# Kong for Kubernetes with Kong Enterprise with Enterprise features enabled and # exposed via TLS-enabled Ingresses. Before installing: # * Several settings (search for the string "CHANGEME") require user-provided # Secrets. These Secrets must be created before installation. # * Ingresses reference example "<service>.kong.CHANGEME.example" hostnames. These must # be changed to an actual hostname that resolve to your proxy. # * Ensure that your session configurations create cookies that are usable # across your services. The admin session configuration must create cookies # that are sent to both the admin API and Kong Manager, and any Dev Portal # instances with authentication must create cookies that are sent to both # the Portal and Portal API. image: repository: kong-docker-kong-enterprise-edition-docker.bintray.io/kong-enterprise-edition tag: 2.1.4.1-alpine pullSecrets: # CHANGEME: https://github.com/Kong/charts/blob/main/charts/kong/README.md#kong-enterprise-docker-registry-access - kong-enterprise-edition-docker env: prefix: /kong_prefix/ database: postgres password: valueFrom: secretKeyRef: name: kong-enterprise-superuser-password #CHANGEME key: password #CHANGEME admin: enabled: true annotations: konghq.com/protocol: "https" tls: enabled: true servicePort: 8444 containerPort: 8444 parameters: - http2 ingress: enabled: true tls: CHANGEME-admin-tls-secret hostname: admin.kong.CHANGEME.example annotations: kubernetes.io/ingress.class: "kong" path: / proxy: enabled: true type: LoadBalancer annotations: {} http: enabled: true servicePort: 80 containerPort: 8000 parameters: [] tls: enabled: true servicePort: 443 containerPort: 8443 parameters: - http2 stream: {} ingress: enabled: false hosts: [] annotations: {} path: / externalIPs: [] enterprise: enabled: true # CHANGEME: https://github.com/Kong/charts/blob/main/charts/kong/README.md#kong-enterprise-license license_secret: kong-enterprise-license vitals: enabled: true portal: enabled: true rbac: enabled: true admin_gui_auth: basic-auth session_conf_secret: kong-session-config admin_gui_auth_conf_secret: CHANGEME-admin-gui-auth-conf-secret smtp: enabled: false portal_emails_from: none@example.com portal_emails_reply_to: none@example.com admin_emails_from: none@example.com admin_emails_reply_to: none@example.com smtp_admin_emails: none@example.com smtp_host: smtp.example.com smtp_port: 587 smtp_auth_type: nil smtp_ssl: nil smtp_starttls: true auth: smtp_username: '' # e.g. postmaster@example.com smtp_password_secret: CHANGEME-smtp-password manager: enabled: true type: NodePort annotations: konghq.com/protocol: "https" http: enabled: false tls: enabled: true servicePort: 8445 containerPort: 8445 parameters: - http2 ingress: enabled: true tls: CHANGEME-manager-tls-secret hostname: manager.kong.CHANGEME.example annotations: {} path: / externalIPs: [] portal: enabled: true type: NodePort annotations: konghq.com/protocol: "https" http: enabled: true servicePort: 8003 containerPort: 8003 parameters: [] tls: enabled: true servicePort: 8446 containerPort: 8446 parameters: - http2 ingress: enabled: true tls: CHANGEME-portal-tls-secret hostname: portal.kong.CHANGEME.example annotations: kubernetes.io/ingress.class: "kong" path: / externalIPs: [] portalapi: enabled: true type: NodePort annotations: konghq.com/protocol: "https" http: http: enabled: true servicePort: 8004 containerPort: 8004 parameters: [] tls: enabled: true servicePort: 8447 containerPort: 8447 parameters: - http2 ingress: enabled: true tls: CHANGEME-portalapi-tls-secret hostname: portalapi.kong.CHANGEME.example annotations: kubernetes.io/ingress.class: "kong" path: / externalIPs: [] postgresql: enabled: true postgresqlUsername: kong postgresqlDatabase: kong service: port: 5432 ingressController: enabled: true installCRDs: false env: kong_admin_token: valueFrom: secretKeyRef: name: kong-enterprise-superuser-password #CHANGEME key: password #CHANGEME