Kong API Gateway (Hybrid mode)
Precondition
Cluster has to be deployed with the Hashicorp Vault sample and NGINX Ingress Controller . Otherwise this demo wouldn't work, because it needs the autogenerated TLS certificates.
Kong Enterprise: If you want to install the Kong Enterprise mode, you will need to add a file named license.jsonin the folder examples/kong-gateway.
DNS preparation
You can test Kong Ingress by adding the following entry to your /etc/hosts file:
bash
# Append to /etc/hosts
[...]
127.0.0.1 httpbin.example.com
127.0.0.1 kong-manager.example.com
127.0.0.1 kong-admin.example.comInstallation
You can start the installation of Kong API Gateway with the included shell script:
bash
cd examples/kong-gateway
bash setup.shThe following components are installed with the setup.sh:
- Creates Kubernetes Gateway API CRDs
- Hashicorp Vault - HELM Chart / cert-manager HELM Chart (see README)
- Kong Ingress HELM Chart is used to deploy Kong API Gateway
- Installs Kong Control Plane (Kong Ingress Controller, KIC) instance to namespace kong
- Installs 2 Kong Gateway node (Gateway Proxies) instances to namespace kong
- Creates Gateway API Configuration
- Gateway Class Ressource for Kong Gateway
- Gateway configuration for Kong Gateway instance (KIC and Gateway Proxies)
- Creates httpbin HttpRoute
- After that you can open httpbin with the URL: https://httpbin.example.com:8081. When you have added the Root CA to your system Truststore, or your browser the connection should be secured correctly. You can find the Root CA certificate under:
examples/vault/root-certs/rootCACert.pem.
- After that you can open httpbin with the URL: https://httpbin.example.com:8081. When you have added the Root CA to your system Truststore, or your browser the connection should be secured correctly. You can find the Root CA certificate under:
Show Kong Manager
If your local DNS settings (/etc/hosts) are set correctly, you can open the Kong Manager UI in your browser: https://kong-manager.example.com:8081