Close
logodocs

Kubernetes Gateways

Prerequisites

  • A running Kubernetes cluster with publicly accessible nodes and stable IPs

Instructions

  1. First, add your gateway/relay to the Admin UI and generate a token for it. To do this, log into the Admin UI and select Gateways on the left navigation bar. Click on the add gateway button in the upper right, and a box will pop up. You can rename the gateway here, or do it later.

    If you intend to instead create a relay, click add relay, fill in the name, and click create. For more information on the difference between gateways and relays, please check out the gateway documentation.

    Advertised host should be the IP address or host that the gateway will be listening on. Select a TCP port (default 5000) for the service to listen on.

    Click on create and the token will appear onscreen.

    Copy the token and put it aside, being careful to capture every character. You will need it again below. See sdm admin relay create-gateway if you want to generate a token via the CLI.

  2. Encode the resulting token in base64: echo -n [token-string>]| base64

    If you generate the token from the CLI, it will have a trailing \n character, which you will have to strip before passing it through base64.

  3. Create the YML file for your Kubernetes gateway/relay. Use the following, replacing [token-in-base64] with the Base64-encoded token:

    kind: Secret
    apiVersion: v1
    metadata:
    name: sdm-relay-secret
    type: Opaque
    data:
    # replace [token-in-base64] with the token generated by "sdm create relay-gateway"
    token: "[token-in-base64]"
    ---
    kind: Deployment
    apiVersion: apps/v1beta2
    metadata:
    name: sdm-relay-deployment
    labels:
    app: sdm-relay
    spec:
    replicas: 1 # must always be 1.
    selector:
    matchLabels:
    app: sdm-relay
    template:
    metadata:
    labels:
    app: sdm-relay
    spec:
    # You may use node affinity to ensure that these containers are only
    # deployed to publicly visible nodes.
    # affinity:
    # nodeAffinity:
    # requiredDuringSchedulingIgnoredDuringExecution:
    containers:
    - name: sdm-relay
    image: quay.io/sdmrepo/relay:latest
    imagePullPolicy: Always
    env:
    - name: SDM_ORCHESTRATOR_PROBES
    value: ":9090"
    - name: SDM_RELAY_TOKEN
    valueFrom:
    secretKeyRef:
    name: sdm-relay-secret
    key: token
    livenessProbe:
    httpGet:
    path: /liveness
    port: 9090
    initialDelaySeconds: 5
    periodSeconds: 10
    ---
    kind: Service
    apiVersion: v1
    metadata:
    name: sdm-relay-service
    labels:
    app: sdm-relay
    spec:
    type: "NodePort"
    ports:
    - name: gateway
    # or relay
    port: 30001
    targetPort: 8080
    nodePort: 30001
    # You may use externalIPs as a way to get a stable IP configuration.
    # then map 80.11.12.10 to sdmrelay.mycompany.com
    # externalIPs:
    # - 80.11.12.10
    selector:
    app: sdm-relay

    To ensure that the external IP address is persistent, you'll need to either use node affinity (in the Deployment section) or externalIPs in the NodePort section.

  4. To activate your gateway/relay, execute the kubectl command $ kubectl create -f name-of-gateway-file.yml

  5. To verify that it is running, run kubectl get services again. You should see your gateway on the list of running services.

    $ kubectl get services
    NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
    kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 21h
    sdm-relay-service NodePort 10.104.132.14 <none> 30001:30001/TCP 21h
  6. Login to the Admin UI. In that section, the gateway you created should appear Online, with a heartbeat.

    Relay status in Admin UI
    Relay status in Admin UI

If any errors occur or if the gateway does not report "online" status, please contact support@strongdm.com for assistance.

Installation — Previous
Docker Gateways
Next — Installation
Linux Gateways