Set up the UI

To learn more about the features of the Gloo UI, see About the Gloo UI.

• In single cluster setups, you can install the Gloo UI in the same cluster alongside your Gloo Gateway installation.
• In multicluster setups, you can enable the Gloo UI relay architecture components that help you relay metrics, logs, and insights from each cluster to the Gloo UI component. This observability setup lets you use the Gloo UI as a single pane of glass for all your clusters. To learn more about the relay architecture, its components, and how they communicate with each other, see Relay architecture in the Gloo Mesh documentation.

Before you begin link

1. Follow the Get started guide to install Gloo Gateway, set up a gateway resource, and deploy the httpbin sample app.

2. Get the external address of the gateway and save it in an environment variable.

     export INGRESS_GW_ADDRESS=$(kubectl get svc -n gloo-system gloo-proxy-http -o jsonpath="{.status.loadBalancer.ingress[0]['hostname','ip']}")
   echo $INGRESS_GW_ADDRESS  
     

     kubectl port-forward deployment/gloo-proxy-http -n gloo-system 8080:8080
     

Set up the Gloo UI link

Single cluster link

Use these instructions to install the Gloo UI in the same cluster as Gloo Gateway. The Gloo UI analyzes your Gloo Gateway setup and provides metrics and insights to you.

1. Set the name of your cluster and your Gloo Gateway license key as an environment variable.

     export CLUSTER_NAME=<cluster-name>
   export GLOO_GATEWAY_LICENSE_KEY=<license-key>
     

2. Add the Helm repo for the Gloo UI.

     helm repo add gloo-platform https://storage.googleapis.com/gloo-platform/helm-charts
   helm repo update  
     

3. Install the custom resources for the Gloo UI.

     helm upgrade -i gloo-platform-crds gloo-platform/gloo-platform-crds \
    --namespace=gloo-system \
    --version=2.7.7 \
    --set installEnterpriseCrds=false
     

4. Install the Gloo UI and configure it for Gloo Gateway. If you also installed an ambient mesh by using the Solo distribution of Istio, see the Gloo Gateway and ambient mesh tab.

     helm upgrade -i gloo-platform gloo-platform/gloo-platform \
   --namespace gloo-system \
   --version=2.7.7 \
   -f - <<EOF
   common:
     adminNamespace: "gloo-system"
     cluster: $CLUSTER_NAME<p>featureGates:
   insightsConfiguration: true</p>
   
   glooInsightsEngine:
     enabled: true
   glooAnalyzer:
     enabled: true
   glooUi:
     enabled: true
   licensing:
     glooGatewayLicenseKey: $GLOO_GATEWAY_LICENSE_KEY
   prometheus:
     enabled: true
   telemetryCollector:
     enabled: true
     mode: deployment
     replicaCount: 1
   EOF
     

   If you also installed an ambient mesh by using the Solo distribution of Istio:

   1. If you have not already, save your Solo distribution of Istio license key in an environment variable. Note that you might have previously saved this key in another variable, such as ${SOLO_LICENSE_KEY} or ${GLOO_MESH_LICENSE_KEY}.

        export SOLO_ISTIO_LICENSE_KEY=<key>
        

   2. Install the Gloo UI.

        helm upgrade -i gloo-platform gloo-platform/gloo-platform \
      --namespace gloo-system \
      --version=2.7.7 \
      -f - <<EOF
      common:
        adminNamespace: "gloo-system"
        cluster: $CLUSTER_NAME<pre><code>  featureGates:
        

   insightsConfiguration: true</code></pre>
   
     glooInsightsEngine:
       enabled: true
     glooAnalyzer:
       enabled: true
     glooUi:
       enabled: true
     licensing:
       glooGatewayLicenseKey: $GLOO_GATEWAY_LICENSE_KEY
       glooMeshCoreLicenseKey: $SOLO_ISTIO_LICENSE_KEY
     prometheus:
       enabled: true
     telemetryCollector:
       enabled: true
       mode: deployment
       replicaCount: 1
     EOF
     ```
   

5. Verify that the Gloo UI components are successfully installed.

     kubectl get pods -n gloo-system
     

   Example output:

      NAME                                        READY   STATUS    RESTARTS   AGE
   extauth-f7695bf7f-f6dkt                     1/1     Running   0          10m
   gloo-587b79d556-tpvfj                       1/1     Running   0          10m
   gloo-mesh-ui-66db8d9584-kgjld               3/3     Running   0          72m
   gloo-telemetry-collector-68b8cf6f49-zhx87   1/1     Running   0          57m
   prometheus-server-7484d8bfd-tx5s4           2/2     Running   0          72m
   rate-limit-557dcb857f-9zq2t                 1/1     Running   0          10m
   redis-5d6c6bcd4-cnmbm                       1/1     Running   0          10m
   

6. Send a few requests to the httpbin app.

     for i in {1..10}; do curl -i http://$INGRESS_GW_ADDRESS:8080/headers \
   -H "host: www.example.com"; done
     

     for i in {1..10}; do curl -i localhost:8080/headers \
   -H "host: www.example.com"; done
     

7. Open the Gloo UI.

   1. Port-forward the Gloo UI pod.

        kubectl port-forward deployment/gloo-mesh-ui -n gloo-system 8090
        

   2. Open the Gloo UI dashboard.

        open http://localhost:8090/dashboard
        

      

      

8. Go to Observability > Graph to see the Gloo UI Graph. Select your cluster from the Cluster drop-down list, and the httpbin and gloo-system namespaces from the Namespace drop-down list. Verify that you see requests from the gateway proxy to the httpbin app. Note that it might take a few seconds for the graph to show the requests that you sent.

Multicluster link

If you have a multicluster setup, such as when you use Gloo Gateway as an ingress gateway to a multicluster mesh, you can set up the Gloo UI to capture metrics, logs, and insights for all of your clusters.

To capture telemetry data across multiple clusters, the Gloo UI uses a relay architecture concept that consists of a management server that is typically installed in the same cluster as your Gloo Gateway installation, and multiple agents that are installed in every cluster that you want to collect telemetry data from.

The following guide assumes a two-cluster setup. Cluster1 serves as the cluster that you install the relay management components into for the Gloo UI, and cluster2 serves as a cluster that you want to collect telemetry data from. If you have more clusters that you want to collect telemetry data from, simply repeat the same steps in all of your clusters.

1. Set the name and kubeconfig of your clusters, and your Gloo Gateway license key as environment variables. In this example, REMOTE_CLUSTER1 serves as the management cluster where you install the relay management components into. This cluster is typically the same cluster where you installed Gloo Gateway. However, it can also be any other cluster. REMOTE_CLUSTER2 is a cluster from which you want to collect telemetry data. Any collected telemetry data from this cluster is automatically sent to the management cluster.

     export REMOTE_CLUSTER1=<cluster1-name>
   export REMOTE_CLUSTER2=<cluster2-name>
   export REMOTE_CONTEXT1=<cluster1-context>
   export REMOTE_CONTEXT2=<cluster2-context>
   export GLOO_GATEWAY_LICENSE_KEY=<license-key>
     

2. Add the Helm repo for the Gloo UI.

     helm repo add gloo-platform https://storage.googleapis.com/gloo-platform/helm-charts
     

3. Install the custom resources for the Gloo UI in each of your clusters.

     helm upgrade -i gloo-platform-crds gloo-platform/gloo-platform-crds \
    --kube-context $REMOTE_CONTEXT1 \
    --namespace=gloo-system \
    --version=2.7.7 \
    --set installEnterpriseCrds=false
   
   helm upgrade -i gloo-platform-crds gloo-platform/gloo-platform-crds \
    --kube-context $REMOTE_CONTEXT2 \
    --namespace=gloo-system \
    --version=2.7.7 \
    --set installEnterpriseCrds=false
     

4. In the cluster where you plan to install the Gloo UI components for managing the telemetry data relay, create one KubernetesCluster resource for each cluster that you want to collect telemetry data from. In this example command, you create a KubernetesCluster resource that references cluster2 in the management cluster, cluster1.

     kubectl apply --context $REMOTE_CONTEXT1 -f- <<EOF
   apiVersion: admin.gloo.solo.io/v2
   kind: KubernetesCluster
   metadata:
      name: ${REMOTE_CLUSTER2}
      namespace: gloo-system
   spec:
      clusterDomain: cluster.local
   EOF
     

5. Install the Gloo UI components, including the management server, in one of your clusters. This cluster serves as the management cluster for the telemetry data relay. You typically use the same cluster that Gloo Gateway is installed in, but you can also install it in a different cluster. If you also installed an ambient mesh by using the Solo distribution of Istio, see the Gloo Gateway and ambient mesh tab.

     helm upgrade -i gloo-platform gloo-platform/gloo-platform \
   --namespace gloo-system \
   --kube-context $REMOTE_CONTEXT1 \
   --version=2.7.7 \
   -f - <<EOF
   common:
     adminNamespace: "gloo-system"
     cluster: $REMOTE_CLUSTER1
   featureGates:
     insightsConfiguration: true
   glooInsightsEngine:
     enabled: true
     runAsSidecar: false
   glooAnalyzer:
     enabled: true
   glooUi:
     enabled: true
   licensing:
     glooGatewayLicenseKey: $GLOO_GATEWAY_LICENSE_KEY
   prometheus:
     enabled: true
   redis:
     deployment:
       enabled: true
   telemetryCollector:
     enabled: true
     mode: deployment
     replicaCount: 1
   telemetryGateway:
     enabled: true
   glooMgmtServer:  
     enabled: true
   EOF
     

   If you also installed an ambient mesh by using the Solo distribution of Istio:

   1. If you have not already, save your Solo distribution of Istio license key in an environment variable. Note that you might have previously saved this key in another variable, such as ${SOLO_LICENSE_KEY} or ${GLOO_MESH_LICENSE_KEY}.

        export SOLO_ISTIO_LICENSE_KEY=<key>
        

   2. Install the Gloo UI.

        helm upgrade -i gloo-platform gloo-platform/gloo-platform \
      --namespace gloo-system \
      --kube-context $REMOTE_CONTEXT1 \
      --version=2.7.7 \
      -f - <<EOF
      common:
        adminNamespace: "gloo-system"
        cluster: $REMOTE_CLUSTER1
      featureGates:
        insightsConfiguration: true
      glooInsightsEngine:
        enabled: true
        runAsSidecar: false
      glooAnalyzer:
        enabled: true
      glooUi:
        enabled: true
      licensing:
        glooGatewayLicenseKey: $GLOO_GATEWAY_LICENSE_KEY
        glooMeshCoreLicenseKey: $SOLO_ISTIO_LICENSE_KEY
      prometheus:
        enabled: true
      redis:
        deployment:
          enabled: true
      telemetryCollector:
        enabled: true
        mode: deployment
        replicaCount: 1
      telemetryGateway:
        enabled: true
      glooMgmtServer:  
        enabled: true
      EOF
        

6. Verify that the Gloo UI components are successfully installed.

     kubectl get pods -n gloo-system --context $REMOTE_CONTEXT1
     

   Example output:

     NAME                                        READY   STATUS    RESTARTS   AGE
   gloo-mesh-mgmt-server-65b8f4b6cc-fcv27      1/1     Running   0          2m31s
   gloo-mesh-redis-5485f9f785-jq7n5            1/1     Running   0          10m
   gloo-mesh-ui-b8b46f698-2wdzt                3/3     Running   0          58s
   gloo-proxy-http-86554f88d4-ql7bn            1/1     Running   0          2d
   gloo-telemetry-collector-68b8cf6f49-hd7hj   1/1     Running   0          10m
   gloo-telemetry-gateway-85456cb66c-mghb7     1/1     Running   0          10m
   prometheus-server-7484d8bfd-bqzcc           2/2     Running   0          10m
     

7. Save the external address and port that your cloud provider assigned to the gloo-mesh-mgmt-server service. The gloo-mesh-agent agent in each cluster accesses this address via a secure connection.

     export MGMT_SERVER_NETWORKING_DOMAIN=$(kubectl get svc -n gloo-system gloo-mesh-mgmt-server --context $REMOTE_CONTEXT1 -o jsonpath="{.status.loadBalancer.ingress[0]['hostname','ip']}")
   export MGMT_SERVER_NETWORKING_PORT=$(kubectl get svc -n gloo-system gloo-mesh-mgmt-server --context $REMOTE_CONTEXT1 -o jsonpath='{.spec.ports[?(@.name=="grpc")].port}')
   export MGMT_SERVER_NETWORKING_ADDRESS=${MGMT_SERVER_NETWORKING_DOMAIN}:${MGMT_SERVER_NETWORKING_PORT}
   echo $MGMT_SERVER_NETWORKING_ADDRESS
     

8. Save the external address and port that your cloud provider assigned to the Gloo OpenTelemetry (OTel) gateway service. The OTel collector agents in each cluster send metrics to this address.

     export TELEMETRY_GATEWAY_IP=$(kubectl get svc -n gloo-system gloo-telemetry-gateway --context $REMOTE_CONTEXT1 -o jsonpath="{.status.loadBalancer.ingress[0]['hostname','ip']}")
   export TELEMETRY_GATEWAY_PORT=$(kubectl get svc -n gloo-system gloo-telemetry-gateway --context $REMOTE_CONTEXT1 -o jsonpath='{.spec.ports[?(@.name=="otlp")].port}')
   export TELEMETRY_GATEWAY_ADDRESS=${TELEMETRY_GATEWAY_IP}:${TELEMETRY_GATEWAY_PORT}
   echo $TELEMETRY_GATEWAY_ADDRESS
     

9. Get the value of the root CA certificate from the management server and create a secret in every other cluster in your setup.

     kubectl get secret relay-root-tls-secret -n gloo-system --context $REMOTE_CONTEXT1 -o jsonpath='{.data.ca\.crt}' | base64 -d > ca.crt
   kubectl create secret generic relay-root-tls-secret -n gloo-system --context $REMOTE_CONTEXT2 --from-file ca.crt=ca.crt
   rm ca.crt
     

10. Get the identity token from the management server and create a secret in every other cluster in your setup.

      kubectl get secret relay-identity-token-secret -n gloo-system --context $REMOTE_CONTEXT1 -o jsonpath='{.data.token}' | base64 -d > token
    kubectl create secret generic relay-identity-token-secret -n gloo-system --context $REMOTE_CONTEXT2 --from-file token=token
    rm token
      

11. Enable the Gloo UI agent and telemetry pipeline in each cluster that you want to collect telemetry data from.

      helm upgrade -i gloo-platform gloo-platform/gloo-platform \
    --namespace gloo-system \
    --kube-context $REMOTE_CONTEXT2 \
    --version=2.7.7 \
    --set telemetryCollector.config.exporters.otlp.endpoint=$TELEMETRY_GATEWAY_ADDRESS \
    --set glooAgent.relay.serverAddress=$MGMT_SERVER_NETWORKING_ADDRESS \
    -f - <<EOF
    common: 
      cluster: $REMOTE_CLUSTER2
      adminNamespace: "gloo-system"
    glooAgent:
      enabled: true
    glooAnalyzer:
      enabled: true
    telemetryCollector:
      enabled: true
      mode: deployment
      replicaCount: 1
    EOF
      

12. Verify that the relay and telemetry components that the Gloo UI requires are successfully installed.

      kubectl get pods -n gloo-system --context $REMOTE_CONTEXT2
      

    Example output:

      gloo-mesh-agent-6c88546cc6-wjhwl            2/2     Running   0          91m
    gloo-telemetry-collector-68b8cf6f49-27gpq   1/1     Running   0          86m
      

13. Send a few requests to the httpbin app.

      for i in {1..10}; do curl -i http://$INGRESS_GW_ADDRESS:8080/headers \
    -H "host: www.example.com"; done
      

      for i in {1..10}; do curl -i localhost:8080/headers \
    -H "host: www.example.com"; done
      

14. Open the Gloo UI.

    1. Port-forward the gloo-mesh-ui service on 8090.

         kubectl port-forward -n gloo-system svc/gloo-mesh-ui 8090:8090 --context $REMOTE_CONTEXT1
         

    2. Open your browser and connect to http://localhost:8090.

         open http://localhost:8090/
         

    

    

15. Go to Observability > Graph to see the Gloo UI Graph. Select your clusters from the Cluster drop-down list, and the httpbin and gloo-system namespaces from the Namespace drop-down list. Verify that you see requests from the gateway proxy to the httpbin app in cluster1. Note that it might take a few seconds for the graph to show the requests that you sent.

Next link

Continue with exploring the features of the Gloo UI.