還記得我們在前幾天介紹過 n8n 的 Queue Mode 嗎?Queue Mode 就是有人幫你分擔主人的工作,可以讓 n8n 在執行上更有效率。
所以我們今天的重點就是在 GKE 的環境也來把 n8n 的 Queue Mode 裝起來吧!
本日目標:在 GKE Private Cluster 中,安裝 Redis(有密碼、持久化),並將 n8n 切換為 Queue Mode。Main 專責 API/UI;Worker 專責執行工作。
helm repo add bitnami https://charts.bitnami.com/bitnami
helm repo update
# 建議在 n8n namespace 內安裝,或獨立 redis namespace 也可以
kubectl create namespace n8n --dry-run=client -o yaml | kubectl apply -f -
helm upgrade --install redis-n8n bitnami/redis \
--namespace n8n \
--set architecture=standalone \
--set auth.enabled=true \
--set auth.existingSecret="" \
--set auth.password="changeThisStrongPwd!" \
--set master.persistence.enabled=true \
--set master.persistence.size=10Gi \
--set master.persistence.storageClass="" \
--set commonLabels.app=redis-n8n
取得密碼(供 n8n 用)
export REDIS_PASS="changeThisStrongPwd!" # 若用上方 --set,密碼已知
# 若改為自動生成密碼,可用:
# export REDIS_PASS=$(kubectl get secret --namespace n8n redis-n8n -o jsonpath="{.data.redis-password}" | base64 -d)
2)(Optional)限制網路流量的 NetworkPolicy
僅允許 n8n namespace、label 為 app in (n8n, n8n-worker) 的 Pod 訪問 Redis
# redis-networkpolicy.yaml
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: allow-n8n-to-redis
namespace: n8n
spec:
podSelector:
matchLabels:
app.kubernetes.io/name: redis
policyTypes:
- Ingress
ingress:
- from:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: n8n
podSelector:
matchExpressions:
- key: app
operator: In
values: ["n8n", "n8n-worker"]
ports:
- protocol: TCP
port: 6379
kubectl apply -f redis-networkpolicy.yaml
# n8n-main-queue.patch.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: n8n-main
namespace: n8n
spec:
template:
spec:
containers:
- name: n8n
env:
- name: N8N_EXECUTIONS_MODE
value: "queue"
- name: EXECUTIONS_PROCESS
value: "main" # main=只接收/派工,不跑工作
- name: QUEUE_BULL_REDIS_HOST
value: "redis-n8n-master"
- name: QUEUE_BULL_REDIS_PORT
value: "6379"
- name: QUEUE_BULL_REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: redis-n8n
key: redis-password
- name: QUEUE_BULL_REDIS_DB
value: "0"
建立與 Bitnami Redis Secret 對應的本地 Secret(若前面 helm 未自動創建或你手動設定密碼)
kubectl -n n8n create secret generic redis-n8n \
--from-literal=redis-password="$REDIS_PASS" --dry-run=client -o yaml | kubectl apply -f -
kubectl -n n8n patch deploy n8n-main --type merge --patch-file n8n-main-queue.patch.yaml
# n8n-worker.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: n8n-worker
namespace: n8n
spec:
replicas: 2
selector:
matchLabels:
app: n8n-worker
template:
metadata:
labels:
app: n8n-worker
spec:
serviceAccountName: n8n-wi
containers:
- name: n8n-worker
image: n8nio/n8n:latest
imagePullPolicy: IfNotPresent
env:
- name: N8N_PORT
value: "5678"
- name: N8N_PROTOCOL
value: "http"
- name: N8N_EXECUTIONS_MODE
value: "queue"
- name: QUEUE_BULL_REDIS_HOST
value: "redis-n8n-master"
- name: QUEUE_BULL_REDIS_PORT
value: "6379"
- name: QUEUE_BULL_REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: redis-n8n
key: redis-password
- name: QUEUE_BULL_REDIS_DB
value: "0"
# DB Config 與 Main 一致(指向同一個 Cloud SQL)
- name: DB_TYPE
value: "postgresdb"
- name: DB_POSTGRESDB_HOST
value: "<CLOUD_SQL_PRIVATE_IP_OR_DNS>"
- name: DB_POSTGRESDB_PORT
value: "5432"
- name: DB_POSTGRESDB_DATABASE
value: "n8n"
- name: DB_POSTGRESDB_USER
value: "n8n"
- name: DB_POSTGRESDB_PASSWORD
valueFrom:
secretKeyRef:
name: n8n-db-secret
key: db-password
resources:
requests:
cpu: "500m"
memory: "512Mi"
limits:
cpu: "2000m"
memory: "2Gi"
kubectl apply -f n8n-worker.yaml
驗證
# 確認 Redis、Main、Worker 都健康
kubectl -n n8n get pods -w
# 看 Worker 是否在接收工作(Queue 模式)
kubectl -n n8n logs deploy/n8n-worker -f
iThome鐵人賽
看影片追技術