Skip to content

Latest commit

 

History

History
136 lines (91 loc) · 3.28 KB

README.MD

File metadata and controls

136 lines (91 loc) · 3.28 KB

Setup in Kubnernetes

中文版本(Chinese version)

Prepare in advance

  • Kubernetes version: 1.9+
  • Kubectl has been installed on the client
  • You can use kubectl auth can-i if you have authorization for the following operations:
    • create secrets
    • create deployments
    • create configmaps
    • create namespaces
    • create StatefulSet
    • create Service

Deployment

Setup with shell

Usage:

./install.sh -m NodePort -s mysql -n dongtai-iast

m: access mode(mode), optional: NodePort LoadBalancer, default: NodePort

s: skipped resources(skip), optional: mysql redis mysql,redis, default: don't skip

n: specify the namespace, default: dongtai-iast

Custom configuration

If you want to modify the configuration of mysql and Redis, manually modify the configuration manifest/4.deploy-iast-server.yml The top part of [mysql] and redis.

Note: Assuming that mysql and redis can be configured for production, this deployment scheme can be used for production deployment.

Access

NodePort
Obtain an available Node IP address
kubectl get nodes -o wide |  awk {'print $1" " $2 " " $7'} | column -t
Obtain an available NodePort
kubectl get svc dongtai-web-pub-svc -n dongtai-iast -o=jsonpath='{.spec.ports[0].nodePort}'
kubectl get svc dongtai-engine-pub-svc -n dongtai-iast -o=jsonpath='{.spec.ports[0].nodePort}')
Access Link:
http://${NodeIP}:${PORT}
LoadBalancer
Obtain the available LoadBalancer IP address or DNS
kubectl get svc dongtai-web-pub-svc dongtai-engine-pub-svc -n dongtai-iast

Uninstall

kubectl delete namespace ${YourNamespace}

Setup with helm

Before install, you have to make sure the helm is available. Follow this guide to install helm.

  1. Add and update helm chart repo for Dongtai Iast

    helm repo add dongtai https://charts.dongtai.io/iast
    helm repo update
    
  2. Install

    helm install --create-namespace -n dongtai  dongtai-iast dongtai/dongtai-iast
    

    This command will deploy dongtai servers in dongtai namespace and expose service with ClusterIP.

Custom configuration

If you want to modify the configuration of mysql and Redis,you can overwrite the values by your own file,Suppose you have a file in /tmp/my-values.yml with values as follow:

mysql:
  host: my-dongtai-mysql
  port: 3306
  name: my-dongtai_webapi
  user: root
  password: my-dongtai-iast

redis:
  host: my-dongtai-redis
  port: 6379
  password: 123456
  db: 0
 helm install --create-namespace -n dongtai --values /tmp/my-values.yaml dongtai-iast dongtai/dongtai-iast

You can also pass in a single value using --set, for example, you can switch defalut access type ClusterIP to NodePort

helm install --create-namespace -n dongtai-test --set accessType=NodePort dongtai-iast dongtai/dongtai-iast

Avaliable values:

skipMysql: false (default) skipRedis: false (default)

accessType: ClusterIP(default), Options: ClusterIP,NodePort,LoadBalancer

imageVersion: latest (default)

Uninstall

helm uninstall dongtai-iast -n dongtai