Closed tirelibirefe closed 10 months ago
Hello, As db-less config doesn't work, I attempted to run "Kong with external Postgres DB" but it has some issues too.
This is installation command:
helm upgrade --install kong -n kong . \ --set env.database="postgres" \ --set env.pg_host="*****-central-1.rds.amazonaws.com" \ --set env.pg_port="5432" \ --set env.pg_user="*****" \ --set env.pg_password="*******" \ --set env.pg_database="kong" \ --set env.pg_ssl="on" \ --set env.pg_ssl_verify="off" \ --create-namespace
and this is my values.yaml file:
deployment: kong: enabled: true serviceAccount: create: true automountServiceAccountToken: false test: enabled: false daemonset: false hostNetwork: false prefixDir: sizeLimit: 256Mi tmpDir: sizeLimit: 1Gi env: database: "off" router_flavor: "traditional" nginx_worker_processes: "2" proxy_access_log: /dev/stdout admin_access_log: /dev/stdout admin_gui_access_log: /dev/stdout portal_api_access_log: /dev/stdout proxy_error_log: /dev/stderr admin_error_log: /dev/stderr admin_gui_error_log: /dev/stderr portal_api_error_log: /dev/stderr prefix: /kong_prefix/ plugins: "bundled,oidc" extraLabels: {} image: repository: kong tag: "3.4" effectiveSemver: pullPolicy: IfNotPresent admin: enabled: false type: ClusterIP loadBalancerClass: annotations: {} labels: {} http: enabled: false servicePort: 8001 containerPort: 8001 parameters: [] tls: enabled: true servicePort: 8444 containerPort: 8444 parameters: - http2 client: caBundle: "" secretName: "" ingress: enabled: false ingressClassName: hostname: annotations: {} path: / pathType: ImplementationSpecific status: enabled: true http: enabled: true containerPort: 8100 parameters: [] tls: enabled: false containerPort: 8543 parameters: [] clusterCaSecretName: "" cluster: enabled: false annotations: {} labels: {} tls: enabled: false servicePort: 8005 containerPort: 8005 parameters: [] type: ClusterIP loadBalancerClass: ingress: enabled: false ingressClassName: hostname: annotations: {} path: / pathType: ImplementationSpecific proxy: enabled: true type: ClusterIP loadBalancerClass: nameOverride: "" annotations: {} labels: enable-metrics: "true" http: enabled: true servicePort: 80 containerPort: 8000 parameters: [] tls: enabled: true servicePort: 443 containerPort: 8443 parameters: - http2 stream: [] ingress: enabled: true ingressClassName: nginx annotations: {} labels: {} hostname: newerapi.dev-hub.myawesomecompany.com path: / pathType: ImplementationSpecific hosts: [] udpProxy: enabled: false type: LoadBalancer loadBalancerClass: annotations: {} labels: {} stream: [] plugins: {} secretVolumes: [] migrations: preUpgrade: true postUpgrade: true annotations: sidecar.istio.io/inject: false jobAnnotations: {} backoffLimit: resources: {} dblessConfig: configMap: "" secret: "" config: | ingressController: enabled: false image: repository: kong/kubernetes-ingress-controller tag: "3.0" effectiveSemver: args: [] gatewayDiscovery: enabled: false generateAdminApiService: false adminApiService: namespace: "" name: "" watchNamespaces: [] env: kong_admin_tls_skip_verify: true admissionWebhook: enabled: true failurePolicy: Ignore port: 8080 certificate: provided: false namespaceSelector: {} service: labels: {} ingressClass: kong ingressClassAnnotations: {} rbac: create: true livenessProbe: httpGet: path: "/healthz" port: 10254 scheme: HTTP initialDelaySeconds: 5 timeoutSeconds: 5 periodSeconds: 10 successThreshold: 1 failureThreshold: 3 readinessProbe: httpGet: path: "/readyz" port: 10254 scheme: HTTP initialDelaySeconds: 5 timeoutSeconds: 5 periodSeconds: 10 successThreshold: 1 failureThreshold: 3 resources: {} konnect: enabled: false runtimeGroupID: "" apiHostname: "us.kic.api.konghq.com" tlsClientCertSecretName: "konnect-client-tls" license: enabled: false adminApi: tls: client: enabled: false certProvided: false secretName: "" caSecretName: "" postgresql: enabled: false auth: username: kong database: kong image: tag: 13.11.0-debian-11-r20 service: ports: postgresql: "5432" certificates: enabled: false issuer: "" clusterIssuer: "" proxy: enabled: false issuer: "" clusterIssuer: "" commonName: "app.example" dnsNames: [] admin: enabled: true issuer: "" clusterIssuer: "" commonName: "kong.example" dnsNames: [] portal: enabled: true issuer: "" clusterIssuer: "" commonName: "developer.example" dnsNames: [] cluster: enabled: true issuer: "" clusterIssuer: "" commonName: "kong_clustering" dnsNames: [] waitImage: enabled: true pullPolicy: IfNotPresent updateStrategy: {} resources: {} readinessProbe: httpGet: path: "/status/ready" port: status scheme: HTTP initialDelaySeconds: 5 timeoutSeconds: 5 periodSeconds: 10 successThreshold: 1 failureThreshold: 3 livenessProbe: httpGet: path: "/status" port: status scheme: HTTP initialDelaySeconds: 5 timeoutSeconds: 5 periodSeconds: 10 successThreshold: 1 failureThreshold: 3 lifecycle: preStop: exec: command: - kong - quit - '--wait=15' terminationGracePeriodSeconds: 30 tolerations: [] nodeSelector: {} podAnnotations: kuma.io/gateway: enabled traffic.sidecar.istio.io/includeInboundPorts: "" podLabels: {} replicaCount: 1 deploymentAnnotations: {} autoscaling: enabled: false minReplicas: 2 maxReplicas: 5 behavior: {} targetCPUUtilizationPercentage: metrics: - type: Resource resource: name: cpu target: type: Utilization averageUtilization: 80 podDisruptionBudget: enabled: false podSecurityPolicy: enabled: false labels: {} annotations: {} spec: privileged: false fsGroup: rule: RunAsAny runAsUser: rule: RunAsAny runAsGroup: rule: RunAsAny seLinux: rule: RunAsAny supplementalGroups: rule: RunAsAny volumes: - 'configMap' - 'secret' - 'emptyDir' - 'projected' allowPrivilegeEscalation: false hostNetwork: false hostIPC: false hostPID: false readOnlyRootFilesystem: true priorityClassName: "" securityContext: {} containerSecurityContext: readOnlyRootFilesystem: true allowPrivilegeEscalation: false runAsUser: 1000 runAsNonRoot: true seccompProfile: type: RuntimeDefault capabilities: drop: - ALL serviceMonitor: enabled: false enterprise: enabled: false vitals: enabled: true portal: enabled: false rbac: enabled: false admin_gui_auth: basic-auth session_conf_secret: kong-session-config admin_gui_auth_conf_secret: CHANGEME-admin-gui-auth-conf-secret smtp: enabled: false portal_emails_from: none@example.com portal_emails_reply_to: none@example.com admin_emails_from: none@example.com admin_emails_reply_to: none@example.com smtp_admin_emails: none@example.com smtp_host: smtp.example.com smtp_port: 587 smtp_auth_type: '' smtp_ssl: nil smtp_starttls: true auth: smtp_username: '' # e.g. postmaster@example.com smtp_password_secret: CHANGEME-smtp-password manager: enabled: true type: ClusterIP loadBalancerClass: annotations: {} labels: {} http: enabled: true servicePort: 8002 containerPort: 8002 parameters: [] tls: enabled: false servicePort: 8445 containerPort: 8445 parameters: - http2 ingress: enabled: true ingressClassName: nginx hostname: kong.dev-hub.myawesomecompany.com annotations: {} path: / pathType: ImplementationSpecific portal: enabled: false type: ClusterIP loadBalancerClass: annotations: {} labels: {} http: enabled: true servicePort: 8003 containerPort: 8003 parameters: [] tls: enabled: true servicePort: 8446 containerPort: 8446 parameters: - http2 ingress: enabled: false ingressClassName: hostname: annotations: {} path: / pathType: ImplementationSpecific portalapi: enabled: true type: ClusterIP loadBalancerClass: annotations: {} labels: {} http: enabled: true servicePort: 8004 containerPort: 8004 parameters: [] tls: enabled: true servicePort: 8447 containerPort: 8447 parameters: - http2 ingress: enabled: false ingressClassName: hostname: annotations: {} path: / pathType: ImplementationSpecific clustertelemetry: enabled: false annotations: {} labels: {} tls: enabled: false servicePort: 8006 containerPort: 8006 parameters: [] type: ClusterIP loadBalancerClass: ingress: enabled: false ingressClassName: hostname: annotations: {} path: / pathType: ImplementationSpecific extraConfigMaps: [] extraSecrets: [] extraObjects: []
The pod(s) cannot be created:
If I enable pre-post migrations, migrations are completed successfully but nothing changes, kong pod stucs same.
Thanks & Regards
Let's go on here.
Hello, As db-less config doesn't work, I attempted to run "Kong with external Postgres DB" but it has some issues too.
This is installation command:
and this is my values.yaml file:
The pod(s) cannot be created:
If I enable pre-post migrations, migrations are completed successfully but nothing changes, kong pod stucs same.
Thanks & Regards