Kong Ingress Controller for Kubernetes Association
You can use native Kubernetes resources to configure your clusters in Konnect by associating your Kong Ingress Controller (KIC) for Kubernetes deployment with Konnect. This setup is ideal for organizations who want to manage gateways in Konnect through native Kubernetes resources without having to use a hybrid deployment model.
About KIC in Konnect
Kong Ingress Controller (KIC) for Kubernetes configures Kong Gateway using Ingress or Gateway API resources created inside a Kubernetes cluster.
Beyond proxying the traffic coming into a Kubernetes cluster, KIC also lets you configure plugins, load balancing, health checking, and leverage all that Kong Gateway offers in a standalone installation. For more information, see Plugin compatibility. For more information about KIC, see Kong Ingress Controller Design.
By associating your KIC deployment with Konnect, this read-only association allows you to view your Kong Gateway entities, such as routes and applications, from your Kubernetes resources in Konnect.
Here are a few benefits of running KIC in Konnect over a self-managed setup:
- Easy to set up: The wizard allows you to add your KIC control plane to Konnect in minutes.
- Centralized API management: KIC in Konnect allows organizations to have a centralized platform for API management, regardless of your individual teams’ choice of API management, whether that is using Kubernetes or Konnect.
- Monitor your KIC analytics: By associating with Konnect, you can view the analytics from your KIC data plane nodes alongside any of your self-managed Konnect data plane nodes.
- Display KIC entities in Dev Portal: Publish your KIC services to the Dev Portal and make the API specs available to third-party developers with API Products.
KIC in Konnect association
To associate your KIC data plane nodes with Konnect, use the setup wizard to add your KIC deployment to a KIC control plane.
In Konnect, navigate to Gateway Manager, then click New Gateway > Kong Ingress Controller.
Note: KIC OSS and Kong Gateway Free users can connect to Konnect’s Free tier, while Kong Gateway Enterprise users can connect to Konnect’s Enterprise tier. To migrate from Kong Gateway (OSS) to Kong Gateway Enterprise, see Customize Images in the Kong Ingress Controller documentation.
Prerequisites
If you don’t have an existing KIC deployment, you need the following before using the instructions in the wizard:
- A Kubernetes cluster with a load balancer
-
kubectl
oroc
(if you’re working with OpenShift) installed and configured to communicate with your Kubernetes TLS - Helm 3 installed
- Because Kong Ingress Controller calls Konnect’s APIs, outbound traffic from Kong Ingress Controller’s pods must be allowed to reach Konnect’s
*.konghq.com
hosts.
View KIC entities
After your KIC deployment is connected to Konnect, you can view the details for each data plane node in your KIC control planes.
Note: The KIC deployment in Konnect is currently read-only. The configuration of the gateway data plane nodes is controlled by changes to resources in the Kubernetes API, and reflected here. For more information about how to manage these resources in KIC, see Custom Resources.
Figure 1: This image shows a KIC data plane node dashboard. For each KIC data plane node, you can see details about an individual data plane node, analytics, and KIC status details.
Item | Description |
---|---|
KIC Details | This section displays the status of your KIC data plane node. The different status options are: Fully Operational, Partially Operational, Not Operational, Unknown, and Disconnected. See the UI for troubleshooting steps related to these statuses. |
Summary | This section displays the traffic and error rate of your KIC data plane node. |
Analytics | Analytics data for the KIC data plane node. You can configure the analytics options using the Analytics tool. |
Optimize performance of synchronizing configuration
When your environment has many KongConsumer
s, they can slow down your configuration synchronization with Konnect. Kong Ingress Controller 3.3 and later provides a --disable-consumer-sync
flag to disable synchronizing consumers with Konnect. You can enable this flag to make the synchronization faster. See Kong Ingress Controller CLI arguments for more details.
KIC analytics compatibility
The following table describes which Kong Gateway versions are compatible with the KIC analytics feature in Konnect:
Kong Gateway version | KIC version | Analytics supported |
---|---|---|
Kong Gateway Enterprise 3.0.x or later | KIC 2.10 or later | |
Kong Gateway Free 3.0.x or later | KIC 2.10 or later | |
Kong Gateway (OSS) | KIC 2.10 or later |
More information
- Kong Ingress Controller Deployment: Learn about the various deployment methods for KIC.
- Getting started with the Kong Ingress Controller: This guide walks through setting up an HTTP(S) route and plugin using Kong Gateway and KIC.
- Analyze Services and Routes Learn how to use monitoring tools in Konnect to analyze KIC entities.
- Publish and Consume Services: Find out how to publish services to the Dev Portal.