Install and upgrade in Kubernetes
The instructions below cover the required steps to install and upgrade the Airlock Microgateway Operator in Kubernetes.
The data plane sidecar mode has been deprecated as of Microgateway 4.8 (see Deprecated features). To simplify installation and upgrade procedures, this guide only documents the sidecarless data plane mode.
If you still need to install or operate the deprecated sidecar mode for an existing deployment, follow the instructions in Microgateway 4.7 Installation and uninstallation and use the following versions:
- Gateway API version: v1.4.0
- Microgateway version: 4.8.0
Prerequisites
Airlock Microgateway requires a valid license. See Community vs. Premium editions in detail to choose the right license type.
Either request a community or premium license
- Request a community license
A license will be sent automatically within minutes. - Request a premium license
Your sales partner will contact you for licensing.
Install
Deploy cert-manager
The cert-manager is required to create the certificates for the Microgateway validating webhook endpoint. Run the command below to install the cert-manager:
For more details, consider the official cert-manager Helm installation instructions.
Deploy Kubernetes Gateway API CRDs
Airlock Microgateway requires the Kubernetes Gateway API CRDs. To use incubating features, install the experimental channel. Otherwise the standard channel.
Standard channel:
Experimental channel:
More details, including release notes and upgrade information, can be found in the official Kubernetes Gateway API installation documentation.
Deploy Airlock Microgateway license
- Create the
airlock-microgateway-systemnamespace. - Store the license in the Microgateway Operator namespace, in a Kubernetes secret with the name
airlock-microgateway-licenseand the keymicrogateway-license.txt. Use the following command:
For more details about license monitoring, consider the article Configuring and monitoring licenses.
Deploy Airlock Microgateway Operator
CRDs are included via the standard Helm 3 mechanism, i.e. Helm will handle initial installation but not upgrades
- The logs should show the message
Thank you for installing Airlock Microgateway. ...including further information on successful installation.
Upgrade
The following upgrade instructions aim to upgrade running deployments to a newer version of Airlock Microgateway without interruption of service.
- The upgrade instructions may not apply to breaking release upgrades of Airlock Microgateway. Refer to the release notes published on GitHub.
- Do not add the
--reuse-valuesflag to thehelm upgradecommand when upgrading to a different version of Airlock Microgateway/Helm charts. The flag would prevent updating some required settings and changes.
For further information, refer to the official CRD Management Guide of the Gateway API.
- Update the CRDs. This will not break your current installation if not noted otherwise in the release notes of the new Microgateway version.
- Upgrade the Microgateway Operator.
- You can verify the current Pod status by checking the
versionlabel. - Run the corresponding command, depending on which Kubernetes Gateway API channel you have installed.
Standard channel:
Experimental channel:
To upgrade the CRDs of the Gateway API, follow the instructions in the section Upgrading to a new version of the official CRD Management Guide of the Gateway API.
- Notice
Following an upgrade, if CRDs are added or removed, restart the Microgateway Operator to ensure that the updated CRDs are processed.
Further information and links
External links: