Skip to content

Instantly share code, notes, and snippets.

Show Gist options
  • Save hgye/644bfaa8157108d6c203ce22b5f17814 to your computer and use it in GitHub Desktop.
Save hgye/644bfaa8157108d6c203ce22b5f17814 to your computer and use it in GitHub Desktop.
Making routr working on k8s and remote cli managment.md
Making routr working on k8s and remote cli managment
===
### Prepare
- Pls make sure you have traefik in your k8s, if you don't, please [install it](https://github.com/traefik/traefik-helm-chart)
- [Install routr using helm](https://artifacthub.io/packages/helm/routr/routr)
- [install rctl](https://routr.io/docs/administration/cli/installation/) in you pc, or management laptop, etc.
### Create ingressroute for routr
- update you traefik, create two entrypoints for tcp/udp
```yaml=
@ traefik/values.yaml:206 @ ports:
# The port protocol (TCP/UDP)
protocol: TCP
# nodePort: 32443
tcpep:
port: 10080
expose: true
exposedPort: 10080
protocol: TCP
udpep:
port: 10090
expose: true
exposedPort: 10090
protocol: UDP
```
- using helm to upgrade traefik
```shell=
helm upgrade -f values.yaml traefik traefik/traefik -n traefik
```
- create ingressrouter for routr
```yaml=
cat -p routr-ingressroute.yaml  ✔  11561  14:08:17  81% (...) 🔋
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: routr-ingress
spec:
entryPoints:
- websecure
routes:
- match: Host(`sip.example.io`) # && PathPrefix(`/api`)
kind: Rule
services:
- name: routr-api
port: 4567
tls:
secretName: routr-example-io-tls
# certResolver: letsencrypt
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRouteTCP
metadata:
name: ingressroute.tcp.sip
namespace: routr
spec:
entryPoints:
- tcpep
routes:
- match: HostSNI(`sip.example.io`)
kind: Rule
services:
- name: routr-siptcp
port: 5060
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRouteUDP
metadata:
name: ingressroute.udp.sip
namespace: routr
spec:
entryPoints:
- udpep
routes:
- kind: Rule
services:
- name: routr-sipudp
port: 5060
```
- apply ingressrouter yaml and verify
```shell=
$ k apply -f routr-ingressroute.yaml -n routr
$ k get ingressroutes -n routr
NAME AGE
routr-ingress 21h
$k get ingressroutetcps -n routr
NAME AGE
ingressroute.tcp.sip 105m
$ k get ingressrouteudps.traefik.containo.us -n routr
NAME AGE
ingressroute.udp.sip 107m
```
### disable https for routr restapi service
- disable unsecured in values.yaml
```shell=
unsecured: true
```
- upgrade routr
```shell=
helm upgrade -f values.yaml routr routr/routr -n routr
```
- rescale routr deployments make change effect
```shell=
k scale deployment -n routr routr --replicas 0
k scale deployment -n routr routr --replicas 1
```
### enable rctl to management
- using curl to verify
```shell=
curl -k -u "admin:changeit" https://sip.example.io/api/v1beta1/token
{"status":200,"message":"Successful request","data":"eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJhZG1pbiJ9.MPPwPXbj_fOhwTYKY26JxKvLgTmJbkSu2eHyJPmaDt4jOlvWMhWIeQK4jDBDkZ3d0QVYW0kaTcYiL7f3mnKNHg"}%
```
- rctl login
```
$rctl login https://sip.example.io/api/v1beta1 -u admin -p changeit
Done
```
- rctl to create resouces
```
$rctl create -f gateways.yml
Created
Created
$rctl create -f numbers.yml
Created
$rctl create -f domains.yml
Created
Created
$rctl create -f agents.yml
Created
Created
Created
```
- get resouces
```shell=
$ rctl get gateway
╔════════════════════════╦════════════╦═══════════════╦═════════╦════╗
║REF ║DESC ║HOST ║AUTH TYPE║REGS║
╠════════════════════════╬════════════╬═══════════════╬═════════╬════╣
║gw50a1a4ca ║Example Inc.║sip.example.io ║UserPass ║None║
╠════════════════════════╬════════════╬═══════════════╬═════════╬════╣
║60640ad524f66a001359ec5e║Example Inc.║sip2.example.io║StaticIP ║None║
╚════════════════════════╩════════════╩═══════════════╩═════════╩════╝
$ rctl get number
╔══════════╦══════════╦════════════════════╦══════════════════════╦════════════════╗
║REF ║GW REF ║TEL URI ║ADDRESS OF RECORD LINK║COUNTRY/CITY ║
╠══════════╬══════════╬════════════════════╬══════════════════════╬════════════════╣
║dd76afc94b║gw50a1a4ca║tel:+008602512345678║sip:1001@sip.local ║Nanjing, Jiangsu║
╚══════════╩══════════╩════════════════════╩══════════════════════╩════════════════╝
$rctl get domain
╔════════════════════════╦══════════════════╦═══════════════╦═════════════════════════════════════════╦════╗
║REF ║NAME ║URI ║EGRESS POLICY ║ACL ║
╠════════════════════════╬══════════════════╬═══════════════╬═════════════════════════════════════════╬════╣
║60640aef24f66a001359ec5f║Local SIP Server ║sip.example.io ║{"rule":".{5,}","numberRef":"dd76afc94b"}║None║
╠════════════════════════╬══════════════════╬═══════════════╬═════════════════════════════════════════╬════╣
║606404cf24f66a001359ec5d║Local SIP Server 2║sip2.example.io║None ║None║
╚════════════════════════╩══════════════════╩═══════════════╩═════════════════════════════════════════╩════╝
$rctl get agents
╔════════════════════════╦════════╦═════════╦═══════════════╗
║REF ║USERNAME║NAME ║DOMAIN(S) ║
╠════════════════════════╬════════╬═════════╬═══════════════╣
║60640b0024f66a001359ec62║4001 ║Janie Doe║sip2.example.io║
╠════════════════════════╬════════╬═════════╬═══════════════╣
║60640b0024f66a001359ec61║1002 ║Janie Doe║sip.example.io ║
╠════════════════════════╬════════╬═════════╬═══════════════╣
║60640b0024f66a001359ec60║1001 ║John Doe ║sip.example.io ║
```
- enjoy it :)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment