Go语言部署清单上线检查项部署是将应用交付生产环境的关键环节。本文详细介绍Go语言应用部署的各项检查项确保上线过程顺利且安全。一、配置管理1.1 配置文件设计良好的配置管理是部署成功的基础。import ( os fmt gopkg.in/yaml.v3 ) type Config struct { App AppConfig yaml:app Database DatabaseConfig yaml:database Redis RedisConfig yaml:redis Log LogConfig yaml:log Metrics MetricsConfig yaml:metrics } type AppConfig struct { Host string yaml:host Port int yaml:port Env string yaml:env } type DatabaseConfig struct { Host string yaml:host Port int yaml:port User string yaml:user Password string yaml:password Database string yaml:database MaxOpen int yaml:max_open_conns MaxIdle int yaml:max_idle_conns } type RedisConfig struct { Host string yaml:host Port int yaml:port Password string yaml:password DB int yaml:db } type LogConfig struct { Level string yaml:level Output string yaml:output } type MetricsConfig struct { Enabled bool yaml:enabled Port int yaml:port } func LoadConfig(path string) (*Config, error) { data, err : os.ReadFile(path) if err ! nil { return nil, fmt.Errorf(failed to read config file: %w, err) } var cfg Config if err : yaml.Unmarshal(data, cfg); err ! nil { return nil, fmt.Errorf(failed to parse config file: %w, err) } // 从环境变量覆盖配置 if env : os.Getenv(APP_ENV); env ! { cfg.App.Env env } if env : os.Getenv(DB_PASSWORD); env ! { cfg.Database.Password env } if env : os.Getenv(REDIS_PASSWORD); env ! { cfg.Redis.Password env } return cfg, nil }1.2 配置文件示例# config.yaml app: host: 0.0.0.0 port: 8080 env: production database: host: localhost port: 3306 user: app_user password: # 从环境变量DB_PASSWORD读取 database: myapp max_open_conns: 100 max_idle_conns: 10 redis: host: localhost port: 6379 password: # 从环境变量REDIS_PASSWORD读取 db: 0 log: level: info output: /var/log/myapp/app.log metrics: enabled: true port: 90901.3 多环境配置// config_dev.yaml app: env: development database: host: localhost port: 3306 // config_prod.yaml app: env: production database: host: prod-db.internal port: 3306 // 根据环境加载配置 func getConfigPath() string { env : os.Getenv(APP_ENV) if env { env development } return fmt.Sprintf(config_%s.yaml, env) }二、环境变量2.1 环境变量设计原则敏感信息密码、密钥必须通过环境变量传入不同环境使用不同的配置值提供默认值但生产环境必须显式配置import os type EnvConfig struct { // 数据库 DBHost string DBPort string DBUser string DBPassword string DBName string // Redis RedisHost string RedisPassword string // JWT JWTSecret string // S3存储 AWS_ACCESS_KEY_ID string AWS_SECRET_ACCESS_KEY string AWS_REGION string } func LoadEnvConfig() *EnvConfig { return EnvConfig{ DBHost: getEnv(DB_HOST, localhost), DBPort: getEnv(DB_PORT, 3306), DBUser: getEnv(DB_USER, root), DBPassword: getEnv(DB_PASSWORD, ), DBName: getEnv(DB_NAME, myapp), RedisHost: getEnv(REDIS_HOST, localhost), RedisPassword: getEnv(REDIS_PASSWORD, ), JWTSecret: getEnv(JWT_SECRET, ), AWS_ACCESS_KEY_ID: os.Getenv(AWS_ACCESS_KEY_ID), AWS_SECRET_ACCESS_KEY: os.Getenv(AWS_SECRET_ACCESS_KEY), AWS_REGION: getEnv(AWS_REGION, us-east-1), } } func getEnv(key, defaultValue string) string { if value : os.Getenv(key); value ! { return value } return defaultValue }2.2 敏感信息检查func validateRequiredEnvVars() error { required : []string{ DB_PASSWORD, JWT_SECRET, } var missing []string for _, key : range required { if os.Getenv(key) { missing append(missing, key) } } if len(missing) 0 { return fmt.Errorf(missing required environment variables: %v, missing) } return nil }三、容器化3.1 Dockerfile编写Go应用应使用多阶段构建减小镜像体积。# 构建阶段 FROM golang:1.22-alpine AS builder WORKDIR /app # 安装依赖 COPY go.mod go.sum ./ RUN go mod download # 复制源代码 COPY . . # 构建二进制文件 RUN CGO_ENABLED0 GOOSlinux go build -ldflags-w -s -o /app/myapp . # 运行阶段 FROM alpine:3.19 WORKDIR /app # 安装时区数据 RUN apk --no-cache add ca-certificates tzdata # 复制二进制文件 COPY --frombuilder /app/myapp . COPY --frombuilder /app/config ./config # 创建非root用户 RUN addgroup -g 1000 appgroup \ adduser -u 1000 -G appgroup -s /bin/sh -D appuser USER appuser EXPOSE 8080 9090 ENTRYPOINT [./myapp]3.2 Docker Compose配置# docker-compose.yml version: 3.8 services: app: build: context: . dockerfile: Dockerfile ports: - 8080:8080 - 9090:9090 environment: - APP_ENVproduction - DB_HOSTdb - DB_PASSWORD${DB_PASSWORD} - REDIS_HOSTredis - REDIS_PASSWORD${REDIS_PASSWORD} - JWT_SECRET${JWT_SECRET} volumes: - ./logs:/app/logs - ./config:/app/config:ro depends_on: db: condition: service_healthy redis: condition: service_started restart: unless-stopped healthcheck: test: [CMD, curl, -f, http://localhost:8080/health/live] interval: 30s timeout: 10s retries: 3 start_period: 40s db: image: mysql:8.0 environment: MYSQL_ROOT_PASSWORD: ${DB_PASSWORD} MYSQL_DATABASE: myapp volumes: - mysql_data:/var/lib/mysql healthcheck: test: [CMD, mysqladmin, ping, -h, localhost] interval: 10s timeout: 5s retries: 5 redis: image: redis:7-alpine command: redis-server --requirepass ${REDIS_PASSWORD} volumes: - redis_data:/data volumes: mysql_data: redis_data:3.3 Kubernetes部署配置# deployment.yaml apiVersion: apps/v1 kind: Deployment metadata: name: myapp labels: app: myapp spec: replicas: 3 selector: matchLabels: app: myapp template: metadata: labels: app: myapp spec: containers: - name: myapp image: myapp:latest ports: - containerPort: 8080 name: http - containerPort: 9090 name: metrics env: - name: APP_ENV value: production - name: DB_PASSWORD valueFrom: secretKeyRef: name: myapp-secrets key: db-password - name: JWT_SECRET valueFrom: secretKeyRef: name: myapp-secrets key: jwt-secret resources: requests: memory: 256Mi cpu: 100m limits: memory: 512Mi cpu: 500m readinessProbe: httpGet: path: /health/ready port: 8080 initialDelaySeconds: 5 periodSeconds: 5 livenessProbe: httpGet: path: /health/live port: 8080 initialDelaySeconds: 10 periodSeconds: 10 volumeMounts: - name: config mountPath: /app/config readOnly: true volumes: - name: config configMap: name: myapp-config --- apiVersion: v1 kind: Service metadata: name: myapp spec: selector: app: myapp ports: - port: 80 targetPort: 8080 type: ClusterIP --- apiVersion: v1 kind: ConfigMap metadata: name: myapp-config data: config.yaml: | app: host: 0.0.0.0 port: 8080 env: production log: level: info四、健康检查4.1 健康检查实现type HealthChecker struct { db *sql.DB redis *redis.Client } func NewHealthChecker(db *sql.DB, redis *redis.Client) *HealthChecker { return HealthChecker{db: db, redis: redis} } func (h *HealthChecker) Check() error { // 检查数据库连接 if err : h.db.Ping(); err ! nil { return fmt.Errorf(database ping failed: %w, err) } // 检查Redis连接 if _, err : h.redis.Ping().Result(); err ! nil { return fmt.Errorf(redis ping failed: %w, err) } return nil } func (h *HealthChecker) HandleLive(w http.ResponseWriter, r *http.Request) { w.WriteHeader(http.StatusOK) json.NewEncoder(w).Encode(map[string]string{status: alive}) } func (h *HealthChecker) HandleReady(w http.ResponseWriter, r *http.Request) { if err : h.Check(); err ! nil { w.WriteHeader(http.StatusServiceUnavailable) json.NewEncoder(w).Encode(map[string]string{ status: not ready, error: err.Error(), }) return } w.WriteHeader(http.StatusOK) json.NewEncoder(w).Encode(map[string]string{status: ready}) }五、优雅关闭5.1 优雅关闭实现优雅关闭确保正在处理的请求能够完成。import ( context net/http os os/signal syscall time ) type Server struct { httpServer *http.Server quit chan os.Signal } func NewServer(mux *http.ServeMux, addr string) *Server { return Server{ httpServer: http.Server{ Addr: addr, Handler: mux, ReadTimeout: 30 * time.Second, WriteTimeout: 30 * time.Second, IdleTimeout: 60 * time.Second, }, quit: make(chan os.Signal, 1), } } func (s *Server) Start() error { // 启动服务器 go func() { if err : s.httpServer.ListenAndServe(); err ! nil err ! http.ErrServerClosed { log.Fatalf(server error: %v, err) } }() // 等待退出信号 signal.Notify(s.quit, syscall.SIGINT, syscall.SIGTERM) -s.quit log.Println(shutting down server...) // 创建超时上下文 ctx, cancel : context.WithTimeout(context.Background(), 30*time.Second) defer cancel() // 优雅关闭 if err : s.httpServer.Shutdown(ctx); err ! nil { return fmt.Errorf(server shutdown failed: %w, err) } log.Println(server stopped) return nil } func (s *Server) Stop() { s.quit - syscall.SIGTERM }5.2 信号处理import ( log os os/signal syscall ) func handleSignals(cleanup func()) { sigCh : make(chan os.Signal, 1) signal.Notify(sigCh, syscall.SIGINT, syscall.SIGTERM, syscall.SIGHUP) sig : -sigCh log.Printf(received signal: %v, sig) switch sig { case syscall.SIGINT, syscall.SIGTERM: log.Println(performing graceful shutdown...) cleanup() log.Println(cleanup completed) os.Exit(0) case syscall.SIGHUP: log.Println(received SIGHUP, reloading configuration...) // 可以实现配置重载 } }六、日志输出6.1 日志配置import ( github.com/sirupsen/logrus ) func setupLogging(cfg *LogConfig) *logrus.Logger { logger : logrus.New() // 设置日志级别 level, err : logrus.ParseLevel(cfg.Level) if err ! nil { level logrus.InfoLevel } logger.SetLevel(level) // 设置输出格式 if cfg.Output stdout { logger.SetOutput(os.Stdout) } else { file, err : os.OpenFile(cfg.Output, os.O_CREATE|os.O_WRONLY|os.O_APPEND, 0666) if err nil { logger.SetOutput(file) } } // JSON格式便于收集 logger.SetFormatter(logrus.JSONFormatter{ TimestampFormat: time.RFC3339, }) return logger }6.2 日志轮转使用logrus的hook实现日志轮转。import ( github.com/lestrrat-go/file-rotatelogs ) func setupRotateLogs(logger *logrus.Logger, path string) { writer, err : rotatelogs.New( path.%Y%m%d, rotatelogs.WithLinkName(path), rotatelogs.WithMaxAge(7*24*time.Hour), rotatelogs.WithRotationTime(24*time.Hour), ) if err ! nil { log.Printf(failed to create rotate logs: %v, err) return } logger.SetOutput(writer) }七、监控接入7.1 Prometheus指标暴露import ( github.com/prometheus/client_golang/prometheus/promhttp ) func setupMetrics mux { mux.Handle(/metrics, promhttp.Handler()) }7.2 Kubernetes服务Monitor# service-monitor.yaml apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: myapp labels: release: prometheus spec: selector: matchLabels: app: myapp endpoints: - port: metrics path: /metrics interval: 15s八、回滚策略8.1 版本标记const VERSION 1.0.0 func main() { log.Printf(starting myapp version: %s, VERSION) // ... }8.2 数据库迁移回滚type Migration struct { Version int Name string Up func(*sql.Tx) error Down func(*sql.Tx) error } func (m *Migration) Apply(db *sql.DB) error { tx, err : db.Begin() if err ! nil { return err } if err : m.Up(tx); err ! nil { tx.Rollback() return err } // 记录版本 _, err tx.Exec(INSERT INTO schema_migrations (version, name) VALUES (?, ?), m.Version, m.Name) if err ! nil { tx.Rollback() return err } return tx.Commit() } func (m *Migration) Rollback(db *sql.DB) error { tx, err : db.Begin() if err ! nil { return err } if err : m.Down(tx); err ! nil { tx.Rollback() return err } _, err tx.Exec(DELETE FROM schema_migrations WHERE version ?, m.Version) if err ! nil { tx.Rollback() return err } return tx.Commit() }8.3 Kubernetes回滚命令# 查看部署历史 kubectl rollout history deployment/myapp # 回滚到上一个版本 kubectl rollout undo deployment/myapp # 回滚到指定版本 kubectl rollout undo deployment/myapp --to-revision2 # 查看回滚状态 kubectl rollout status deployment/myapp九、检查清单总结配置管理配置文件结构清晰支持多环境敏感配置通过环境变量传入配置变更有版本记录配置加载失败有明确错误提示环境变量所有敏感信息通过环境变量配置环境变量有默认值但不依赖默认值启动前验证必需的环境变量不同环境使用不同配置容器化使用多阶段构建减小镜像体积容器以非root用户运行正确设置WORKDIR和EXPOSE镜像包含版本标签健康检查实现存活检查/health/live实现就绪检查/health/ready健康检查包含依赖服务检查配置合理的检查超时和重试优雅关闭捕获终止信号停止接收新请求等待正在处理的请求完成设置合理的超时时间日志输出使用结构化日志格式日志输出到标准输出容器环境配置日志轮转敏感信息脱敏监控接入Prometheus指标端点暴露部署配置ServiceMonitor配置合理的资源限制设置告警规则回滚策略每次部署标记版本数据库迁移支持回滚保留历史版本镜像制定回滚触发条件部署是一个系统性工程需要在开发、测试、运维各环节协同配合。建议部署前进行充分的测试和演练确保生产环境部署顺利。
Go语言部署清单:上线检查项
发布时间:2026/5/29 4:55:17
Go语言部署清单上线检查项部署是将应用交付生产环境的关键环节。本文详细介绍Go语言应用部署的各项检查项确保上线过程顺利且安全。一、配置管理1.1 配置文件设计良好的配置管理是部署成功的基础。import ( os fmt gopkg.in/yaml.v3 ) type Config struct { App AppConfig yaml:app Database DatabaseConfig yaml:database Redis RedisConfig yaml:redis Log LogConfig yaml:log Metrics MetricsConfig yaml:metrics } type AppConfig struct { Host string yaml:host Port int yaml:port Env string yaml:env } type DatabaseConfig struct { Host string yaml:host Port int yaml:port User string yaml:user Password string yaml:password Database string yaml:database MaxOpen int yaml:max_open_conns MaxIdle int yaml:max_idle_conns } type RedisConfig struct { Host string yaml:host Port int yaml:port Password string yaml:password DB int yaml:db } type LogConfig struct { Level string yaml:level Output string yaml:output } type MetricsConfig struct { Enabled bool yaml:enabled Port int yaml:port } func LoadConfig(path string) (*Config, error) { data, err : os.ReadFile(path) if err ! nil { return nil, fmt.Errorf(failed to read config file: %w, err) } var cfg Config if err : yaml.Unmarshal(data, cfg); err ! nil { return nil, fmt.Errorf(failed to parse config file: %w, err) } // 从环境变量覆盖配置 if env : os.Getenv(APP_ENV); env ! { cfg.App.Env env } if env : os.Getenv(DB_PASSWORD); env ! { cfg.Database.Password env } if env : os.Getenv(REDIS_PASSWORD); env ! { cfg.Redis.Password env } return cfg, nil }1.2 配置文件示例# config.yaml app: host: 0.0.0.0 port: 8080 env: production database: host: localhost port: 3306 user: app_user password: # 从环境变量DB_PASSWORD读取 database: myapp max_open_conns: 100 max_idle_conns: 10 redis: host: localhost port: 6379 password: # 从环境变量REDIS_PASSWORD读取 db: 0 log: level: info output: /var/log/myapp/app.log metrics: enabled: true port: 90901.3 多环境配置// config_dev.yaml app: env: development database: host: localhost port: 3306 // config_prod.yaml app: env: production database: host: prod-db.internal port: 3306 // 根据环境加载配置 func getConfigPath() string { env : os.Getenv(APP_ENV) if env { env development } return fmt.Sprintf(config_%s.yaml, env) }二、环境变量2.1 环境变量设计原则敏感信息密码、密钥必须通过环境变量传入不同环境使用不同的配置值提供默认值但生产环境必须显式配置import os type EnvConfig struct { // 数据库 DBHost string DBPort string DBUser string DBPassword string DBName string // Redis RedisHost string RedisPassword string // JWT JWTSecret string // S3存储 AWS_ACCESS_KEY_ID string AWS_SECRET_ACCESS_KEY string AWS_REGION string } func LoadEnvConfig() *EnvConfig { return EnvConfig{ DBHost: getEnv(DB_HOST, localhost), DBPort: getEnv(DB_PORT, 3306), DBUser: getEnv(DB_USER, root), DBPassword: getEnv(DB_PASSWORD, ), DBName: getEnv(DB_NAME, myapp), RedisHost: getEnv(REDIS_HOST, localhost), RedisPassword: getEnv(REDIS_PASSWORD, ), JWTSecret: getEnv(JWT_SECRET, ), AWS_ACCESS_KEY_ID: os.Getenv(AWS_ACCESS_KEY_ID), AWS_SECRET_ACCESS_KEY: os.Getenv(AWS_SECRET_ACCESS_KEY), AWS_REGION: getEnv(AWS_REGION, us-east-1), } } func getEnv(key, defaultValue string) string { if value : os.Getenv(key); value ! { return value } return defaultValue }2.2 敏感信息检查func validateRequiredEnvVars() error { required : []string{ DB_PASSWORD, JWT_SECRET, } var missing []string for _, key : range required { if os.Getenv(key) { missing append(missing, key) } } if len(missing) 0 { return fmt.Errorf(missing required environment variables: %v, missing) } return nil }三、容器化3.1 Dockerfile编写Go应用应使用多阶段构建减小镜像体积。# 构建阶段 FROM golang:1.22-alpine AS builder WORKDIR /app # 安装依赖 COPY go.mod go.sum ./ RUN go mod download # 复制源代码 COPY . . # 构建二进制文件 RUN CGO_ENABLED0 GOOSlinux go build -ldflags-w -s -o /app/myapp . # 运行阶段 FROM alpine:3.19 WORKDIR /app # 安装时区数据 RUN apk --no-cache add ca-certificates tzdata # 复制二进制文件 COPY --frombuilder /app/myapp . COPY --frombuilder /app/config ./config # 创建非root用户 RUN addgroup -g 1000 appgroup \ adduser -u 1000 -G appgroup -s /bin/sh -D appuser USER appuser EXPOSE 8080 9090 ENTRYPOINT [./myapp]3.2 Docker Compose配置# docker-compose.yml version: 3.8 services: app: build: context: . dockerfile: Dockerfile ports: - 8080:8080 - 9090:9090 environment: - APP_ENVproduction - DB_HOSTdb - DB_PASSWORD${DB_PASSWORD} - REDIS_HOSTredis - REDIS_PASSWORD${REDIS_PASSWORD} - JWT_SECRET${JWT_SECRET} volumes: - ./logs:/app/logs - ./config:/app/config:ro depends_on: db: condition: service_healthy redis: condition: service_started restart: unless-stopped healthcheck: test: [CMD, curl, -f, http://localhost:8080/health/live] interval: 30s timeout: 10s retries: 3 start_period: 40s db: image: mysql:8.0 environment: MYSQL_ROOT_PASSWORD: ${DB_PASSWORD} MYSQL_DATABASE: myapp volumes: - mysql_data:/var/lib/mysql healthcheck: test: [CMD, mysqladmin, ping, -h, localhost] interval: 10s timeout: 5s retries: 5 redis: image: redis:7-alpine command: redis-server --requirepass ${REDIS_PASSWORD} volumes: - redis_data:/data volumes: mysql_data: redis_data:3.3 Kubernetes部署配置# deployment.yaml apiVersion: apps/v1 kind: Deployment metadata: name: myapp labels: app: myapp spec: replicas: 3 selector: matchLabels: app: myapp template: metadata: labels: app: myapp spec: containers: - name: myapp image: myapp:latest ports: - containerPort: 8080 name: http - containerPort: 9090 name: metrics env: - name: APP_ENV value: production - name: DB_PASSWORD valueFrom: secretKeyRef: name: myapp-secrets key: db-password - name: JWT_SECRET valueFrom: secretKeyRef: name: myapp-secrets key: jwt-secret resources: requests: memory: 256Mi cpu: 100m limits: memory: 512Mi cpu: 500m readinessProbe: httpGet: path: /health/ready port: 8080 initialDelaySeconds: 5 periodSeconds: 5 livenessProbe: httpGet: path: /health/live port: 8080 initialDelaySeconds: 10 periodSeconds: 10 volumeMounts: - name: config mountPath: /app/config readOnly: true volumes: - name: config configMap: name: myapp-config --- apiVersion: v1 kind: Service metadata: name: myapp spec: selector: app: myapp ports: - port: 80 targetPort: 8080 type: ClusterIP --- apiVersion: v1 kind: ConfigMap metadata: name: myapp-config data: config.yaml: | app: host: 0.0.0.0 port: 8080 env: production log: level: info四、健康检查4.1 健康检查实现type HealthChecker struct { db *sql.DB redis *redis.Client } func NewHealthChecker(db *sql.DB, redis *redis.Client) *HealthChecker { return HealthChecker{db: db, redis: redis} } func (h *HealthChecker) Check() error { // 检查数据库连接 if err : h.db.Ping(); err ! nil { return fmt.Errorf(database ping failed: %w, err) } // 检查Redis连接 if _, err : h.redis.Ping().Result(); err ! nil { return fmt.Errorf(redis ping failed: %w, err) } return nil } func (h *HealthChecker) HandleLive(w http.ResponseWriter, r *http.Request) { w.WriteHeader(http.StatusOK) json.NewEncoder(w).Encode(map[string]string{status: alive}) } func (h *HealthChecker) HandleReady(w http.ResponseWriter, r *http.Request) { if err : h.Check(); err ! nil { w.WriteHeader(http.StatusServiceUnavailable) json.NewEncoder(w).Encode(map[string]string{ status: not ready, error: err.Error(), }) return } w.WriteHeader(http.StatusOK) json.NewEncoder(w).Encode(map[string]string{status: ready}) }五、优雅关闭5.1 优雅关闭实现优雅关闭确保正在处理的请求能够完成。import ( context net/http os os/signal syscall time ) type Server struct { httpServer *http.Server quit chan os.Signal } func NewServer(mux *http.ServeMux, addr string) *Server { return Server{ httpServer: http.Server{ Addr: addr, Handler: mux, ReadTimeout: 30 * time.Second, WriteTimeout: 30 * time.Second, IdleTimeout: 60 * time.Second, }, quit: make(chan os.Signal, 1), } } func (s *Server) Start() error { // 启动服务器 go func() { if err : s.httpServer.ListenAndServe(); err ! nil err ! http.ErrServerClosed { log.Fatalf(server error: %v, err) } }() // 等待退出信号 signal.Notify(s.quit, syscall.SIGINT, syscall.SIGTERM) -s.quit log.Println(shutting down server...) // 创建超时上下文 ctx, cancel : context.WithTimeout(context.Background(), 30*time.Second) defer cancel() // 优雅关闭 if err : s.httpServer.Shutdown(ctx); err ! nil { return fmt.Errorf(server shutdown failed: %w, err) } log.Println(server stopped) return nil } func (s *Server) Stop() { s.quit - syscall.SIGTERM }5.2 信号处理import ( log os os/signal syscall ) func handleSignals(cleanup func()) { sigCh : make(chan os.Signal, 1) signal.Notify(sigCh, syscall.SIGINT, syscall.SIGTERM, syscall.SIGHUP) sig : -sigCh log.Printf(received signal: %v, sig) switch sig { case syscall.SIGINT, syscall.SIGTERM: log.Println(performing graceful shutdown...) cleanup() log.Println(cleanup completed) os.Exit(0) case syscall.SIGHUP: log.Println(received SIGHUP, reloading configuration...) // 可以实现配置重载 } }六、日志输出6.1 日志配置import ( github.com/sirupsen/logrus ) func setupLogging(cfg *LogConfig) *logrus.Logger { logger : logrus.New() // 设置日志级别 level, err : logrus.ParseLevel(cfg.Level) if err ! nil { level logrus.InfoLevel } logger.SetLevel(level) // 设置输出格式 if cfg.Output stdout { logger.SetOutput(os.Stdout) } else { file, err : os.OpenFile(cfg.Output, os.O_CREATE|os.O_WRONLY|os.O_APPEND, 0666) if err nil { logger.SetOutput(file) } } // JSON格式便于收集 logger.SetFormatter(logrus.JSONFormatter{ TimestampFormat: time.RFC3339, }) return logger }6.2 日志轮转使用logrus的hook实现日志轮转。import ( github.com/lestrrat-go/file-rotatelogs ) func setupRotateLogs(logger *logrus.Logger, path string) { writer, err : rotatelogs.New( path.%Y%m%d, rotatelogs.WithLinkName(path), rotatelogs.WithMaxAge(7*24*time.Hour), rotatelogs.WithRotationTime(24*time.Hour), ) if err ! nil { log.Printf(failed to create rotate logs: %v, err) return } logger.SetOutput(writer) }七、监控接入7.1 Prometheus指标暴露import ( github.com/prometheus/client_golang/prometheus/promhttp ) func setupMetrics mux { mux.Handle(/metrics, promhttp.Handler()) }7.2 Kubernetes服务Monitor# service-monitor.yaml apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: myapp labels: release: prometheus spec: selector: matchLabels: app: myapp endpoints: - port: metrics path: /metrics interval: 15s八、回滚策略8.1 版本标记const VERSION 1.0.0 func main() { log.Printf(starting myapp version: %s, VERSION) // ... }8.2 数据库迁移回滚type Migration struct { Version int Name string Up func(*sql.Tx) error Down func(*sql.Tx) error } func (m *Migration) Apply(db *sql.DB) error { tx, err : db.Begin() if err ! nil { return err } if err : m.Up(tx); err ! nil { tx.Rollback() return err } // 记录版本 _, err tx.Exec(INSERT INTO schema_migrations (version, name) VALUES (?, ?), m.Version, m.Name) if err ! nil { tx.Rollback() return err } return tx.Commit() } func (m *Migration) Rollback(db *sql.DB) error { tx, err : db.Begin() if err ! nil { return err } if err : m.Down(tx); err ! nil { tx.Rollback() return err } _, err tx.Exec(DELETE FROM schema_migrations WHERE version ?, m.Version) if err ! nil { tx.Rollback() return err } return tx.Commit() }8.3 Kubernetes回滚命令# 查看部署历史 kubectl rollout history deployment/myapp # 回滚到上一个版本 kubectl rollout undo deployment/myapp # 回滚到指定版本 kubectl rollout undo deployment/myapp --to-revision2 # 查看回滚状态 kubectl rollout status deployment/myapp九、检查清单总结配置管理配置文件结构清晰支持多环境敏感配置通过环境变量传入配置变更有版本记录配置加载失败有明确错误提示环境变量所有敏感信息通过环境变量配置环境变量有默认值但不依赖默认值启动前验证必需的环境变量不同环境使用不同配置容器化使用多阶段构建减小镜像体积容器以非root用户运行正确设置WORKDIR和EXPOSE镜像包含版本标签健康检查实现存活检查/health/live实现就绪检查/health/ready健康检查包含依赖服务检查配置合理的检查超时和重试优雅关闭捕获终止信号停止接收新请求等待正在处理的请求完成设置合理的超时时间日志输出使用结构化日志格式日志输出到标准输出容器环境配置日志轮转敏感信息脱敏监控接入Prometheus指标端点暴露部署配置ServiceMonitor配置合理的资源限制设置告警规则回滚策略每次部署标记版本数据库迁移支持回滚保留历史版本镜像制定回滚触发条件部署是一个系统性工程需要在开发、测试、运维各环节协同配合。建议部署前进行充分的测试和演练确保生产环境部署顺利。
)
 安装避坑全记录:从依赖冲突到版本匹配的保姆级教程)
)
)
:测试如何提前在代码提交阶段发现 Bug?)
)
