1. kong部署
前置环境
k8s集群
helm3
# 进入postgres创建一个新的库
[root@k8s-n1 ~]# kl exec -it pgsql-kong-0 -n kong -- psql --host pgsql-kong-svc -U postgres -p 5432
# 部署数据库时,values文件中自定义的 postgresPassword 就是管理员密码
Password for user postgres:
psql (9.6.24)
Type "help" for help.
postgres=# CREATE USER kong WITH PASSWORD 'kong';
CREATE ROLE
postgres=# CREATE DATABASE kong OWNER kong ENCODING UTF8;
CREATE DATABASE
postgres=# GRANT ALL PRIVILEGES ON DATABASE kong TO kong;
GRANT
postgres=# \q
# 添加kong 仓库
$ helm repo add kong https://charts.konghq.com
$ helm repo update
# 获取kong配置文件
$ helm show values kong/kong > kong.values.yaml
# 或者直接创建一个kong.values.yaml
# env下的配置参考 https://github.com/Kong/kong/blob/master/kong.conf.default
env:
database: "postgres"
#服务的内部域名: <service>.<namespace>.svc.cluster.local
pg_host: "pgsql-kong-svc.kong.svc.cluster.local"
pg_port: 5432
pg_user: kong
pg_password: kong
admin:
enabled: true
type: ClusterIP
http:
enabled: true
ingressController:
installCRDs: false
$ helm upgrade -i kong kong/kong -n kong --values kong.values.yaml --version 2.16.4
NAME: kong
LAST DEPLOYED: Tue Feb 14 02:43:43 2023
NAMESPACE: kong
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
To connect to Kong, please execute the following commands:
HOST=$(kubectl get svc --namespace kong kong-kong-proxy -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
PORT=$(kubectl get svc --namespace kong kong-kong-proxy -o jsonpath='{.spec.ports[0].port}')
export PROXY_IP=${HOST}:${PORT}
curl $PROXY_IP
Once installed, please follow along the getting started guide to start using
Kong: https://docs.konghq.com/kubernetes-ingress-controller/latest/guides/getting-started/
[root@k8s-n1 ~]# kl get svc -n kong
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kong-kong-admin NodePort 10.106.199.140 <none> 8001:30367/TCP,8444:32699/TCP 3m47s
kong-kong-proxy LoadBalancer 10.102.203.195 <pending> 80:31088/TCP,443:30132/TCP 3m47s
kong-kong-validation-webhook ClusterIP 10.100.207.54 <none> 443/TCP 3m47s
pgsql-kong-postgresql ClusterIP 10.103.200.198 <none> 5432/TCP 26m
pgsql-kong-postgresql-hl ClusterIP None <none> 5432/TCP 26m
# 根据80:31088/TCP,443:30132/TCP, 浏览器访问 http://节点ip:31088 或者 https://节点ip:30132
返回
{
"message": "no Route matched with those values"
}
证明kong已经生效了
2. konga部署
# 进入postgres创建一个新的库
[root@k8s-n1 ~]# kl exec -it pgsql-kong-0 -n kong -- psql --host pgsql-kong-svc -U postgres -p 5432
# 部署数据库时,values文件中自定义的 postgresPassword 就是管理员密码
Password for user postgres:
psql (9.6.24)
Type "help" for help.
postgres=# CREATE USER konga WITH PASSWORD 'konga';
CREATE ROLE
postgres=# CREATE DATABASE konga OWNER konga ENCODING UTF8;
CREATE DATABASE
postgres=# GRANT ALL PRIVILEGES ON DATABASE konga TO konga;
GRANT
postgres=# \q
创建 konga.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: konga
namespace: kong
spec:
replicas: 1
selector:
matchLabels:
app: konga
template:
metadata:
labels:
app: konga
spec:
containers:
- name: konga
image: pantsel/konga:0.14.9
imagePullPolicy: IfNotPresent
env:
- name: DB_ADAPTER
value: "postgres"
- name: DB_URI
value: "postgresql://konga:konga@pgsql-kong-svc.kong.svc.cluster.local:5432/konga"
- name: NODE_ENV
# https://github.com/pantsel/konga/issues/40
# 第一次运行的时候需要设置为development,才会自动创建表结构。
# 第一运行后再改成production,防止之后对表结构进行了更新 。
value: "development"
ports:
- containerPort: 1337
protocol: TCP
name: konga
---
apiVersion: v1
kind: Service
metadata:
name: konga-svc
namespace: kong
labels:
app: konga-svc
spec:
ports:
- name: konga-port
port: 1337
targetPort: 1337
protocol: TCP
selector:
app: konga
type: ClusterIP
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
kubernetes.io/ingress.class: kong
konghq.com/protocols: "http"
name: konga
namespace: kong
spec:
rules:
- host: konga.u9o.cc
http:
paths:
- backend:
service:
name: konga
port:
number: 1337
path: /
pathType: Prefix
# 部署konga
[root@k8s-n1 ~]# kl apply -f konga.yaml
deployment.apps/konga created
service/konga-svc created
# 查看 konga的svc,这里可以看到是映射到宿主机的31329端口
[root@k8s-n1 ~]# kl get svc -n kong | grep konga
konga-svc NodePort 10.102.197.17 <none> 1337:31329/TCP 13m
# 查看konga部署到的机器,这里可以看到是n3节点,我的n3节点的ip是10.8.8.33,所以konga的web界面就是10.8.8.33:31329
[root@k8s-n1 ~]# kl get pods -n kong -o wide | grep konga
konga-74d89bbd4b-8l82l 1/1 Running 0 8m34s 192.168.57.220 k8s-n3 <none> <none>
访问konga 10.8.8.33:31329
创建用户后进入,新建连接 :