k8s部署kong(第二版)
我的是基于腾讯云的storageclass存储来做的,当然你也可以直接创建hostpath类型的pv和pvc。
·
k8s部署kong
注意:
写在前面: 我的是基于腾讯云的storageclass存储来做的,当然你也可以直接创建hostpath类型的pv和pvc
kong官方文档中的部署方案因为某种奇葩的原因,不能对helm文件中的镜像拉取,所以我这里对kong的docker镜像部署。
首先要搭建postgresql
可以选择集群外搭建,也可以集群内搭建。
参考dockerhub上的postgres镜像文档搭建:Docker Hub
$ docker run -d \
--name some-postgres \
-e POSTGRES_PASSWORD=mysecretpassword \
-e PGDATA=/var/lib/postgresql/data/pgdata \
-v /custom/mount:/var/lib/postgresql/data \
postgres
编写postgresql-statefulset.yaml文件:
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: postgresql
namespace: dev
spec:
replicas: 1
selector:
matchLabels:
app: postgresql
serviceName: "postgresql-svc"
template:
metadata:
labels:
app: postgresql
spec:
containers:
- name: postgresql
image: postgres:9.6
imagePullPolicy: IfNotPresent
env:
- name: POSTGRES_PASSWORD
value: "mypasswd"
- name: PGDATA
value: "/var/lib/postgresql/data/pgdata"
ports:
- containerPort: 5432
protocol: TCP
name: postgresql-port
volumeMounts:
- name: postgresql-data
mountPath: /var/lib/postgresql/data
volumeClaimTemplates: # 自动创建pvc,进而自动创建pv
- metadata:
name: postgresql-data
spec:
accessModes: [ "ReadWriteOnce" ]
storageClassName: cbs-test
volumeMode: Filesystem
resources:
requests:
storage: 10Gi
注意: 这里在创建之前需要先去创建对应的存储,我这里是用的腾讯云的storageclass
创建
kubectl create -f postgresql-statefulset.yaml -n dev
编写 postgresql-service.yaml文件
---
apiVersion: v1
kind: Service
metadata:
name: postgresql-svc
namespace: dev
labels:
app: postgresql-svc
spec:
ports:
- name: postgresql-port
port: 5432
protocol: TCP
selector:
app: postgresql
创建
kubectl create -f postgresql-service.yaml -n dev
在postgres中创建kong数据库
kubectl exec -it -n dev postgresql-0 -- bash
su postgres
psql
create user kong;
create database kong owner kong;
alter user kong with encrypted password 'kongpasswd';
grant all privileges on database kong to kong;
\q
exit
对PGSQL数据库初始化
在可运行docker的机器上连接pgsql:
这台机器要和k8s集群中的pod能通信
官方命令参考:Docker Hub
$ docker run --rm \
--link kong-database:kong-database \
-e "KONG_DATABASE=postgres" \
-e "KONG_PG_HOST=kong-database" \
-e "KONG_CASSANDRA_CONTACT_POINTS=kong-database" \
kong kong migrations bootstrap
对其修改:
docker run -it --rm -e "KONG_DATABASE=postgres" -e "KONG_PG_HOST=192.168.0.147" -e "KONG_PG_PORT=5432" -e "KONG_PG_USER=kong" -e "KONG_PG_PASSWORD=kongpasswd" -e "KONG_PG_DATABASE=kong" -e "KONG_CASSANDRA_CONTACT_POINTS=kong" kong:2.8.3 kong migrations bootstrap
#脚本跑完容器就关闭了
部署kong
官方启动docker容器的命令:
$ docker run -d --name kong \
--link kong-database:kong-database \
-e "KONG_DATABASE=postgres" \
-e "KONG_PG_HOST=kong-database" \
-e "KONG_CASSANDRA_CONTACT_POINTS=kong-database" \
-e "KONG_PROXY_ACCESS_LOG=/dev/stdout" \
-e "KONG_ADMIN_ACCESS_LOG=/dev/stdout" \
-e "KONG_PROXY_ERROR_LOG=/dev/stderr" \
-e "KONG_ADMIN_ERROR_LOG=/dev/stderr" \
-e "KONG_ADMIN_LISTEN=0.0.0.0:8001, 0.0.0.0:8444 ssl" \
-p 8000:8000 \
-p 8443:8443 \
-p 8001:8001 \
-p 8444:8444 \
kong
对其修改,编写kong-statefulset.yaml文件:
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: kong
namespace: dev
spec:
replicas: 1
selector:
matchLabels:
app: kong
serviceName: "kong-svc"
template:
metadata:
labels:
app: kong
spec:
containers:
- name: kong
image: kong:2.8.3
imagePullPolicy: IfNotPresent
env:
- name: KONG_PG_USER
value: "kong"
- name: KONG_PG_PASSWORD
value: "kongpasswd"
- name: KONG_PG_HOST
value: "postgresql-svc.dev.svc.cluster.local"
- name: KONG_PG_DATABASE
value: "kong"
- name: KONG_DATABASE
value: "postgres"
- name: KONG_PG_PORT
value: "5432"
- name: KONG_ADMIN_LISTEN
value: "0.0.0.0:8001, 0.0.0.0:8444 ssl"
- name: KONG_PROXY_ERROR_LOG
value: "/dev/stderr"
- name: KONG_PROXY_ACCESS_LOG
value: "/dev/stdout"
- name: KONG_ADMIN_ERROR_LOG
value: "/dev/stderr"
- name: KONG_ADMIN_ACCESS_LOG
value: "/dev/stdout"
- name: KONG_PROXY_LISTEN
value: "0.0.0.0:8000, 0.0.0.0:9080 http2, 0.0.0.0:9081 http2 ssl"
ports:
- containerPort: 8000
protocol: TCP
name: kong-proxy
- containerPort: 8001
hostPort: 8001
protocol: TCP
name: kong-admin
- containerPort: 8443
protocol: TCP
name: kong-proxy-ssl
- containerPort: 8444
protocol: TCP
name: kong-admin-ssl
- containerPort: 9080
protocol: TCP
name: kong-grpc
#因为要用到自定插件和设置,所以我挂载了nfs。对容器路径进行映射。
volumeMounts:
- name: kong-plugin
readOnly: false
mountPath: /usr/local/share/lua/5.1/kong/plugins/cas
- name: kong-conf
readOnly: false
mountPath: /etc/kong
volumeClaimTemplates: # 自动创建pvc,进而自动创建pv
- metadata:
name: kong-plugin
spec:
accessModes: [ "ReadWriteOnce" ]
storageClassName: cbs-test
volumeMode: Filesystem
resources:
requests:
storage: 10Gi
- metadata:
name: kong-conf
spec:
accessModes: [ "ReadWriteOnce" ]
storageClassName: cbs-test
volumeMode: Filesystem
resources:
requests:
storage: 10Gi
创建
kubectl create -f kong-statefulset.yaml -n dev
编写kong-service.yaml 文件
---
apiVersion: v1
kind: Service
metadata:
name: kong-svc
namespace: dev
labels:
app: kong-svc
spec:
ports:
- name: kong-port
port: 8000
protocol: TCP
- name: kong-admin-port
port: 8001
protocol: TCP
- name: kong-grpc
port: 9080
protocol: TCP
selector:
app: kong
type: NodePort
创建
kubectl create -f kong-service.yaml -n dev
同样对这个yml文件进行部署。如果konga在外部的话开放8001的hostport。
初始化konga数据:
kubectl exec -it -n dev postgresql-0 -- bash
su postgres
psql
create user konga;
create database konga owner konga;
alter user konga with encrypted password 'kongapassword';
grant all privileges on database kong to konga;
\q
exit
初始化数据结构语句
docker run --rm pantsel/konga:latest -c prepare -a postgres -u postgresql://konga:kongapassword@192.168.0.147:5432/konga
部署konga
官方启动docker命令:Docker Hub
$ docker run -p 1337:1337
--network {{kong-network}} \ // optional
-e "TOKEN_SECRET={{somerandomstring}}" \
-e "DB_ADAPTER=the-name-of-the-adapter" \ // 'mongo','postgres','sqlserver' or 'mysql'
-e "DB_HOST=your-db-hostname" \
-e "DB_PORT=your-db-port" \ // Defaults to the default db port
-e "DB_USER=your-db-user" \ // Omit if not relevant
-e "DB_PASSWORD=your-db-password" \ // Omit if not relevant
-e "DB_DATABASE=your-db-name" \ // Defaults to 'konga_database'
-e "DB_PG_SCHEMA=my-schema"\ // Optionally define a schema when integrating with prostgres
-e "NODE_ENV=production" \ // or 'development' | defaults to 'development'
--name konga \
pantsel/konga
对其修改,编写konga-deploy.yaml文件
apiVersion: apps/v1
kind: Deployment
metadata:
name: konga
namespace: dev
spec:
replicas: 1
selector:
matchLabels:
app: konga
template:
metadata:
labels:
app: konga
spec:
containers:
- name: konga
image: pantsel/konga:latest
imagePullPolicy: IfNotPresent
env:
- name: DB_ADAPTER
value: "postgres"
- name: DB_DATABASE
value: "konga"
- name: DB_HOST
value: "postgresql-svc.dev.svc.cluster.local"
- name: DB_PASSWORD
value: "kongapassword"
- name: DB_PORT
value: "5432"
- name: DB_USER
value: "konga"
- name: KONGA_LOG_LEVEL
value: "debug"
- name: NODE_ENV
value: "production"
ports:
- containerPort: 1337
protocol: TCP
name: konga
创建
kubectl create -f konga-deploy.yaml -n dev
编写konga-service.yaml文件
---
apiVersion: v1
kind: Service
metadata:
name: konga-svc
namespace: dev
labels:
app: konga-svc
spec:
ports:
- name: konga-port
port: 1337
protocol: TCP
selector:
app: konga
type: NodePort
创建
kubectl create -f konga-service.yaml -n dev
然后就可以浏览器访问了,端口为1337,第一次访问的时候会要求输入账号密码
具体配置service和router再补
K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容
更多推荐
0
0- 0
已为社区贡献27条内容
所有评论(0)