taigrr/nats.docs
1
0
Fork 0
mirror of https://github.com/taigrr/nats.docs synced 2025-01-18 04:03:23 -08:00
Code Issues Projects Releases Wiki Activity

GitBook: [master] 21 pages modified

Browse Source
This commit is contained in:
Ginger Collison
2020-06-09 14:20:36 +00:00
committed by gitbook-bot
parent 87c12ebd3f
commit dde41d778b
21 changed files with 80 additions and 84 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
nats-on-kubernetes/from-zero-to-leafnodes.md
View File

@@ -1,19 +1,16 @@
# From Zero to Communicating Across K8S Regions using NATS Leafnodes
# From Zero to K8S to Leafnodes using Helm
First, we need a number of Kubernetes clusters to be setup already. In
this case we'll create a few in Digital Ocean using the `doctl` tool but
you could use any K8S solution available:
First, we need a number of Kubernetes clusters to be setup already. In this case we'll create a few in Digital Ocean using the `doctl` tool but you could use any K8S solution available:
```
```text
brew install doctl
doctl kubernetes cluster create nats-k8s-sfo2 --count 3 --region sfo2
doctl kubernetes cluster create nats-k8s-ams3 --count 3 --region ams3
```
Next, get your NGS credentials with leafnodes enabled. For this follow [these instructions](https://synadia.com/ngs/signup) and choose the `Developer` plan which is free and will allow you to create leafnode connections for a couple of clusters.
Once you got the credentials, upload them as a secret to your K8S clusters:
Next, get your NGS credentials with leafnodes enabled. For this follow [these instructions](https://synadia.com/ngs/signup) and choose the `Developer` plan which is free and will allow you to create leafnode connections for a couple of clusters. Once you got the credentials, upload them as a secret to your K8S clusters:
```sh
```bash
for ctx in do-ams3-nats-k8s-ams3 do-sfo2-nats-k8s-sfo2; do
kubectl --context $ctx create secret generic ngs-creds --from-file $HOME/.nkeys/creds/synadia/NGS/NGS.creds
done
@@ -21,7 +18,7 @@ done
Install Helm3 and add the NATS helm chart repo:
```
```text
brew install helm
helm repo add nats https://nats-io.github.io/k8s/helm/charts/
helm repo update
@@ -29,7 +26,7 @@ helm repo update
Create the config that adds the leafnode connection to NGS:
```
```text
# nats.yaml
leafnodes:
enabled: true
@@ -45,7 +42,7 @@ natsbox:
Deploy it to your K8S regions:
```sh
```bash
for ctx in do-ams3-nats-k8s-ams3 do-sfo2-nats-k8s-sfo2; do
helm --kube-context $ctx install nats nats/nats -f nats.yaml
done
@@ -53,7 +50,7 @@ done
To test the multi-region connectivity by using the `nats-box` container that got deployed in each cluster:
```
```text
kubectl --context do-ams3-nats-k8s-ams3 exec -it nats-box -- nats-sub -s nats hello
Listening on [hello]
@@ -64,7 +61,7 @@ done
Results from the subscribe session:
```
```text
[#1] Received on [hello]: 'Hello World!'
[#2] Received on [hello]: 'Hello World!'
[#3] Received on [hello]: 'Hello World!'
@@ -75,3 +72,4 @@ Results from the subscribe session:
[#8] Received on [hello]: 'Hello World!'
[#9] Received on [hello]: 'Hello World!'
```

3
nats-on-kubernetes/nats-cluster-and-cert-manager.md
View File

@@ -7,7 +7,8 @@ kubectl create namespace cert-manager
kubectl label namespace cert-manager certmanager.k8s.io/disable-validation=true
kubectl apply --validate=false -f https://github.com/jetstack/cert-manager/releases/download/v0.14.0/cert-manager.yaml
```
If you are running Kubernetes < 1.15, use `cert-manager-legacy.yaml` instead.
If you are running Kubernetes &lt; 1.15, use `cert-manager-legacy.yaml` instead.
```yaml
apiVersion: cert-manager.io/v1alpha2

16
nats-on-kubernetes/nats-external-nlb.md
View File

@@ -1,14 +1,10 @@
# Using a load balancer for external access to NATS on K8S
# Using a Load Balancer for External Access to NATS
Although it is not recommended in general to use a load balancer
with NATS for external access, sometimes due to policy it might
help to use one. If that is the case, then one option would be
to use an L4 load balancer that has raw tcp support.
Although it is not recommended in general to use a load balancer with NATS for external access, sometimes due to policy it might help to use one. If that is the case, then one option would be to use an L4 load balancer that has raw tcp support.
In the example below, you can find how to use an [AWS Network Load Balancer](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/introduction.html)
to connect externally to a cluster that has TLS setup.
In the example below, you can find how to use an [AWS Network Load Balancer](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/introduction.html) to connect externally to a cluster that has TLS setup.
```sh
```bash
# One-line installer creates a secure cluster named 'nats'
$ curl -sSL https://nats-io.github.io/k8s/setup.sh | sh
@@ -42,5 +38,5 @@ nats-nlb LoadBalancer 10.100.67.123 a18b60a948fc611eaa7840286c60df32-9e96a
$ nats-pub -s nats://a18b60a948fc611eaa7840286c60df32-9e96a2af4b5675ec.elb.us-east-2.amazonaws.com:4222 -creds nsc/nkeys/creds/KO/A/test.creds test.foo bar
```
Also, it would be recommended to disable [no_advertise](../nats-server/configuration/clustering/cluster_config.md)
to avoid gossiping internal addresses from pods in Kubernetes to NATS clients.
Also, it would be recommended to disable [no\_advertise](../nats-server/configuration/clustering/cluster_config.md) to avoid gossiping internal addresses from pods in Kubernetes to NATS clients.

18
nats-on-kubernetes/super-cluster-on-digital-ocean.md
View File

@@ -1,9 +1,8 @@
# Creating a NATS Super Cluster in Digital Ocean with Helm
Let's create a super cluster using NATS Gateways. First let's create
3 different clusters in NYC, Amsterdam, and San Francisco:
Let's create a super cluster using NATS Gateways. First let's create 3 different clusters in NYC, Amsterdam, and San Francisco:
```sh
```bash
doctl kubernetes cluster create nats-k8s-nyc1 --count 3 --region nyc1
doctl kubernetes cluster create nats-k8s-sfo2 --count 3 --region sfo2
doctl kubernetes cluster create nats-k8s-ams3 --count 3 --region ams3
@@ -11,7 +10,7 @@ doctl kubernetes cluster create nats-k8s-ams3 --count 3 --region ams3
Next, open up the firewall across the 3 regions to be able to access the client, leafnode and gateways ports:
```sh
```bash
for firewall in `doctl compute firewall list | tail -n 3 | awk '{print $1}'`; do
doctl compute firewall add-rules $firewall --inbound-rules protocol:tcp,ports:4222,address:0.0.0.0/0
doctl compute firewall add-rules $firewall --inbound-rules protocol:tcp,ports:7422,address:0.0.0.0/0
@@ -19,12 +18,9 @@ for firewall in `doctl compute firewall list | tail -n 3 | awk '{print $1}'`; do
done
```
For this setup, we will create a super cluster using the external IPs
from the nodes of the 3 clusters. For a production type of setup, it
is recommended to use a DNS entry and an A record for each one of the
servers.
For this setup, we will create a super cluster using the external IPs from the nodes of the 3 clusters. For a production type of setup, it is recommended to use a DNS entry and an A record for each one of the servers.
```sh
```bash
for ctx in do-ams3-nats-k8s-ams3 do-nyc1-nats-k8s-nyc1 do-sfo2-nats-k8s-sfo2; do
echo "name: $ctx"
for externalIP in `kubectl get nodes -o jsonpath='{.items[*].status.addresses[?(@.type=="ExternalIP")].address}'`; do
@@ -78,7 +74,7 @@ natsbox:
Let's deploy the super cluster with Helm using the name of cluster as the name of the gateway:
```sh
```bash
for ctx in do-ams3-nats-k8s-ams3 do-nyc1-nats-k8s-nyc1 do-sfo2-nats-k8s-sfo2; do
helm --kube-context $ctx install nats nats/nats -f super-cluster.yaml --set gateway.name=$ctx
done
@@ -86,7 +82,7 @@ done
That's it! It should now be possible to send some messages across regions:
```sh
```bash
# Start subscription in Amsterdam
nats-box:~# kubectl --context do-ams3-nats-k8s-ams3 exec -it nats-box -- /bin/sh -l
nats-box:~# nats-sub -s nats hello