Quickstart: Kubernetes Operator
This quickstart will use the ngrok Kubernetes Operator to put an application running on a Kubernetes Cluster on the internet and add some basic policies.
What is the ngrok Kubernetes Operator?
The ngrok Kubernetes Operator is the best way to use ngrok if your applications run as services in a Kubernetes cluster. Key benefits of the operator include:
- Easy Installation: The Operator can be easily installed on a cluster via Helm and is compatible with the latest versions of Kubernetes.
- Broad Support: The Operator supports both Ingress CRDs and the new Gateway API using the same installation.
- Developer Self-Service: Once deployed, the Operator enables developers to self-service public endpoints for their apps and services using a shared ngrok account.
- Resource Management: The Operator manages the creation of ngrok resources, allowing developers to focus on traffic and routing patterns.
- Advanced Configuration: The Operator supports the configuration of resources like custom domains, modules, and policies.
- Cloud Benefits: The Operator supports all the cloud benefits of ngrok, including our global points of presence, GSLB, and traffic inspector.
Step 1: Install Kubernetes Operator
Installing the ngrok Kubernetes Operator is easy using Helm.
- Kubernetes Operator
- Gateway API
Add the ngrok Kubernetes Operator repo to Helm:
helm repo add ngrok https://charts.ngrok.com
Install the ngrok Kubernetes Operator:
export NAMESPACE=[YOUR_K8S_NAMESPACE]
export NGROK_AUTHTOKEN=[AUTHTOKEN]
export NGROK_API_KEY=[API_KEY]
helm install ngrok-operator ngrok/ngrok-operator \
--namespace $NAMESPACE \
--create-namespace \
--set clusterName=my-k8s-cluster \
--set credentials.apiKey=$NGROK_API_KEY \
--set credentials.authtoken=$NGROK_AUTHTOKEN
Add the ngrok Kubernetes Operator repo to Helm:
helm repo add ngrok https://charts.ngrok.com
Add the latest Gateway API CRDs to your cluster:
kubectl apply -f https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.0.0/standard-install.yaml
Install the ngrok Kubernetes Operator:
export NAMESPACE=[YOUR_K8S_NAMESPACE]
export NGROK_AUTHTOKEN=[AUTHTOKEN]
export NGROK_API_KEY=[API_KEY]
helm install ngrok-operator ngrok/ngrok-operator \
--namespace $NAMESPACE \
--create-namespace \
--set credentials.apiKey=$NGROK_API_KEY \
--set credentials.authtoken=$NGROK_AUTHTOKEN \
--set clusterName=my-k8s-cluster \
--set ingress.enabled=true \
--set gateway.enabled=true
Install the GatewayClass object:
apiVersion: gateway.networking.k8s.io/v1
kind: GatewayClass
metadata:
name: ngrok
spec:
controllerName: ngrok.com/gateway-controller
Step 2: Connect Your Service To An Edge
This would create an Edge on with the Domain example.ngrok.app
that routes traffic to the Kubernetes service example-service
running on port 80
.
- Kubernetes Operator
- Gateway API
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: example-ingress
annotations:
k8s.ngrok.com/modules: ngrok-module-set
spec:
ingressClassName: ngrok
rules:
- host: example.ngrok.app
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: example-service
port:
number: 80
apiVersion: gateway.networking.k8s.io/v1
kind: Gateway
metadata:
name: example-gateway
namespace: default
spec:
gatewayClassName: ngrok
listeners:
- name: example-web
hostname: "example.ngrok.app"
port: 443
protocol: HTTPS
tls:
mode: Terminate
certificateRefs:
- name: ngrokcert #ngrok will generate the cert so this cert does not be defined and will be ignored if defined
allowedRoutes:
kinds:
- kind: HTTPRoute
namespaces:
from: Selector
selector:
matchLabels:
expose-apps: "true"
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: my-route
namespace: ngrok-gateway
spec:
parentRefs:
- kind: Gateway
name: example-gateway
namespace: default
hostnames:
- "example.ngrok.app"
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- name: example-service
kind: Service
port: 80
Step 3: Route Traffic Based On A Path
This would create an Edge on with the Domain example.ngrok.app
that routes traffic from example.ngrok.app/foo
to the Kubernetes service example-service
running on port 80
.
- Kubernetes Operator
- Gateway API
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: example-ingress
annotations:
k8s.ngrok.com/modules: ngrok-module-set
spec:
ingressClassName: ngrok
rules:
- host: example.ngrok.app
http:
paths:
- path: /foo
pathType: Prefix
backend:
service:
name: example-service
port:
number: 80
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: my-route
namespace: default
spec:
parentRefs:
- kind: Gateway
name: example-gateway
namespace: default
hostnames:
- "example.ngrok.app"
rules:
- matches:
- path:
type: PathPrefix
value: /foo
backendRefs:
- name: example-service
kind: Service
port: 80
Step 4: Modify Headers For Incoming Requests
- Kubernetes Operator
- Gateway API
kind: NgrokModuleSet
apiVersion: ingress.k8s.ngrok.com/v1alpha1
metadata:
name: ngrok-module-set
modules:
headers:
request:
add:
is-ngrok: "1"
country: "${conn.geo.country_code}"
remove: ["referrer"]
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: example-ingress
annotations:
k8s.ngrok.com/modules: ngrok-module-set
spec:
ingressClassName: ngrok
rules:
- host: your-domain.ngrok.app
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: example-service
port:
number: 80
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: example-route
namespace: ngrok-gateway
spec:
rules:
- backendRefs:
- name: game-2048
port: 80
kind: Service
filters:
- type: RequestHeaderModifier
requestHeaderModifier:
remove: ["x-request-id"]
add:
- name: my-request-header-name
value: my-header-value
set:
- name: my-request-header-to-set
value: set-header-value
Step 5: Redirect Traffic
- Kubernetes Operator
- Gateway API
Redirects are not yet supported with the ngrok Kubernetes Operator.
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: redirect-route
namespace: ngrok-gateway
spec:
parentRefs:
- name: ngrok-gateway
hostnames:
- "example.ngrok.app"
rules:
- filters:
- type: RequestRedirect
requestRedirect:
scheme: https
hostname: "example.ngrok.app"
statusCode: 301
path:
type: ReplacePrefixMatch
replacePrefixMatch: /paprika
matches:
- path:
type: PathPrefix
value: /
Next Steps
- Star the ngrok Kubernetes Operator GitHub repo and follow it for updates.
- Browse our examples of HTTP Endpoints to see other ways ngrok can augment your application.
- Bring your own custom domain to ngrok