Created
July 13, 2022 12:09
-
-
Save robincher/9db9c456275a1a3c84f8f9479978c4e8 to your computer and use it in GitHub Desktop.
Deploying Kong Enterprise with Helm and k3d
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Kong for Kubernetes with Kong Enterprise with Enterprise features enabled and | |
| # exposed via TLS-enabled Ingresses. Before installing: | |
| # * Several settings (search for the string "CHANGEME") require user-provided | |
| # Secrets. These Secrets must be created before installation. | |
| # * Ingresses reference example "<service>.kong.CHANGEME.example" hostnames. These must | |
| # be changed to an actual hostname that resolve to your proxy. | |
| # * Ensure that your session configurations create cookies that are usable | |
| # across your services. The admin session configuration must create cookies | |
| # that are sent to both the admin API and Kong Manager, and any Dev Portal | |
| # instances with authentication must create cookies that are sent to both | |
| # the Portal and Portal API. | |
| # * Running with k3d, remember to map the node ports | |
| # k3d cluster create scratch -p '9001:31001@agent:0' -p '9002:31002@agent:0' -p '9000:31000@agent:0' -p '9003:31003@agent:0' --agents 1 | |
| image: | |
| repository: kong/kong-gateway | |
| tag: "2.8" | |
| env: | |
| prefix: /kong_prefix/ | |
| database: postgres | |
| proxy_url: http://localhost:9000 | |
| admin_gui_url: http://localhost:9002 | |
| admin_api_uri: http://localhost:9001 | |
| portal_gui_host: localhost:9003 | |
| portal_api_url: http://localhost:9004 | |
| portal_gui_protocol: http | |
| portal_auth: basic-auth | |
| password: | |
| valueFrom: | |
| secretKeyRef: | |
| name: kong-enterprise-superuser-password #CHANGEME | |
| key: password #CHANGEME | |
| admin: | |
| enabled: true | |
| type: NodePort | |
| annotations: | |
| konghq.com/protocol: "https" | |
| http: | |
| # Enable plaintext HTTP listen for the admin API | |
| # Disabling this and using a TLS listen only is recommended for most configuration | |
| enabled: true | |
| servicePort: 8001 | |
| containerPort: 8001 | |
| # Set a nodePort which is available if service type is NodePort | |
| nodePort: 31001 | |
| # Additional listen parameters, e.g. "reuseport", "backlog=16384" | |
| parameters: [] | |
| tls: | |
| enabled: false | |
| servicePort: 8444 | |
| containerPort: 8444 | |
| parameters: | |
| - http2 | |
| ingress: | |
| enabled: false | |
| proxy: | |
| enabled: true | |
| type: NodePort | |
| annotations: {} | |
| http: | |
| # Enable plaintext HTTP listen for the proxy | |
| enabled: true | |
| servicePort: 80 | |
| containerPort: 8000 | |
| # Set a nodePort which is available if service type is NodePort | |
| nodePort: 31000 | |
| # Additional listen parameters, e.g. "reuseport", "backlog=16384" | |
| parameters: [] | |
| tls: | |
| enabled: true | |
| servicePort: 443 | |
| containerPort: 8443 | |
| parameters: | |
| - http2 | |
| stream: {} | |
| ingress: | |
| enabled: false | |
| externalIPs: [] | |
| enterprise: | |
| enabled: true | |
| # CHANGEME: https://github.com/Kong/charts/blob/main/charts/kong/README.md#kong-enterprise-license | |
| license_secret: kong-enterprise-license | |
| vitals: | |
| enabled: true | |
| portal: | |
| enabled: true | |
| rbac: | |
| enabled: true | |
| admin_gui_auth: basic-auth | |
| session_conf_secret: kong-session-config | |
| admin_gui_auth_conf_secret: CHANGEME-admin-gui-auth-conf-secret | |
| manager: | |
| enabled: true | |
| type: NodePort | |
| annotations: | |
| konghq.com/protocol: "https" | |
| http: | |
| # Enable plaintext HTTP listen for Kong Manager | |
| enabled: true | |
| servicePort: 8002 | |
| containerPort: 8002 | |
| # Set a nodePort which is available if service type is NodePort | |
| nodePort: 31002 | |
| # Additional listen parameters, e.g. "reuseport", "backlog=16384" | |
| parameters: [] | |
| tls: | |
| enabled: false | |
| servicePort: 8445 | |
| containerPort: 8445 | |
| parameters: | |
| - http2 | |
| ingress: | |
| enabled: false | |
| portal: | |
| enabled: true | |
| type: NodePort | |
| annotations: | |
| konghq.com/protocol: "https" | |
| http: | |
| # Enable plaintext HTTP listen for the Developer Portal | |
| enabled: true | |
| servicePort: 8003 | |
| containerPort: 8003 | |
| # Set a nodePort which is available if service type is NodePort | |
| nodePort: 31003 | |
| # Additional listen parameters, e.g. "reuseport", "backlog=16384" | |
| parameters: [] | |
| tls: | |
| enabled: false | |
| servicePort: 8446 | |
| containerPort: 8446 | |
| parameters: | |
| - http2 | |
| ingress: | |
| enabled: false # changed | |
| portalapi: | |
| enabled: false | |
| postgresql: | |
| enabled: true | |
| auth: | |
| username: kong | |
| database: kong | |
| ingressController: | |
| enabled: true | |
| installCRDs: false | |
| env: | |
| kong_admin_token: | |
| valueFrom: | |
| secretKeyRef: | |
| name: kong-enterprise-superuser-password #CHANGEME | |
| key: password #CHANGEME |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment