Skip to main content

Kubernetes Overview

IBM Application Gateway (IAG) Kubernetes Deployment Models

There are multiple different models available for the deployment of an IBM Application Gateway instance in a Kubernetes cluster.

  • Sidecar. The sidecar deployment model involves adding annotations to a Kubernetes application deployment YAML. On deployment of the application the IBM Application Gateway admission controller will be invoked to create an IBM Application Gateway instance in the same pod as the application.
  • Operator. The operator deployment model involves creating a IBM Application Gateway custom resource and deploying to a Kubernetes cluster that has the IBM Application Gateway operator running. The operator will handle the creation and lifecycle management of the IBM Application Gateway instance.
  • Basic. The basic deployment model involves manually creating and managing all of the artefacts required by an IBM Application Gateway instance. The lifecycle management of the instance becomes the responsibility of the administrator.

The model that should be used depends on the individual requirements for each scenario. The following decision tree shows when each model should be used.

Kubernetes Deployment Decision Tree

The sidecar deployment of IBM Application Gateway is suitable when:

  • The application to protect is a Kubernetes application
  • IBM Application Gateway annotations can be added to the application deployment YAML
  • A one to one mapping of application to IBM Application Gateway is desirable

The operator deployment of IBM Application Gateway is suitable when:

  • The application to protect is an application that is running outside of the Kubernetes infrastructure
  • The IBM Application Gateway configuration needs to be split across multiple sources
  • There are multiple instances of the IBM Application Gateway required. (The operator will manage all instances with minimal assistance from the Kubernetes administrator)

The basic deployment of IBM Application Gateway is suitable when:

  • The application to protect is an application that is running outside of the Kubernetes infrastructure
  • The IBM Application Gateway configuration is rarely changed and does not need to be split across multiple sources
  • The Kubernetes administrator needs to handle the container maintenance
  • There are a limited number of IBM Application Gateway instances required

For more information on each of the different Kubernetes deployment models see the relevant documentation for each:

For simple usage examples of the different models see the Hello World examples for each: