consul/website/content/docs/api-gateway/usage/usage.mdx

88 lines
5.8 KiB
Plaintext
Raw Normal View History

2022-07-05 22:53:56 +00:00
---
layout: docs
page_title: Deploy API Gateway for Kubernetes
description: >-
Learn how to apply a configured Consul API Gateway to your Kubernetes cluster, review the required fields for rerouting HTTP requests, and troubleshoot an error message.
2022-07-05 22:53:56 +00:00
---
# Deploy API Gateway for Kubernetes
2022-07-05 22:53:56 +00:00
2022-08-12 03:19:51 +00:00
This topic describes how to use Consul API Gateway.
Update docs for the release of Consul API Gateway v0.5 (#15015) * added usage folder to organize use case docs for CAPIgw * Add peer field to MeshService configuration page * Add first pass at guide for routing to peered services * Add exception to same-datacenter restriction for referenced Consul service * Add example HTTPRoute referencing the MeshService as backendRef * Add example ServiceResolver * Add note about current ServiceResolver requirement ServiceResolver may eventually be created implicitly by the API gateway controller, but that decision is pending. * tweaks to the usage page for routing to peered services * tweaks to the description in the configuration reference * resolved TO-DOs from previous iteration * Remove datacenter federation from limited support matrix * added tolerations doc * Remove note excluding k8s 1.24 since we now support it * Reorder sections to maintain alphabetical sort * Add example configuration for MeshService resource * Adjust wording + indentation of other docs * Use consistent "example-" prefix for resource names in example code * reframed the tolerations documentation; STILL A WIP * add helm chart documentation * removed tolerations from gwcconfig configuration model reference * Apply suggestions from code review Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com> * update version to 0.5.0 * Update install.mdx * added release notes for v.0.5.x Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com> Co-authored-by: Sarah Alsmiller <sarah.alsmiller@hashicorp.com> Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com> Co-authored-by: sarahalsmiller <100602640+sarahalsmiller@users.noreply.github.com>
2022-11-17 23:42:25 +00:00
## Requirements
2022-08-12 03:19:51 +00:00
Complete the following steps to use Consul API Gateway in your network.
2022-07-28 18:38:50 +00:00
1. Verify that the [requirements](/consul/docs/api-gateway/tech-specs) have been met.
1. Verify that the Consul API Gateway CRDs were applied. Refer to [Installation](/consul/docs/api-gateway/install) for details.
Update docs for the release of Consul API Gateway v0.5 (#15015) * added usage folder to organize use case docs for CAPIgw * Add peer field to MeshService configuration page * Add first pass at guide for routing to peered services * Add exception to same-datacenter restriction for referenced Consul service * Add example HTTPRoute referencing the MeshService as backendRef * Add example ServiceResolver * Add note about current ServiceResolver requirement ServiceResolver may eventually be created implicitly by the API gateway controller, but that decision is pending. * tweaks to the usage page for routing to peered services * tweaks to the description in the configuration reference * resolved TO-DOs from previous iteration * Remove datacenter federation from limited support matrix * added tolerations doc * Remove note excluding k8s 1.24 since we now support it * Reorder sections to maintain alphabetical sort * Add example configuration for MeshService resource * Adjust wording + indentation of other docs * Use consistent "example-" prefix for resource names in example code * reframed the tolerations documentation; STILL A WIP * add helm chart documentation * removed tolerations from gwcconfig configuration model reference * Apply suggestions from code review Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com> * update version to 0.5.0 * Update install.mdx * added release notes for v.0.5.x Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com> Co-authored-by: Sarah Alsmiller <sarah.alsmiller@hashicorp.com> Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com> Co-authored-by: sarahalsmiller <100602640+sarahalsmiller@users.noreply.github.com>
2022-11-17 23:42:25 +00:00
## Configuration
Configure the following resources for your environment as described in [Consul API Gateway Configuration](/consul/docs/api-gateway/configuration).
2022-07-05 22:53:56 +00:00
1. [`Gateway`](/consul/docs/api-gateway/configuration/gateway)
1. [`Routes`](/consul/docs/api-gateway/configuration/routes)
1. [`Intentions`](/consul/docs/connect/config-entries/service-intentions)
2022-07-05 22:53:56 +00:00
Update docs for the release of Consul API Gateway v0.5 (#15015) * added usage folder to organize use case docs for CAPIgw * Add peer field to MeshService configuration page * Add first pass at guide for routing to peered services * Add exception to same-datacenter restriction for referenced Consul service * Add example HTTPRoute referencing the MeshService as backendRef * Add example ServiceResolver * Add note about current ServiceResolver requirement ServiceResolver may eventually be created implicitly by the API gateway controller, but that decision is pending. * tweaks to the usage page for routing to peered services * tweaks to the description in the configuration reference * resolved TO-DOs from previous iteration * Remove datacenter federation from limited support matrix * added tolerations doc * Remove note excluding k8s 1.24 since we now support it * Reorder sections to maintain alphabetical sort * Add example configuration for MeshService resource * Adjust wording + indentation of other docs * Use consistent "example-" prefix for resource names in example code * reframed the tolerations documentation; STILL A WIP * add helm chart documentation * removed tolerations from gwcconfig configuration model reference * Apply suggestions from code review Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com> * update version to 0.5.0 * Update install.mdx * added release notes for v.0.5.x Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com> Co-authored-by: Sarah Alsmiller <sarah.alsmiller@hashicorp.com> Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com> Co-authored-by: sarahalsmiller <100602640+sarahalsmiller@users.noreply.github.com>
2022-11-17 23:42:25 +00:00
## Apply configurations
Issue the `kubectl apply` command to implement the configurations:
2022-07-05 22:53:56 +00:00
```shell-session
$ kubectl apply -f gateway.yaml routes.yaml intentions.yaml
```
2022-07-05 22:53:56 +00:00
2022-08-12 03:19:51 +00:00
2022-07-05 22:53:56 +00:00
<!--- Commented out per https://github.com/hashicorp/consul/pull/11951/files#r791204596
### Using the Consul API Gateway Binary
You can download the Consul API Gateway binary and use it to manually start the control plane server.
1. Download the binary from the [Consul API Gateway repository](https://github.com/hashicorp/consul-api-gateway).
1. Navigate to the `consul-api-gateway-main` directory and build the binary:
```shell-session
$ go build
```
1. (Optional) Copy the binary to the execution path, e.g.:
```shell-session
$ cp consul-api-gateway /usr/bin
```
1. Use the `server` command to interact with the Consul API Gateway binary:
```shell-session
$ ./consul-api-gateway server <options>
```
The following options are supported:
| Option | Description | Required | Default |
| ---------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------- | ----------------------------------------------------------------------- |
| `-ca-file` | String value that specifies the path to the CA for the Consul server. | Required | none |
| `-ca-secret` | String value that specifies the CA secret for the Consul server. | Required | none |
| `-ca-secret-namespace` | String value that specifies the CA secret namespace for the Consul server. | Required | none |
| `-k8-context` | String value that specifies the Kubernetes context to use when starting the Consul server. | Optional | current context |
| `-k8-namespace` | String value that specifies the Kubernetes namespace to use when starting the Consul server. | Optional | `default` |
| `-log-json` | Boolean value that enables or disables JSON format for the log output. | Required | `false` |
| `-log-level` | String value that specifies the logging level. The following values are supported: <br/>- `trace` (highest level of detail) <br/>- `debug` <br/>- `info` <br/>- `warn` <br/>- `error` | Optional | `info` |
| `-metrics-port` | Integer value that specifies the port number for collecting metrics. | Optional | none |
| `-pprof` | Integer value that specifies the Go pprof port number for collecting metrics. | Optional | none |
| `-sds-server-host` | String value that specifies the host server for the secret discovery service (SDS). | Optional | `consul-api-gateway-controller.default.`<br/>`svc.cluster.`<br/>`local` |
| `-sds-server-host` | Integer value that specifies the port number for the secret discovery service (SDS). | Optional | `9090` |
You can also issue the `version` command to print the Consul API Gateway version to the console:
```shell-session
$ ./consul-api-gateway version
consul-api-gateway 0.1.0
```
--->