Deploying Kite on a K8s Cluster

Introduction

Normally, I wouldn’t write this kind of blog post, because it’s rather boring, but this one is different. It involves the use of vcluster and gateway class.

Introduction to Kite

Kite is a modern, lightweight Kubernetes dashboard.
https://github.com/zxh326/kite

Background Supplement

Why use vcluster?
Local development often suffers from insufficient environment isolation, quota impacts on others, etc. Using vcluster, you can create independent “virtual clusters” with high isolation inside a single K8s cluster. This is very suitable for multi-developer/multi-tenant/test environments.
Why use Gateway instead of Ingress?
The Kubernetes Gateway API is designed to be more modern. It decouples the traffic entry, routing, and underlying implementation, allowing for plugability, scalability, and customization. Combined with Envoy Proxy, enterprise-grade gateway capabilities can be achieved.

Creating a New vcluster

First, install vcluster:
brew install loft-sh/tap/vcluster
Then create a cluster:
vcluster create kite-cluster --namespace kite-cluster

bboysoul~/trash/test on ☁️  (ap-northeast-1)
❯ vcluster create kite-cluster --namespace kite-cluster
15:27:43 info Creating namespace kite-cluster
15:27:43 info Create vcluster kite-cluster...
15:27:43 info execute command: helm upgrade kite-cluster /var/folders/g3/l8p2vcrx71l527zk65w78czm0000gn/T/vcluster-0.27.0-alpha.4.tgz-1290611838 --create-namespace --kubeconfig /var/folders/g3/l8p2vcrx71l527zk65w78czm0000gn/T/2193626761 --namespace kite-cluster --install --repository-config='' --values /var/folders/g3/l8p2vcrx71l527zk65w78czm0000gn/T/1950695875
15:27:48 done Successfully created virtual cluster kite-cluster in namespace kite-cluster
15:27:51 info Waiting for vcluster to come up...
15:28:09 done vCluster is up and running
Forwarding from 127.0.0.1:12083 -> 8443
Forwarding from [::1]:12083 -> 8443
Handling connection for 12083
15:28:10 done Switched active kube context to vcluster_kite-cluster_kite-cluster_home
15:28:10 warn Since you are using port-forwarding to connect, you will need to leave this terminal open
- Use CTRL+C to return to your previous kube context
- Use `kubectl get namespaces` in another terminal to access the vcluster

Here is another way to switch to vcluster:

vcluster connect kite-cluster -n kite-cluster --print > ./vcluster-kite.config
export KUBECONFIG=$(pwd)/vcluster-kite.config

Now, all your kubectl commands will take effect on the virtual cluster!

Deploy Envoy Gateway

You can deploy it in one step using the official release YAML:
wget https://github.com/envoyproxy/gateway/releases/download/v1.4.2/install.yaml

kubectl apply -f install.yaml

Deploy Kite

Get Kite’s deployment file and create the resources:

wget https://raw.githubusercontent.com/zxh326/kite/refs/heads/main/deploy/install.yaml
kubectl apply -f install.yaml

We use the Gateway API to expose the Kite service. The following example resource YAML includes HTTPRoute, Gateway, EnvoyProxy custom parameters, and GatewayClass.

apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
  name: kite
  namespace: kube-system
spec:
  parentRefs:
    - name: eg
  hostnames:
    - "kite.example.com"
  rules:
    - backendRefs:
        - group: ""
          kind: Service
          name: kite
          port: 80
          weight: 1
      matches:
        - path:
            type: PathPrefix
            value: /
      timeouts:
        request: "60s"
---
apiVersion: gateway.networking.k8s.io/v1
kind: Gateway
metadata:
  name: eg
  namespace: kube-system
spec:
  gatewayClassName: eg
  infrastructure:
    parametersRef:
      group: gateway.envoyproxy.io
      kind: EnvoyProxy
      name: custom-proxy-config
  listeners:
    - name: http
      protocol: HTTP
      port: 80
---
apiVersion: gateway.envoyproxy.io/v1alpha1
kind: EnvoyProxy
metadata:
  name: custom-proxy-config
  namespace: kube-system
spec:
  provider:
    type: Kubernetes
    kubernetes:
      envoyService:
        type: NodePort
      envoyDeployment:
        replicas: 2
---
apiVersion: gateway.networking.k8s.io/v1
kind: GatewayClass
metadata:
  name: eg
spec:
  controllerName: gateway.envoyproxy.io/gatewayclass-controller

Here, set the envoyService.type of custom-proxy-config to NodePort, because in local or certain cloud/K8s cluster environments, LoadBalancer cannot be used directly. For more custom parameters and usage, you can refer to
https://gateway.envoyproxy.io/docs/tasks/operations/customize-envoyproxy/

Access

First, get the NodePort exposed by the Gateway:
kubectl get service -A -o wide | grep envoy
If the port is 30695, then locally bind the domain kite.example.com in your hosts file and you can access it at kite.example.com:30695

Feel free to follow my blog at www.bboy.app

Have Fun

Bboysoul's Blog