# Kong for Kubernetes with Kong Enterprise with Enterprise features enabled and # exposed via TLS-enabled Ingresses. Before installing: # * Several settings (search for the string "CHANGEME") require user-provided # Secrets. These Secrets must be created before installation. # * Ingresses reference example ".kong.CHANGEME.example" hostnames. These must # be changed to an actual hostname that resolve to your proxy. # * Ensure that your session configurations create cookies that are usable # across your services. The admin session configuration must create cookies # that are sent to both the admin API and Kong Manager, and any Dev Portal # instances with authentication must create cookies that are sent to both # the Portal and Portal API. image: repository: kong/kong-gateway tag: "3.5" env: prefix: /kong_prefix/ database: postgres password: valueFrom: secretKeyRef: name: kong-enterprise-superuser-password #CHANGEME key: password #CHANGEME admin: enabled: true annotations: konghq.com/protocol: "https" tls: enabled: true servicePort: 8444 containerPort: 8444 parameters: - http2 ingress: enabled: true tls: CHANGEME-admin-tls-secret hostname: admin.kong.CHANGEME.example ingressClassName: kong path: / proxy: enabled: true type: LoadBalancer annotations: {} http: enabled: true servicePort: 80 containerPort: 8000 parameters: [] tls: enabled: true servicePort: 443 containerPort: 8443 parameters: - http2 stream: {} ingress: enabled: false annotations: {} path: / externalIPs: [] enterprise: enabled: true # CHANGEME: https://github.com/Kong/charts/blob/main/charts/kong/README.md#kong-enterprise-license license_secret: kong-enterprise-license vitals: enabled: true portal: enabled: true rbac: enabled: true admin_gui_auth: basic-auth session_conf_secret: kong-session-config admin_gui_auth_conf_secret: CHANGEME-admin-gui-auth-conf-secret smtp: enabled: false portal_emails_from: none@example.com portal_emails_reply_to: none@example.com admin_emails_from: none@example.com admin_emails_reply_to: none@example.com smtp_admin_emails: none@example.com smtp_host: smtp.example.com smtp_port: 587 smtp_auth_type: '' smtp_ssl: nil smtp_starttls: true auth: smtp_username: '' # e.g. postmaster@example.com smtp_password_secret: CHANGEME-smtp-password manager: enabled: true type: NodePort annotations: konghq.com/protocol: "https" http: enabled: false tls: enabled: true servicePort: 8445 containerPort: 8445 parameters: - http2 ingress: enabled: true tls: CHANGEME-manager-tls-secret hostname: manager.kong.CHANGEME.example annotations: {} path: / externalIPs: [] portal: enabled: true type: NodePort annotations: konghq.com/protocol: "https" http: enabled: true servicePort: 8003 containerPort: 8003 parameters: [] tls: enabled: true servicePort: 8446 containerPort: 8446 parameters: - http2 ingress: enabled: true tls: CHANGEME-portal-tls-secret hostname: portal.kong.CHANGEME.example ingressClassName: kong path: / externalIPs: [] portalapi: enabled: true type: NodePort annotations: konghq.com/protocol: "https" http: enabled: true servicePort: 8004 containerPort: 8004 parameters: [] tls: enabled: true servicePort: 8447 containerPort: 8447 parameters: - http2 ingress: enabled: true tls: CHANGEME-portalapi-tls-secret hostname: portalapi.kong.CHANGEME.example ingressClassName: kong path: / externalIPs: [] postgresql: enabled: true auth: username: kong database: kong ingressController: enabled: true env: kong_admin_token: valueFrom: secretKeyRef: name: kong-enterprise-superuser-password #CHANGEME key: password #CHANGEME