Red Hat SummitChapter 1. Connectivity Link prerequisites and permissions
Before you install Connectivity Link, you must ensure that you have access to the required platforms in your environment with the correct user permissions.
1.1. Required platforms and components
- Red Hat account
- You have a Red Hat account with subscriptions for Connectivity Link and OpenShift.
- OpenShift
- OpenShift Container Platform 4.17 or later is installed, or you have access to a supported OpenShift cloud service. See OpenShift Container Platform installation documentation.
-
You are logged into an OpenShift cluster with the
cluster-adminrole. You have the
kubectloroccommand installed.ImportantOn OpenShift 4.19 or later, the Gateway API CRDs are provided, and you are no longer required to separately install OpenShift Service Mesh as your Gateway API provider.
However, you must create a
GatewayClassnamedopenshift-defaultand specify acontrollerNameofopenshift.io/gateway-controller/v1. For more details, see the OpenShift documentation on using Gateway API.
- OpenShift Service Mesh
On OpenShift 4.18 or earlier, ensure the following:
- You have Red Hat OpenShift Service Mesh 3.0 separately installed as your Gateway API provider and have created an Istio deployment. See the OpenShift Service Mesh installation documentation.
- You have enabled the Gateway API CRDs in OpenShift Service Mesh 3.0. See the OpenShift Service Mesh documentation on enabling Gateway API.
- cert-manager Operator for Red Hat OpenShift
cert-manager Operator for Red Hat OpenShift 1.15 is installed to manage the TLS certificates for your Gateways. See the cert-manager Operator for Red Hat OpenShift documentation.
NoteBefore using a Connectivity Link TLSPolicy, you must set up a certificate issuer for your cloud provider platform. See the OpenShift documentation on configuring an ACME issuer.
1.2. Optional platforms and components
- DNSPolicy
For DNSPolicy, you have an account for one of the supported cloud DNS providers and have set up a hosted zone for Connectivity Link. For more details, see your cloud DNS provider documentation:
- RateLimitPolicy
For rate limiting policies, you have a shared accessible Redis-based datastore for rate limit counters in a multicluster environment. For details on how to install and configure a secure and highly available datastore, see the documentation for your Redis-compatible datastore:
- AuthPolicy
- For AuthPolicy, you can install Red Hat build of Keycloak if this is required in your environment. For more details, see the Red Hat build of Keycloak documentation.
- Observability
- For Observability, OpenShift user workload monitoring must be configured to remote write to a central storage system such as Thanos. For more details, see the Connectivity Link Observability Guide.
Additional resources
- For more details, see Supported Configurations for Red Hat Connectivity Link.
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}