Kubernetes Gateway in Kubernetes and Control Plane in a VM

Overview

In this approach, APK Dataplane is deployed in a kubernetes cluster and APIM in Virtual Machine. In this pattern APK dataplane will have visibility over all the namespace (or a predefined set of namespaces) in the cluster.

Architecture diagram

Advantages

• Isolation: APK Dataplane operates in its own dedicated kubernetes cluster, while APIM CP in a VM, providing the highest level of isolation and minimizing the risk of interference between components.
• Security: With separate cluster and VM setup it's easier to implement stringent security policies specific to each component.
• Performance Predictability: Resources are exclusively allocated to each cluster, guaranteeing consistent performance levels.

Considerations

• Resource Utilization: This approach may require additional resources due to the need for separate cluster and VM for each environment.
• Administrative Overhead: Managing multiple cluster and VMs can be more complex and may require additional administrative effort.

Deployment guideline

By default, WSO2 APK is configured to support the Data Plane Only Pattern. You can follow the below steps to do the deployment using this pattern.

Create Kubernetes namespace

kubectl create ns apk

Configure the hosts file

Add a hostname mapping to the /etc/hosts file as follows.

IP	Domain name
127.0.0.1	api.am.wso2.com
127.0.0.1	am.wso2.com
127.0.0.1	idp.am.wso2.com
127.0.0.1	default.gw.wso2.com

Setup WSO2 API Manager Control Plane 4.5.0

Setup WSO2 API Manager 4.5.0 in VM.

1. Refer to the APIM Deployment Guide to deploy the APIM 4.5.0 in a VM.
2. Change the configurations in the deployment.toml file in the APIM 4.3.0 VM refer to the Advanced Configuration for APIM for more information.

Setup WSO2 Kubernetes Gateway 1.3.0

1. Create a new helm repository with the latest Kubernetes Gateway release using the following command. Let’s consider the <repository-name> as wso2apk.

   helm repo add wso2apk https://github.com/wso2/apk/releases/download/1.3.0
   

2. Execute the following command to update the helm repositories.

   helm repo update
   

3. Install the Kubernetes Gateway components and start WSO2 API Platform For Kubernetes. Consider apk as the <chart-name> for this guide. As the --version of this command, use the version of the release you used in point 1 above. It will take a few minutes for the deployment to complete.

   CommandFormat

   helm install apk wso2apk/apk-helm --version 1.3.0 -f https://raw.githubusercontent.com/wso2/apk/main/helm-charts/samples/apk/1.3.0-values.yaml -n apk
   

   helm install <chart-name> <repository-name>/apk-helm --version <version-of-APK> -f <path-to-values.yaml-file>
   

Note

You can change the default hostname and vhost. Change the following values.yaml configurations. Lets say you want to deploy a development environment and you have a domain name example.com and you want to expose your API's through dev.gw.example.com and expose Kubernetes Gateway system APIs through dev.apk.example.com then

• wso2.apk.listener.hostname: 'dev.apk.example.com'
• wso2.apk.dp.gateway.listener.hostname: 'dev.gw.example.com'
• wso2.apk.dp.configdeployer.vhosts: [{"hosts":["gw.example.com"],"name":"dev","type":"production"}]

Note

Please refer to the Advance Configuration for APK for more information.

Setup WSO2 Kubernetes Gateway Agent 1.3.0

1. Create a new helm repository with the latest kubernetes gateway agent release using the following command. Let’s consider the <repository-name> as wso2apkagent for this guide.

   helm repo add wso2apkagent https://github.com/wso2/product-apim-tooling/releases/download/1.3.0
   

2. Execute the following command to update the helm repositories.

   helm repo update
   

3. Change the configurations in the values.yaml file in the Kubernetes Gateway Agent Helm Chart, refer to the Advanced Configuration for agent for more information.

4. Install the Kubernetes Gateway Agent components and start WSO2 API Platform For Kubernetes. Consider apk as the <chart-name> for this guide. As the --version of this command, use the version of the release you used in point 1 above and use the changed values.yaml you used in point 3 above. It will take a few minutes for the deployment to complete.

   CommandFormat

   helm install apim-apk-agent wso2apkagent/apim-apk-agent --version 1.3.0 -f https://raw.githubusercontent.com/wso2/apk/main/helm-charts/samples/apim-apk-agent/cp/1.3.0-values.yaml -n apk
   

   helm install <chart-name> <repository-name>/apim-apk-agent --version <version-of-APK-Agent> -f <path-to-values.yaml-file>
   

Verify the deployment

Now you can verify the deployment by executing the following command. You will see the status of the pods as follows once completed.

Command

kubectl get pods -n apk

This approach is recommended for all Production, Dev, Test, and UAT environments. Here a seperate kubernetes cluster and a VM server is required for each environment.