🎯 OpenClaw 项目概述
OpenClaw 是基于 Rust 语言构建的异步高性能 Web 框架,专为云原生环境设计。核心特性:
⚡ 极致性能
基于 tokio 异步运行时,零成本抽象,内存安全无GC。单机可承载10万+并发连接。
🔒 企业级安全
内置SQL注入防护、XSS过滤、CSRF令牌、速率限制,满足OWASP Top 10标准。
☁️ 云原生就绪
原生支持Prometheus metrics、健康检查、分布式追踪,适配K8s、EC2、Lighthouse。
📋 环境与依赖要求
系统要求
- Linux (Ubuntu 20.04+/Debian 11+/CentOS 8+)
- macOS 12+ (Intel/Apple Silicon)
- Windows 10+ (WSL2 推荐)
- 2GB+ RAM, 10GB+ 磁盘
工具链安装
# 安装 Rust 工具链 curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y source $HOME/.cargo/env rustup default stable # 安装系统依赖 (Ubuntu/Debian) sudo apt-get update sudo apt-get install -y build-essential pkg-config libssl-dev git # 安装 Docker (可选) curl -fsSL https://get.docker.com | sudo sh sudo usermod -aG docker $USER
💡 版本要求: Rust 1.70+,PostgreSQL 12+,Redis 6+,Docker 20.10+
💻 本地开发环境部署
1 获取源码
git clone https://github.com/openclaw/openclaw.git cd openclaw git checkout v1.2.0
2 配置环境变量
复制环境变量模板:
cp .env.example .env
编辑 .env 核心配置:
# 应用配置 APP_NAME=openclaw APP_ENV=development APP_HOST=0.0.0.0 APP_PORT=8080 # PostgreSQL 数据库 DATABASE_URL=postgres://openclaw:password@localhost:5432/openclaw # Redis 缓存 REDIS_URL=redis://localhost:6379 # JWT 认证密钥 JWT_SECRET="$(openssl rand -base64 32)"
3 数据库迁移
# 安装 SQLx CLI cargo install sqlx-cli --no-default-features --features native-tls,postgres # 创建并迁移数据库 sqlx database create sqlx migrate run
4 编译运行
# 开发模式(热重载) cargo install cargo-watch cargo watch -x run # 生产编译 cargo build --release ./target/release/openclaw
✅ 验证部署: 访问
http://localhost:8080/health 应返回 {"status":"healthy"}
🐳 Docker 容器化部署
多阶段构建 Dockerfile
# 构建阶段 FROM rust:1.70-slim-bullseye AS builder WORKDIR /app COPY . . RUN apt-get update && apt-get install -y pkg-config libssl-dev RUN cargo build --release # 运行阶段 FROM debian:bullseye-slim RUN apt-get update && apt-get install -y ca-certificates libssl1.1 && rm -rf /var/lib/apt/lists/* COPY --from=builder /app/target/release/openclaw /usr/local/bin/ ENV APP_ENV=production EXPOSE 8080 CMD ["openclaw"]
Docker Compose 全栈部署
# docker-compose.yml version: '3.8' services: postgres: image: postgres:15-alpine environment: POSTGRES_DB: openclaw POSTGRES_USER: openclaw POSTGRES_PASSWORD: ${DB_PASSWORD} volumes: - postgres_data:/var/lib/postgresql/data healthcheck: test: ["CMD-SHELL", "pg_isready -U openclaw"] redis: image: redis:7-alpine volumes: - redis_data:/data openclaw: build: . ports: - "8080:8080" environment: DATABASE_URL: postgres://openclaw:${DB_PASSWORD}@postgres:5432/openclaw REDIS_URL: redis://redis:6379 JWT_SECRET: ${JWT_SECRET} depends_on: postgres: condition: service_healthy redis: condition: service_started volumes: postgres_data: redis_data:
# 启动服务 docker-compose up -d # 查看日志 docker-compose logs -f openclaw
☸️ Kubernetes 生产部署
部署清单 (Deployment + Service + Ingress)
# openclaw-k8s.yaml apiVersion: apps/v1 kind: Deployment metadata: name: openclaw namespace: default spec: replicas: 3 selector: matchLabels: app: openclaw template: metadata: labels: app: openclaw spec: containers: - name: openclaw image: openclaw/openclaw:1.2.0 ports: - containerPort: 8080 env: - name: DATABASE_URL valueFrom: secretKeyRef: name: openclaw-secret key: database-url resources: requests: memory: "256Mi" cpu: "250m" limits: memory: "512Mi" cpu: "500m" livenessProbe: httpGet: path: /health port: 8080 initialDelaySeconds: 30 periodSeconds: 10 --- apiVersion: v1 kind: Service metadata: name: openclaw-service spec: selector: app: openclaw ports: - port: 80 targetPort: 8080 type: LoadBalancer
# 创建密钥 kubectl create secret generic openclaw-secret \ --from-literal=database-url=postgres://user:pass@postgres:5432/openclaw # 部署 kubectl apply -f openclaw-k8s.yaml # 滚动更新 kubectl set image deployment/openclaw openclaw=openclaw/openclaw:1.2.1
☁️ 云平台一键部署
🚀 腾讯云 Lighthouse
官方镜像市场一键部署,预装PostgreSQL/Redis,自动配置HTTPS,3分钟上线。
⚡ AWS ECS
Fargate无服务器容器,自动扩缩容,与CloudWatch深度集成。
🔷 Google Cloud Run
基于Knative的Serverless容器,按请求计费,全球多区域部署。
📘 Azure AKS
托管Kubernetes,集成Azure Monitor和Entra ID认证。
📊 监控与运维配置
Prometheus 指标集成
use prometheus::{Encoder, TextEncoder, register_counter, Counter}; use lazy_static::lazy_static; lazy_static! { static ref HTTP_REQUESTS: Counter = register_counter!( "http_requests_total", "Total number of HTTP requests" ).unwrap(); } async fn metrics_handler() -> impl Responder { let encoder = TextEncoder::new(); let mut buffer = vec![]; encoder.encode(&prometheus::gather(), &mut buffer).unwrap(); HttpResponse::Ok() .content_type("text/plain; version=0.0.4") .body(buffer) }
健康检查端点
| 端点 | 预期响应 | 用途 |
|---|---|---|
/health | 200 + {"status":"healthy"} | K8s livenessProbe |
/ready | 200 + {"ready":true} | K8s readinessProbe |
/metrics | 200 + Prometheus格式 | 监控采集 |
/version | 200 + {"version":"1.2.0"} | 版本管理 |
🔧 常见故障排除
❌ 数据库连接池耗尽
现象: 日志中出现 pool timed out while waiting for connection
解决方案:
# 增加连接池大小 DATABASE_POOL_SIZE=30 DATABASE_TIMEOUT=30 # 启用连接重用 DATABASE_CONNECTIONS_MAX_LIFETIME="1800s"
❌ 内存持续增长
现象: RSS内存随请求量线性增加,不释放
解决方案:
# 启用jemalloc内存分配器 [dependencies] tikv-jemallocator = "0.5" #[global_allocator] static GLOBAL: tikv_jemallocator::Jemalloc = tikv_jemallocator::Jemalloc;
❌ 容器启动失败
现象: Docker容器退出代码 132/139
解决方案: 编译时指定CPU架构
RUSTFLAGS="-C target-cpu=x86-64-v2" cargo build --release
📋 调试命令速查
RUST_LOG=debug ./openclaw- 启用调试日志curl localhost:8080/health- 健康检查top -p $(pgrep openclaw)- 实时资源监控lsof -i:8080- 端口占用检查