-
Notifications
You must be signed in to change notification settings - Fork 33
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
small updates and improvements for install docs
Signed-off-by: craig <[email protected]> rh-pre-commit.version: 2.2.0 rh-pre-commit.check-secrets: ENABLED update RLP version
- Loading branch information
Showing
3 changed files
with
98 additions
and
34 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -10,6 +10,7 @@ | |
All required labels are formatted as `kuadrant.io/*`. | ||
Removal of any labels with the prefix may cause unexpected behaviour and degradation of the product. | ||
|
||
|
||
## Prerequisites | ||
|
||
- Access to a Kubernetes cluster, with `kubeadmin` or an account with similar permissions | ||
|
@@ -48,9 +49,9 @@ curl -sL https://github.com/operator-framework/operator-lifecycle-manager/releas | |
There are several ways to install Istio (via `istioctl`, Helm chart or Operator) - this is just an example for starting from a bare Kubernetes cluster. | ||
|
||
```bash | ||
curl -L https://istio.io/downloadIstio | ISTIO_VERSION=1.21.4 sh - | ||
./istio-1.21.4/bin/istioctl install --set profile=minimal | ||
./istio-1.21.4/bin/istioctl operator init | ||
curl -L https://istio.io/downloadIstio | ISTIO_VERSION=1.22.5 sh - | ||
./istio-1.22.5/bin/istioctl install --set profile=minimal | ||
./istio-1.22.5/bin/istioctl operator init | ||
kubectl apply -f https://raw.githubusercontent.com/Kuadrant/kuadrant-operator/main/config/dependencies/istio/istio-operator.yaml | ||
``` | ||
|
||
|
@@ -115,7 +116,9 @@ Kuadrant is now ready to use. | |
|
||
### (Optional) `DNSPolicy` setup | ||
|
||
If you plan to use `DNSPolicy`, you will need an AWS Account with access to Route 53 (more providers coming soon), and a hosted zone. | ||
If you plan to use `DNSPolicy`, this doc uses an AWS Account with access to Route 53. There are other providers that you can also use for DNS integration: | ||
|
||
[DNS Providers](https://docs.kuadrant.io/latest/dns-operator/docs/provider/) | ||
|
||
Export the following environment variables for setup: | ||
|
||
|
@@ -146,32 +149,37 @@ Follow these steps to create the necessary secret: | |
```bash | ||
# Replace this with an accessible Redis cluster URL | ||
export REDIS_URL=redis://user:[email protected]:6379 | ||
|
||
|
||
``` | ||
3. Create the secret: | ||
|
||
```bash | ||
kubectl -n kuadrant-system create secret generic redis-config \ | ||
--from-literal=URL=$REDIS_URL | ||
``` | ||
|
||
This will create a secret named `redis-config` in the `kuadrant-system` namespace containing your Redis cluster URL, which Kuadrant will use for multi-cluster rate limiting. | ||
|
||
|
||
You'll also need to update your earlier created `Kuadrant` instance to reconfigure Kuadrant to use Redis: | ||
You'll also need to update the `Limitador` instance (the component that handles rate limiting) to reconfigure Kuadrant to use Redis: | ||
```bash | ||
kubectl apply -f - <<EOF | ||
apiVersion: kuadrant.io/v1beta1 | ||
kind: Kuadrant | ||
metadata: | ||
name: kuadrant | ||
namespace: kuadrant-system | ||
kubectl patch limitador limitador --type=merge -n kuadrant-system -p ' | ||
spec: | ||
limitador: | ||
storage: | ||
redis-cached: | ||
configSecretRef: | ||
name: redis-config | ||
EOF | ||
storage: | ||
redis: | ||
configSecretRef: | ||
name: redis-config | ||
' | ||
kubectl wait limitador/limitador -n kuadrant-system --for="condition=Ready=true" | ||
``` | ||
### Metal LB (local setup) | ||
If you are using a local kind cluster, we recommend using [metallb](https://metallb.universe.tf/) to allow the service type loadbalancer to be used with your gateways and an IP to be assigned to your gateway address rather than an internal service name. | ||
## Next Steps | ||
- [Secure, protect, and connect APIs with Kuadrant on Kubernetes](../user-guides/secure-protect-connect.md) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -30,6 +30,13 @@ export AWS_SECRET_ACCESS_KEY=xxxxxxx # Access key from AWS with Route 53 access | |
export REDIS_URL=redis://user:[email protected]:10340 # A Redis cluster URL | ||
``` | ||
|
||
Set the version of Kuadrant to the latest released version: https://github.com/Kuadrant/kuadrant-operator/releases/ | ||
|
||
``` | ||
export KUADRANT_VERSION='vX.Y.Z' | ||
``` | ||
|
||
|
||
### Step 2 - Install Gateway API v1 | ||
|
||
Before you can use Kuadrant, you must install Gateway API v1 as follows: | ||
|
@@ -215,7 +222,7 @@ metadata: | |
namespace: kuadrant-system | ||
spec: | ||
sourceType: grpc | ||
image: quay.io/kuadrant/kuadrant-operator-catalog:v0.11.0 | ||
image: quay.io/kuadrant/kuadrant-operator-catalog:${KUADRANT_VERSION} | ||
displayName: Kuadrant Operators | ||
publisher: grpc | ||
updateStrategy: | ||
|
@@ -262,15 +269,6 @@ kubectl get installplan -n kuadrant-system -o=jsonpath='{.items[0].status.phase} | |
After some time, this command should return `complete`. | ||
|
||
|
||
#### Redis credentials for storage of rate limiting counters | ||
|
||
In this installation we will show how to configure ratelimiting counters to be stored in redis. Before we go further we need to setup a redis secret to use later: | ||
|
||
```bash | ||
kubectl -n kuadrant-system create secret generic redis-config \ | ||
--from-literal=URL=$REDIS_URL | ||
``` | ||
|
||
#### Set up a DNSProvider | ||
|
||
The example here is for AWS Route 53. It is important the secret for the DNSProvider is setup in the same namespace as the gateway. | ||
|
@@ -320,6 +318,16 @@ This will setup and configure a number of Kuadrant subcomponents. Some of these | |
|
||
### Configuring Redis Storage for Limitador | ||
|
||
#### Redis credentials for storage of rate limiting counters | ||
|
||
In this installation we will show how to configure ratelimiting counters to be stored in redis. Before we go further we need to setup a redis secret to use later: | ||
|
||
```bash | ||
kubectl -n kuadrant-system create secret generic redis-config --from-literal="URL"=$REDIS_URL | ||
``` | ||
|
||
#### Update limitador config | ||
|
||
To configure redis storage for Limatador, we must update the Limitador custom resource to use the secret we created: | ||
|
||
You can run a command like the one below to add this configuration: | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters