Set up Gloo Portal
Set up the Gloo Portal and some initial apps to get started.
To use Gloo Portal, you install or upgrade Gloo Gateway to deploy the portal server. Then, you use the Kubernetes Gateway API to create a gateway listener for the API traffic that you want to expose to end users through the portal. Finally, you deploy some sample apps to get started.
Before you begin
Complete the Get started guide to set up Gloo Gateway.
Set up Gloo Portal
Set the Gloo Gateway Enterprise version for your upgrade. Gloo Portal for Gloo Gateway is available in version 1.17.0-beta1 and later.
export UPGRADE_VERSION=1.17.20Get the Helm values files for your current version.
helm get values gloo -n gloo-system -o yaml > gloo-gateway.yaml open gloo-gateway.yamlAdd the following sections to your Helm values file to include the Gloo Portal plugin and portal server.
gloo: gloo: deployment: customEnv: # The Gloo Portal plugin is disabled by default # You can use the plugin with Gloo Gateway and the Kubernetes Gateway API (not classic Gloo Gateway) - name: GG_PORTAL_PLUGIN value: "true" # Enable the subchart for the portal server gateway-portal-web-server: enabled: trueUpgrade your release. For more information about the upgrade process, see the Upgrade guide.
helm repo update helm upgrade -i gloo glooe/gloo-ee \ --namespace gloo-system \ --create-namespace \ -f gloo-gateway.yaml \ --set-string license_key=$GLOO_GATEWAY_LICENSE_KEY \ --version $UPGRADE_VERSIONConfirm that the Gloo components are healthy.
glooctl checkExample output:
... No problems detected.Confirm that the portal server is running.
kubectl get pods -n gloo-system -l app=gateway-portal-web-serverVerify that you have a Kubernetes Gateway API. Your gateway must be configured with an HTTP listener that can server HTTP resources from the namespaces that you want to use for your portal. If you followed the Get Started guide, you have an
httpgateway.kubectl get gateways -n gloo-systemIf not, you can create an HTTP gateway with the following command.
kubectl apply -n gloo-system -f- <<EOF kind: Gateway apiVersion: gateway.networking.k8s.io/v1 metadata: name: http namespace: gloo-system spec: gatewayClassName: gloo-gateway listeners: - protocol: HTTP port: 8080 name: http allowedRoutes: namespaces: from: All # Setting to all to allow for Same namespace routing as well as the petstore namespace EOF
Deploy sample apps
Now that you have Gloo Portal installed, deploy some sample apps. Later, you expose these apps in a frontend developer portal.
You create two apps, Petstore and Tracks.
- Petstore is a collection of API microservices that together represent a Petstore. Different microservices perform different functions, providing information about pets, stores, and users.
- Tracks is a single API that provides information about a catalog of learning resources, or “tracks.”
The apps both consist of a deployment of a REST API and a matching service. Their services include several annotations that Gloo can use to automatically discover the service and create an ApiDoc for you. You learn more about ApiDocs later.
The following example uses a sample app for demonstration purposes only. You can use the app to try out the feature and to help design your own app. The app is not intended for production use and might not have updated dependencies or security patches.Keep in mind that because Gloo Gateway uses the Kubernetes Gateway API, you have to follow Kubernetes namespace practices. This means that later, you create ReferenceGrants for resources such as Services and HTTPRoutes that need access to Kubernetes resources in other namespaces.
Create a namespace for the apps.
kubectl create ns tracks kubectl create ns users kubectl create ns pets kubectl create ns storeDeploy the apps. The following sample files include the Kubernetes deployment and service for the app. The services include custom annotations that allow Gloo to automatically discover the services and create ApiDocs for them.
kubectl apply -f https://raw.githubusercontent.com/solo-io/gloo-mesh-use-cases/main/gloo-gateway/portal/tracks-api.yaml kubectl apply -f https://raw.githubusercontent.com/solo-io/gloo-mesh-use-cases/main/gloo-gateway/portal/users-api.yaml kubectl apply -f https://raw.githubusercontent.com/solo-io/gloo-mesh-use-cases/main/gloo-gateway/portal/pets-api.yaml kubectl apply -f https://raw.githubusercontent.com/solo-io/gloo-mesh-use-cases/main/gloo-gateway/portal/store-api.yamlCheck that your apps are running
kubectl get all -l demo=portal -A
Set up routes to your apps
Set up routes to the sample apps that you created.
- One HTTPRoute for the Tracks app with an
api.tracks.com/tracksroute - One HTTPRoute for the Petstore app with three routes for each of its apps:
api.petstore.com/usersfor the Users appapi.petstore.com/petsfor the Pets appapi.petstore.com/storefor the Store app
Later, you create ApiProducts that target these routes. The ApiProducts are then shared in the developer portal so that your end users can access your services through the ApiProducts.
Create an HTTPRoute to expose each app on a domain with a unique route per app. The
httpgateway that you previously created listens for this route.kubectl apply -n gloo-system -f- <<EOF apiVersion: gateway.networking.k8s.io/v1 kind: HTTPRoute metadata: name: tracks-route namespace: gloo-system spec: hostnames: - api.tracks.com parentRefs: - group: gateway.networking.k8s.io kind: Gateway name: http namespace: gloo-system rules: - backendRefs: - group: "" kind: Service name: tracks-rest-api namespace: tracks port: 5000 weight: 1 filters: - type: URLRewrite urlRewrite: path: replacePrefixMatch: / type: ReplacePrefixMatch matches: - path: type: PathPrefix value: /tracks EOFkubectl apply -n gloo-system -f- <<EOF apiVersion: gateway.networking.k8s.io/v1 kind: HTTPRoute metadata: name: petstore-route namespace: gloo-system spec: hostnames: - api.petstore.com parentRefs: - group: gateway.networking.k8s.io kind: Gateway name: http namespace: gloo-system rules: - backendRefs: - group: "" kind: Service name: users-rest-api namespace: users port: 5000 weight: 1 filters: - type: URLRewrite urlRewrite: path: replacePrefixMatch: / type: ReplacePrefixMatch matches: - path: type: PathPrefix value: /users - backendRefs: - group: "" kind: Service name: pets-rest-api namespace: pets port: 5000 weight: 1 filters: - type: URLRewrite urlRewrite: path: replacePrefixMatch: / type: ReplacePrefixMatch matches: - path: type: PathPrefix value: /pets - backendRefs: - group: "" kind: Service name: store-rest-api namespace: store port: 5000 weight: 1 filters: - type: URLRewrite urlRewrite: path: replacePrefixMatch: / type: ReplacePrefixMatch matches: - path: type: PathPrefix value: /store EOFBecause the HTTPRoute is in a different namespace than the app, create a Kubernetes ReferenceGrant for the HTTPRoutes to each app’s Service.
kubectl apply -n tracks -f- <<EOF apiVersion: gateway.networking.k8s.io/v1beta1 kind: ReferenceGrant metadata: name: tracks-rg namespace: tracks spec: from: - group: gateway.networking.k8s.io kind: HTTPRoute namespace: gloo-system to: - group: "" kind: Service EOFkubectl apply -n users -f- <<EOF apiVersion: gateway.networking.k8s.io/v1beta1 kind: ReferenceGrant metadata: name: users-rg namespace: users spec: from: - group: gateway.networking.k8s.io kind: HTTPRoute namespace: gloo-system to: - group: "" kind: Service EOFkubectl apply -n pets -f- <<EOF apiVersion: gateway.networking.k8s.io/v1beta1 kind: ReferenceGrant metadata: name: pets-rg namespace: pets spec: from: - group: gateway.networking.k8s.io kind: HTTPRoute namespace: gloo-system to: - group: "" kind: Service EOFkubectl apply -n store -f- <<EOF apiVersion: gateway.networking.k8s.io/v1beta1 kind: ReferenceGrant metadata: name: store-rg namespace: store spec: from: - group: gateway.networking.k8s.io kind: HTTPRoute namespace: gloo-system to: - group: "" kind: Service EOFVerify that the routes are created. In the status section, check for
AcceptedandResolvedRefsin the reason output.kubectl get httproute tracks-route -n gloo-system -o yaml | grep "status" -A15kubectl get httproute petstore-route -n gloo-system -o yaml | grep "status" -A15Example output:
[...] status: parents: - conditions: - lastTransitionTime: "2024-04-17T19:36:16Z" message: "" observedGeneration: 1 reason: Accepted status: "True" type: Accepted - lastTransitionTime: "2024-04-17T19:36:16Z" message: "" observedGeneration: 1 reason: ResolvedRefs status: "True" type: ResolvedRefs
Next steps
Next, bundle your apps into ApiProducts that you can expose in a frontend developer portal.
This tutorial installs Gloo Portal with the default in-memory database for quick testing. For production setups, [install a Postgres database](/gateway/1.17.x/portal/operations/database/) to use for Gloo Portal instead.