kong官方文档中的部署方案因为某种奇葩的原因,不能对helm文件中的镜像拉取,所以我这里对kong的docker镜像部署。
首先要搭建postgresql
可以选择集群外搭建,也可以集群内搭建。
参考dockerhub上的postgres镜像文档搭建:Docker Hub
$ docker run -d \
--name some-postgres \
-e POSTGRES_PASSWORD=mysecretpassword \
-e PGDATA=/var/lib/postgresql/data/pgdata \
-v /custom/mount:/var/lib/postgresql/data \
postgres编写k8s-yml文件:
apiVersion: apps/v1
kind: Deployment
metadata:
name: postgresql
namespace: basic
spec:
replicas: 1
selector:
matchLabels:
app: postgresql
template:
metadata:
labels:
app: postgresql
spec:
containers:
- name: postgresql
image: postgres:9.6
imagePullPolicy: IfNotPresent
env:
- name: POSTGRES_PASSWORD
value: "mypasswd"
- name: PGDATA
value: "/var/lib/postgresql/data"
ports:
- containerPort: 5432
protocol: TCP
name: postgresql-port
#数据挂载在另一台NFS服务器
volumeMounts:
- name: postgresql-data
readOnly: false
mountPath: /var/lib/postgresql/data
volumes:
- name: postgresql-data
nfs:
path: /data/postgresql/data
server: 192.168.1.200
#服务端口可以对外暴露节点Nodeport根据需求添加
---
apiVersion: v1
kind: Service
metadata:
name: postgresql-svc
namespace: basic
labels:
app: postgresql-svc
spec:
ports:
- name: postgresql-port
port: 5432
protocol: TCP
selector:
app: postgresql部署命令#kubectl apply -f postgresql.yml
在postgres中创建kong数据库
su postgres
psql
create user kong;
create database kong owner kong;
alter user kong with encrypted password 'kongpasswd';
grant all privileges on database kong to kong;对PGSQL数据库初始化
在可运行docker的机器上连接pgsql:
官方命令参考:Docker Hub
$ docker run --rm \
--link kong-database:kong-database \
-e "KONG_DATABASE=postgres" \
-e "KONG_PG_HOST=kong-database" \
-e "KONG_CASSANDRA_CONTACT_POINTS=kong-database" \
kong kong migrations bootstrap对其修改:
docker run -it --rm -e "KONG_DATABASE=postgres" -e "KONG_PG_HOST=192.168.1.36" -e "KONG_PG_PORT=5432" -e "KONG_PG_USER=kong" -e "KONG_PG_PASSWORD=kongpasswd" -e "KONG_PG_DATABASE=kong" -e "KONG_CASSANDRA_CONTACT_POINTS=kong" kong:latest kong migrations bootstrap
#脚本跑完容器就关闭了部署kong
官方启动docker容器的命令:
$ docker run -d --name kong \
--link kong-database:kong-database \
-e "KONG_DATABASE=postgres" \
-e "KONG_PG_HOST=kong-database" \
-e "KONG_CASSANDRA_CONTACT_POINTS=kong-database" \
-e "KONG_PROXY_ACCESS_LOG=/dev/stdout" \
-e "KONG_ADMIN_ACCESS_LOG=/dev/stdout" \
-e "KONG_PROXY_ERROR_LOG=/dev/stderr" \
-e "KONG_ADMIN_ERROR_LOG=/dev/stderr" \
-e "KONG_ADMIN_LISTEN=0.0.0.0:8001, 0.0.0.0:8444 ssl" \
-p 8000:8000 \
-p 8443:8443 \
-p 8001:8001 \
-p 8444:8444 \
kong对其修改,编写k8s.yml文件:
#kong.yml文件
apiVersion: apps/v1
kind: Deployment
metadata:
name: kong
namespace: basic
spec:
replicas: 1
selector:
matchLabels:
app: kong
template:
metadata:
labels:
app: kong
spec:
containers:
- name: kong
image: kong:2.3.0
imagePullPolicy: IfNotPresent
env:
- name: KONG_PG_USER
value: "kong"
- name: KONG_PG_PASSWORD
value: "kongpassword"
- name: KONG_PG_HOST
value: "postgresql-svc.basic.svc.cluster.local"
- name: KONG_PG_DATABASE
value: "kong"
- name: KONG_DATABASE
value: "postgres"
- name: KONG_PG_PORT
value: "5432"
- name: KONG_ADMIN_LISTEN
value: "0.0.0.0:8001, 0.0.0.0:8444 ssl"
- name: KONG_PROXY_ERROR_LOG
value: "/dev/stderr"
- name: KONG_PROXY_ACCESS_LOG
value: "/dev/stdout"
- name: KONG_ADMIN_ERROR_LOG
value: "/dev/stderr"
- name: KONG_ADMIN_ACCESS_LOG
value: "/dev/stdout"
ports:
- containerPort: 8000
protocol: TCP
name: kong-proxy
- containerPort: 8001
hostPort: 8001
protocol: TCP
name: kong-admin
- containerPort: 8443
protocol: TCP
name: kong-proxy-ssl
- containerPort: 8444
protocol: TCP
name: kong-admin-ssl
#因为要用到自定插件和设置,所以我挂载了nfs。对容器路径进行映射。
volumeMounts:
- name: kong-plugin
readOnly: false
mountPath: /usr/local/share/lua/5.1/kong/plugins/cas
- name: kong-conf
readOnly: false
mountPath: /etc/kong
volumes:
- name: kong-plugin
nfs:
path: /data/configure/kong-plugin/cas
server: 192.168.1.200
- name: kong-conf
nfs:
path: /data/configure/kong-conf
server: 192.168.1.200
---
apiVersion: v1
kind: Service
metadata:
name: kong-svc
namespace: basic
labels:
app: kong-svc
spec:
ports:
- name: kong-port
port: 8000
protocol: TCP
- name: kong-admin-port
port: 8001
protocol: TCP
selector:
app: kong同样对这个yml文件进行部署。如果konga在外部的话开放8001的hostport。
初始化konga数据:
#同样在postgres中创建konga数据库
su postgres
psql
create user konga;
create database konga owner konga;
alter user konga with encrypted password 'kongapassword';
grant all privileges on database kong to konga;
#初始化数据结构语句
docker run --rm pantsel/konga:latest -c prepare -a postgres -u postgresql://konga:kongapassword@192.168.1.36:5432/konga
部署konga
官方启动docker命令:Docker Hub
$ docker run -p 1337:1337
--network {{kong-network}} \ // optional
-e "TOKEN_SECRET={{somerandomstring}}" \
-e "DB_ADAPTER=the-name-of-the-adapter" \ // 'mongo','postgres','sqlserver' or 'mysql'
-e "DB_HOST=your-db-hostname" \
-e "DB_PORT=your-db-port" \ // Defaults to the default db port
-e "DB_USER=your-db-user" \ // Omit if not relevant
-e "DB_PASSWORD=your-db-password" \ // Omit if not relevant
-e "DB_DATABASE=your-db-name" \ // Defaults to 'konga_database'
-e "DB_PG_SCHEMA=my-schema"\ // Optionally define a schema when integrating with prostgres
-e "NODE_ENV=production" \ // or 'development' | defaults to 'development'
--name konga \
pantsel/konga对其修改,编写k8s-yml文件
apiVersion: apps/v1
kind: Deployment
metadata:
name: konga
namespace: basic
spec:
replicas: 1
selector:
matchLabels:
app: konga
template:
metadata:
labels:
app: konga
spec:
containers:
- name: konga
image: pantsel/konga:latest
imagePullPolicy: IfNotPresent
env:
- name: DB_ADAPTER
value: "postgres"
- name: DB_DATABASE
value: "konga"
- name: DB_HOST
value: "postgresql-svc.basic.svc.cluster.local"
- name: DB_PASSWORD
value: "kongapassword"
- name: DB_PORT
value: "5432"
- name: DB_USER
value: "konga"
- name: KONGA_LOG_LEVEL
value: "debug"
- name: NODE_ENV
value: "production"
ports:
- containerPort: 1337
protocol: TCP
name: konga
---
apiVersion: v1
kind: Service
metadata:
name: konga-svc
namespace: basic
labels:
app: konga-svc
spec:
ports:
- name: konga-port
port: 1337
protocol: TCP
selector:
app: konga我这里直接用rancher部署了。之后就可以在konga所在主机1337上访问。
1438
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
