Deploying Sidecars
Kong Gateway Operator uses PodTemplateSpec to customize deployments.
Here is an example that deploys a Vector sidecar alongside the proxy containers.
Configure vector.dev
apiVersion: v1
kind: ConfigMap
metadata:
name: sidecar-vector-config
data:
vector.toml: |
[sources.proxy_access_log_source]
type = "file"
include = [ "/etc/kong/log/proxy_access.log" ]
[sinks.proxy_access_log_sink]
type = "console"
inputs = [ "proxy_access_log_source" ]
encoding.codec = "json"
Configure PodTemplateSpec
Using DataPlane
This method is only available when running in hybrid mode
The DataPlane
resource uses the Kubernetes PodTemplateSpec to define how the Pods should run.
apiVersion: gateway-operator.konghq.com/v1beta1
kind: DataPlane
metadata:
name: dataplane-example
namespace: kong
spec:
deployment:
podTemplateSpec:
metadata:
labels:
dataplane-pod-label: example
annotations:
dataplane-pod-annotation: example
spec:
volumes:
- name: cluster-certificate
- name: sidecar-vector-config-volume
configMap:
name: sidecar-vector-config
- name: proxy-logs
emptyDir:
sizeLimit: 128Mi
containers:
- name: sidecar
image: timberio/vector:0.31.0-debian
volumeMounts:
- name: sidecar-vector-config-volume
mountPath: "/etc/vector"
- name: proxy-logs
mountPath: "/etc/kong/log/"
readinessProbe:
initialDelaySeconds: 1
periodSeconds: 1
- name: proxy
image: kong/kong-gateway:3.7.1.2
volumeMounts:
- name: proxy-logs
mountPath: "/etc/kong/log/"
env:
- name: KONG_LOG_LEVEL
value: debug
- name: KONG_PROXY_ACCESS_LOG
value: "/etc/kong/log/proxy_access.log"
resources:
requests:
memory: 64Mi
cpu: 250m
limits:
memory: 1024Mi
cpu: 1000m
readinessProbe:
initialDelaySeconds: 1
periodSeconds: 1
Using GatewayConfiguration
This method is only available when running in DB-less mode
The GatewayConfiguration
resource is a Kong-specific API which allows you to set both controlPlaneOptions
and dataPlaneOptions
.
You can customize both the container image and version.
-
Define the image in the
GatewayConfiguration
.kind: GatewayConfiguration apiVersion: gateway-operator.konghq.com/v1beta1 metadata: name: kong namespace: default spec: dataPlaneOptions: deployment: podTemplateSpec: metadata: labels: dataplane-pod-label: example annotations: dataplane-pod-annotation: example spec: volumes: - name: cluster-certificate - name: sidecar-vector-config-volume configMap: name: sidecar-vector-config - name: proxy-logs emptyDir: sizeLimit: 128Mi containers: - name: sidecar image: timberio/vector:0.31.0-debian volumeMounts: - name: sidecar-vector-config-volume mountPath: "/etc/vector" - name: proxy-logs mountPath: "/etc/kong/log/" readinessProbe: initialDelaySeconds: 1 periodSeconds: 1 - name: proxy image: kong/kong-gateway:3.7.1.2 volumeMounts: - name: proxy-logs mountPath: "/etc/kong/log/" env: - name: KONG_LOG_LEVEL value: debug - name: KONG_PROXY_ACCESS_LOG value: "/etc/kong/log/proxy_access.log" resources: requests: memory: 64Mi cpu: 250m limits: memory: 1024Mi cpu: 1000m readinessProbe: initialDelaySeconds: 1 periodSeconds: 1
-
Reference this configuration in the
GatewayClass
resource for the deployment.kind: GatewayClass apiVersion: gateway.networking.k8s.io/v1 metadata: name: kong spec: controllerName: konghq.com/gateway-operator parametersRef: group: gateway-operator.konghq.com kind: GatewayConfiguration name: kong namespace: default
-
Use the
GatewayClass
in yourGateway
.kind: Gateway apiVersion: gateway.networking.k8s.io/v1 metadata: name: kong namespace: default spec: gatewayClassName: kong listeners: - name: http protocol: HTTP port: 80