Home / Kong Operator / Gateway Deployment / Get Started
Edit
Report

Install Kong Operator for Kong Event Gateway

Uses: Kong Operator
Incompatible with
on-prem
Related Documentation
Operator Documentation
In This Series
  1. Install Kong Operator for Kong Event Gateway
  2. Deploy Kong Event Gateway with port mapping
  3. Deploy Kong Event Gateway with TLSRoute and SNI
Tags
#install #helm #kafka
Related Resources
Kong Event Gateway architecture
Kong Event Gateway with Kong Operator
Known limitations
Minimum Version
Kong Operator - 2.2
TL;DR

Create the kong and kafka namespaces, install Kong Operator, then deploy a Kafka cluster for the Event Gateway examples.

This guide walks through a complete Kong Event Gateway setup using Kong Operator and Konnect.

By the end of the series, you will have:

  • a Konnect Event Gateway control plane
  • an Event Gateway data plane in Kubernetes
  • a backend Kafka cluster
  • a virtual cluster, listener, and listener policies
  • consumer and producer policies
  • two ways to expose services:
    • LoadBalancer and portMapping
    • Gateway, TLSRoute, and SNI

Create the Kubernetes namespaces

Create the namespaces used throughout this example:

kubectl create namespace kong
kubectl create namespace kafka

Install Kong Operator

Install Kong Operator with Helm:

  1. Add the Kong Helm charts:

    helm repo add kong https://charts.konghq.com
helm repo update

  2. Install Kong Operator using Helm:

    helm upgrade --install kong-operator kong/kong-operator -n kong-system \
  --create-namespace \
  --set image.tag=2.2 \
  --set env.ENABLE_CONTROLLER_KONNECT=true \
  --set env.ENABLE_CONTROLLER_KEGDATAPLANE=true

    If you want cert-manager to issue and rotate the admission and conversion webhook certificates, install cert-manager to your cluster and enable cert-manager integration by passing the following argument while installing, in the next step:

    --set global.webhooks.options.certManager.enabled=true

    If you do not enable this, the chart will generate and inject self-signed certificates automatically. We recommend enabling cert-manager to manage the lifecycle of these certificates. Kong Operator needs a certificate authority to sign the certificate for mTLS communication between the control plane and the data plane. This is handled automatically by the Helm chart. If you need to provide a custom CA certificate, refer to the certificateAuthority section in the values.yaml of the Helm chart to learn how to create and reference your own CA certificate.

Install a Kafka cluster

The Event Gateway examples in this guide use a three-broker Kafka cluster deployed with the Bitnami chart.

  1. Add the Bitnami Helm repository:

    helm repo add bitnami https://charts.bitnami.com/bitnami
helm repo update

  2. Write the Kafka configuration file:

    cat <<'EOF' >/tmp/kafka-values.yaml
image:
  registry: docker.io
  repository: bitnamilegacy/kafka
  tag: 4.0.0-debian-12-r6

listeners:
  client:
    protocol: PLAINTEXT
externalAccess:
  enabled: false
kraft:
  enabled: true
controller:
  replicaCount: 3
broker:
  replicaCount: 0
EOF

  3. Install Kafka:

    helm install kafka-cluster bitnami/kafka \
  -n kafka \
  --version 32.4.3 \
  -f /tmp/kafka-values.yaml

  4. Wait for all Kafka brokers to be ready before continuing:

    kubectl wait pod -n kafka \
  --for=condition=Ready \
  --selector app.kubernetes.io/name=kafka \
  --timeout=5m
Next → 2. Deploy Kong Event Gateway with port mapping
Something wrong?
Report an Issue | Edit this Page
View all Kong documentation

Help us make these docs great!

Kong Developer docs are open source. If you find these useful and want to make them better, contribute today!
Contribute

Still need help?

Ask in our Slack Community
Contact Support