
|
||||
### 核心配置
|
||||
```bash
|
||||
RUST_LOG=info # 日志级别
|
||||
DATABASE_URL=sqlite:///app/data/users.db?mode=rwc # 数据库连接
|
||||
SERVER_HOST=0.0.0.0 # 监听地址
|
||||
SERVER_PORT=3000 # 监听端口
|
||||
```
|
||||
|
||||
### 日志配置
|
||||
```bash
|
||||
LOG_LEVEL=info # 日志级别
|
||||
LOG_FORMAT=pretty # 日志格式
|
||||
LOG_TO_CONSOLE=true # 控制台输出
|
||||
LOG_TO_FILE=false # 文件输出
|
||||
```
|
||||
|
||||
## 💾 数据管理
|
||||
|
||||
### 数据持久化
|
||||
- 使用Docker卷存储SQLite数据库
|
||||
- 数据位置: `/app/data/users.db`
|
||||
- 自动创建数据目录和权限设置
|
||||
|
||||
### 备份和恢复
|
||||
```bash
|
||||
# 备份数据
|
||||
docker run --rm -v rust-server_api_data:/data -v $(pwd):/backup alpine tar czf /backup/backup.tar.gz -C /data .
|
||||
|
||||
# 恢复数据
|
||||
docker run --rm -v rust-server_api_data:/data -v $(pwd):/backup alpine tar xzf /backup/backup.tar.gz -C /data
|
||||
```
|
||||
|
||||
## 🔍 监控和调试
|
||||
|
||||
### 查看日志
|
||||
```bash
|
||||
# 实时日志
|
||||
docker-compose logs -f rust-user-api
|
||||
|
||||
# 最近日志
|
||||
docker-compose logs --tail=100 rust-user-api
|
||||
```
|
||||
|
||||
### 性能监控
|
||||
```bash
|
||||
# 容器资源使用
|
||||
docker stats rust-user-api
|
||||
|
||||
# 健康检查状态
|
||||
docker inspect rust-user-api | grep -A 10 Health
|
||||
```
|
||||
|
||||
## 🛠️ 开发和测试
|
||||
|
||||
### 本地开发
|
||||
```bash
|
||||
# 开发模式(代码变更自动重启)
|
||||
docker-compose -f docker-compose.simple.yml up --build
|
||||
|
||||
# 调试模式
|
||||
docker-compose -f docker-compose.simple.yml up --build -e RUST_LOG=debug
|
||||
```
|
||||
|
||||
### 测试API
|
||||
```bash
|
||||
# 健康检查
|
||||
curl http://localhost:3000/health
|
||||
|
||||
# 获取用户列表
|
||||
curl http://localhost:3000/api/users
|
||||
|
||||
# 用户登录
|
||||
curl -X POST -H "Content-Type: application/json" \
|
||||
-d '{"username":"test","password":"password"}' \
|
||||
http://localhost:3000/api/auth/login
|
||||
```
|
||||
|
||||
## 🚀 生产部署
|
||||
|
||||
### 安全建议
|
||||
1. 使用环境变量管理敏感信息
|
||||
2. 限制端口暴露范围
|
||||
3. 配置资源限制
|
||||
4. 启用SSL/TLS(通过反向代理)
|
||||
5. 定期备份数据
|
||||
|
||||
### 扩展配置
|
||||
- 支持多实例部署
|
||||
- 可配置外部数据库
|
||||
- 集成负载均衡器
|
||||
- 支持容器编排(Kubernetes)
|
||||
|
||||
## 📚 详细文档
|
||||
|
||||
查看 [`docs/docker-deployment.md`](docs/docker-deployment.md) 获取:
|
||||
- 详细部署指南
|
||||
- 故障排除方法
|
||||
- 性能优化建议
|
||||
- 安全配置最佳实践
|
||||
|
||||
## 🔧 故障排除
|
||||
|
||||
### 常见问题
|
||||
1. **端口冲突**: 修改docker-compose.yml中的端口映射
|
||||
2. **权限问题**: 检查数据目录权限设置
|
||||
3. **内存不足**: 增加Docker内存限制
|
||||
4. **构建失败**: 检查网络连接和依赖下载
|
||||
|
||||
### 获取帮助
|
||||
- 查看应用日志: `docker-compose logs rust-user-api`
|
||||
- 检查容器状态: `docker-compose ps`
|
||||
- 进入容器调试: `docker-compose exec rust-user-api /bin/bash`
|
||||
|
||||
## 🎯 下一步
|
||||
|
||||
Docker容器化配置已完成!接下来可以:
|
||||
1. 测试Docker构建和部署
|
||||
2. 配置生产环境
|
||||
3. 设置CI/CD流水线
|
||||
4. 添加更多监控指标
|
||||
|
||||
---
|
||||
|
||||
**注意**: 本项目使用Rust 1.88和现代化的容器技术栈,确保了高性能、安全性和可维护性。
|
||||
Reference in New Issue
Block a user