chore: restore independent prod gitops config

2026-06-15 17:26:52 +08:00
parent c86deb5e12
commit 9e326c375a
40 changed files with 215 additions and 207 deletions
@@ -1,22 +1,17 @@
-# HTTPRoute cutover runbook
+# HTTPRoute cutover runbook

-Current production domains are owned by `ircs-system` routes:
+状态：历史记录

- `huawai.sophia.fr.eu.org` -> `ircs-system/huawai-svc:80`
- `ircs.sophia.fr.eu.org` -> `ircs-system/ircs-frontend-svc:80`
+当前 `mnnu.eu.org` 生产入口已由本仓库 `ircs-prod/edge-cutover/httproutes.yaml` 管理；本文只保留旧 `sophia` 域名切流思路，不再作为当前操作步骤。

-V3 production routes are declared under `ircs-prod/edge-cutover`:
+当前生产域名：

- `huawai.sophia.fr.eu.org` -> `ircs-prod/ircs-frontend-gateway:80`
- `ircs.sophia.fr.eu.org` -> `ircs-prod/ircs-frontend-gateway:8080`
+- `huawai.mnnu.eu.org` -> `ircs-prod/ircs-portal-frontend:3000`
+- `admin.mnnu.eu.org` -> `ircs-prod/ircs-admin-frontend:80`

-Cutover order:
+当前 API 路由：

-1. Confirm `ircs-prod` pods are Ready.
-2. Confirm cluster-internal portal/admin smoke is healthy.
-3. Disable automated sync on old `argocd/ircs-app` so it does not recreate old routes.
-4. Apply edge routes and delete old `ircs-system` business routes.
-5. Verify Envoy Gateway accepts the new routes.
-6. Verify external domains through the NLB/Cloudflare path.
+- `huawai.mnnu.eu.org/api/backend`、`/api/portal`、`/media` -> `ircs-prod/ircs-portal-bff:8080`
+- `admin.mnnu.eu.org/api/v1`、`/media` -> `ircs-prod/ircs-admin-bff:8080`

-Use `scripts/cutover-httproute.ps1 -Execute` from this repo root when ready.
+切流或新增域名时，直接修改 `ircs-prod/edge-cutover/httproutes.yaml` 并提交本仓库，由 Argo CD 自动同步。
@@ -1,20 +1,15 @@
-# ircs-system to ircs-prod compatible data migration
+# ircs-prod data migration runbook

-Goal: migrate old `ircs-system` business data into V3 `ircs-prod` while allowing incompatible runtime tables to be discarded.
+状态：历史记录

-Required order:
+当前 `ircs-prod` 按新环境干净初始化，不迁移旧 `ircs-system` 业务数据。`ircs-prod-migrator` 仍保留在 `ircs-prod/migration/`，但由 Argo CD 手动同步，避免迁移 Job 自动反复执行。

-1. Back up old `ircs-system` PostgreSQL.
-2. Prepare `ircs-prod` secrets with `scripts/prepare-prod-secrets.ps1`.
-3. Sync `ircs-prod-core` and wait for PostgreSQL, RabbitMQ, Valkey, Elasticsearch, services, and migrator.
-4. Run `scripts/migrate-compatible-data.ps1` once without `-Execute` to compare table presence.
-5. Run `scripts/migrate-compatible-data.ps1 -Execute -TruncateTarget` only when `ircs-prod` has no valuable data.
-6. Rebuild search/index derived state through V3 ops runners after migration.
+如果未来确实需要导入旧数据，先新增一份独立迁移方案并明确：

-Migration policy:
+- 源库和目标库。
+- 需要复制的业务表。
+- 必须跳过的 runtime、audit、outbox、lock、Liquibase 表。
+- 回滚方式。
+- 迁移前后只读校验 SQL。

- Copy compatible V1 business tables only.
- Do not copy `databasechangelog` or `databasechangeloglock`.
- Do not copy V3 derived audit/outbox/maintenance tables.
- If a table or column becomes incompatible, prefer explicit table-level skip plus a written note over silent lossy conversion.
- Existing R2 bucket remains `ircs` so historical media URLs stay valid.
+不要直接复用旧 `ircs-system` 兼容迁移脚本作为生产操作入口。