k8s部署kong
我们使用helm部署kong,当然首先要安装helmhelmkong验证一下可以看到kong是正常的,只是还没有配置具体的service和route,所以无法访问到什么。
·
k8s部署kong
一、安装helm
wget https://get.helm.sh/helm-v3.1.2-linux-amd64.tar.gz
tar xf helm-v3.1.2-linux-amd64.tar.gz
mv linux-amd64/ helm
cd helm/
cp -r helm /usr/local/bin/
helm version
二、使用helm安装kong
1.添加kong仓库
helm repo add kong https://charts.konghq.com
helm repo update
2.拉取kong安装包到本地
helm pull kong/kong
tar xf kong-2.16.5.tgz
cd kong/
3.修改一些参数
vim values.yaml
主要是开启admin,然后开启http访问,这样konga里面才可以连接kong进行配置
admin:
enabled: true
type: NodePort
annotations: {}
# service.beta.kubernetes.io/aws-load-balancer-proxy-protocol: "*"
labels: {}
http:
enabled: true
servicePort: 8001
containerPort: 8001
parameters: []
tls:
# Enable HTTPS listen for the admin API
enabled: false
servicePort: 8444
containerPort: 8444
4.安装
helm install kong --set ingressController.installCRDs=false -n kong .
5.查看及验证
[root@k8s-worker-01 kong]# kubectl get all -n kong
NAME READY STATUS RESTARTS AGE
pod/kong-kong-664ddb6bf5-vgjzz 2/2 Running 0 10m
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kong-kong-admin NodePort 192.168.255.26 <none> 8001:31253/TCP 10m
service/kong-kong-proxy NodePort 192.168.253.141 <none> 80:30326/TCP,443:31249/TCP 10m
service/kong-kong-validation-webhook ClusterIP 192.168.254.95 <none> 443/TCP 10m
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/kong-kong 1/1 1 1 10m
NAME DESIRED CURRENT READY AGE
replicaset.apps/kong-kong-664ddb6bf5 1 1 1 10m
[root@k8s-worker-01 kong]# curl -i 192.168.253.141
HTTP/1.1 404 Not Found
Date: Fri, 24 Feb 2023 03:43:30 GMT
Content-Type: application/json; charset=utf-8
Connection: keep-alive
Content-Length: 48
X-Kong-Response-Latency: 0
Server: kong/3.1.1
可以看到kong是正常的,只是还没有配置具体的service和route,所以无法访问到什么
6.使用konga连接
我这边是已经用docker部署好了konga,具体可参考docker部署kong+Consul
这里配置的就是上面kong-admin的端口,ip是k8s节点宿主机的内网ip
然后就可以去配置service和router了
当然也可以直接通过api来配置或者按下面的方式,使用服务发现自动配置的方式
二、小示例
1.Deploy an upstream HTTP application
要代理请求,您需要一个上游应用程序进行代理。部署此回显服务器提供了一个简单的应用程序,该应用程序返回有关它正在运行的Pod的信息
# kubectl apply -f https://bit.ly/echo-service
service/echo created
deployment.apps/echo created
网络不好可以直接使用下面的yaml文件安装
echo-service.yaml
apiVersion: v1
kind: Service
metadata:
labels:
app: echo
name: echo
spec:
ports:
- port: 8080
name: high
protocol: TCP
targetPort: 80
- port: 80
name: low
protocol: TCP
targetPort: 80
selector:
app: echo
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: echo
name: echo
spec:
replicas: 1
selector:
matchLabels:
app: echo
strategy: {}
template:
metadata:
creationTimestamp: null
labels:
app: echo
spec:
containers:
- image: cilium/echoserver:latest
name: echo
ports:
- containerPort: 8080
env:
- name: NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
resources: {}
2.Create a configuration group
入口和网关api控制器需要一个配置来指示它们应该识别哪一组路由配置。这允许多个控制器共存于同一个集群中。在创建单个路由之前,需要创建路由关联的类配置
Kubernetes Ingress Controller的官方发行版本默认带有一个kong IngressClass。如果kubectl get ingressclass kong没有返回not found错误,可以跳过该命令。
所以我们先看下有没有这个IngressClass,有的话就不用创建IngressClass
# kubectl get ingressclass kong
NAME CONTROLLER PARAMETERS AGE
kong ingress-controllers.konghq.com/kong <none> 145m
没有就执行如下
echo "
apiVersion: networking.k8s.io/v1
kind: IngressClass
metadata:
name: kong
spec:
controller: ingress-controllers.konghq.com/kong
" | kubectl apply -f -
Kubernetes Ingress Controller默认识别kong IngressClass和konghq.com/kic-gateway-Controller GatewayClass。将CONTROLLER_INGRESS_CLASS或CONTROLLER_GATEWAY_API_CONTROLLER_NAME环境变量设置为其他值将覆盖这些默认值。
3.Add routing configuration
Create routing configuration to proxy /echo requests to the echo server:
echo "
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: echo
annotations:
konghq.com/strip-path: 'true'
spec:
ingressClassName: kong
rules:
- host: kong.example
http:
paths:
- path: /echo
pathType: ImplementationSpecific
backend:
service:
name: echo
port:
number: 80
" | kubectl apply -f -
Test the routing rule:
curl -i http://kong.example/echo --resolve kong.example:80:$PROXY_IP
$PROXY_IP就是service资源的cluster-ip
# kubectl get svc -n kong
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kong-1673924663-kong-proxy LoadBalancer 10.244.148.139 <pending> 80:30848/TCP,443:32514/TCP 150m
也就是
# curl -i http://kong.example/echo --resolve kong.example:80:10.244.148.139
HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Tue, 17 Jan 2023 05:35:45 GMT
Server: echoserver
X-Kong-Upstream-Latency: 0
X-Kong-Proxy-Latency: 1
Via: kong/3.1.1
Hostname: echo-6684cf44d9-ns45n
Pod Information:
node name: k8s-master03
pod name: echo-6684cf44d9-ns45n
pod namespace: default
pod IP: 172.18.195.7
Server values:
server_version=nginx: 1.13.3 - lua: 10008
Request Information:
client_address=::ffff:172.25.92.74
method=GET
real path=/
query=
request_version=1.1
request_scheme=http
request_uri=http://kong.example:80/
Request Headers:
accept=*/*
connection=keep-alive
host=kong.example
user-agent=curl/7.29.0
x-forwarded-for=172.25.244.192
x-forwarded-host=kong.example
x-forwarded-path=/echo
x-forwarded-port=80
x-forwarded-prefix=/echo
x-forwarded-proto=http
x-real-ip=172.25.244.192
Request Body:
-no body in request-
后续再添加其他服务按小示例的流程来即可,另外文章基本是照着官方文档写的,详细可看官方文档 kong官方文档
K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容
更多推荐
0
0- 0
已为社区贡献27条内容
所有评论(0)