- Kubernetes version: 1.9+
- Kubectl has been installed on the client
- You can use
kubectl auth can-i
if you have authorization for the following operations:- create secrets
- create deployments
- create configmaps
- create namespaces
- create StatefulSet
- create Service
Usage:
./install.sh -m NodePort -s mysql -n dongtai-iast
m: access mode(mode), optional: NodePort
LoadBalancer
, default: NodePort
s: skipped resources(skip), optional: mysql
redis
mysql,redis
, default: don't skip
n: specify the namespace, default: dongtai-iast
If you want to modify the configuration of mysql and Redis, manually modify the configuration manifest/4.deploy-iast-server.yml
The top part of [mysql]
and redis
.
Note: Assuming that
mysql
andredis
can be configured for production, this deployment scheme can be used for production deployment.
kubectl get nodes -o wide | awk {'print $1" " $2 " " $7'} | column -t
kubectl get svc dongtai-web-pub-svc -n dongtai-iast -o=jsonpath='{.spec.ports[0].nodePort}'
kubectl get svc dongtai-engine-pub-svc -n dongtai-iast -o=jsonpath='{.spec.ports[0].nodePort}')
http://${NodeIP}:${PORT}
kubectl get svc dongtai-web-pub-svc dongtai-engine-pub-svc -n dongtai-iast
kubectl delete namespace ${YourNamespace}
Before install, you have to make sure the helm is available. Follow this guide to install helm.
-
Add and update helm chart repo for
Dongtai Iast
helm repo add dongtai https://charts.dongtai.io/iast helm repo update
-
Install
helm install --create-namespace -n dongtai dongtai-iast dongtai/dongtai-iast
This command will deploy dongtai servers in dongtai namespace and expose service with
ClusterIP
.
If you want to modify the configuration of mysql and Redis,you can overwrite the values by your own file,Suppose you have a file in /tmp/my-values.yml
with values as follow:
mysql:
host: my-dongtai-mysql
port: 3306
name: my-dongtai_webapi
user: root
password: my-dongtai-iast
redis:
host: my-dongtai-redis
port: 6379
password: 123456
db: 0
helm install --create-namespace -n dongtai --values /tmp/my-values.yaml dongtai-iast dongtai/dongtai-iast
You can also pass in a single value using --set
, for example, you can switch defalut access type ClusterIP
to NodePort
helm install --create-namespace -n dongtai-test --set accessType=NodePort dongtai-iast dongtai/dongtai-iast
Avaliable values:
skipMysql: false (default) skipRedis: false (default)
accessType: ClusterIP(default), Options: ClusterIP,NodePort,LoadBalancer
imageVersion: latest (default)
helm uninstall dongtai-iast -n dongtai