Home / Kong Gateway Operator / Gateway Deployment / Get Started
Edit
Report

Create a Gateway

Uses: Kong Gateway Operator
Related Documentation
All Operator Documentation
In This Series
  1. Install Kong Gateway Operator
  2. Create a Gateway
  3. Create a Route with Kong Gateway Operator and Kong Ingress Controller
TL;DR

Create a GatewayConfiguration object, the. createGatewayClass instance and a Gateway resource.

Prerequisites

Series Prerequisites

This page is part of the Deploy Kong Ingress Controller with Kong Gateway Operator series.

Complete the previous page, Install Kong Gateway Operator before completing this page.

Kong Konnect

If you don’t have a Konnect account, you can get started quickly with our onboarding wizard.

  1. The following Konnect items are required to complete this tutorial:
    • Personal access token (PAT): Create a new personal access token by opening the Konnect PAT page and selecting Generate Token.

  2. Set the personal access token as an environment variable:

    export KONNECT_TOKEN='YOUR KONNECT TOKEN'

Create a KonnectAPIAuthConfiguration resource

 
kubectl create namespace kong --dry-run=client -o yaml | kubectl apply -f -
echo '
kind: KonnectAPIAuthConfiguration
apiVersion: konnect.konghq.com/v1alpha1
metadata:
  name: konnect-api-auth
  namespace: kong
spec:
  type: token
  token: "'$KONNECT_TOKEN'"
  serverURL: us.api.konghq.com
' | kubectl apply -f -

Create a KonnectGatewayControlPlane resource

 
echo '
kind: KonnectGatewayControlPlane
apiVersion: konnect.konghq.com/v1alpha1
metadata:
  name: gateway-control-plane
  namespace: kong
spec:
  name: gateway-control-plane
  cluster_type: CLUSTER_TYPE_K8S_INGRESS_CONTROLLER
  konnect:
    authRef:
      name: konnect-api-auth
' | kubectl apply -f -

Create a KonnectExtension resource

 
echo '
kind: KonnectExtension
apiVersion: konnect.konghq.com/v1alpha1
metadata:
  name: my-konnect-config
  namespace: kong
spec:
  clientAuth:
    certificateSecret:
      provisioning: Automatic
  konnect:
    controlPlane:
      ref:
        type: konnectNamespacedRef
        konnectNamespacedRef:
          name: gateway-control-plane' | kubectl apply -f -

ControlPlane and DataPlane resources

Creating GatewayClass and Gateway resources in Kubernetes causes Kong Gateway Operator to create a Kong Ingress Controller and Kong Gateway deployment.

You can customize your Kong Ingress Controller and Kong Gateway deployments using the GatewayConfiguration CRD. This allows you to control the image being used, and set any required environment variables.

Create the GatewayConfiguration

In order to specify the KonnectExtension in Gateway’s configuration you need to create a GatewayConfiguration object which will hold the KonnectExtension reference.

echo '
kind: GatewayConfiguration
apiVersion: gateway-operator.konghq.com/v1beta1
metadata:
  name: kong
  namespace: kong
spec:
  extensions:
    - kind: KonnectExtension
      name: my-konnect-config
      group: konnect.konghq.com
  dataPlaneOptions:
    deployment:
      replicas: 2
  controlPlaneOptions:
    deployment:
      podTemplateSpec:
        spec:
          containers:
          - name: controller
            env:
            - name: CONTROLLER_LOG_LEVEL
              value: debug' | kubectl apply -f -

GatewayConfiguration

 
echo 'kind: GatewayConfiguration
apiVersion: gateway-operator.konghq.com/v1beta1
metadata:
  name: kong
  namespace: kong
spec:
  dataPlaneOptions:
    deployment:
      podTemplateSpec:
        spec:
          containers:
          - name: proxy
            image: kong:3.9.1
  controlPlaneOptions:
    deployment:
      podTemplateSpec:
        spec:
          containers:
          - name: controller
            image: kong/kubernetes-ingress-controller:
            env:
            - name: CONTROLLER_LOG_LEVEL
              value: debug' | kubectl apply -f -

GatewayClass

To use the Gateway API resources to configure your Routes, you need to create a GatewayClass instance and create a Gateway resource that listens on the ports that you need.

echo '
kind: GatewayClass
apiVersion: gateway.networking.k8s.io/v1
metadata:
  name: kong
  namespace: kong
spec:
  controllerName: konghq.com/gateway-operator
  parametersRef:
    group: gateway-operator.konghq.com
    kind: GatewayConfiguration
    name: kong
    namespace: kong
---
kind: Gateway
apiVersion: gateway.networking.k8s.io/v1
metadata:
  name: kong
  namespace: kong
spec:
  gatewayClassName: kong
  listeners:
  - name: http
    protocol: HTTP
    port: 80' | kubectl apply -f -

You can verify that everything works by checking the Gateway resource via kubectl:

kubectl get -n kong gateway kong -o wide

You should see the following output:

NAME   CLASS   ADDRESS        PROGRAMMED   AGE
kong   kong    172.18.0.102   True         9m5s

Check the Programmed status

If the Gateway has Programmed condition set to True, you can visit Konnect and see your configuration being synced by Kong Ingress Controller.

Check that Programmed is True on the kong resource:

You can verify the Gateway was reconciled successfully by checking its Programmed condition.

kubectl get -n kong gateway kong \
  -o=jsonpath='{.status.conditions[?(@.type=="Programmed")]}' | jq

The output should look similar to this:

{
  "observedGeneration": 1,
  "reason": "Programmed",
  "status": "True",
  "type": "Programmed"
}
← Previous 1. Install Kong Gateway Operator Next → 3. Create a Route with Kong Gateway Operator and Kong Ingress Controller
Something wrong?
Report an Issue | Edit this Page

Help us make these docs great!

Kong Developer docs are open source. If you find these useful and want to make them better, contribute today!
Contribute

Still need help

Ask in our Forum
Contact Support