目錄
三、測試kong部署是否正常,訪問admin接口,有數據返回即爲正常。
官方文檔https://docs.konghq.com/install/kubernetes/
數據存儲區我們選擇Postgres,對於Postgres,我們可以選擇在k8s上面部署,也可以選擇開通雲平臺Postgres服務。
一、自建Postgres(在k8s上面部署)
1、創建持久化卷,(沒有存儲類的話參考這個鏈接https://blog.csdn.net/cyhelloyes/article/details/99287617)
cat > pvc.yaml <<EOF
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: postgres-data
annotations:
volume.beta.kubernetes.io/storage-class: "pointsmart-nfs-storage"
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 20Gi
EOF
2、編寫Postgres配置文件
cat > postgres.yaml <<EOF
apiVersion: v1
kind: Service
metadata:
name: postgres-server
spec:
ports:
- name: pgql
port: 5432
targetPort: 5432
protocol: TCP
selector:
app: postgres
---
apiVersion: v1
kind: Service
metadata:
name: postgres
labels:
app: postgres
spec:
clusterIP: None
ports:
- port: 5432
name: pgql
selector:
app: postgres
---
apiVersion: apps/v1beta1
kind: StatefulSet
metadata:
name: postgres
spec:
serviceName: postgres
replicas: 1
template:
metadata:
labels:
app: postgres
spec:
serviceAccountName: postgres
spec:
containers:
- name: postgres
image: postgres:10.0
env:
- name: POSTGRES_USER
value: kong
- name: POSTGRES_PASSWORD
value: xxxxxxxxxxx
- name: POSTGRES_DB
value: kong
- name: PGDATA
value: /var/lib/postgresql/data/pgdata
ports:
- containerPort: 5432
volumeMounts:
- name: pg-data
mountPath: /var/lib/postgresql/data
volumes:
- name: pg-data
persistentVolumeClaim:
claimName: postgres-data
EOF
3、編寫初始化job配置文件
cat > kong_migration_postgres.yaml <<EOF
apiVersion: batch/v1
kind: Job
metadata:
name: kong-migration
spec:
template:
metadata:
name: kong-migration
spec:
containers:
- name: kong-migration
image: kong:1.1-centos
env:
- name: KONG_NGINX_DAEMON
value: 'on'
- name: KONG_PG_PASSWORD
value: xxxxxxxxxxx
- name: KONG_PG_HOST
value: postgres
command: [ "/bin/sh", "-c", "kong migrations bootstrap" ]
restartPolicy: Never
EOF
4、編寫kong配置文件
cat >kong_postgres.yaml <<EOF
apiVersion: v1
kind: Service
metadata:
name: kong-proxy
spec:
#type: LoadBalancer
#loadBalancerSourceRanges:
#- 0.0.0.0/0
ports:
- name: kong-proxy
port: 8000
targetPort: 8000
protocol: TCP
selector:
app: kong
---
apiVersion: v1
kind: Service
metadata:
name: kong-proxy-ssl
spec:
#type: LoadBalancer
#loadBalancerSourceRanges:
#- 0.0.0.0/0
ports:
- name: kong-proxy-ssl
port: 8443
targetPort: 8443
protocol: TCP
selector:
app: kong
---
apiVersion: v1
kind: Service
metadata:
name: kong-admin
spec:
#type: LoadBalancer
#loadBalancerSourceRanges:
#- 0.0.0.0/0
ports:
- name: kong-admin
port: 8001
targetPort: 8001
protocol: TCP
selector:
app: kong
---
apiVersion: v1
kind: Service
metadata:
name: kong-admin-ssl
spec:
#type: LoadBalancer
#loadBalancerSourceRanges:
#- 0.0.0.0/0
ports:
- name: kong-admin-ssl
port: 8444
targetPort: 8444
protocol: TCP
selector:
app: kong
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: kong-rc
spec:
replicas: 3
template:
metadata:
labels:
name: kong-rc
app: kong
spec:
containers:
- name: kong
image: kong:1.1-centos
env:
- name: KONG_ADMIN_LISTEN
value: "0.0.0.0:8001, 0.0.0.0:8444 ssl"
- name: KONG_PG_PASSWORD
value: xxxxxxxxxxx
- name: KONG_PG_HOST
value: postgres
- name: KONG_PROXY_ACCESS_LOG
value: "/dev/stdout"
- name: KONG_ADMIN_ACCESS_LOG
value: "/dev/stdout"
- name: KONG_PROXY_ERROR_LOG
value: "/dev/stderr"
- name: KONG_ADMIN_ERROR_LOG
value: "/dev/stderr"
ports:
- name: admin
containerPort: 8001
protocol: TCP
- name: proxy
containerPort: 8000
protocol: TCP
- name: proxy-ssl
containerPort: 8443
protocol: TCP
- name: admin-ssl
containerPort: 8444
protocol: TCP
EOF
[root@bdy-master kong]# kubectl create -f .
二、開通雲平臺Postgres服務
因爲我的kubernet集羣是部署在百度雲的,所以Postgres服務我選擇開通百度雲的。先在雲平臺開通服務,然後創建管理員賬號,Windows電腦下載安裝Navicat Premium軟件,並連接上Postgres服務。
1、先在Navicat Premium軟件創建數據庫和用戶,這裏我習慣用SQL執行,你可以選擇界面操作
postgres=# create user pointsmart_kong with password 'xxxxxx';
Command OK
postgres=# create database k8s_kong owner pointsmart_ops ;
Command OK
postgres=# grant all on database k8s_kong to pointsmart_kong;
Command OK
cat > postgres-service.yaml <<EOF
apiVersion: v1
kind: Service
metadata:
name: postgres
spec:
ports:
- port: 3306
---
apiVersion: v1
kind: Endpoints
metadata:
name: postgres
subsets:
- addresses:
- ip: xx.x.xx.xx ##百度雲開通的postgres服務的IP地址
ports:
- port: 3306
protocol: TCP
EOF
2、編寫初始化數據庫job
cat > kong_migration_postgres.yaml <<EOF
apiVersion: batch/v1
kind: Job
metadata:
name: kong-migration
spec:
template:
metadata:
name: kong-migration
spec:
containers:
- name: kong-migration
image: kong:1.1-centos
env:
- name: KONG_NGINX_DAEMON
value: 'on'
- name: KONG_PG_USER
value: pointsmart_kong
- name: KONG_PG_DATABASE
value: k8s_kong
- name: KONG_PG_PORT
value: "3306"
- name: KONG_PG_PASSWORD
value: xxxxxx
- name: KONG_PG_HOST
value: postgres
command: [ "/bin/sh", "-c", "kong migrations bootstrap" ]
restartPolicy: Never
EOF
3、編寫kong配置文件
cat >kong_postgres.yaml <<EOF
apiVersion: v1
kind: Service
metadata:
name: kong-proxy
spec:
#type: LoadBalancer
#loadBalancerSourceRanges:
#- 0.0.0.0/0
ports:
- name: kong-proxy
port: 8000
targetPort: 8000
protocol: TCP
selector:
app: kong
---
apiVersion: v1
kind: Service
metadata:
name: kong-proxy-ssl
spec:
#type: LoadBalancer
#loadBalancerSourceRanges:
#- 0.0.0.0/0
ports:
- name: kong-proxy-ssl
port: 8443
targetPort: 8443
protocol: TCP
selector:
app: kong
---
apiVersion: v1
kind: Service
metadata:
name: kong-admin
spec:
#type: LoadBalancer
#loadBalancerSourceRanges:
#- 0.0.0.0/0
ports:
- name: kong-admin
port: 8001
targetPort: 8001
protocol: TCP
selector:
app: kong
---
apiVersion: v1
kind: Service
metadata:
name: kong-admin-ssl
spec:
#type: LoadBalancer
#loadBalancerSourceRanges:
#- 0.0.0.0/0
ports:
- name: kong-admin-ssl
port: 8444
targetPort: 8444
protocol: TCP
selector:
app: kong
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: kong-rc
spec:
replicas: 3
template:
metadata:
labels:
name: kong-rc
app: kong
spec:
containers:
- name: kong
image: kong:1.1-centos
env:
- name: KONG_ADMIN_LISTEN
value: "0.0.0.0:8001, 0.0.0.0:8444 ssl"
- name: KONG_PG_DATABASE
value: k8s_kong
- name: KONG_PG_USER
value: pointsmart_kong
- name: KONG_PG_PASSWORD
value: xxxxxx
- name: KONG_PG_PORT
value: "3306"
- name: KONG_PG_HOST
value: postgres
- name: KONG_PROXY_ACCESS_LOG
value: "/dev/stdout"
- name: KONG_ADMIN_ACCESS_LOG
value: "/dev/stdout"
- name: KONG_PROXY_ERROR_LOG
value: "/dev/stderr"
- name: KONG_ADMIN_ERROR_LOG
value: "/dev/stderr"
ports:
- name: admin
containerPort: 8001
protocol: TCP
- name: proxy
containerPort: 8000
protocol: TCP
- name: proxy-ssl
containerPort: 8443
protocol: TCP
- name: admin-ssl
containerPort: 8444
protocol: TCP
EOF
[root@bdy-master1 postgres]# kubectl create -f .
[root@idiom-k8s kong]# kubectl get endpoints | grep postgres
NAME ENDPOINTS AGE
postgres xx.xx.xx.xx:3306 11s
三、測試kong部署是否正常,訪問admin接口,有數據返回即爲正常。
安裝kong的可視化面板鏈接https://blog.csdn.net/cyhelloyes/article/details/100323506