k8s 部署kong

k8s部署kong
1.首先对比k8s与helm安装版本

[root@VM-8-15-centos kong]# helm version
WARNING: Kubernetes configuration file is group-readable. This is insecure. Location: /root/.kube/config
WARNING: Kubernetes configuration file is world-readable. This is insecure. Location: /root/.kube/config
version.BuildInfo{Version:"v3.8.2", GitCommit:"6e3701edea09e5d55a8ca2aae03a68917630e91b", GitTreeState:"clean", GoVersion:"go1.17.5"}

2.helm pull kong/kong

values.yaml,增加 
database: "postgres"
pg_host: 43.136.39.33
pg_password: kong
连接外部pgsql

env:
  # the chart uses the traditional router (for Kong 3.x+) because the ingress
  # controller generates traditional routes. if you do not use the controller,
  # you may set this to "traditional_compatible" or "expression" to use the new
  # DSL-based router
  database: "postgres"
  pg_host: 43.136.39.33
  pg_password: kong
  router_flavor: "traditional"
  nginx_worker_processes: "2"
  proxy_access_log: /dev/stdout
  admin_access_log: /dev/stdout
  admin_gui_access_log: /dev/stdout
  portal_api_access_log: /dev/stdout
  proxy_error_log: /dev/stderr
  admin_error_log: /dev/stderr
  admin_gui_error_log: /dev/stderr
  portal_api_error_log: /dev/stderr
  prefix: /kong_prefix/

开启admin后台端口，提供给konga连接

admin:
  # Enable creating a Kubernetes service for the admin API
  # Disabling this is recommended for most ingress controller configurations
  # Enterprise users that wish to use Kong Manager with the controller should enable this
  enabled: true
  type: NodePort
  loadBalancerClass:
  # To specify annotations or labels for the admin service, add them to the respective
  # "annotations" or "labels" dictionaries below.
  annotations: {}
  #  service.beta.kubernetes.io/aws-load-balancer-proxy-protocol: "*"
  labels: {}

  http:
    # Enable plaintext HTTP listen for the admin API
    # Disabling this and using a TLS listen only is recommended for most configuration
    enabled: true
    servicePort: 8001
    containerPort: 8001
    # Set a nodePort which is available if service type is NodePort
    # nodePort: 32080
    # Additional listen parameters, e.g. "reuseport", "backlog=16384"
    parameters: []

  tls:
    # Enable HTTPS listen for the admin API
    enabled: true
    servicePort: 8444
    containerPort: 8444
    # Set a target port for the TLS port in the admin API service, useful when using TLS
    # termination on an ELB.
    # overrideServiceTargetPort: 8000
    # Set a nodePort which is available if service type is NodePort
    # nodePort: 32443
    # Additional listen parameters, e.g. "reuseport", "backlog=16384"
    parameters:
    - http2

3.创建pgsql

docker run -d --network=gateway_net --name postgres \
    -p 5432:5432 \
    -e "POSTGRES_USER=你的数据库用户名" \
    -e "POSTGRES_DB=你的数据库名" \
    -e "POSTGRES_PASSWORD=你的数据库密码" \
    postgres:9.6-bullseye

4.初始化pgsql

docker run --rm --network=gateway_net \
  -e "KONG_DATABASE=postgres" \
  -e "KONG_PG_HOST=postgres" \
  -e "KONG_PG_PASSWORD=kong" \
  -e "KONG_PASSWORD=kong" \
kong/kong-gateway:2.4.1.0-alpine kong migrations bootstrap

5.初始化konga数据

 docker run --rm --network=gateway_net \
 pantsel/konga:latest -c prepare -a postgres -u \
 postgresql://kong:kong@postgres:5432/kong

6.启动konga后台系统

 docker run -d -p 1337:1337 --network gateway_net --name konga \
 -e "DB_ADAPTER=postgres" \
 -e "DB_URI=postgresql://kong:kong@postgres:5432/kong" \
 -e "DB_PASSWORD=kong" \
 -e "NODE_ENV=production" \
 pantsel/konga:0.14.9