diff --git a/app/_how-tos/operator-get-started-hybrid-create-route.md b/app/_how-tos/operator-get-started-hybrid-create-route.md index 7c05c61288..5eff602409 100644 --- a/app/_how-tos/operator-get-started-hybrid-create-route.md +++ b/app/_how-tos/operator-get-started-hybrid-create-route.md @@ -6,7 +6,7 @@ content_type: how_to permalink: /operator/dataplanes/get-started/hybrid/create-route/ series: id: operator-get-started-hybrid - position: 3 + position: 4 breadcrumbs: - /operator/ diff --git a/app/_how-tos/operator-get-started-hybrid-deploy-dataplane.md b/app/_how-tos/operator-get-started-hybrid-deploy-dataplane.md index d3c2e7bc42..5c6e4c801b 100644 --- a/app/_how-tos/operator-get-started-hybrid-deploy-dataplane.md +++ b/app/_how-tos/operator-get-started-hybrid-deploy-dataplane.md @@ -1,12 +1,12 @@ --- -title: Deploy a DataPlane -description: "Deploy a DataPlane using {{ site.operator_product_name }}." +title: Deploy a data plane +description: "Deploy a data plane using {{ site.operator_product_name }}." content_type: how_to permalink: /operator/dataplanes/get-started/hybrid/deploy-dataplane/ series: id: operator-get-started-hybrid - position: 2 + position: 3 breadcrumbs: - /operator/ @@ -25,55 +25,15 @@ works_on: entities: [] tldr: - q: How can I deploy a DataPlane with {{ site.operator_product_name }}? + q: How can I deploy a data plane with {{ site.operator_product_name }}? a: Create a `DataPlane` object and use the `KonnectExtension` reference. prereqs: - show_works_on: true skip_product: true operator: konnect: - auth: true - control_plane: true konnectextension: true --- -{:data-deployment-topology='konnect'} -## Create the DataPlane - -Configure a Kong `DataPlane` by using your `KonnectExtension` reference: - -```bash -echo ' -apiVersion: gateway-operator.konghq.com/v1beta1 -kind: DataPlane -metadata: - name: dataplane-example - namespace: kong -spec: - extensions: - - kind: KonnectExtension - name: my-konnect-config - group: konnect.konghq.com - deployment: - podTemplateSpec: - spec: - containers: - - name: proxy - image: kong/kong-gateway:{{ site.data.gateway_latest.release }} -' | kubectl apply -f - -``` - -## Check the Ready status - - -{% validation kubernetes-resource %} -kind: DataPlane -name: dataplane-example -conditionType: Ready -reason: Ready -{% endvalidation %} - - -If the `DataPlane` has `Ready` condition set to `True` then you can visit {{site.konnect_short_name}} and see the dataplane in the list of connected Data Planes for your Control Plane. +{% include /how-tos/steps/operator-hybrid-data-plane.md %} diff --git a/app/_how-tos/operator-get-started-hybrid-install.md b/app/_how-tos/operator-get-started-hybrid-install.md index 7961414d43..54286fd340 100644 --- a/app/_how-tos/operator-get-started-hybrid-install.md +++ b/app/_how-tos/operator-get-started-hybrid-install.md @@ -1,6 +1,6 @@ --- title: Install {{ site.operator_product_name }} in {{ site.konnect_short_name }} hybrid mode -description: "Learn how to install {{ site.operator_product_name }} in Konnect hybrid mode using Helm" +description: "Learn how to install {{ site.operator_product_name }} in {{ site.konnect_short_name }} hybrid mode using Helm" content_type: how_to permalink: /operator/dataplanes/get-started/hybrid/install/ @@ -23,7 +23,7 @@ works_on: - konnect min_version: - kgo: '1.6.1' + operator: '1.6.1' entities: [] @@ -41,19 +41,7 @@ tags: - helm --- -{% assign gwapi_version = "1.3.0" %} - -## Deploying Data Planes - -{{ site.operator_product_name }} can deploy and manage Data Planes attached to a {{ site.konnect_short_name }} Control Plane. All the Services, Routes, and plugins are configured in {{ site.konnect_short_name }} and sent to the Data Planes automatically. - -## Install CRDs - -If you want to use Gateway API resources, run this command: - -```shell -kubectl apply -f https://github.com/kubernetes-sigs/gateway-api/releases/download/v{{ gwapi_version }}/standard-install.yaml -``` +{{ site.operator_product_name }} can deploy and manage data planes attached to a {{ site.konnect_short_name }} control plane. All the Services, Routes, and plugins are configured in {{ site.konnect_short_name }} and sent to the data planes automatically. ## Install {{ site.operator_product_name }} @@ -65,5 +53,4 @@ Wait for {{ site.operator_product_name }} to be ready {% include prereqs/products/operator-validate-deployment.md %} -Once the `kong-operator-kong-operator-controller-manager` deployment is ready, you can deploy a `DataPlane` resource that is attached to a {{ site.konnect_short_name }} Gateway Control Plane. -You can use [this guide](/operator/dataplanes/konnectextension/#konnect-control-plane-reference) to learn more about how to do this. +Once the `kong-operator-kong-operator-controller-manager` deployment is ready, you can deploy a `DataPlane` resource that is attached to a {{ site.konnect_short_name }} Gateway control plane. diff --git a/app/_how-tos/operator-konnect-control-plane.md b/app/_how-tos/operator-konnect-control-plane.md index 0d1ad0c83c..5efe14c5bd 100644 --- a/app/_how-tos/operator-konnect-control-plane.md +++ b/app/_how-tos/operator-konnect-control-plane.md @@ -1,6 +1,6 @@ --- -title: Create a Control Plane -description: "Create a Hybrid mode Control Plane in {{ site.konnect_short_name }}" +title: Create a control plane +description: "Create a Hybrid mode control plane in {{ site.konnect_short_name }}" content_type: how_to permalink: /operator/konnect/crd/control-planes/hybrid/ @@ -12,6 +12,10 @@ breadcrumbs: group: Konnect section: "Konnect CRDs: Control Planes" +series: + id: operator-get-started-hybrid + position: 2 + products: - operator @@ -24,10 +28,12 @@ tags: - konnect-crd tldr: - q: How do I create a Hybrid mode Control Plane in {{ site.konnect_short_name }}? + q: How do I create a Hybrid mode control plane in {{ site.konnect_short_name }}? a: Create a `KonnectGatewayControlPlane` object and add {{ site.konnect_short_name }} authentication. prereqs: + show_works_on: true + skip_product: true operator: konnect: auth: true @@ -53,7 +59,11 @@ spec: {% endkonnect_crd %} -## Validation + +{:.info} +> Make sure that the `KonnectGatewayControlPlane` resource is in the same namespace as the `KonnectAPIAuthConfiguration` resource. + +## Validate {% validation kubernetes-resource %} diff --git a/app/_how-tos/operator-konnect-getstarted-authentication.md b/app/_how-tos/operator-konnect-getstarted-authentication.md index a662cd4bb0..38190fb4c4 100644 --- a/app/_how-tos/operator-konnect-getstarted-authentication.md +++ b/app/_how-tos/operator-konnect-getstarted-authentication.md @@ -30,6 +30,7 @@ entities: [] prereqs: skip_product: true + show_works_on: true --- diff --git a/app/_how-tos/operator-konnect-getstarted-controlplane.md b/app/_how-tos/operator-konnect-getstarted-controlplane.md index f28d2b7281..952e665547 100644 --- a/app/_how-tos/operator-konnect-getstarted-controlplane.md +++ b/app/_how-tos/operator-konnect-getstarted-controlplane.md @@ -1,6 +1,6 @@ --- -title: Create a Control Plane -description: Define a Konnect Gateway Control Plane and bind it to your cluster using a `KonnectExtension`. +title: Create a control plane +description: Define a {{site.konnect_short_name}} Gateway control plane and bind it to your cluster using a `KonnectExtension`. content_type: how_to permalink: /operator/konnect/get-started/control-plane/ breadcrumbs: @@ -16,9 +16,9 @@ series: position: 3 tldr: - q: How do I create a Control Plane + q: How do I create a control plane? a: | - Define a `KonnectGatewayControlPlane` to point to your Konnect instance, and a `KonnectExtension` to bind your Data Plane or Gateway to it. + Define a `KonnectGatewayControlPlane` to point to your {{site.konnect_short_name}} instance, and a `KonnectExtension` to bind your Data Plane or Gateway to it. products: - operator @@ -26,21 +26,19 @@ products: works_on: - konnect -entities: [] - related_resources: - - text: Deploy a DataPlane + - text: Deploy a data plane url: /operator/dataplanes/get-started/hybrid/deploy-dataplane/ --- ## Create a `KonnectGatewayControlPlane` -Use the `KonnectGatewayControlPlane` resource to define the {{site.konnect_short_name}} Control Plane that your CRDs will target. This enables your cluster to send configuration to Konnect. +Use the `KonnectGatewayControlPlane` resource to define the {{site.konnect_short_name}} Control Plane that your CRDs will target. This enables your cluster to send configuration to {{site.konnect_short_name}}. -A `KonnectAPIAuthConfiguration` must already exist to authenticate with the Konnect API. If you haven’t created one yet, see [Create API Authentication](/operator/konnect/get-started/authentication/). +A `KonnectAPIAuthConfiguration` must already exist to authenticate with the {{site.konnect_short_name}} API. If you haven’t created one yet, see [Create API Authentication](/operator/konnect/get-started/authentication/). -Apply the following configuration to define a Control Plane named `gateway-control-plane`: +Apply the following configuration to define a control plane named `gateway-control-plane`: @@ -58,12 +56,15 @@ spec: {% endkonnect_crd %} -This resource links your cluster to a specific Control Plane instance in {{site.konnect_short_name}} using the credentials provided in `konnect-api-auth`. +This resource links your cluster to a specific control plane instance in {{site.konnect_short_name}} using the credentials provided in `konnect-api-auth`. + +{:.info} +> Make sure that the `KonnectGatewayControlPlane` resource is in the same namespace as the `KonnectAPIAuthConfiguration` resource. -## Bind the Control Plane using a `KonnectExtension` +## Bind the control plane using a `KonnectExtension` -To finalize the connection between your cluster and the {{site.konnect_short_name}} control plane, create a `KonnectExtension` object. This resource binds your local Gateway or Data Plane to the {{site.konnect_short_name}} control plane you've defined. +To finalize the connection between your cluster and the {{site.konnect_short_name}} control plane, create a `KonnectExtension` object. This resource binds your local Gateway or data plane to the {{site.konnect_short_name}} control plane you've defined. {% konnect_crd %} diff --git a/app/_how-tos/operator-konnect-getstarted-dataplane.md b/app/_how-tos/operator-konnect-getstarted-dataplane.md new file mode 100644 index 0000000000..fc0c177ed8 --- /dev/null +++ b/app/_how-tos/operator-konnect-getstarted-dataplane.md @@ -0,0 +1,35 @@ +--- +title: Deploy a data plane +description: "Deploy a data plane using {{ site.operator_product_name }}." +content_type: how_to + +permalink: /operator/konnect/get-started/data-plane/ +series: + id: operator-konnectcrds-get-started + position: 4 + +breadcrumbs: + - /operator/ + - index: operator + group: Gateway Deployment + - index: operator + group: Gateway Deployment + section: "Get Started" + +products: + - operator + +works_on: + - konnect + +entities: [] + +tldr: + q: How can I deploy a data plane with {{ site.operator_product_name }}? + a: Create a `DataPlane` object and use the `KonnectExtension` reference. + +prereqs: + skip_product: true +--- + +{% include /how-tos/steps/operator-hybrid-data-plane.md %} diff --git a/app/_how-tos/operator-konnect-getstarted-install.md b/app/_how-tos/operator-konnect-getstarted-install.md index 12f493a8ff..0b059356d8 100644 --- a/app/_how-tos/operator-konnect-getstarted-install.md +++ b/app/_how-tos/operator-konnect-getstarted-install.md @@ -21,8 +21,6 @@ products: works_on: - konnect -entities: [] - prereqs: skip_product: true @@ -35,9 +33,7 @@ tags: - helm --- -## Install {{site.operator_product_name}} - -The {{site.operator_product_name}} can deploy and manage Data Planes connected to a {{ site.konnect_short_name }} Control Plane. Configuration for services, routes, and plugins is managed entirely through {{site.konnect_short_name}} and propagated automatically to Data Planes. +{{site.operator_product_name}} can deploy and manage data planes connected to a {{ site.konnect_short_name }} control plane. Configuration for Services, Routes, and plugins is managed entirely through {{site.konnect_short_name}} and propagated automatically to data planes. ## Create the `kong` namespace @@ -47,16 +43,14 @@ Create the `kong` namespace in your Kubernetes cluster, which is where the Getti kubectl create namespace kong ``` -## Install the Operator - -{% include prereqs/products/operator.md raw=true v_maj=1 %} +## Install {{site.operator_product_name}} -{% include k8s/cert-manager.md %} +{% include prereqs/products/operator.md raw=true v_maj=2 %} ### Wait for readiness -Wait for the {{site.operator_product_name}}'s controller deployment to become available before proceeding, ensuring it’s ready to manage resources: +Wait for {{site.operator_product_name}}'s controller deployment to become available before proceeding, ensuring it’s ready to manage resources: {% include prereqs/products/operator-validate-deployment.md %} -Once the {{site.operator_product_name}} is ready, you can begin provisioning Gateway Control Planes and Data Planes using {{site.konnect_short_name}} CRDs. +Once the {{site.operator_product_name}} is ready, you can begin provisioning Gateway control planes and data planes using {{site.konnect_short_name}} CRDs. diff --git a/app/_how-tos/operator-konnect-getstarted-key-auth.md b/app/_how-tos/operator-konnect-getstarted-key-auth.md index 95f8984229..1cd2ad4209 100644 --- a/app/_how-tos/operator-konnect-getstarted-key-auth.md +++ b/app/_how-tos/operator-konnect-getstarted-key-auth.md @@ -1,5 +1,5 @@ --- -title: Key Authentication +title: Enable Key Authentication description: Secure an API using the `key-auth` plugin and credentials from a `KongConsumer`. content_type: how_to permalink: /operator/konnect/get-started/key-authentication/ @@ -13,7 +13,7 @@ breadcrumbs: series: id: operator-konnectcrds-get-started - position: 7 + position: 8 tldr: q: How do I secure an API with key authentication using {{site.konnect_short_name}} CRDs? @@ -29,7 +29,6 @@ tools: works_on: - konnect -entities: [] next_steps: - text: See the Custom resource definitions (CRDs) reference url: /operator/reference/custom-resources/ @@ -83,19 +82,20 @@ Keys are stored as Kubernetes `Secrets` and Consumers are managed with the `Kong 1. Create a new `Secret` labeled to use `key-auth` credential type: - ```bash - echo ' - apiVersion: v1 - kind: Secret - metadata: - name: alex-key-auth - namespace: kong - labels: - konghq.com/credential: key-auth - stringData: - key: hello_world - ' | kubectl apply -f - - ``` + ```bash + echo ' + apiVersion: v1 + kind: Secret + metadata: + name: alex-key-auth + namespace: kong + labels: + konghq.com/credential: key-auth + konghq.com/secret: "true" + stringData: + key: hello_world + ' | kubectl apply -f - + ``` 1. Create a new Consumer and attach the credential: @@ -125,4 +125,4 @@ konnect_url: $PROXY_IP on_prem_url: $PROXY_IP {% endvalidation %} - The results will return successfully. \ No newline at end of file +The request should be successful. \ No newline at end of file diff --git a/app/_how-tos/operator-konnect-getstarted-proxy-cache.md b/app/_how-tos/operator-konnect-getstarted-proxy-cache.md index 52382602af..c74eaba294 100644 --- a/app/_how-tos/operator-konnect-getstarted-proxy-cache.md +++ b/app/_how-tos/operator-konnect-getstarted-proxy-cache.md @@ -13,7 +13,7 @@ breadcrumbs: series: id: operator-konnectcrds-get-started - position: 6 + position: 7 tldr: q: How do I enable response caching with {{site.konnect_short_name}} CRDs? @@ -29,8 +29,6 @@ tools: works_on: - konnect -entities: [] - tags: - caching diff --git a/app/_how-tos/operator-konnect-getstarted-ratelimiting.md b/app/_how-tos/operator-konnect-getstarted-ratelimiting.md index bea221b552..a3b1f621fa 100644 --- a/app/_how-tos/operator-konnect-getstarted-ratelimiting.md +++ b/app/_how-tos/operator-konnect-getstarted-ratelimiting.md @@ -13,7 +13,7 @@ breadcrumbs: series: id: operator-konnectcrds-get-started - position: 5 + position: 6 tldr: q: How do I configure rate limiting with {{site.konnect_short_name}} CRDs? @@ -33,8 +33,6 @@ entities: [] --- -## About rate limiting - Rate limiting is used to control the rate of requests sent to an upstream service. It can be used to prevent DoS attacks, limit web scraping, and other forms of overuse. Without rate limiting, clients have unlimited access to your upstream services, which may negatively impact availability. {{site.base_gateway}} imposes rate limits on clients through the [Rate Limiting plugin](/plugins/rate-limiting/). When rate limiting is enabled, clients are restricted in the number of requests that can be made in a configurable period of time. The plugin supports identifying clients as consumers based on authentication or by the client IP address of the requests. @@ -66,41 +64,14 @@ data: {% endentity_example %} -## Deploy a Data Plane - -Apply a `DataPlane` resource to deploy a {{site.base_gateway}} instance that connects to your {{site.konnect_short_name}} Control Plane: - -```bash -echo ' -apiVersion: gateway-operator.konghq.com/v1beta1 -kind: DataPlane -metadata: - name: dataplane-example - namespace: kong -spec: - extensions: - - kind: KonnectExtension - name: my-konnect-config - group: konnect.konghq.com - deployment: - podTemplateSpec: - spec: - containers: - - name: proxy - image: kong/kong-gateway:{{ site.data.gateway_latest.release }} -' | kubectl apply -f - -``` - ## Get the Proxy IP -Retrieve the external IP address of the deployed Data Plane service: - - +Retrieve the external IP address of the deployed data plane: ```bash NAME=$(kubectl get -o yaml -n kong service | yq '.items[].metadata.name | select(contains("dataplane-ingress"))') export PROXY_IP=$(kubectl get svc -n kong $NAME -o jsonpath='{range .status.loadBalancer.ingress[0]}{@.ip}{@.hostname}{end}') -curl -i $PROXY_IP +echo $PROXY_IP ``` diff --git a/app/_how-tos/operator-konnect-getstarted-services-routes.md b/app/_how-tos/operator-konnect-getstarted-services-routes.md index a62d3a5c6f..279ca21946 100644 --- a/app/_how-tos/operator-konnect-getstarted-services-routes.md +++ b/app/_how-tos/operator-konnect-getstarted-services-routes.md @@ -13,7 +13,7 @@ breadcrumbs: series: id: operator-konnectcrds-get-started - position: 4 + position: 5 tldr: q: How do I expose an upstream service using Konnect CRDs? @@ -30,8 +30,6 @@ entities: [] --- -## How Kubernetes resources map to {{site.base_gateway}} entities - A Kubernetes Service represents an application running on a group of Pods. In {{site.base_gateway}}, this maps to a `Service` and `Upstream`. * The **KongService** defines protocol-specific information and connection settings to reach the upstream application. diff --git a/app/_includes/components/entity_example/format/snippets/kic.md b/app/_includes/components/entity_example/format/snippets/kic.md index 8c4aa71a85..77b93ac7e7 100644 --- a/app/_includes/components/entity_example/format/snippets/kic.md +++ b/app/_includes/components/entity_example/format/snippets/kic.md @@ -18,7 +18,7 @@ Next, apply the `KongPlugin` resource by annotating the {{ include.presenter.tar {% for key in include.presenter.foreign_keys -%} {% capture target_name %}{{ key | upcase }}_NAME{% endcapture -%} {% if include.presenter.foreign_key_names[key] %}{% assign target_name = include.presenter.foreign_key_names[key] %}{% endif -%} -kubectl annotate -n kong {% if key contains "Service" %}{{ key | downcase }}{% else %}{% if key contains "Route" %}{{ key | downcase }}{% endif %}{% if key contains "Consumer" %}kong{{ key | downcase }}{% endif %}{% else %}Kong{{ key }}{% endif %} {{ target_name }} konghq.com/plugins={{ include.presenter.other_plugins }}{{ include.presenter.full_resource.metadata.name }}{% if include.presenter.other_plugins %} --overwrite{% endif %} +kubectl annotate -n kong {% if key contains "Service" %}{{ key | downcase }}{% else %}{% if key contains "Route" %}{{ key | downcase }}{% endif %}{% if key == "Kongroute" %}{{ key | downcase }}{% endif %}{% if key == "Kongservice" %}{{ key | downcase }}{% endif %}{% if key contains "Consumer" %}kong{{ key | downcase }}{% endif %}{% else %}Kong{{ key }}{% endif %} {{ target_name }} konghq.com/plugins={{ include.presenter.other_plugins }}{{ include.presenter.full_resource.metadata.name }}{% if include.presenter.other_plugins %} --overwrite{% endif %} {% endfor -%} ``` {% else %} diff --git a/app/_includes/how-tos/steps/operator-hybrid-data-plane.md b/app/_includes/how-tos/steps/operator-hybrid-data-plane.md new file mode 100644 index 0000000000..4388b7d16f --- /dev/null +++ b/app/_includes/how-tos/steps/operator-hybrid-data-plane.md @@ -0,0 +1,37 @@ +## Create the data plane + +Configure a Kong `DataPlane` by using your `KonnectExtension` reference: + +```bash +echo ' +apiVersion: gateway-operator.konghq.com/v1beta1 +kind: DataPlane +metadata: + name: dataplane-example + namespace: kong +spec: + extensions: + - kind: KonnectExtension + name: my-konnect-config + group: konnect.konghq.com + deployment: + podTemplateSpec: + spec: + containers: + - name: proxy + image: kong/kong-gateway:{{ site.data.gateway_latest.release }} +' | kubectl apply -f - +``` + +## Check the Ready status + + +{% validation kubernetes-resource %} +kind: DataPlane +name: dataplane-example +conditionType: Ready +reason: Ready +{% endvalidation %} + + +If the `DataPlane` has `Ready` condition set to `True` then you can visit {{site.konnect_short_name}} and see the dataplane in the list of connected data planes for your control plane. \ No newline at end of file diff --git a/app/_plugins/drops/entity_example/presenters/kic.rb b/app/_plugins/drops/entity_example/presenters/kic.rb index 6e6123afe2..e8f311a277 100644 --- a/app/_plugins/drops/entity_example/presenters/kic.rb +++ b/app/_plugins/drops/entity_example/presenters/kic.rb @@ -64,6 +64,8 @@ def targets keys = foreign_keys.map do |key| next '`service`' if key == 'Service' next '`httproute` or `ingress`' if key == 'Route' + next '`KongRoute`' if key == 'Kongroute' + next '`KongService`' if key == 'Kongservice' "`Kong#{key}`" end