By Amrutha Paladugu
Author LinkedIn: https://www.linkedin.com/in/amrutha-paladugu/
Introduction:
In this blog post, we will explore the deployment of Kong-Mesh zones using Kong’s Konnect platform. Kong-Mesh provides a powerful service mesh solution for managing and orchestrating microservices. By leveraging Konnect, users can easily set up and configure global control planes, connect zones, and deploy applications within the mesh.
To get started, sign up for a free account at https://cloud.konghq.com/ and receive $500 worth of free credits. After logging in, navigate to the Mesh Manager in the Konnect UI, where you can manage global control planes for Kong-Mesh. Figure 1 shows the screenshot of Mesh Manager which already has one global control plane meshcp
Figure 1: Mesh Manager on Konnect UI
Creating Global Control Plane:
Begin by creating a new global control plane in the Mesh Manager. Specify a name and optional label, then save the configuration. This control plane will serve as the central hub for managing and controlling your mesh.
Installing Kumactl:
For this blog, we are deploying everything on a local K3s cluster but Kong-Mesh zones can be deployed onto any non-kubernetes environment as well. To interact with the Kong-Mesh from your local machine, install kumactl. Follow the provided shell commands to install and verify the version. This step ensures that you can configure kumactl to work with your Kong-Mesh deployment.
curl -L https://docs.konghq.com/mesh/installer.sh | VERSION=2.6.1 sh -
cd kong-mesh-2.6.1/bin
export PATH=$(pwd):$PATH
cd ../..
Verify the installation using the below command:
kumactl version
The output would be something like in Figure 2.
Figure 2: Checking the kumactl version installed
Configuring Kumactl with Konnect:
In the Konnect UI Mesh Manager, go to your global control plane, click on Global Control Plane Actions, and further configure kumactl. This involves creating a Konnect Personal Access Token (PAT) and following the provided steps (refer to figures 3 & 4). Once configured, kumactl will be set up on your local machine.
Figure 3.1: Demonstration of configuring kumactl
Figure 3.2: Steps to configure kumactl
Use this PAT and run the next steps to complete the kumactl configuration. Once it is done, you will see the output as shown in Figure 5.
Figure 5: kumactl configured in your local k3s cluster.
Creating and Connecting Zones:
Proceed to create a zone within the Mesh Manager. Within your global cp, click on the Create Zone button, and name it appropriately. Follow the steps (presented to you on the UI) to generate a token and install the mesh with the presented values. Upon successful completion, the zone will be created and online, ready for use. Refer to figures 6, 7 & 8.
Figure 7: Create and connect the Zone.
Figure 8: Zone is created and is online.
Deploying a Sample Application:
To showcase Kong-Mesh in action, deploy a sample hello-world application within the mesh. The provided Kubernetes deployment and service YAML files include creating a new namespace and enabling sidecar injection. (Note: You may choose to deploy any other app in place of the nodjes image I used in this yaml). Apply these configurations using kubectl, and verify the successful deployment in the Konnect UI Mesh Manager.
`apiVersion: v1
---
kind: Namespace
metadata:
name: hello-world
labels:
kuma.io/sidecar-injection: enabled
apiVersion: apps/v1
---
kind: Deployment
metadata:
name: hello-world
namespace: hello-world
spec:
replicas: 1
selector:
matchLabels:
app: hello-world
template:
metadata:
labels:
app: hello-world
spec:
containers:
- name: hello-world
image: pamrutha88/hello-world-nodejs:latest #use a choice of your app image in-place of this image
ports:
- containerPort: 8080
apiVersion: v1
kind: Service
metadata:
name: hello-world
namespace: hello-world
spec:
selector:
app: hello-world
ports:
- protocol: TCP
port: 80
targetPort: 8080
Save and apply this yaml using the below command:
kubectl apply -f hello-world.yaml
Once the deployment is complete, verify that the pods are running and once that’s done, we can view this service in the Konnect UI Mesh Manager as shown in Figure 9.
Figure 9: Example deployed service within the zone.
If you click on the Data Plane Proxies, you can observe that under Certificate Info there is no certificate issued yet. This is because we have not enabled mTLS on this mesh which can be done using the below yaml.
name: default
type: Mesh
mtls:
enabledBackend: ca-1
backends:
name: ca-1
type: builtin
networking:
outbound:
passthrough: true
Save this into mesh.yaml file and apply using the below command:
kumactl apply -f mesh.yaml
You can see that the changes are reflected in the Konnect immediately, refer to Figure 10.
Figure 10: Built-in certificates issued by Kong-Mesh
Conclusion:
With Kong-Mesh and Konnect, deploying and managing service meshes becomes a streamlined process. The integration of global control planes, zones, and kumactl configuration provides a comprehensive solution for orchestrating microservices in a scalable and efficient manner. Explore the capabilities of Kong-Mesh through Konnect and witness the seamless deployment of applications within the mesh.
For more details visit: [https://zelarsoft.com/kong-consulting-and-licensing/]
Top comments (0)