Installation [Beta]#
Minimum Requirements#
Kubernetes cluster must have the following minimum requirements available:
| CPU Unit | RAM | Disk Space | Processor Type |
|---|---|---|---|
| 1 | 2 GB | 10 GB | 64 Bit |
DB-less mode(Recommended)#
To install Gluu Gateway on kuberentes, follow these steps:
-
[Pre-requirement] Install Gluu on kubernetes if not already installed and make sure OXD server is installed by answering
YtoInstall Casa. AnswerNto promptInstall Gluu Gateway Database modeas this option is for Database mode. -
Create namespace
kongfor Gluu-Gatewaykubectl create ns kong -
Create
kong.ymldeclarative configuration before proceeding. Head to DB-less Cloud Native edition section and finish steps there, then continue here. Please note that loadingkong.ymloccurs automatically as thekong.ymlgets pulled from secrets and loaded if changes occur to it. An update onkong.ymlrequires only an update to the secret created in the next step. The deployment will automatically re-load upon changes. -
Once done with creating
kong.ymlcreate secret calledkong-configin the same namespace as Gluu Gatewaykubectl create secret generic kong-config -n kong --from-file=kong.yml -
Install Kong with GG plugins. The only component that must be changed inside kongs manifests is the
image:tagof kong togluufederation/gluu-gateway:4.2.1_03. Please refer to kongs kubernetes installation for more tweaks and detail.wget https://bit.ly/kong-ingress-dbless && cat kong-ingress-dbless | sed -s "s@image: kong:2.1@image: gluufederation/gluu-gateway:4.2.1_03@g" | kubectl apply -f -Please refer to kongs official chart for more options.
helm repo add kong https://charts.konghq.com helm repo update # Helm 3 helm install gg-kong kong/kong --set ingressController.installCRDs=false --set image.repository=gluufederation/gluu-gateway --set image.tag=4.2.1_03 --set --namespace=kong -
In order for the kong deployment to read the secret containing
kong.ymlyou must grant it permissions by adding thegetto to theCluserRoleof kong handling thesecretsresource.kubectl edit ClusterRole kong-ingress-clusterrole apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRole metadata: name: kong-ingress-clusterrole rules: - apiGroups: - "" resources: - endpoints - nodes - pods - secrets verbs: - list - watch - get # <---- Add this here
Head to DB-less for more information. Please note that loading kong.yml occurs automatically as the kong.yml gets pulled from secrets and loaded if changes occur to it.
Uninstall#
helm delete gg-kong -n gluu-gateway
DB mode#
Warning
Installing Gluu Gateway ui automatically adds an ingress and allows access through the loadbalancer for Gluu deployment. This is a security risk and it is better to use kubectl port-forward <gg-ui-pod> 443:8443 -n <gluu-namespace> to access the UI when needed. You can delete the ingress definition using kubectl delete <gg-ui-ingress-name> -n <gluu-namespace>.
Note
Please make sure that the Kubernetes cluster is 1.16.x. Higher versions has an issue with the current postgres operator setup.
Pre-requisites#
- Please install Helm v3 which is required for KubeDB in both methods of installation below.
Automatic full installation#
-
Install Gluu with Gluu gateway on kubernetes.
./pygluu-kubernetes.pyz install # To install Gluu-Gateway only: Gluu must be already installed in the same kubernetes cluster ./pygluu-kubernetes.pyz install-gg-dbmode
Helm#
-
Install Gluu and Postgres run. Answer
Yto promptInstall Gluu Gateway. This will install Gluu, Postgres, and setup the databases and required secrets for Gluu-Gateway and Gluu-Gateway-UI../pygluu-kubernetes.pyz helm-install -
Wait until Gluu is up and running. Make sure oxd server and oxauth pods are running
kubectl -n gluu wait --for=condition=available --timeout=900s deploy/gluu-oxauth kubectl -n gluu wait --for=condition=available --timeout=300s deploy/gluu-oxd-server -
Install Gluu Gateway and Gluu Gateway UI
./pygluu-kubernetes.pyz helm-install-gg-dbmode
Uninstall#
./pygluu-kubernetes.pyz uninstall-gg-dbmode
# With helm
./pygluu-kubernetes.pyz helm-uninstall-gg-dbmode