This is example helm chart for Kong Kubernetes deployment.
- Generate the keys
- Run the charts
Command
certs/generateCPDPwssCerts.sh
Generate
- CA cert
- CP cert for WSS
- DP cert for WSS
Command certs/generateCPendpointCerts.sh
Generate the * cert for all the https enpo The same * cert is used to keep the example simple for control plane and data plane.
View the script helm_setup.sh to check how to deploy kong.
Include the charts
helm repo add kong https://charts.konghq.com
helm repo add bitnami https://charts.bitnami.com/bitnami
helm repo update
Command
helm_setup.sh new
Install helm chart for first time.
Command
helm_setup.sh upgrade
Upgrade existing helm deployment. After first install
Command
helm_setup.sh clean
Delete all the charts and namespaces.
The certs that are included by default in the repo are
cp_cert/cp_cert/control-plane.crt = controlplane.example.com
dp_cert/data-plane.crt = dp_cert/dp1.example.com
ca_cert/ca-cert.pem = kong-cx.com
ssl-certs/control-plane-components.crt = *.example.com
The default urls that are configured are Kong Manager https://manager.example.com:8445 Kong Portal https://portal.example.com:8446 Kong Admin API https://adminapi.example.com:8444 Kong Portal API https://portalapi.example.com:8447
- You might be able to access via locahost but the due to TLS mismatch UI might not work
- Can possibly use DNSmask to point the above urls to localhost to get it working
- The default user is always
kong_admin - The default password in loaded as secret and was loaded while running the
helm_setup.sh - To update the password change this value
CHANGETHISinhelm_setup.shfile
kubectl create secret generic kong-enterprise-superuser-password --from-literal=password="CHANGETHIS" -n cp
- If you have already run the script and want to change the password, easiest is to run
./helm_setup.sh cleanand new install with./helm_setup.sh new
- certs Certificates are stored here
- charts All the helm chart values are stored here
- conf Sample dummy configuration for Kong is stored here