Last active
March 23, 2020 06:44
-
-
Save minhnguyenvan95/a508c1af79d651fd857846b45449aa33 to your computer and use it in GitHub Desktop.
k8s kong stack with out bounds forward-proxy app for test
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: v1 | |
| kind: PersistentVolumeClaim | |
| metadata: | |
| labels: | |
| app: kong-data | |
| name: kong-data | |
| spec: | |
| accessModes: | |
| - ReadWriteOnce | |
| resources: | |
| requests: | |
| storage: 100Mi | |
| --- | |
| apiVersion: apps/v1 | |
| kind: Deployment | |
| metadata: | |
| labels: | |
| app: db | |
| name: db | |
| spec: | |
| replicas: 1 | |
| selector: | |
| matchLabels: | |
| app: db | |
| strategy: | |
| type: Recreate | |
| template: | |
| metadata: | |
| labels: | |
| app: db | |
| spec: | |
| containers: | |
| - env: | |
| - name: POSTGRES_DB | |
| value: kong | |
| - name: POSTGRES_PASSWORD | |
| value: kong | |
| - name: POSTGRES_USER | |
| value: kong | |
| image: postgres:9.5 | |
| livenessProbe: | |
| exec: | |
| command: | |
| - pg_isready | |
| - -U | |
| - kong | |
| failureThreshold: 3 | |
| periodSeconds: 30 | |
| timeoutSeconds: 30 | |
| name: db | |
| resources: {} | |
| stdin: true | |
| tty: true | |
| volumeMounts: | |
| - mountPath: /var/lib/postgresql/data | |
| name: kong-data | |
| restartPolicy: Always | |
| volumes: | |
| - name: kong-data | |
| persistentVolumeClaim: | |
| claimName: kong-data | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| labels: | |
| app: kong-migrations | |
| name: kong-migrations | |
| spec: | |
| containers: | |
| - args: | |
| - kong | |
| - migrations | |
| - bootstrap | |
| env: | |
| - name: KONG_DATABASE | |
| value: postgres | |
| - name: KONG_PG_DATABASE | |
| value: kong | |
| - name: KONG_PG_HOST | |
| value: db | |
| - name: KONG_PG_PASSWORD | |
| value: kong | |
| - name: KONG_PG_USER | |
| value: kong | |
| image: kong:1.4.1 | |
| name: kong-migrations | |
| resources: {} | |
| restartPolicy: OnFailure | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| labels: | |
| app: kong-migrations-up | |
| name: kong-migrations-up | |
| spec: | |
| containers: | |
| - args: | |
| - kong | |
| - migrations | |
| - up | |
| env: | |
| - name: KONG_DATABASE | |
| value: postgres | |
| - name: KONG_PG_DATABASE | |
| value: kong | |
| - name: KONG_PG_HOST | |
| value: db | |
| - name: KONG_PG_PASSWORD | |
| value: kong | |
| - name: KONG_PG_USER | |
| value: kong | |
| image: kong:1.4.1 | |
| name: kong-migrations-up | |
| resources: {} | |
| restartPolicy: OnFailure | |
| --- | |
| apiVersion: v1 | |
| kind: PersistentVolumeClaim | |
| metadata: | |
| labels: | |
| app: konga-data | |
| name: konga-data | |
| spec: | |
| accessModes: | |
| - ReadWriteOnce | |
| resources: | |
| requests: | |
| storage: 100Mi | |
| --- | |
| apiVersion: apps/v1 | |
| kind: Deployment | |
| metadata: | |
| labels: | |
| app: konga | |
| name: konga | |
| spec: | |
| replicas: 1 | |
| selector: | |
| matchLabels: | |
| app: konga | |
| strategy: | |
| type: Recreate | |
| template: | |
| metadata: | |
| labels: | |
| app: konga | |
| spec: | |
| containers: | |
| - env: | |
| - name: NODE_ENV | |
| value: production | |
| - name: sails.config.orm.skipProductionWarnings | |
| value: "true" | |
| image: pantsel/konga | |
| imagePullPolicy: "" | |
| name: konga | |
| ports: | |
| - containerPort: 1337 | |
| resources: {} | |
| stdin: true | |
| tty: true | |
| volumeMounts: | |
| - mountPath: /app/kongadata | |
| name: konga-data | |
| restartPolicy: Always | |
| serviceAccountName: "" | |
| volumes: | |
| - name: konga-data | |
| persistentVolumeClaim: | |
| claimName: konga-data | |
| --- | |
| apiVersion: v1 | |
| kind: ConfigMap | |
| metadata: | |
| name: kong-config | |
| data: | |
| KONG_ADMIN_LISTEN: "0.0.0.0:8001" | |
| KONG_CASSANDRA_CONTACT_POINTS: "db" | |
| KONG_DATABASE: "postgres" | |
| KONG_PG_DATABASE: "kong" | |
| KONG_PG_HOST: "db" | |
| KONG_PG_PASSWORD: "kong" | |
| KONG_PG_USER: "kong" | |
| KONG_PROXY_ACCESS_LOG: "/dev/stdout" | |
| KONG_PROXY_ERROR_LOG: "/dev/stderr" | |
| KONG_ADMIN_ACCESS_LOG: "/dev/stdout" | |
| KONG_ADMIN_ERROR_LOG: "/dev/stderr" | |
| --- | |
| apiVersion: apps/v1 | |
| kind: Deployment | |
| metadata: | |
| labels: | |
| app: kong | |
| name: kong | |
| spec: | |
| replicas: 1 | |
| selector: | |
| matchLabels: | |
| app: kong | |
| strategy: | |
| type: Recreate | |
| template: | |
| metadata: | |
| labels: | |
| app: kong | |
| spec: | |
| containers: | |
| - name: kong | |
| envFrom: | |
| - configMapRef: | |
| name: kong-config | |
| image: kong:1.4.1 | |
| livenessProbe: | |
| exec: | |
| command: | |
| - kong | |
| - health | |
| failureThreshold: 10 | |
| periodSeconds: 10 | |
| timeoutSeconds: 10 | |
| ports: | |
| - containerPort: 8000 | |
| - containerPort: 8001 | |
| - containerPort: 8443 | |
| - containerPort: 8444 | |
| resources: {} | |
| restartPolicy: Always | |
| --- | |
| apiVersion: v1 | |
| kind: Service | |
| metadata: | |
| labels: | |
| app: db | |
| name: db | |
| spec: | |
| type: ClusterIP | |
| ports: | |
| - name: db-nodeport | |
| port: 5432 | |
| selector: | |
| app: db | |
| --- | |
| apiVersion: v1 | |
| kind: Service | |
| metadata: | |
| labels: | |
| app: konga | |
| name: konga | |
| spec: | |
| type: NodePort | |
| ports: | |
| - name: konga-nodeport-30098 | |
| port: 1337 | |
| protocol: TCP | |
| nodePort: 30098 | |
| selector: | |
| app: konga | |
| --- | |
| apiVersion: v1 | |
| kind: Service | |
| metadata: | |
| labels: | |
| app: kong | |
| name: kong | |
| spec: | |
| type: NodePort | |
| ports: | |
| - name: kong-nodeport-30097 | |
| port: 8443 # kong https | |
| protocol: TCP | |
| nodePort: 30097 | |
| - name: kong-admin-api-nodepor | |
| port: 8001 # kong https | |
| protocol: TCP | |
| selector: | |
| app: kong | |
| # end of kong config | |
| # forward-server :) | |
| --- | |
| apiVersion: apps/v1 | |
| kind: Deployment | |
| metadata: | |
| labels: | |
| app: forward-server | |
| name: forward-server | |
| spec: | |
| replicas: 1 | |
| selector: | |
| matchLabels: | |
| app: forward-server | |
| strategy: | |
| type: RollingUpdate | |
| template: | |
| metadata: | |
| labels: | |
| app: forward-server | |
| spec: | |
| containers: | |
| - name: forward-server | |
| image: node:10.19.0-alpine3.11 | |
| command: | |
| - /bin/sh | |
| - -c | |
| - | | |
| mkdir /app | |
| echo '{ | |
| "name": "forward-server", | |
| "version": "1.0.0", | |
| "description": "", | |
| "main": "index.js", | |
| "scripts": { | |
| }, | |
| "author": "", | |
| "license": "ISC", | |
| "dependencies": { | |
| "express": "^4.16.4", | |
| "request": "^2.88.0", | |
| "request-promise": "^4.2.4" | |
| } | |
| } | |
| ' > /app/package.json | |
| echo " | |
| console.log('start forward server'); | |
| let rp = require('request-promise').defaults({ | |
| proxy:'http://MY-PROXY-IP:PROXY-PORT', // put your-proxy-config here | |
| strictSSL: false, | |
| simple: false, | |
| transform2xxOnly: false, | |
| resolveWithFullResponse: true | |
| }); | |
| let express = require('express'); | |
| let app = express(); | |
| function wrap (req, res) { | |
| const method = req.method; | |
| const path = req.path; | |
| const query = req.query; | |
| const body = req.rawBody; | |
| const header = req.headers; | |
| let realUrl = header['x-real-domain']; | |
| if (!realUrl) { | |
| res.send('header x-real-domain must be set through kong request transform plugin , e,g: https://google.com'); | |
| return; | |
| } | |
| realUrl = realUrl.substring(realUrl.length - 1) === '/' ? realUrl.substring(0, realUrl.length - 1) : realUrl; | |
| const realDomain = realUrl.replace('https://', '').replace('http://', '').split('/')[0]; | |
| header.host = realDomain; | |
| const options = { | |
| method: method, | |
| uri: realUrl + path, | |
| qs: query, | |
| headers: header, | |
| body: body, | |
| rejectUnauthorized: false | |
| }; | |
| console.log('request: ', options); | |
| rp(options) | |
| .then(result => { | |
| console.log('header: ', result.headers); | |
| console.log('statusCode: ', result.statusCode); | |
| console.log('body: ', result.body); | |
| const responseHeader = Object.assign({}, result.headers, res.getHeaders(), {'transfer-encoding': ''}); | |
| res.header(responseHeader).status(result.statusCode).send(result.body); | |
| }) | |
| .catch(error => { | |
| console.log(error); | |
| res.send(error); | |
| }); | |
| } | |
| app.use(function(req, res, next) { | |
| req.rawBody = ''; | |
| req.setEncoding('utf8'); | |
| req.on('data', function(chunk) { | |
| req.rawBody += chunk; | |
| }); | |
| req.on('end', function() { | |
| next(); | |
| }); | |
| }); | |
| app.get('*', wrap); | |
| app.post('*', wrap); | |
| app.put('*', wrap); | |
| app.patch('*', wrap); | |
| app.listen(3000); | |
| " > /app/index.js | |
| cd /app | |
| npm install | |
| node /app/index.js | |
| ports: | |
| - containerPort: 3000 | |
| resources: {} | |
| restartPolicy: Always | |
| --- | |
| apiVersion: v1 | |
| kind: Service | |
| metadata: | |
| labels: | |
| app: forward-server | |
| name: forward-server | |
| spec: | |
| type: ClusterIP | |
| ports: | |
| - name: forward-server-nodeport | |
| port: 3000 | |
| selector: | |
| app: forward-server |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment