Home / Kong Operator / Konnect / Get Started
Edit
Report

Install Kong Operator

Uses: Kong Operator
Incompatible with
on-prem
Related Documentation
Operator Documentation
In This Series
  1. Install Kong Operator
  2. Create API Authentication
  3. Create a control plane
  4. Create a Service and Route
  5. Enable Proxy Caching
  6. Enable Key Authentication
Tags
#install #helm
TL;DR

Use Helm and Kong’s kong-operator chart.

Kong Operator can deploy and manage data planes connected to a Konnect control plane. Configuration for Services, Routes, and plugins is managed entirely through Konnect and propagated automatically to data planes.

Create the kong namespace

Create the kong namespace in your Kubernetes cluster, which is where the Getting Started guide will run:

kubectl create namespace kong

Install Kong Operator

  1. Add the Kong Helm charts:

    helm repo add kong https://charts.konghq.com
helm repo update

  2. Install Kong Operator using Helm:

    helm upgrade --install kong-operator kong/kong-operator -n kong-system \
  --create-namespace \
  --set image.tag=2.1 \
  --set env.ENABLE_CONTROLLER_KONNECT=true

    If you want cert-manager to issue and rotate the admission and conversion webhook certificates, install cert-manager to your cluster and enable cert-manager integration by passing the following argument while installing, in the next step:

    --set global.webhooks.options.certManager.enabled=true

    If you do not enable this, the chart will generate and inject self-signed certificates automatically. We recommend enabling cert-manager to manage the lifecycle of these certificates. Kong Operator needs a certificate authority to sign the certificate for mTLS communication between the control plane and the data plane. This is handled automatically by the Helm chart. If you need to provide a custom CA certificate, refer to the certificateAuthority section in the values.yaml of the Helm chart to learn how to create and reference your own CA certificate.

Wait for readiness

Wait for Kong Operator’s controller deployment to become available before proceeding, ensuring it’s ready to manage resources:

kubectl -n kong-system wait --for=condition=Available=true --timeout=120s deployment/kong-operator-kong-operator-controller-manager

Once the Kong Operator is ready, you can begin provisioning Gateway control planes and data planes using Konnect CRDs.

Next → 2. Create API Authentication
Something wrong?
Report an Issue | Edit this Page
View all Kong documentation

Help us make these docs great!

Kong Developer docs are open source. If you find these useful and want to make them better, contribute today!
Contribute

Still need help?

Ask in our Slack Community
Contact Support