Create a control plane
Create a KonnectGatewayControlPlane object and add Konnect authentication.
Prerequisites
Series Prerequisites
This page is part of the Deploy Hybrid DataPlanes with Kong Operator series.
Complete the previous page, Install Kong Operator in Konnect hybrid mode before completing this page.
Kong Konnect
If you don’t have a Konnect account, you can get started quickly with our onboarding wizard.
- The following Konnect items are required to complete this tutorial:
- Personal access token (PAT): Create a new personal access token by opening the Konnect PAT page and selecting Generate Token.
-
Set the personal access token as an environment variable:
export KONNECT_TOKEN='YOUR KONNECT TOKEN'Copied!
Create a KonnectAPIAuthConfiguration resource
kubectl create namespace kong --dry-run=client -o yaml | kubectl apply -f -
echo '
kind: KonnectAPIAuthConfiguration
apiVersion: konnect.konghq.com/v1alpha1
metadata:
name: konnect-api-auth
namespace: kong
spec:
type: token
token: "'$KONNECT_TOKEN'"
serverURL: us.api.konghq.com
' | kubectl apply -f -
Create a KonnectGatewayControlPlane
Create a KonnectGatewayControlPlane object and add the Konnect authentication resource we created in the prerequisites.
echo '
kind: KonnectGatewayControlPlane
apiVersion: konnect.konghq.com/v1alpha2
metadata:
name: gateway-control-plane
namespace: kong
spec:
createControlPlaneRequest:
name: gateway-control-plane
konnect:
authRef:
name: konnect-api-auth
' | kubectl apply -f -
Make sure that the
KonnectGatewayControlPlaneresource is in the same namespace as theKonnectAPIAuthConfigurationresource.
Validate
You can verify the KonnectGatewayControlPlane was reconciled successfully by checking its Programmed condition.
kubectl get -n kong konnectgatewaycontrolplane gateway-control-plane \
-o=jsonpath='{.status.conditions[?(@.type=="Programmed")]}' | jq
The output should look similar to this:
{
"observedGeneration": 1,
"reason": "Programmed",
"status": "True",
"type": "Programmed"
}