194 lines
5.5 KiB
Markdown
194 lines
5.5 KiB
Markdown
---
|
||
created: "2026-03-22"
|
||
type: resource
|
||
tags: [resource, kubernetes, infrastructure, devops, drone-ci, argocd, mcp, homelab]
|
||
source: "xiaohongshu-mcp 项目部署实践"
|
||
---
|
||
|
||
# Xiaohongshu MCP - K8s 基础设施
|
||
|
||
## 概述
|
||
|
||
小红书 MCP (Model Context Protocol) 服务器的 Kubernetes 部署。通过 go-rod 浏览器自动化让 AI 助手直接操作小红书平台(发帖、搜索、评论、点赞等)。
|
||
|
||
- 上游仓库: [xpzouying/xiaohongshu-mcp](https://github.com/xpzouying/xiaohongshu-mcp)
|
||
- Gitea 仓库: `ssh://git@git.colacoder.com:2200/kai/xiaohongshu-mcp.git`
|
||
- 本地路径: `C:\Users\yaoji\git\OpenSource\xiaohongshu-mcp`
|
||
|
||
## 架构
|
||
|
||
```
|
||
AI 助手 → MCP 协议 → Go 服务 (Gin + go-rod) → 无头 Chrome → 小红书网页版
|
||
```
|
||
|
||
核心技术栈:
|
||
- Go 1.24 + Gin HTTP 框架
|
||
- go-rod (Chrome DevTools Protocol) 浏览器自动化
|
||
- go-rod/stealth 反检测插件
|
||
- MCP Go SDK v0.7.0
|
||
|
||
## 部署方案
|
||
|
||
### 镜像选择
|
||
|
||
由于集群节点内存有限(每节点 ~2GB),**无法在集群内用 Kaniko 构建镜像**(Go 编译 + Chrome 安装会 OOM,Exit Code 137)。直接使用 Docker Hub 预构建镜像:
|
||
|
||
```
|
||
xpzouying/xiaohongshu-mcp:latest
|
||
```
|
||
|
||
### K8s Manifests (k8s/base/)
|
||
|
||
| 文件 | 作用 |
|
||
|------|------|
|
||
| `namespace.yaml` | `xiaohongshu-mcp` 命名空间 |
|
||
| `pvc.yaml` | 持久卷: cookies 数据 (1Gi) + 图片存储 (5Gi) |
|
||
| `deployment.yaml` | Deployment + Chrome 共享内存 + 健康检查 |
|
||
| `service.yaml` | ClusterIP Service (18060) |
|
||
| `ingress.yaml` | Ingress: `xiaohongshu-mcp.k8s.home` |
|
||
| `drone-rbac.yaml` | Drone CI RBAC 权限 |
|
||
| `kustomization.yaml` | Kustomize 资源索引 |
|
||
|
||
### Deployment 关键配置
|
||
|
||
```yaml
|
||
image: xpzouying/xiaohongshu-mcp:latest
|
||
ports: [18060]
|
||
env:
|
||
ROD_BROWSER_BIN: /usr/bin/google-chrome
|
||
COOKIES_PATH: /app/data/cookies.json
|
||
TZ: Asia/Shanghai
|
||
resources:
|
||
requests: { cpu: 200m, memory: 512Mi }
|
||
limits: { cpu: "1", memory: 2Gi }
|
||
volumes:
|
||
- /app/data → PVC xiaohongshu-mcp-data (1Gi, cookies 持久化)
|
||
- /app/images → PVC xiaohongshu-mcp-images (5Gi, 图片上传)
|
||
- /dev/shm → emptyDir Memory (256Mi, Chrome 共享内存)
|
||
```
|
||
|
||
Chrome 无头浏览器需要 `/dev/shm` 共享内存,否则会崩溃。通过 `emptyDir: { medium: Memory }` 挂载。
|
||
|
||
### Ingress
|
||
|
||
```yaml
|
||
host: xiaohongshu-mcp.k8s.home
|
||
annotations:
|
||
proxy-body-size: "50m" # 支持图片/视频上传
|
||
proxy-read-timeout: "300" # 浏览器操作耗时长
|
||
proxy-send-timeout: "300"
|
||
```
|
||
|
||
DNS 通过路由器通配符 `*.k8s.home → 192.168.68.240` (MetalLB) 自动解析,无需额外配置。
|
||
|
||
### 健康检查
|
||
|
||
```
|
||
GET /health → {"success":true,"data":{"status":"healthy"},"message":"服务正常"}
|
||
livenessProbe: initialDelay=30s, period=30s
|
||
readinessProbe: initialDelay=10s, period=10s
|
||
```
|
||
|
||
## Git Remote 配置
|
||
|
||
```
|
||
origin → ssh://git@git.colacoder.com:2200/kai/xiaohongshu-mcp.git (Gitea, 主仓库)
|
||
upstream → (已移除,需要时手动添加 GitHub 上游)
|
||
```
|
||
|
||
## CI/CD
|
||
|
||
### Drone CI (.drone.yml)
|
||
|
||
由于不在集群内构建镜像,Drone 只负责触发 rollout restart:
|
||
|
||
```yaml
|
||
kind: pipeline
|
||
type: kubernetes
|
||
name: deploy
|
||
trigger:
|
||
branch: [main]
|
||
event: [push, custom]
|
||
steps:
|
||
- name: restart-deployment
|
||
image: bitnami/kubectl:latest
|
||
commands:
|
||
- kubectl rollout restart deploy/xiaohongshu-mcp -n xiaohongshu-mcp
|
||
```
|
||
|
||
### ArgoCD (k8s/argocd-app.yaml)
|
||
|
||
```yaml
|
||
source:
|
||
repoURL: https://git.colacoder.com/kai/xiaohongshu-mcp.git
|
||
targetRevision: main
|
||
path: k8s/base
|
||
syncPolicy:
|
||
automated: { prune: true, selfHeal: true }
|
||
syncOptions: [CreateNamespace=true]
|
||
```
|
||
|
||
### 部署流程
|
||
|
||
```
|
||
git push origin main
|
||
↓
|
||
Gitea webhook → Drone CI
|
||
↓
|
||
kubectl rollout restart (拉取最新镜像)
|
||
↓
|
||
ArgoCD 自动同步 k8s/base/ 配置变更
|
||
```
|
||
|
||
镜像更新依赖 Docker Hub 上游作者发布新版本,本地只做配置变更和重启。
|
||
|
||
## 初始部署步骤
|
||
|
||
```bash
|
||
# 1. 添加 Gitea remote
|
||
git remote add origin ssh://git@git.colacoder.com:2200/kai/xiaohongshu-mcp.git
|
||
|
||
# 2. 首次手动部署(Drone SA 无权创建命名空间)
|
||
kubectl apply -k k8s/base/
|
||
|
||
# 3. 验证
|
||
curl -sk https://xiaohongshu-mcp.k8s.home/health
|
||
|
||
# 4. 推送代码到 Gitea(后续由 Drone + ArgoCD 自动化)
|
||
git push -u origin main
|
||
|
||
# 5. 在 Drone UI 中 Sync 仓库列表并 Activate
|
||
```
|
||
|
||
## 踩坑记录
|
||
|
||
- **Kaniko OOM (Exit Code 137)**: 节点仅 2GB 内存,Go 编译 + Chrome 安装超出限制。解决: 直接用 Docker Hub 预构建镜像。
|
||
- **Drone RBAC 权限不足**: Drone SA 只有 `invest-api` 命名空间的权限,新命名空间需手动 `kubectl apply` 创建资源后,Drone 才能操作。
|
||
- **SSH Agent 问题**: Git 内置 SSH 客户端无法连接 1Password SSH Agent,需通过终端手动 push 或配置 `core.sshCommand` 指向 Windows OpenSSH。
|
||
- **Chrome /dev/shm**: 容器内 Chrome 默认 `/dev/shm` 仅 64MB,不够用会崩溃。必须挂载 `emptyDir: { medium: Memory }`。
|
||
|
||
## MCP 功能
|
||
|
||
| 功能 | 说明 |
|
||
|------|------|
|
||
| 登录 | QR 码扫码 + Cookie 持久化 |
|
||
| 发图文 | 多图上传、定时发布、话题标签 |
|
||
| 发视频 | 本地视频上传 |
|
||
| 搜索 | 关键词 + 多维筛选 |
|
||
| 互动 | 点赞/收藏/评论/回复 |
|
||
| 用户 | 获取个人资料和推荐 Feed |
|
||
|
||
## 访问地址
|
||
|
||
| 服务 | URL |
|
||
|------|-----|
|
||
| MCP 服务 | `https://xiaohongshu-mcp.k8s.home` |
|
||
| 健康检查 | `https://xiaohongshu-mcp.k8s.home/health` |
|
||
| MCP 端点 | `https://xiaohongshu-mcp.k8s.home/mcp` |
|
||
| API | `https://xiaohongshu-mcp.k8s.home/api/v1/` |
|
||
|
||
## Related
|
||
|
||
- [[OpenBB Invest API - K8s Infrastructure]]
|
||
- [[HomeLab Infrastructure]]
|