miaodi
发布于 2023-03-10 / 288 阅读
0

k8s部署kong及konga

1. kong部署

前置环境

# 进入postgres创建一个新的库
[root@k8s-n1 ~]# kl exec -it pgsql-kong-0 -n kong -- psql --host pgsql-kong-svc -U postgres  -p 5432
# 部署数据库时,values文件中自定义的 postgresPassword 就是管理员密码
Password for user postgres:
psql (9.6.24)
Type "help" for help.
​
postgres=# CREATE USER kong WITH PASSWORD 'kong';
CREATE ROLE
postgres=# CREATE DATABASE kong OWNER kong ENCODING UTF8;
CREATE DATABASE
postgres=# GRANT ALL PRIVILEGES ON DATABASE kong TO kong;
GRANT
postgres=# \q
​
​
​
# 添加kong 仓库
$ helm repo add kong https://charts.konghq.com
$ helm repo update
​
# 获取kong配置文件
$ helm show values kong/kong > kong.values.yaml
​
# 或者直接创建一个kong.values.yaml
# env下的配置参考 https://github.com/Kong/kong/blob/master/kong.conf.default
env:
  database: "postgres"
  #服务的内部域名: <service>.<namespace>.svc.cluster.local
  pg_host: "pgsql-kong-svc.kong.svc.cluster.local"
  pg_port: 5432
  pg_user: kong
  pg_password: kong
​
admin:
  enabled: true
  type: ClusterIP
  http:
    enabled: true
​
ingressController:
  installCRDs: false
​
​
$ helm upgrade -i kong kong/kong -n kong --values kong.values.yaml --version 2.16.4
NAME: kong
LAST DEPLOYED: Tue Feb 14 02:43:43 2023
NAMESPACE: kong
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
To connect to Kong, please execute the following commands:
​
HOST=$(kubectl get svc --namespace kong kong-kong-proxy -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
PORT=$(kubectl get svc --namespace kong kong-kong-proxy -o jsonpath='{.spec.ports[0].port}')
export PROXY_IP=${HOST}:${PORT}
curl $PROXY_IP
​
Once installed, please follow along the getting started guide to start using
Kong: https://docs.konghq.com/kubernetes-ingress-controller/latest/guides/getting-started/
​
​
[root@k8s-n1 ~]# kl get svc -n kong
NAME                           TYPE           CLUSTER-IP       EXTERNAL-IP   PORT(S)                         AGE
kong-kong-admin                NodePort       10.106.199.140   <none>        8001:30367/TCP,8444:32699/TCP   3m47s
kong-kong-proxy                LoadBalancer   10.102.203.195   <pending>     80:31088/TCP,443:30132/TCP      3m47s
kong-kong-validation-webhook   ClusterIP      10.100.207.54    <none>        443/TCP                         3m47s
pgsql-kong-postgresql          ClusterIP      10.103.200.198   <none>        5432/TCP                        26m
pgsql-kong-postgresql-hl       ClusterIP      None             <none>        5432/TCP                        26m
​
# 根据80:31088/TCP,443:30132/TCP, 浏览器访问 http://节点ip:31088 或者 https://节点ip:30132 
返回
{
"message": "no Route matched with those values"
}
证明kong已经生效了

2. konga部署

# 进入postgres创建一个新的库
[root@k8s-n1 ~]# kl exec -it pgsql-kong-0 -n kong -- psql --host pgsql-kong-svc -U postgres  -p 5432
# 部署数据库时,values文件中自定义的 postgresPassword 就是管理员密码
Password for user postgres:
psql (9.6.24)
Type "help" for help.
​
postgres=# CREATE USER konga WITH PASSWORD 'konga';
CREATE ROLE
postgres=# CREATE DATABASE konga OWNER konga ENCODING UTF8;
CREATE DATABASE
postgres=# GRANT ALL PRIVILEGES ON DATABASE konga TO konga;
GRANT
postgres=# \q
​

创建 konga.yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  name: konga
  namespace: kong
spec:
  replicas: 1
  selector:
    matchLabels:
      app: konga
  template:
    metadata:
      labels:
        app: konga
    spec:
      containers:
      - name: konga
        image: pantsel/konga:0.14.9
        imagePullPolicy: IfNotPresent
        env:
        - name: DB_ADAPTER
          value: "postgres"
        - name: DB_URI
          value: "postgresql://konga:konga@pgsql-kong-svc.kong.svc.cluster.local:5432/konga"
        - name: NODE_ENV
          # https://github.com/pantsel/konga/issues/40
          # 第一次运行的时候需要设置为development,才会自动创建表结构。
          # 第一运行后再改成production,防止之后对表结构进行了更新 。
          value: "development"
        ports:
        - containerPort: 1337
          protocol: TCP
          name: konga
---
apiVersion: v1
kind: Service
metadata:
  name: konga-svc
  namespace: kong
  labels:
    app: konga-svc
spec:
  ports:
  - name: konga-port
    port: 1337
    targetPort: 1337
    protocol: TCP
  selector:
    app: konga
  type: ClusterIP
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  annotations:
    kubernetes.io/ingress.class: kong
    konghq.com/protocols: "http"
  name: konga
  namespace: kong
spec:
  rules:
  - host: konga.u9o.cc
    http:
      paths:
      - backend:
          service:
            name: konga
            port:
              number: 1337
        path: /
        pathType: Prefix

# 部署konga
[root@k8s-n1 ~]# kl apply -f konga.yaml
deployment.apps/konga created
service/konga-svc created
​
# 查看 konga的svc,这里可以看到是映射到宿主机的31329端口
[root@k8s-n1 ~]# kl get svc -n kong | grep konga
konga-svc                      NodePort       10.102.197.17   <none>        1337:31329/TCP                  13m
# 查看konga部署到的机器,这里可以看到是n3节点,我的n3节点的ip是10.8.8.33,所以konga的web界面就是10.8.8.33:31329
[root@k8s-n1 ~]# kl get pods -n kong -o wide | grep konga
konga-74d89bbd4b-8l82l            1/1     Running     0             8m34s   192.168.57.220    k8s-n3   <none>           <none>
​

访问konga 10.8.8.33:31329

创建用户后进入,新建连接 :

http://kong-kong-admin.kong.svc.cluster.local:8001