Install Kong Ingress Controller for Kubernetes
Install the Gateway API CRDs
Install the Gateway API CRDs before installing Kong Ingress Controller.
1
|
$ kubectl apply -f https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.0.0/standard-install.yaml
|
Create a Gateway and GatewayClass instance to use.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
|
echo "
---
apiVersion: gateway.networking.k8s.io/v1
kind: GatewayClass
metadata:
name: kong
annotations:
konghq.com/gatewayclass-unmanaged: 'true'
spec:
controllerName: konghq.com/kic-gateway-controller
---
apiVersion: gateway.networking.k8s.io/v1
kind: Gateway
metadata:
name: kong
spec:
gatewayClassName: kong
listeners:
- name: proxy
port: 80
protocol: HTTP
" | kubectl apply -f -
|
Install Kong
Install Kong in your Kubernetes cluster using Helm:
1
2
|
$ helm repo add kong https://charts.konghq.com
$ helm repo update
|
Install Kong Ingress Controller and Kong Gateway with Helm:
1
|
$ helm install kong kong/ingress -n kong --create-namespace
|
Connect to LoadBalancer services
Start an external load balancer by running the following command in a different terminal:
Test connectivity to Kong
Kubernetes exposes the proxy through a Kubernetes service. Run the following commands to store the load balancer IP address in a variable named PROXY_IP:
1
2
|
$ export PROXY_IP=$(kubectl get svc --namespace kong kong-gateway-proxy -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
$ echo $PROXY_IP
|
Ensure that you can call the proxy IP:
1
2
3
4
5
6
7
8
|
HTTP/1.1 404 Not Found
Content-Type: application/json; charset=utf-8
Connection: keep-alive
Content-Length: 48
X-Kong-Response-Latency: 0
Server: kong/3.0.0
{"message":"no Route matched with those values"}
|
Services and Routes
A Service inside Kubernetes is a way to abstract an application that is running on a set of Pods. This maps to two objects in Kong: Service and Upstream.
The service object in Kong holds the information of the protocol to use to talk to the upstream service and various other protocol specific settings. The Upstream object defines load-balancing and health-checking behavior.
Routes are configured using Gateway API or Ingress resources, such as HTTPRoute, TCPRoute, GRPCRoute, Ingress and more.
Deploy an echo service
1
|
$ kubectl apply -f https://docs.konghq.com/assets/kubernetes-ingress-controller/examples/echo-service.yaml
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
|
echo "
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: echo
annotations:
konghq.com/strip-path: 'true'
spec:
parentRefs:
- name: kong
rules:
- matches:
- path:
type: PathPrefix
value: /echo
backendRefs:
- name: echo
kind: Service
port: 1027
" | kubectl apply -f -
|
Test the routing rule:
1
|
$ curl -i $PROXY_IP/echo
|
The results should look like this:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
|
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Content-Length: 140
Connection: keep-alive
Date: Fri, 21 Apr 2023 12:24:55 GMT
X-Kong-Upstream-Latency: 0
X-Kong-Proxy-Latency: 1
Via: kong/3.2.2
Welcome, you are connected to node docker-desktop.
Running on Pod echo-7f87468b8c-tzzv6.
In namespace default.
With IP address 10.1.0.237.
...
|
If everything is deployed correctly, you should see the above response. This verifies that Kong Gateway can correctly route traffic to an application running inside Kubernetes.
Plugins
Authentication
Basic Authentication
Key Authentication
JWT Authentication
Rate Limiting
Proxy Caching
Cleanup
1
|
$ kubectl delete -f https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.0.0/standard-install.yaml
|
Reference
Kong Helm Charts
Kong for Kubernetes Kong
Implementing Kong Gateway on k8s
Install Kong Ingress Controller with Helm