Let’s Go AWS! The Kong Konnect EKS Marketplace Add-on for Kong Gateway Dataplanes is Ready to Go
Today, we’re excited to release the Kong Konnect EKS Marketplace add-on as a means to deploy your Kong Gateway dataplanes in AWS. The add-ons are a step forward in providing fully managed Kubernetes clusters. It is here to simplify the post-procurement process of bootstrapping Kong Konnect gateway data planes, avoid context switching among tools during the installation process, and provide notifications when a new version of Kong Gateway is available, making upgrades seamless.
What is an EKS add-on from AWS Marketplace?
Not to be confused with the Amazon EKS Blueprint AddOns, Amazon EKS add-ons are also intended to help AWS customers to configure, deploy, update, and maintain operational software that provides key functional support to EKS clusters. Amazon EKS Add-ons are software components such as storage, networking, observability, and gateways, among others.
Why should I consider add-ons?
The core purpose of the EKS add-ons is to simplify the installation and management of a curated set of platform components while ensuring security, stability, and compatibility with Amazon EKS.
The experience is intended to simplify the platform experience of standing up a production-ready cluster, by streamlining the post-procurement process of standing up these components.
How so? The add-ons provide three key features:
- Centralize EKS configuration - The management of EKS software components (add-ons) becomes centralized to your AWS console where you are already managing EKS clusters.
- Reduce tooling overload - The installation, configuration, upgrade/downgrade can be done within AWS tooling - AWS CLI, eksctl, AWS Terraform provider, or CloudFormation. Essentially, pick your AWS preference for managing these platform resources rather than leveraging another tech stack (helm or kustomize for example). Take a closer look at the AWS docs (Managing add-ons) for more details.
- Notifications - Staying up to date with the latest and greatest is notoriously difficult to do for any software component. By using the add-on you are notified of new versions, and again these upgrades/downgrades can be handled by the AWS tooling made available.
What is the Kong Konnect EKS Marketplace add-on for Kong Gateway?
Gateways are clearly operational requirements for your EKS clusters, in addition to the need to have a clear Federated API management strategy for your AWS resources. This is what Kong Konnect and our add-on deliver for you. All within AWS, you can procure Kong Konnect, and then immediately leverage the kong_konnect_ri add-on to deploy Kong Gateway dataplanes.
It simplifies deployment and management, both upgrade and downgrade, of Kong Gateway dataplanes, without having to leave the AWS tooling ecosystem. Under the hood, the helm chart, the chart configuration, and the Kong Gateway images have been already vetted and approved by AWS to work on the EKS cluster.
The high-level post-procurement experience and samples of the AWS commands to manage your Kong Gateway add-on are shown below.
Talk is cheap: Show me a demo
Let’s walk through a demo together. We will use the AWS Console to deploy Kong Gateway Dataplanes, then we will use the AWS CLI to describe and delete it.
Step 1 - From the AWS Console, navigate to your EKS Cluster and locate the Add-ons tab.
Step 2 - Use the search bar to quickly locate the Kong Konnect add-on.
Step 3 - Now, we’ll start the configuration.
First, subscribe to the add-on, this will direct you to AWS Marketplace to procure the add-on. The add-on itself is free with Konnect. (If you don’t have Konnect already, you can start for free with Kong Konnect Plus.)
Then select the version of the gateway you want to install. The add-on versioning system aligns with the Kong Gateway image version system.
v3.4.1-eksbuild.1 == kong gateway 3.4.1
Step 4 - We actually have to step away from the AWS Console for a bit to run some prerequisites in Konnect — namely create the control plane, generate the data plane certificates, and gather control plane configuration. In reality, much of this can be handled with Konnect APIs but we are going to step through it via the Konnect Console.
Start by creating the Kong namespace on your EKS cluster
Log in to Kong Konnect and create a Control Plane of type Kong Gateway.
From Gateway Manager, create a New Dataplane, this is really to generate certs, create the k8s secret for those certs, and gather the control plane configuration.
In the same window, copy the control plane configuration, you won’t need all the values, just the endpoints. See below.
You’re done in Konnect for now.
Step 5 - Navigate back to your AWS Console, and we’re going to paste in the control plane configuration into the Konnect Add-On Configuration.
And you should be done, finish approving the install and from Kong Konnect you should be able to see those dataplanes spin up on your EKS cluster.
Validation
From Kong Konnect, navigate Gateway Manager → select your control plane → into Data Plane Nodes → you should see those data planes are in sync and healthy.
Similarly, you should also see those pods in the kong namespace:
Clean Up
Just to give you an idea of the console capabilities, we will use the AWS CLI to delete the add-on:
It’s that simple.
Automation Options - CLI - Terraform - CloudFormations
For those who want to move away from using the AWS and Konnect consoles, there are options available.
As mentioned earlier, the AWS CLI and eksctl command line tools are available.
Alternatively, because the add-ons are part of the AWS API, Infrastructure as Code solutions are available in both the Terraform AWS Provider and CloudFormation. Take a look at the terraform aws_eks_addon resource below:
For more examples of how to leverage the different tooling available, take a look at the example github repository.
Wrapping up
We're always excited to launch a new integration with AWS, and we're excited to see our AWS customer’s reaction to using this add-on for managing your Kong Gateway dataplanes.
If this has piqued your interest, subscribe to the marketplace listing. As we mentioned before, it’s free so give it a test run.