k8s部署kong网关

创建namespace

kubectl create ns kong

创建kong-migrations初始化数据库

vim kong-migrations.yaml

apiVersion: batch/v1

kind: Job

metadata:

  name: kong-migrations

  namespace: kong

spec: 

  template: 

    metadata:

      name: kong-migrations

    spec: 

      containers: 

      - command:

        - /bin/sh

        - -c 

        - kong migrations bootstrap

        env: 

        - name: KONG_DATABASE

          value: postgres

        - name: KONG_PG_HOST

          value: 10.50.195.2  #你的pg数据库地址

        - name: KONG_PG_USER

          value: pgadmin #你的pg数据库用户名 

        - name: KONG_PG_PASSWORD

          value: "zwzk@2024!"  #你的pg数据库密码  

        - name: KONG_PG_DATABASE

          value: konga  #你的pg数据库名

        - name: KONG_PG_PORT

          value: "30010" #你的pg数据库端口  

        image: kong:2.8.3

        name: kong-migrations

      initContainers:  

      - command: 

        - /bin/sh  

        - -c  

        - until nc -zv $KONG_PG_HOST $KONG_PG_PORT -w1; do echo 'waiting for db'; sleep 1; done

        env:

        - name: KONG_DATABASE

          value: konga

        - name: KONG_PG_HOST

          value: 10.50.195.2

        - name: KONG_PG_USER

          value: pgadmin

        - name: KONG_PG_PASSWORD

          value: "zwzk@2024!"

        - name: KONG_PG_DATABASE

          value: konga

        - name: KONG_PG_PORT

          value: "30010"

        image: busybox

        name: wait-for-postgres

      restartPolicy: OnFailure

 

 

这个POD是专门用来初始化数据库的，执行一次之后就可以删除了

 创建kong网关deployment

vim kong.yaml

apiVersion: v1

kind: Service

metadata: 

  name: kong-cs

  namespace: kong

spec:

  type: NodePort

  ports: 

    - port: 443 

      nodePort: 8443 

      name: http3

    - port: 80 

      nodePort: 8000 

      name: http4

    - port: 8001

      nodePort: 8001

      name: proxy-admin

  selector: 

    app: kong

--- 

apiVersion: apps/v1

kind: Deployment

metadata: 

  name: kong

  namespace: kong

spec: 

  selector:  

    matchLabels: 

      app: kong

  template:

    metadata: 

      labels: 

        app: kong

    spec: 

      securityContext: 

        runAsUser: 0

        runAsGroup: 0

        fsGroup: 0

      dnsPolicy: ClusterFirst

      dnsConfig: 

        options:

        - name: timeout

          value: "2"

        - name: ndots

          value: "2"  

        - name: diydns

      containers: 

        - image: kong:2.8.3

          name: kong

          resources:

            requests: #这些信息根据你自己的电脑配置修改

              cpu: 1 

              memory: 1Gi

            limits:

              cpu: 2

              memory: 2Gi

          env: 

            - name: TZ

              value: "Asia/Shanghai" 

            - name: KONG_DATABASE

              value: "postgres"  

            - name: KONG_PG_HOST

              value: "10.50.195.2" #PG地址 

            - name: KONG_PG_PORT

              value: "30010" 

            - name: KONG_PG_USER

              value: "pgadmin"  

            - name: KONG_PG_PASSWORD

              value: "zwzk@2024!" #PG密码 

            - name: KONG_PG_DATABASE

              value: "kong" #PG数据库名 

            - name: KONG_CASSANDRA_CONTACT_POINTS

              value: "10.50.195.2" #PG地址 

            - name: KONG_PROXY_ACCESS_LOG

              value: "/dev/stdout" 

            - name: KONG_ADMIN_ACCESS_LOG

              value: "/dev/stdout"

            - name: KONG_PROXY_ERROR_LOG

              value: "/dev/stderr" 

            - name: KONG_ADMIN_ERROR_LOG

              value: "/dev/stderr"

            - name: KONG_PROXY_LISTEN

              value: "0.0.0.0:80, 0.0.0.0:443 ssl"  

            - name: KONG_ADMIN_LISTEN

              value: "0.0.0.0:8001, 0.0.0.0:8444 ssl"  

            - name: KONG_LUA_SSL_TRUSTED_CERTIFICATE

              value: "system" 

          securityContext:  

            privileged: true  

          ports:  

            - containerPort: 8001 

              name: proxy-admin

            - containerPort: 8444

              name: proxy-admin-ssl

            - containerPort: 443

              name: http3

            - containerPort: 80  

              name: http4

 kuboard部署konga

设置pod负载类型&负载名称

 设置pod名称&镜像

 

镜像名称：pantsel/konga:latest

 

 映射端口至宿主机

 以下是kuboard生成的yaml，没有kuboard的朋友可以自行删减一下内容使用

---

apiVersion: apps/v1

kind: Deployment

metadata:

  annotations: {}

  labels:

    k8s.kuboard.cn/name: konga-ui

  name: konga-ui

  namespace: kong

  resourceVersion: '7966629'

spec:

  progressDeadlineSeconds: 600

  replicas: 1

  revisionHistoryLimit: 10

  selector:

    matchLabels:

      k8s.kuboard.cn/name: konga-ui

  strategy:

    rollingUpdate:

      maxSurge: 25%

      maxUnavailable: 25%

    type: RollingUpdate

  template:

    metadata:

      creationTimestamp: null

      labels:

        k8s.kuboard.cn/name: konga-ui

    spec:

      containers:

        - image: 'pantsel/konga:latest'

          imagePullPolicy: Always

          name: konga-ui

          resources: {}

          terminationMessagePath: /dev/termination-log

          terminationMessagePolicy: File

      dnsPolicy: ClusterFirst

      restartPolicy: Always

      schedulerName: default-scheduler

      securityContext: {}

      terminationGracePeriodSeconds: 30

 

---

apiVersion: v1

kind: Service

metadata:

  annotations: {}

  labels:

    k8s.kuboard.cn/name: konga-ui

  name: konga-ui

  namespace: kong

  resourceVersion: '7975874'

spec:

  clusterIP: 10.200.38.184

  clusterIPs:

    - 10.200.38.184

  externalTrafficPolicy: Cluster

  ipFamilies:

    - IPv4

  ipFamilyPolicy: SingleStack

  ports:

    - name: app

      nodePort: 1337

      port: 1337

      protocol: TCP

      targetPort: 1337

  selector:

    k8s.kuboard.cn/name: konga-ui

  sessionAffinity: None

  type: NodePort

浏览器访问

创建管理员账号

使用账号登录后就是这个界面

连接kong网关的端口

连接成功后就是这个界面

然后进行相关的服务配置即可

 

具体kong网关如何使用请关注我另一篇本地+docker部署kong网关的文章，里面详述了如何使用kong网关进行跨域配置

部署kong网关（本地+docker） - Esurts~ - 博客园 (cnblogs.com)