Helm is a popular package manager for Kubernetes (Greek for helmsman). Helm packages are called charts and contain all of the resource definitions necessary to run an application or service inside of a Kubernetes cluster.
It helps achieving the following tasks:
- ●Install and upgrade applications within Kubernetes.
- ●Define dependencies within the Helm Chart.
- ●Create all required Kubernetes resource definitions for the application.
- ●Allow customizing the installation through parameters.
In order to speed up your deployments, we have made our internal (Github) Airlock Microgateway - Helm Charts publicly available on GitHub. The Helm Chart contains all resource definitions and dependencies to deploy Airlock Microgateway in a Kubernetes or OpenShift cluster.
Follow this guide to deploy and configure Airlock Microgateway using Helm.
The Airlock Helm Charts are released under an MIT license. They are provided as is, without a warranty of any kind.
Prerequisites
- ●Kubernetes cluster
- ●
- ●
- ●
In case that no Kubernetes cluster is available, use Minikube to deploy Airlock Microgateway and getting used to it.
Preparation
Before proceeding, follow the instructions below to add and update the repo Airlock Helm Charts to your Helm client.
Deployment
Follow the instructions below to deploy Airlock Microgateway with an echo and a Redis service.
- 1.To use the community edition, create the following values.yaml file:
- 2.To use the premium edition, do the following:
- ●Create the following values.yaml file:
- ●Save the Microgateway license as microgateway.lic file and run the following command:
- 3.Deploy Airlock Microgateway under the release name microgateway-echo.
config:
dsl:
session:
redis_hosts: [redis-master]
log:
level: info
remote_ip:
header: X-Forwarded-For
internal_proxies:
- 10.0.0.0/8
- 172.16.0.0/12
- 192.168.0.0/16
apps:
- mappings:
- session_handling: enforce_session
deny_rule_groups:
- level: strict
redis:
enabled: true
echo-server:
enabled: true
ingress:
enabled: true
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
kubernetes.io/ingress.class: nginx
hosts:
- virtinc.comconfig:
license:
useExistingSecret: true
secretName: "microgateway-license"
dsl:
session:
redis_hosts: [redis-master]
log:
level: info
remote_ip:
header: X-Forwarded-For
internal_proxies:
- 10.0.0.0/8
- 172.16.0.0/12
- 192.168.0.0/16
apps:
- mappings:
- session_handling: enforce_session
deny_rule_groups:
- level: strict
redis:
enabled: true
echo-server:
enabled: true
ingress:
enabled: true
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
kubernetes.io/ingress.class: nginx
hosts:
- virtinc.comVerification
Follow the instructions below to verify that the Helm release could be deployed successfully.
- 1.Check the status of the pods:
- 2.Send a curl request to the echo server:
- The request is sent to the echo server.
- The Airlock Microgateway logs show, that the request has been filtered by Microgateway.
All pods have a STATUS of Running.
In case that Airlock Microgateway was not deployed in Minikube, replace the part $(minikube ip) with the IP address of the Ingress of your Kubernetes cluster.
Uninstall
Follow the instructions below to uninstall the Helm release.
- 1.Uninstall the Helm release