Definitive guide to setup KrakenD on GKE


Routing traffic to multiple backends via a single ingress


Step 1 — Create an external IP address (~ 1 min)

gcloud compute addresses create my-global-address --global
gcloud compute addresses describe my-global-address --global

Step 2 — Setup domain (~ 5 mins + wait for DNS propagation)

#               A           1h      <IP_ADDRESS_FROM_PREVIOUS_STEP>some            CNAME       1h               A           1h      <IP_ADDRESS_FROM_PREVIOUS_STEP>some            CNAME       1h
dig some.domain.devdig

Step 3— Setup a GCP Project and spin up a GKE cluster (~ 5 mins)

Step 4 — Install a service mesh called LinkerD (~5 mins)

Step 5— Setup a k8s Namespace + LimitRange (~ 3 mins)

gcloud container clusters get-credentials <YOUR_GKE_CLUSTER_NAME> --project <YOUR_GCP_PROJECT_ID>cd gke-ingresskubectl apply -f namespace.yamlkubectl apply -f limitrange.yaml -n gke-ingress

Step 6— Create a KrakenD configuration for your domains (~5 mins)

Step 7 — Build a KrakenD container for your domains (~5 mins)

gcloud auth configure-docker gcr.iocd gke-ingress/krakend-some-domain-devdocker build -f Dockerfile -t<YOUR-GCP-PROJECT-ID>/gke-ingress-krakend-some-domain-dev:v1 .docker push<YOUR-GCP-PROJECT-ID>/gke-ingress-krakend-some-domain-dev:v1cd ../krakend-some-domain-iodocker build -f Dockerfile -t<YOUR-GCP-PROJECT-ID>/gke-ingress-krakend-some-domain-io:v1 .docker push<YOUR-GCP-PROJECT-ID>/gke-ingress-krakend-some-domain-io

Step 8 — Deploy your KrakenD containers (~5 mins)

cd gke-ingresskubectl apply -f krakend-some-domain-dev/k8s.yaml -n gke-ingress
kubectl get pods -n gke-ingress
cd gke-ingresskubectl apply -f krakend-some-domain-io/k8s.yaml -n gke-ingress
kubectl get pods -n gke-ingress

Step 9 — Create HTTPS certificates for your domains (~3 mins)

cd gke-ingresskubectl apply -f some-domain-dev-cert.yaml -n gke-ingresskubectl apply -f some-domain-dev-io.yaml -n gke-ingress

Step 10 — Create Ingress (~ 5 mins + ~30+ mins of waiting)

cd gke-ingresskubectl apply -f ingress.yaml -n gke-ingress
kubectl get managedcertificates -n gke-ingress
# Use these commands only if you run into an issuekubectl delete -f gke-ingress/ingress.yaml -n gke-ingresskubectl delete -f gke-ingress/some-domain-dev-cert.yaml -n gke-ingresskubectl delete -f gke-ingress/some-domain-dev-io.yaml -n gke-ingress# Wait about 1 minkubectl apply -f gke-ingress/some-domain-dev-cert.yaml -n gke-ingresskubectl apply -f gke-ingress/some-domain-dev-io.yaml -n gke-ingresskubectl apply -f gke-ingress/ingress.yaml -n gke-ingress

Step 11 — Create a sample backed in another namespace (~ 5 mins)

kubectl create ns echo
kubectl apply -f echo/hello.yaml -n echo

Step 12 — Update the krakend.json file to create a route to the new backend (~3 mins)

Step 13 — Build and deploy KrakenD with the new config (~5 mins)


Tear Down (~ 5 mins)

kubectl delete ns echokubectl delete ns gke-ingressgcloud compute addresses delete my-global-address --global



Lead Engineer. Based in Tāmaki Makaurau, Aotearoa (Auckland, New Zealand).

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store