Deploying Tetragon involves the following steps:
Install Cilium: First, you need to install Cilium on your Kubernetes cluster. You can do this using a Helm chart or by manually deploying the YAML manifests.
Enable Tetragon: Once Cilium is installed, you need to enable Tetragon by adding the following configuration to your Cilium ConfigMap:
apiVersion: cilium.io/v2
kind: CiliumConfig
metadata:
name: config
spec:
kubernetes:
service-lb-mode: l4lb # Use L4 load balancing mode
service-lb-endpoint: "cilium_tetragon" # Endpoint for external LB (required in L7 mode)
Configure Load Balancing Mode: Next, you need to configure the load balancing mode for Tetragon. You can choose between Layer 4 (L4) and Layer 7 (L7) modes. To use L4 mode, set the
service-lb-modeparameter in the above configuration tol4lb. For L7 mode, set it tol7lb.Deploy Services and Routes: Now that Tetragon is enabled and configured, you can deploy your microservices as Kubernetes services and define routes using annotations or labels.
Here’s an example of how you can define a route using annotations:
apiVersion: v1
kind: Service
metadata:
name: my-service
annotations:
io.cilium/tetragon-route-80:
- host.com/path1 -> backend-service1
- host.com/path2 -> backend-service2
spec:
ports:
- name: http
port: 80
targetPort: http
This configuration defines a route for incoming requests with URL paths /path1 and /path2 on the host.com domain to be forwarded to backend-service1 and backend-service2, respectively.
- Verify Load Balancing: Finally, you can verify that Tetragon is load balancing traffic correctly by sending requests to your microservices and monitoring the traffic distribution using Cilium’s built-in observability features.
Note that this is just a high-level overview of deploying Tetragon. The actual steps may vary depending on your specific use case and requirements. For more detailed instructions, please refer to the official documentation for Cilium and Tetragon.
