From 9267e4dfc225ea09c6a7ae42a42593a3f497fa71 Mon Sep 17 00:00:00 2001 From: Rajakavitha Date: Fri, 6 Oct 2023 14:47:29 +0530 Subject: [PATCH 1/6] rewrite of the deployment instructions --- .../md/kic/kong-enterprise-license-secret.md | 23 +- .../kic-v2/deployment/k4k8s-enterprise.md | 287 +++++++++++------- 2 files changed, 182 insertions(+), 128 deletions(-) diff --git a/app/_includes/md/kic/kong-enterprise-license-secret.md b/app/_includes/md/kic/kong-enterprise-license-secret.md index 57dc8172f2da..08c29cc64969 100644 --- a/app/_includes/md/kic/kong-enterprise-license-secret.md +++ b/app/_includes/md/kic/kong-enterprise-license-secret.md @@ -1,16 +1,17 @@ -### Kong Enterprise License secret +#### Kong Enterprise License secret Enterprise version requires a valid license to run. As part of sign up for Kong Enterprise, you should have received a license file. If you do not have one, please contact your sales representative. -Save the license file temporarily to disk with filename `license` -and execute the following: +1. Save the license file temporarily to disk with filename `license.json`. +1. Deploy Kong Enterprise in the `kong` namespace. + Ensure that you provide the file path where you have stored `license.json` file when you run the command. To deploy {{site.kic_product_name}} in a different namespace, change the value of `-n kong`. -```bash -$ kubectl create secret generic kong-enterprise-license --from-file=license=./license.json -n kong -secret/kong-enterprise-license created -``` - -Please note that `-n kong` specifies the namespace in which you are deploying - the {{site.kic_product_name}}. If you are deploying in a different namespace, - please change this value. + ```bash + $ kubectl create secret generic kong-enterprise-license --from-file=license=./license.json -n kong + ``` + The results should look like this: + + ```text + secret/kong-enterprise-license created + ``` \ No newline at end of file diff --git a/app/_src/kic-v2/deployment/k4k8s-enterprise.md b/app/_src/kic-v2/deployment/k4k8s-enterprise.md index 133c71ae5f4c..d37b2389985f 100644 --- a/app/_src/kic-v2/deployment/k4k8s-enterprise.md +++ b/app/_src/kic-v2/deployment/k4k8s-enterprise.md @@ -6,128 +6,181 @@ Kong for Kubernetes Enterprise is an enhanced version of the Open-Source Ingress Controller. It includes all Enterprise plugins and comes with 24x7 support for worry-free production deployment. -This is available to enterprise customers of Kong, Inc. only. - -## Prerequisites - -Before we can deploy Kong, we need to satisfy one prerequisite: create a license -secret. - -To create this secret, provision the `kong` namespace first: - -```bash -$ kubectl create namespace kong -namespace/kong created -``` +This is available only for enterprise customers of Kong, Inc. + +## Before you begin + +1. Create the `kong` namespace in the cluster to create a secret. + + ```bash + $ kubectl create namespace kong + ``` + The results should look like this: + ```text + namespace/kong created + ``` +1. Create [Kong Enterprise License secret](#kong-enterprise-license-secret) + +1. Create a `values.yaml` file with these details to deploy using Helm charts. + ``` + image: + repository: kong/kong-gateway + tag: 2.2.1.0-alpine + env: + LICENSE_DATA: + valueFrom: + secretKeyRef: + name: kong-enterprise-license + key: license + ``` {% include_cached /md/kic/kong-enterprise-license-secret.md version=page.version %} -## Installers - -Once the secret is in-place, we can proceed with installation. - -Kong for Kubernetes can be installed using an installer of -your choice: - -### YAML manifests - -Execute the following to install Kong for Kubernetes Enterprise using YAML -manifests: - -```bash -kubectl apply -f https://raw.githubusercontent.com/Kong/kubernetes-ingress-controller/v{{ page.version }}/deploy/single/all-in-one-dbless-k4k8s-enterprise.yaml -``` - -It takes a few minutes the first time this setup is done. - -```bash -$ kubectl get pods -n kong -NAME READY STATUS RESTARTS AGE -ingress-kong-6ffcf8c447-5qv6z 2/2 Running 1 44m -``` - -You can also see the `kong-proxy` service: - -```bash -$ kubectl get service kong-proxy -n kong -NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE -kong-proxy LoadBalancer 10.63.254.78 35.233.198.16 80:32697/TCP,443:32365/TCP 22h -``` - -> Note: Depending on the Kubernetes distribution you are using, you might or might -not see an external IP address assigned to the service. Please see -your provider's guide on obtaining an IP address for a Kubernetes Service of -type `LoadBalancer`. - -Let's setup an environment variable to hold the IP address: - -```bash -$ export PROXY_IP=$(kubectl get -o jsonpath="{.status.loadBalancer.ingress[0].ip}" service -n kong kong-proxy) -``` - -{:.note} -> Note: It may take a while for your cloud provider to actually associate the -IP address to the `kong-proxy` Service. - -### Kustomize - +### Installing Kong Enterprise + +Kong for Kubernetes Enterprise can be installed using an installer of your choice. After the installation is complete, see the [getting started](/kubernetes-ingress-controller/{{page.kong_version}}/guides/getting-started) tutorial to learn more. + +{% navtabs %} +{% navtab YAML manifests %} +1. Install Kong for Kubernetes Enterprise using YAML manifests. + + ```bash + kubectl apply -f https://raw.githubusercontent.com/Kong/kubernetes-ingress-controller/v{{ page.version }}/deploy/single/all-in-one-dbless-k4k8s-enterprise.yaml + ``` + The results should look like this: + ```text + role.rbac.authorization.k8s.io/kong-leader-election created + clusterrole.rbac.authorization.k8s.io/kong-ingress created + clusterrole.rbac.authorization.k8s.io/kong-ingress-crds created + clusterrole.rbac.authorization.k8s.io/kong-ingress-gateway created + clusterrole.rbac.authorization.k8s.io/kong-ingress-knative created + rolebinding.rbac.authorization.k8s.io/kong-leader-election created + clusterrolebinding.rbac.authorization.k8s.io/kong-ingress created + clusterrolebinding.rbac.authorization.k8s.io/kong-ingress-crds created + clusterrolebinding.rbac.authorization.k8s.io/kong-ingress-gateway created + clusterrolebinding.rbac.authorization.k8s.io/kong-ingress-knative created + service/kong-admin created + service/kong-proxy created + service/kong-validation-webhook created + deployment.apps/ingress-kong created + deployment.apps/proxy-kong created + ingressclass.networking.k8s.io/kong created + ``` +1. Check if the {{site.kic_product_name}} is ready. + ```bash + $ kubectl get pods -n kong + ``` + The results should look like this: + ```text + NAME READY STATUS RESTARTS AGE + ingress-kong-6ffcf8c447-5qv6z 2/2 Running 1 44m + ``` + It takes a few minutes the first time you set this up. +1. Check if the `kong-proxy` service is deployed. + + ```bash + $ kubectl get service kong-proxy -n kong + ``` + The results should look like this: + ```text + NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE + kong-proxy LoadBalancer 10.63.254.78 192.168.99.100 80:32697/TCP,443:32365/TCP 22h + ``` + + > Note: Depending on the Kubernetes distribution you are using, you might or might not see an external IP address assigned to the service. To obtain an IP address for a Kubernetes Service of type `LoadBalancer`, see your cloud provider's documentation. + +1. Kubernetes exposes the proxy through a Kubernetes service. Run the following commands to store the load balancer IP address in a variable named `PROXY_IP`: + + ```bash + $ export PROXY_IP=$(kubectl get -o jsonpath="{.status.loadBalancer.ingress[0].ip}" service -n kong kong-proxy) + echo $PROXY_IP + ``` + The results should look like this: + ```text + 192.168.99.100 + ``` + + {:.note} + > Note: It may take a while for your cloud provider to actually associate the + IP address to the `kong-proxy` Service. + +{% endnavtab %} +{% navtab Kustomize %} {:.important} > Kustomize manifests are provided for illustration purposes only and are not officially supported by Kong. There is no guarantee of backwards compatibility or upgrade capabilities for our Kustomize manifests. For a production setup with Kong support, use the [Helm chart](https://github.com/kong/charts). -Use Kustomize to install Kong for Kubernetes Enterprise: - -``` -kustomize build github.com/kong/kubernetes-ingress-controller/config/variants/enterprise -``` - -You can use the above URL as a base kustomization and build on top of it -as well. - -Once installed, set an environment variable, $PROXY_IP with the External IP address of -the `kong-proxy` service in `kong` namespace: - -``` -export PROXY_IP=$(kubectl get -o jsonpath="{.status.loadBalancer.ingress[0].ip}" service -n kong kong-proxy) -``` - -### Helm - -You can use Helm to install Kong via the official Helm chart: - -``` -$ helm repo add kong https://charts.konghq.com -$ helm repo update - -# Helm 3 -$ helm install kong/kong --generate-name \ - --namespace kong \ - -f values.yaml \ - --set ingressController.installCRDs=false -``` - -### Example values.yaml -``` -image: - repository: kong/kong-gateway - tag: 2.2.1.0-alpine -env: - LICENSE_DATA: - valueFrom: - secretKeyRef: - name: kong-enterprise-license - key: license -``` - -Once installed, set an environment variable, $PROXY_IP with the External IP address of -the `demo-kong-proxy` service in `kong` namespace: - -``` -export PROXY_IP=$(kubectl get -o jsonpath="{.status.loadBalancer.ingress[0].ip}" service -n kong demo-kong-proxy) -``` - -## Using Kong for Kubernetes Enterprise - -Once you've installed Kong for Kubernetes Enterprise, please follow our -[getting started](/kubernetes-ingress-controller/{{page.kong_version}}/guides/getting-started) tutorial to learn more. +1. Install Kong for Kubernetes using Kustomize: + + ```bash + kubectl apply -k github.com/kong/kubernetes-ingress-controller/config/variants/enterprise + ``` + You can use this as a base kustomization and build on top of it for your cluster and use-case. + + The results should look like this: + ```text + role.rbac.authorization.k8s.io/kong-leader-election created + clusterrole.rbac.authorization.k8s.io/kong-ingress created + clusterrole.rbac.authorization.k8s.io/kong-ingress-crds created + clusterrole.rbac.authorization.k8s.io/kong-ingress-gateway created + clusterrole.rbac.authorization.k8s.io/kong-ingress-knative created + rolebinding.rbac.authorization.k8s.io/kong-leader-election created + clusterrolebinding.rbac.authorization.k8s.io/kong-ingress created + clusterrolebinding.rbac.authorization.k8s.io/kong-ingress-crds created + clusterrolebinding.rbac.authorization.k8s.io/kong-ingress-gateway created + clusterrolebinding.rbac.authorization.k8s.io/kong-ingress-knative created + service/kong-admin created + service/kong-proxy created + service/kong-validation-webhook created + deployment.apps/ingress-kong created + deployment.apps/proxy-kong created + ingressclass.networking.k8s.io/kong created + ``` + +1. Kubernetes exposes the proxy through a Kubernetes service. Run the following commands to store the load balancer IP address in a variable named `PROXY_IP`: + + ```bash + HOST=$(kubectl get svc --namespace kong kong-proxy -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + PORT=$(kubectl get svc --namespace kong kong-proxy -o jsonpath='{.spec.ports[0].port}') + export PROXY_IP=${HOST}:${PORT} + echo $PROXY_IP + ``` + The results should look like this: + ```text + 192.168.99.100:80 + ``` +{% endnavtab %} +{% navtab Helm %} +You can use Helm to install Kong using the official Helm chart: + +1. Install {{site.kic_product_name}} and {{ site.base_gateway }} with Helm: + + ``` + $ helm repo add kong https://charts.konghq.com + $ helm repo update + $ helm install kong kong/ingress -n kong --create-namespace + ``` + The reults should look like this: + ```text + NAME: kong + LAST DEPLOYED: Fri Oct 6 14:41:16 2023 + NAMESPACE: kong + STATUS: deployed + REVISION: 1 + TEST SUITE: None + ``` +1. Kubernetes exposes the proxy through a Kubernetes service. Run the following commands to store the load balancer IP address in a variable named `PROXY_IP`: + + ``` + HOST=$(kubectl get svc --namespace kong kong-gateway-proxy -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + PORT=$(kubectl get svc --namespace kong kong-gateway-proxy -o jsonpath='{.spec.ports[0].port}') + export PROXY_IP=${HOST}:${PORT} + echo $PROXY_IP + ``` + The results should look like this: + ```text + 192.168.99.100:80 + ``` +{% endnavtab %} +{% endnavtabs %} From dc804ea1a0e00e42ec2ffeb15a0829f221f2a9e1 Mon Sep 17 00:00:00 2001 From: Rajakavitha Date: Fri, 6 Oct 2023 14:55:20 +0530 Subject: [PATCH 2/6] fix a typo --- app/_src/kic-v2/deployment/k4k8s-enterprise.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/_src/kic-v2/deployment/k4k8s-enterprise.md b/app/_src/kic-v2/deployment/k4k8s-enterprise.md index d37b2389985f..dfbe5809f57e 100644 --- a/app/_src/kic-v2/deployment/k4k8s-enterprise.md +++ b/app/_src/kic-v2/deployment/k4k8s-enterprise.md @@ -161,7 +161,7 @@ You can use Helm to install Kong using the official Helm chart: $ helm repo update $ helm install kong kong/ingress -n kong --create-namespace ``` - The reults should look like this: + The results should look like this: ```text NAME: kong LAST DEPLOYED: Fri Oct 6 14:41:16 2023 From 443a8b95dd2205751188c582e5d7efa6ed05123d Mon Sep 17 00:00:00 2001 From: Rajakavitha Date: Wed, 11 Oct 2023 15:08:58 +0530 Subject: [PATCH 3/6] incorporate code review --- .../kic-v2/deployment/k4k8s-enterprise.md | 28 +++++++++---------- 1 file changed, 13 insertions(+), 15 deletions(-) diff --git a/app/_src/kic-v2/deployment/k4k8s-enterprise.md b/app/_src/kic-v2/deployment/k4k8s-enterprise.md index dfbe5809f57e..18f7a90ebe61 100644 --- a/app/_src/kic-v2/deployment/k4k8s-enterprise.md +++ b/app/_src/kic-v2/deployment/k4k8s-enterprise.md @@ -21,19 +21,6 @@ This is available only for enterprise customers of Kong, Inc. ``` 1. Create [Kong Enterprise License secret](#kong-enterprise-license-secret) -1. Create a `values.yaml` file with these details to deploy using Helm charts. - ``` - image: - repository: kong/kong-gateway - tag: 2.2.1.0-alpine - env: - LICENSE_DATA: - valueFrom: - secretKeyRef: - name: kong-enterprise-license - key: license - ``` - {% include_cached /md/kic/kong-enterprise-license-secret.md version=page.version %} ### Installing Kong Enterprise @@ -153,13 +140,24 @@ For a production setup with Kong support, use the [Helm chart](https://github.co {% endnavtab %} {% navtab Helm %} You can use Helm to install Kong using the official Helm chart: - +1. Create a `values.yaml` file with these details to deploy using Helm charts. + ``` + image: + repository: kong/kong-gateway + tag: {{ site.data.kong_latest_gateway.ee-version }} + env: + LICENSE_DATA: + valueFrom: + secretKeyRef: + name: kong-enterprise-license + key: license + ``` 1. Install {{site.kic_product_name}} and {{ site.base_gateway }} with Helm: ``` $ helm repo add kong https://charts.konghq.com $ helm repo update - $ helm install kong kong/ingress -n kong --create-namespace + $ helm install kong kong/ingress -n kong --create-namespace --values ./values.yaml ``` The results should look like this: ```text From 2c8508a6fde4ca3147e9cafe84b6deb3e0344537 Mon Sep 17 00:00:00 2001 From: Rajakavitha Kodhandapani Date: Mon, 16 Oct 2023 19:15:14 +0530 Subject: [PATCH 4/6] Update app/_src/kic-v2/deployment/k4k8s-enterprise.md Co-authored-by: Michael Heap --- .../kic-v2/deployment/k4k8s-enterprise.md | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/app/_src/kic-v2/deployment/k4k8s-enterprise.md b/app/_src/kic-v2/deployment/k4k8s-enterprise.md index 18f7a90ebe61..45cb44d011c9 100644 --- a/app/_src/kic-v2/deployment/k4k8s-enterprise.md +++ b/app/_src/kic-v2/deployment/k4k8s-enterprise.md @@ -142,15 +142,16 @@ For a production setup with Kong support, use the [Helm chart](https://github.co You can use Helm to install Kong using the official Helm chart: 1. Create a `values.yaml` file with these details to deploy using Helm charts. ``` - image: - repository: kong/kong-gateway - tag: {{ site.data.kong_latest_gateway.ee-version }} - env: - LICENSE_DATA: - valueFrom: - secretKeyRef: - name: kong-enterprise-license - key: license + gateway: + image: + repository: kong/kong-gateway + tag: {{ site.data.kong_latest_gateway.ee-version }} + env: + LICENSE_DATA: + valueFrom: + secretKeyRef: + name: kong-enterprise-license + key: license ``` 1. Install {{site.kic_product_name}} and {{ site.base_gateway }} with Helm: From fe2d8c3471704bb66889ffdb741668c0fccbe200 Mon Sep 17 00:00:00 2001 From: Rajakavitha Kodhandapani Date: Tue, 17 Oct 2023 18:56:14 +0530 Subject: [PATCH 5/6] make vale happy --- app/_includes/md/kic/kong-enterprise-license-secret.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/app/_includes/md/kic/kong-enterprise-license-secret.md b/app/_includes/md/kic/kong-enterprise-license-secret.md index 5e1806209d52..9bddfa40a5cf 100644 --- a/app/_includes/md/kic/kong-enterprise-license-secret.md +++ b/app/_includes/md/kic/kong-enterprise-license-secret.md @@ -5,7 +5,7 @@ Enterprise version requires a valid license to run. As part of sign up for {{site.ee_product_name}}, you should have received a license file. If you do not have one, please contact your sales representative. 1. Save the license file temporarily to disk with filename `license.json`. -1. Deploy Kong Enterprise in the `kong` namespace. +1. Deploy {{site.ee_product_name}} in the `kong` namespace. Ensure that you provide the file path where you have stored `license.json` file when you run the command. To deploy {{site.kic_product_name}} in a different namespace, change the value of `-n kong`. ```bash @@ -15,4 +15,4 @@ If you do not have one, please contact your sales representative. ```text secret/kong-enterprise-license created - ``` \ No newline at end of file + ``` From dc0e74cd6d3a09d8e52c2b0f467792d4f854327d Mon Sep 17 00:00:00 2001 From: Rajakavitha Kodhandapani Date: Tue, 17 Oct 2023 18:57:36 +0530 Subject: [PATCH 6/6] make vale happy --- app/_src/kic-v2/deployment/k4k8s-enterprise.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/app/_src/kic-v2/deployment/k4k8s-enterprise.md b/app/_src/kic-v2/deployment/k4k8s-enterprise.md index 45cb44d011c9..e31db9227f95 100644 --- a/app/_src/kic-v2/deployment/k4k8s-enterprise.md +++ b/app/_src/kic-v2/deployment/k4k8s-enterprise.md @@ -19,11 +19,11 @@ This is available only for enterprise customers of Kong, Inc. ```text namespace/kong created ``` -1. Create [Kong Enterprise License secret](#kong-enterprise-license-secret) +1. Create {{site.ee_product_name}} [License secret](#kong-enterprise-license-secret) {% include_cached /md/kic/kong-enterprise-license-secret.md version=page.version %} -### Installing Kong Enterprise +### Installing {{site.ee_product_name}} Kong for Kubernetes Enterprise can be installed using an installer of your choice. After the installation is complete, see the [getting started](/kubernetes-ingress-controller/{{page.kong_version}}/guides/getting-started) tutorial to learn more.