Quick start
Currently, Soveren gateway supports deployment with Kubernetes and Docker Compose. If you're eager to test the gateway using a different technology or having any problems, contact us at support@soveren.io.
-
Create a new Soveren gateway, copy the Soveren token displayed next to it and have it handy for the following steps.
-
Define the namespace that you want to monitor in your Kubernetes cluster.
-
Make sure you have two environment variables set up for the values of
TOKEN
andNAMESPACE
:export NAMESPACE="<namespace-for-the-gateway-to-monitor>" export TOKEN="<soveren-token-for-the-gateway>"
-
Add the Soveren token to your Kubernetes cluster.
kubectl -n ${NAMESPACE:?} create secret generic soveren-proxy-token --from-literal=token=${TOKEN:?}
-
Create a new service account:
kubectl -n ${NAMESPACE:?} create serviceaccount soveren-digger
-
Grant viewing rights to the created service account.
This binding allows the Soveren gateway to discover information available from Kubernetes, for example about the request source.
kubectl create clusterrolebinding soveren-digger-view --clusterrole=view --serviceaccount=${NAMESPACE:?}:soveren-digger
-
Apply the Soveren gateway manifest and configmap:
kubectl apply -f https://raw.githubusercontent.com/soverenio/deployment/master/gateway/kubernetes/install.yaml -f https://raw.githubusercontent.com/soverenio/deployment/master/gateway/kubernetes/replicator-configmap.yaml
-
Сonfigure Soveren gateway to proxy the traffic for your services.
Edit the
replicator
configmap and set theurl
parameter in the sectionservices
to point to your service:kubectl edit cm replicator
replicator
configmap example:# Add the service services: upstream: loadBalancer: servers: - url: http://address-of-your-service:port/
Soveren gateway is based on Traefik. Refer to the Traefik docs if you need more routing options.
-
Configure your services to route traffic to Soveren gateway.
The gateway is available at
traefik-proxy:8090
. This is defined in the manifest.Soveren gateway only analyzes traffic with the
application/json
content type. All other content types just pass through the gateway without any personal data detection. -
That's it! Go to the dashboards and start getting insights.
Also, check the description of available dashboards.
Requirements
Soveren gateway supports Docker Compose v1.27.0 or higher.
-
Clone the repo containing the configuration files:
git clone https://github.com/soverenio/deployment
-
Add the Soveren token to Docker Compose.
Create a gateway, copy the Soveren token displayed next to it, and run:
export token=‘<soveren-token-from-your-account-on-soveren.io>’
-
Сonfigure Soveren gateway to proxy the traffic for your services.
Edit the
configs/traefik_configs/conf.d/20-replicator.yaml
config and set theurl
parameter in the sectionservices
to point to your service:20-replicator
config example:# Add the service http: services: upstream: loadBalancer: servers: - url: http://address-of-your-service:port/
Soveren gateway is based on Traefik. Refer to the Traefik docs if you need more routing options.
-
Apply the Soveren gateway manifest running the command below in the
compose
repo folder:docker-compose up -d
-
Configure your services to route traffic to Soveren gateway. The gateway listens on port
8090
.Soveren gateway only analyzes traffic with the
application/json
content type. All other content types just pass through the gateway without any personal data detection. -
That's it! Go to the dashboards and start getting insights.
Also, check the description of available dashboards.