We love abstractions. We want to make things easier for developers, teams and end users. In doing that, sometimes we build things a little bit too complex for those who don't already understand the pain points for which the abstraction layers were built. [Kubernetes](https://konghq.com/blog/learning-center/what-is-kubernetes)Kubernetes is an example of this; it solves a very real, very painful problem, but it is notoriously difficult to wrap your head around. The scale of the work it does for us means that it covers so much ground that one person can't possibly have the necessary expertise to babysit every aspect.
Fortunately, an entire ecosystem has formed around Kubernetes and cloud native development. Tools upon tools, open source or commercial, have sprung up to relieve some of the pain points involved in application development today. It doesn't have to be so difficult anymore, and you may not even need to learn much to take advantage of it. These tools are built for the cloud, first and foremost, solving different problems while using skills your team probably already has.
One such tool is [Kong Gateway](https://konghq.com/kong)Kong Gateway, allowing you to manage the communications between your microservices and your clients at lightning speed. It even includes a [Kubernetes Ingress Controller](https://konghq.com/solutions/kubernetes-ingress)Kubernetes Ingress Controller, using native CRDs so you can tightly control any aspect of an [API gateway](https://konghq.com/blog/learning-center/what-is-an-api-gateway)API gateway that you might want.
We also have ways to make infrastructure deployment faster and more familiar for developers. [Pulumi](https://www.pulumi.com)Pulumi is infrastructure as code. When I say infrastructure as code, I mean really code—you can stand up whatever infrastructure you want on whatever cloud provider you like. Plus, deploy your application in a language you're probably already familiar with—Python, Typescript, C#, and of course, because we're cloud native, Go.
Standing up your Kubernetes cluster on whatever cloud provider you like is relatively low impact, requiring only about 50 lines of Python code. This can even live right alongside your application code if you want. It's the way cloud engineering was meant to be done, with minimal complexity and maximum impact.
Standing up a vanilla Kubernetes cluster isn't all you want to do, though, is it? Surely you want to take advantage of some of the fancy cloud native tooling I mentioned earlier to make managing that cluster less painful and more secure? Perhaps, implementing an API gateway? Well, it turns out Pulumi and Kong work really well together. In Python, let's look at how to stand up a Kubernetes cluster on DigitalOcean and deploy Kong Ingress Controller with Pulumi!
For this, you'll need a Pulumi account and the [Pulumi CLI](https://www.pulumi.com/docs/get-started/install)Pulumi CLI installed. You will also need a Digital Ocean account and [Pulumi set up to access Digital Ocean](https://www.pulumi.com/docs/intro/cloud-providers/digitalocean/setup)Pulumi set up to access Digital Ocean.
Create a new directory called kong-ingress and initialize a new Pulumi project inside of it with pulumi new python -y.
Now activate your virtual environment with source /venv/bin/activate and run pip3 install pulumi_digitalocean pulumi_kubernetes to install your dependencies. We're ready to go, and from here on out, we'll be adding code to __main__.py.
First, get our config values to define what our cluster looks like and tell Digital Ocean to use the latest version of Kubernetes.
import pulumi
import pulumi_digitalocean as do
import pulumi_kubernetes as k8s
config = pulumi.Config();
clusterName = config.require('cluster-name'); # "my-cluster"
clusterRegion = config.require('region'); # "nyc3"
nodePoolName = config.require('node-pool-name'); # "my-cluster-pool"
nodeSize = config.require('node-size'); # "s-1vcpu-2gb"
nodeCount = config.require('node-count'); # "4"
nodeTag = config.require('tag'); # "matty-workshop"
# Grab the latest version available from DigitalOcean.
ver = do.get_kubernetes_versions()
Here, we're provisioning the cluster itself, setting up the Kubernetes provider for Pulumi and adding a namespace for better organization.
cluster = do.KubernetesCluster(
clusterName,
region=clusterRegion,
version=ver.latest_version,
node_pool=do.KubernetesClusterNodePoolArgs(
name=nodePoolName,
size=nodeSize,
node_count=config.get_int('node-count'),
tags=[nodeTag]
),
)
k8s_provider = k8s.Provider(
"do-k8s",
kubeconfig=cluster.kube_configs.apply(lambda c: c[0].raw_config),
opts=pulumi.ResourceOptions(parent=cluster),
)
ns = k8s.core.v1.Namespace(
"platform",
metadata=k8s.meta.v1.ObjectMetaArgs(name="platform"),
opts=pulumi.ResourceOptions(provider=k8s_provider, parent=k8s_provider),
)
Below is all it takes to deploy Kong using a Helm chart while applying a transformation to it simultaneously. In this case, we're using a small helper function to look at the custom resource definition and remove the "status" object so that the Helm chart doesn't return it. It is also possible to deploy via config files without much more code than this.
def remove_status(obj, opts):
if obj["kind"] == "CustomResourceDefinition":
del obj["status"]
# Deploying Kong via Helm chart.
kong_ingress = k8s.helm.v3.Chart(
"kong-ingress",
k8s.helm.v3.ChartOpts(
namespace=ns.metadata.name,
chart="kong",
fetch_opts=k8s.helm.v3.FetchOpts(
repo="https://charts.konghq.com"
),
transformations=[remove_status],
),
opts=pulumi.ResourceOptions(provider=k8s_provider, parent=ns),
)
Finally, we're getting the Kong Ingress resource that we've just deployed and exporting its ingress URL so that we know where it is.
svc = kong_ingress.get_resource('v1/Service', "platform/kong-ingress-kong-proxy")
pulumi.export("url", svc.status.apply(lambda s: s.load_balancer.ingress[0].ip))
To run this, set your config values from the terminal.
$ pulumi config set cluster-name my-cluster
$ pulumi config set node-count 4
$ pulumi config set node-pool-name my-cluster-pool
$ pulumi config set node-size s-1vcpu-2gb
$ pulumi config set region nyc3
$ pulumi config set tag my-cluster
Then run pulumi up and watch! In a few minutes, you'll have a fully functional Kubernetes cluster with four nodes deployed to Digital Ocean and running a Kong Ingress Controller, all in around 60 lines of code. When you're ready to tear this down, run pulumi destroy and watch it disappear! If you want to copy and paste the running code, you can find it in this [GitHub repo.](https://github.com/katcosgrove/pulumi-kong-ingress)GitHub repo.
**If you want to go a bit further, **[**click here**](https://konghq.com/blog/kong-gateway-pulumi)**click here**** or watch the video below to learn how to use Pulumi to provision an AWS EC2 instance and configure it as an API gateway data plane for **[**Kong Konnect**](https://konghq.com/kong-konnect)**Kong Konnect****!**
Automate Everything: Kong Gateway + API Management with Terraform Across Any Cloud Too many organizations manually manage their API gateways and policy enforcement today. As humans, we make mistakes. You’ve got one team manually configuring Kong or
Quality is at the core of every product we build. To move fast without compromising on quality, we rely on an extensive set of test suites that tell us quickly whether a change has caused a regression. Those suites are large enough that a single ful
Traditional agreement processes were slow and heavily manual. Documents were often created in office tools, shared through email, printed, signed physically, and stored across multiple systems. Tracking the status of agreements required manual follo
How Kong Gateway 3.14 closes the consistency gap in IAM-based authentication across AWS, Azure and GCP — and what it means for your production deployments Starting with 3.13 (which addressed Redis support) and completed in 3.14, Kong now presents
As the cloud industry matures, its no longer a question of if youre in the cloud, but how many clouds youre in. Most businesses now realize that there isnt a one cloud fits all solution and have shifted towards a hybrid or multi-cloud model. Hybrid
kongctl was built with the modern development stack in mind. Developers working in a terminal want the ability to query systems quickly to verify state, behaviors, and capabilities. Coding harnesses need well defined tools and accurate schemas for
