-
Notifications
You must be signed in to change notification settings - Fork 33
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Signed-off-by: craig <[email protected]> rh-pre-commit.version: 2.2.0 rh-pre-commit.check-secrets: ENABLED
- Loading branch information
Showing
3 changed files
with
184 additions
and
74 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -42,9 +42,9 @@ curl -sL https://github.com/operator-framework/operator-lifecycle-manager/releas | |
There are several ways to install Istio (via `istioctl`, Helm chart or Operator) - this is just an example for starting from a bare Kubernetes cluster. | ||
|
||
```bash | ||
curl -L https://istio.io/downloadIstio | ISTIO_VERSION=1.21.4 sh - | ||
./istio-1.21.4/bin/istioctl install --set profile=minimal | ||
./istio-1.21.4/bin/istioctl operator init | ||
curl -L https://istio.io/downloadIstio | ISTIO_VERSION=1.22.5 sh - | ||
./istio-1.22.5/bin/istioctl install --set profile=minimal | ||
./istio-1.22.5/bin/istioctl operator init | ||
kubectl apply -f https://raw.githubusercontent.com/Kuadrant/kuadrant-operator/main/config/dependencies/istio/istio-operator.yaml | ||
``` | ||
|
||
|
@@ -109,7 +109,9 @@ Kuadrant is now ready to use. | |
|
||
### (Optional) `DNSPolicy` setup | ||
|
||
If you plan to use `DNSPolicy`, you will need an AWS Account with access to Route 53 (more providers coming soon), and a hosted zone. | ||
If you plan to use `DNSPolicy`, this doc uses an AWS Account with access to Route 53. There are other providers that you can also use for DNS integration: | ||
|
||
[DNS Providers](https://docs.kuadrant.io/latest/dns-operator/docs/provider/) | ||
|
||
Export the following environment variables for setup: | ||
|
||
|
@@ -140,32 +142,37 @@ Follow these steps to create the necessary secret: | |
```bash | ||
# Replace this with an accessible Redis cluster URL | ||
export REDIS_URL=redis://user:[email protected]:6379 | ||
|
||
|
||
``` | ||
3. Create the secret: | ||
|
||
```bash | ||
kubectl -n kuadrant-system create secret generic redis-config \ | ||
--from-literal=URL=$REDIS_URL | ||
``` | ||
|
||
This will create a secret named `redis-config` in the `kuadrant-system` namespace containing your Redis cluster URL, which Kuadrant will use for multi-cluster rate limiting. | ||
|
||
|
||
You'll also need to update your earlier created `Kuadrant` instance to reconfigure Kuadrant to use Redis: | ||
You'll also need to update the `Limitador` instance (the component that handles rate limiting) to reconfigure Kuadrant to use Redis: | ||
```bash | ||
kubectl apply -f - <<EOF | ||
apiVersion: kuadrant.io/v1beta1 | ||
kind: Kuadrant | ||
metadata: | ||
name: kuadrant | ||
namespace: kuadrant-system | ||
kubectl patch limitador limitador --type=merge -n kuadrant-system -p ' | ||
spec: | ||
limitador: | ||
storage: | ||
redis-cached: | ||
configSecretRef: | ||
name: redis-config | ||
EOF | ||
storage: | ||
redis: | ||
configSecretRef: | ||
name: redis-config | ||
' | ||
kubectl wait limitador/limitador -n kuadrant-system --for="condition=Ready=true" | ||
``` | ||
### Metal LB (local setup) | ||
If you are using a local kind cluster, we recommend using [metallb](https://metallb.universe.tf/) to allow the service type loadbalancer to be used with your gateways and an IP to be assigned to your gateway address rather than an internal service name. | ||
## Next Steps | ||
- [Secure, protect, and connect APIs with Kuadrant on Kubernetes](../user-guides/secure-protect-connect.md) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.