Gateway Helm Chart
This document includes instructions for installing and running Gateway on Kubernetes using Helm Charts.
Helm is an open-source command line tool used for managing Kubernetes applications. It is a graduate project in the CNCF Landscape.
Note
The Gateway Helm Chart is provided for deploying Gateway in Kubernetes environments. Please be aware that the code is provided without any warranties. If you encounter any problems, you can report them to our GitHub repository.
Before you begin
To install Gateway using Helm, ensure you have completed the following:
- Install a Kubernetes server on your machine. For information about installing Kubernetes, refer to Install Kubernetes.
- Install the latest stable version of Helm. For information on installing Helm, refer to Install Helm.
Install Gateway using Helm
When you install Gateway using Helm, you complete the following tasks:
- Set up the Gateway Helm repository (optional)
- Deploy Gateway using Helm
- Access Gateway
Set up the Gateway Helm repository (optional)
If the Gateway Helm chart is published to a repository, you can add it to your Helm:
# Add the Gateway Helm repositoryhelm repo add gateway-repo oci://ghcr.io/centralmind/gateway-helm/gatewayhelm repo updateDeploy Gateway using Helm
When you deploy Gateway Helm charts, we recommend using a separate namespace instead of relying on the default namespace. The default namespace might already have other applications running, which can lead to conflicts and other potential issues.
- Create a namespace for your Gateway deployment:
kubectl create namespace gateway-system- Install Gateway using the Helm chart:
# Install with default valueshelm install gateway ./gateway --namespace gateway-system
# Install with custom valueshelm install gateway ./gateway -f values.yaml --namespace gateway-system- Verify the deployment status:
helm list -n gateway-system- Check the overall status of all the objects in the namespace:
kubectl get all -n gateway-systemAccess Gateway
After deploying Gateway, you can access it through the service created by the Helm chart.
- If you’re using
ClusterIPservice type (default), you can port-forward the service to access it locally:
kubectl port-forward -n gateway-system svc/gateway 8080:8080- If you’ve enabled Ingress, you can access Gateway through the hostname specified in your Ingress configuration.
Customize Gateway configuration
Helm allows you to customize the Gateway deployment by providing a custom values.yaml file or by setting values directly on the command line.
Using a custom values.yaml file
- Create a custom
values.yamlfile with your desired configuration:
image: repository: ghcr.io/centralmind/gateway tag: "latest"
service: type: ClusterIP port: 8080
ingress: enabled: true hosts: - host: gateway.example.com paths: - path: / pathType: Prefix
gateway: api: name: My API version: "1.0"- Install or upgrade Gateway with your custom values:
# For a new installationhelm install gateway ./gateway -f values.yaml --namespace gateway-system
# For upgrading an existing installationhelm upgrade gateway ./gateway -f values.yaml --namespace gateway-systemConfiguration Parameters
| Parameter | Description | Default Value |
|---|---|---|
image.repository | Docker image name | ghcr.io/centralmind/gateway |
image.tag | Docker image tag | latest |
imagePullSecrets | List of image pull secrets | [] |
service.type | Kubernetes service type | ClusterIP |
service.port | Service port | 8080 |
ingress.enabled | Enable Ingress | true |
ingress.kind | Ingress type (IngressRoute) | IngressRoute |
ingress.entryPoints | Traefik entry points | ["web"] |
ingress.hosts[0].host | Ingress hostname | demo-gw.centralmind.io |
ingress.hosts[0].paths[0].path | Ingress path | / |
resources.limits.cpu | CPU limit | 500m |
resources.limits.memory | Memory limit | 512Mi |
resources.requests.cpu | CPU request | 100m |
resources.requests.memory | Memory request | 128Mi |
Gateway Configuration
Gateway can be configured with various options through the gateway section in your values.yaml:
gateway: api: name: Awesome API # API Name version: "1.0" # API Version database: type: postgres # Database type connection: '' # Database connection stringManaging Secrets
Gateway supports environment variables expansion in the configuration using ${VARIABLE_NAME} syntax. In Kubernetes environment, you can manage these secrets using:
Using Kubernetes Secrets
- Create a Kubernetes secret:
kubectl create secret generic gateway-secrets \ --from-literal=DB_PASSWORD=mysecret \ --from-literal=API_SECRET_KEY=your-secret-key \ --namespace gateway-system- Reference secrets in your values.yaml:
gateway: envFrom: - secretRef: name: gateway-secrets api: auth: secret_key: ${API_SECRET_KEY} database: connection: password: ${DB_PASSWORD}Using External Secret Managers
For production environments, you can use external secret managers like HashiCorp Vault or AWS Secrets Manager with tools like External Secrets Operator:
gateway: envFrom: - secretRef: name: gateway-external-secretsUpgrading Gateway
To upgrade your Gateway deployment to a newer version:
# Update the Helm repository (if using a repository)helm repo update
# Upgrade Gatewayhelm upgrade gateway ./gateway --namespace gateway-systemUninstalling Gateway
To uninstall/delete the Gateway deployment:
helm uninstall gateway --namespace gateway-systemThe command removes all the Kubernetes components associated with the chart and deletes the release.
Troubleshooting
Collect logs
To collect logs from the Gateway pod:
# Get the pod namekubectl get pods -n gateway-system
# View logskubectl logs -n gateway-system <pod-name>
# Follow logs in real-timekubectl logs -f -n gateway-system <pod-name>Check pod status
If Gateway is not starting properly, check the pod status:
kubectl describe pod -n gateway-system <pod-name>Reset Gateway configuration
If you need to reset Gateway to default configuration:
helm upgrade gateway ./gateway --reset-values --namespace gateway-systemExample values.yaml
image: repository: ghcr.io/centralmind/gateway tag: "0.0.0-rc0"
# Optional: configure image pull secrets if using private registryimagePullSecrets: - name: registry-secret
ingress: enabled: true kind: IngressRoute entryPoints: - web hosts: - host: my-gateway.example.com paths: - path: / pathType: Prefix
gateway: api: name: My API version: "2.0" database: type: postgres connection: | hosts: - postgres.database user: myuser password: ${DB_PASSWORD} database: mydb port: 5432