Install and upgrade in Kubernetes
The instructions below cover the required steps to install and upgrade the Airlock Microgateway Operator in Kubernetes.
Prerequisites
Airlock Microgateway requires a valid license. See Community vs. Premium editions in detail to choose the right license type.
Either request a community or premium license
- Request a community license
A license will be sent automatically within minutes. - Request a premium license
Your sales partner will contact you for licensing.
Install
Deploy Kubernetes Gateway API CRDs
Airlock Microgateway requires the Kubernetes Gateway API CRDs. To use incubating features, install the experimental channel. Otherwise the standard channel.
Standard channel:
Experimental channel:
More details, including release notes and upgrade information, can be found in the official Kubernetes Gateway API installation documentation.
Deploy Airlock Microgateway license
- Create the
airlock-microgateway-systemnamespace. - Store the license in the Microgateway Operator namespace, in a Kubernetes secret with the name
airlock-microgateway-licenseand the keymicrogateway-license.txt. Use the following command:
For more details about license monitoring, consider the article Monitoring Microgateway licenses.
Deploy Airlock Microgateway Operator
CRDs are included via the standard Helm 3 mechanism, i.e. Helm will handle initial installation but not upgrades
- The logs should show the message
Thank you for installing Airlock Microgateway. ...including further information on successful installation.
What's next
- Gateway deployment
Deploy the gateway either as an Ingress or as an in-cluster Gateway. - Session handling
Enable session handling to persist session information and correlate requests with a session ID. This is a prerequisite for OIDC-based authentication. - Use cases
Learn how to use Airlock Microgateway for other typical scenarios such as request routing, request filtering or authentication enforcement.
Upgrade
The following upgrade instructions aim to upgrade running deployments to a newer version of Airlock Microgateway without interruption of service.
- The upgrade instructions may not apply to breaking release upgrades of Airlock Microgateway. Refer to the release notes published on GitHub.
- Do not add the
--reuse-valuesflag to thehelm upgradecommand when upgrading to a different version of Airlock Microgateway/Helm charts. The flag would prevent updating some required settings and changes.
- For information on what to consider when upgrading the Gateway API CRDs, follow the instructions in the section Upgrading to a new version of the official CRD Management Guide of the Gateway API. In most cases, the upgrade can be performed using one of the following commands, depending on the Kubernetes Gateway API channel you have installed.
Standard channel:
Experimental channel:
- Upgrade the Airlock Microgateway CRDs.
- Upgrade the Microgateway Operator.
- You can verify the current Pod status by checking the
versionlabel.
Further information and links
External links: