From 1041362563bcf88a89310f9fd36db61da33c6f58 Mon Sep 17 00:00:00 2001 From: Mattia Lavacca Date: Thu, 31 Oct 2024 13:55:42 +0100 Subject: [PATCH] feat: KGO konnectExtension docs (#8097) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --------- Signed-off-by: Mattia Lavacca Co-authored-by: lena-larionova <54370747+lena-larionova@users.noreply.github.com> Co-authored-by: Michael Heap Co-authored-by: Patryk Małek --- .../gateway-operator/install_with_helm.md | 6 +- .../get-started/konnect/deploy-data-plane.md | 113 +++++++++++++++--- .../get-started/konnect/install.md | 6 + .../gateway-operator/guides/ai-gateway.md | 2 +- 4 files changed, 105 insertions(+), 22 deletions(-) diff --git a/app/_includes/snippets/gateway-operator/install_with_helm.md b/app/_includes/snippets/gateway-operator/install_with_helm.md index 886c4d526855..bc3634fac019 100644 --- a/app/_includes/snippets/gateway-operator/install_with_helm.md +++ b/app/_includes/snippets/gateway-operator/install_with_helm.md @@ -15,9 +15,9 @@ Install {{ site.kgo_product_name }} with Helm: ```bash helm upgrade --install kgo kong/gateway-operator -n kong-system --create-namespace --set image.tag={{ kgo_version }}{% if include.kconfCRDs %} \ --set kubernetes-configuration-crds.enabled=true{% endif %}{% if include.konnectEntities %} \ - --set env.enable_controller_konnect=true{% endif %}{% if include.aiGateway %} \ - --set env.enable_controller_aigateway=true{% endif %}{% if include.kongPluginInstallation %} \ - --set env.enable_controller_kongplugininstallation=true{% endif %} + --set env.ENABLE_CONTROLLER_KONNECT=true{% endif %}{% if include.aiGateway %} \ + --set env.ENABLE_CONTROLLER_AIGATEWAY=true{% endif %}{% if include.kongPluginInstallation %} \ + --set env.ENABLE_CONTROLLER_KONGPLUGININSTALLATION=true{% endif %} ``` You can wait for the operator to be ready using `kubectl wait`: diff --git a/app/_src/gateway-operator/get-started/konnect/deploy-data-plane.md b/app/_src/gateway-operator/get-started/konnect/deploy-data-plane.md index 6ea1dcf6b98b..93149d8f562b 100644 --- a/app/_src/gateway-operator/get-started/konnect/deploy-data-plane.md +++ b/app/_src/gateway-operator/get-started/konnect/deploy-data-plane.md @@ -7,23 +7,29 @@ chapter: 2 To attach a {{ site.kgo_product_name }} data plane to {{ site.konnect_short_name }} the data plane needs to know which endpoint to connect to, and how to authenticate the requests. -To get the endpoint and the authentication details of the data plane. -1. [Log in to {{ site.konnect_short_name }}](https://cloud.konghq.com/login). -1. Navigate to {% konnect_icon runtimes %} [**Gateway Manager**](https://cloud.konghq.com/us/gateway-manager), choose the control plane, and click **Create a New Data Plane Node**. -1. In the **Create a Data Plane Node** page select *Kubernetes* as the **Platform**. -1. Create a namespace named `kong` in the Kubernetes cluster - ```bash - kubectl create namespace kong - ``` -1. Click **Generate Certificate** in step 3. +To get the endpoint and the authentication details of the data plane: + +1. [Log in to {{ site.konnect_short_name }}](https://cloud.konghq.com/login). +1. Navigate to {% konnect_icon runtimes %} [**Gateway Manager**](https://cloud.konghq.com/gateway-manager), choose the control plane, and click **New DataPlane Node**. +1. In the **Create a Data Plane Node** page select *Kubernetes* as the **Platform**. +1. Click **Generate Certificate** in step 3. 1. Save the contents of **Cluster Certificate** in a file named `tls.crt`. Save the contents of **Cluster Key** in a file named `tls.key`. -1. Create a Kubernetes secret containing the cluster certificate: +1. Create a namespace named `kong` in the Kubernetes cluster: + + ```bash + kubectl create namespace kong + ``` +1. Create a Kubernetes secret containing the cluster certificate: ```bash - kubectl create secret tls kong-cluster-cert -n kong --cert=/{PATH_TO_FILE}/tls.crt --key=/{PATH_TO_FILE}/tls.key + kubectl create secret tls konnect-client-tls -n kong --cert=./tls.crt --key=./tls.key ``` -1. In the **Configuration parameters** step 4, find the value of `cluster_server_name`. The first segment of that value is the control plane ID for your cluster. For example, if the value of `cluster_server_name` is `36fc5d01be.us.cp0.konghq.com`, then the control plane ID of the cluster is `36fc5d01be`. -1. Replace `YOUR_CP_ID` with your control plane ID in the following manifest and deploy the data plane with `kubectl apply`: + +{% if_version lte:1.3.x %} + +1. In the **Configuration parameters** step 4, find the value of `cluster_server_name`. The first segment of that value is the control plane ID for your cluster. For example, if the value of `cluster_server_name` is `36fc5d01be.us.cp0.konghq.com`, then the control plane ID of the cluster is `36fc5d01be`. + +1. Replace `YOUR_CP_ID` with your control plane ID in the following manifest and deploy the data plane with `kubectl apply`: ```yaml echo ' @@ -67,19 +73,90 @@ To get the endpoint and the authentication details of the data plane. volumeMounts: - name: cluster-certificate mountPath: /var/cluster-certificate - - name: kong-cluster-cert - mountPath: /etc/secrets/kong-cluster-cert/ + - name: konnect-client-tls + mountPath: /etc/secrets/konnect-client-tls/ readOnly: true volumes: - name: cluster-certificate - - name: kong-cluster-cert + - name: konnect-client-tls secret: - secretName: kong-cluster-cert + secretName: konnect-client-tls defaultMode: 420 ' | kubectl apply -f - ``` - The results should look like this: + + The result should look like this: ```text dataplane.gateway-operator.konghq.com/dataplane-example configured ``` + +{% endif_version %} + +{% if_version gte:1.4.x %} + +1. Extract the following values from the **Configuration parameters** step 4: + 1. `CP_ID`: Find the value of `cluster_server_name`. The first segment of that value is the control plane ID for your cluster. For example, if the value of `cluster_server_name` is `36fc5d01be.us.cp0.konghq.com`, then the control plane ID of the cluster is `36fc5d01be` + 1. `REGION`: Find the value in the bottom left corner of the screen. + 1. `HOSTNAME`: The server you are connected to (e.g. `konghq.tech`, `konghq.com`). + +2. Now, create a [`KonnectExtension` resource](/gateway-operator/{{ page.release }}/reference/custom-resources#konnectextension). In the following manifest, replace the placeholders for `CP_ID`, `REGION`, and `HOSTNAME` with the values you just noted, and deploy it with `kubectl apply`: + + ```yaml + echo ' + kind: KonnectExtension + apiVersion: gateway-operator.konghq.com/v1alpha1 + metadata: + name: example-konnect-config + namespace: kong + spec: + controlPlaneRef: + type: konnectID + konnectID: + controlPlaneRegion: + serverHostname: + konnectControlPlaneAPIAuthConfiguration: + clusterCertificateSecretRef: + name: konnect-client-tls + ' | kubectl apply -f - + ``` + + The result should look like this: + + ```text + konnectextension.gateway-operator.konghq.com/example-konnect-config created + ``` + +3. Deploy your data plane that references such a `KonnectExtension` with `kubectl apply`: + + ```yaml + echo ' + apiVersion: gateway-operator.konghq.com/v1beta1 + kind: DataPlane + metadata: + name: dataplane-example + namespace: kong + spec: + extensions: + - kind: KonnectExtension + name: example-konnect-config + group: gateway-operator.konghq.com + deployment: + podTemplateSpec: + spec: + containers: + - name: proxy + image: kong/kong-gateway:{{ site.data.kong_latest_gateway.ee-version }} + env: + - name: KONG_LOG_LEVEL + value: debug + ' | kubectl apply -f - + ``` + + The result should look like this: + + ```text + dataplane.gateway-operator.konghq.com/dataplane-example created + ``` + +{% endif_version %} diff --git a/app/_src/gateway-operator/get-started/konnect/install.md b/app/_src/gateway-operator/get-started/konnect/install.md index 83bd9db98662..c0328d6f1b15 100644 --- a/app/_src/gateway-operator/get-started/konnect/install.md +++ b/app/_src/gateway-operator/get-started/konnect/install.md @@ -8,6 +8,12 @@ chapter: 1 {{ site.kgo_product_name }} can deploy and manage data planes attached to a {{ site.konnect_short_name }} control plane. All the services, routes, and plugins are configured in {{ site.konnect_short_name }} and sent to the data planes automatically. +{% if_version gte:1.4.x %} +{% include md/kgo/prerequisites.md disable_accordian=true version=page.version release=page.release kconfCRDs=true konnectEntities=true %} +{% endif_version %} + +{% if_version lte:1.3.x %} {% include md/kgo/prerequisites.md disable_accordian=true version=page.version release=page.release %} +{% endif_version %} Once the `gateway-operator-controller-manager` deployment is ready, you can deploy a `DataPlane` resource that is attached to a {{ site.konnect_short_name }} control plane. diff --git a/app/_src/gateway-operator/guides/ai-gateway.md b/app/_src/gateway-operator/guides/ai-gateway.md index 627896856700..53bab3bc7338 100644 --- a/app/_src/gateway-operator/guides/ai-gateway.md +++ b/app/_src/gateway-operator/guides/ai-gateway.md @@ -107,4 +107,4 @@ curl $PROXY_IP/devteam-chatgpt -H 'Content-Type: application/json' -X POST -d '{ }' ``` -For more information about how to use the AI plugins, see the [plugin hub](/hub/kong-inc/ai-proxy/#input-formats). \ No newline at end of file +For more information about how to use the AI plugins, see the [plugin hub](/hub/kong-inc/ai-proxy/#input-formats).