Deploy a self-hosted gateway to Kubernetes with YAML

This article describes the steps for deploying the self-hosted gateway component of Azure API Management to a Kubernetes cluster.


Support for Azure API Management self-hosted gateway version 0 and version 1 container images is ending on 1 October 2023, along with its corresponding Configuration API v1. Use our migration guide to use self-hosted gateway v2.0.0 or higher with Configuration API v2. Learn more in our deprecation documentation


You can also deploy self-hosted gateway to an Azure Arc-enabled Kubernetes cluster as a cluster extension.



This feature is available in the Premium and Developer tiers of API Management.


Deploy to Kubernetes

  1. Select Gateways under Deployment and infrastructure.

  2. Select the self-hosted gateway resource that you want to deploy.

  3. Select Deployment.

  4. An access token in the Token text box was auto-generated for you, based on the default Expiry and Secret key values. If needed, choose values in either or both controls to generate a new token.

  5. Select the Kubernetes tab under Deployment scripts.

  6. Select the <gateway-name>.yml file link and download the YAML file.

  7. Select the copy icon at the lower-right corner of the Deploy text box to save the kubectl commands to the clipboard.

  8. When using Azure Kubernetes Service (AKS), run az aks get-credentials --resource-group <resource-group-name> --name <resource-name> --admin in a new terminal session.

  9. Run the commands to create the necessary Kubernetes objects in the default namespace and start self-hosted gateway pods from the container image downloaded from the Microsoft Artifact Registry.

    • The first step creates a Kubernetes secret that contains the access token generated in step 4. Next, it creates a Kubernetes deployment for the self-hosted gateway which uses a ConfigMap with the configuration of the gateway.
  10. Run the following command to check if the deployment succeeded. Note that it might take a little time for all the objects to be created and for the pods to initialize.

    kubectl get deployments

    It should return

        NAME             READY   UP-TO-DATE   AVAILABLE   AGE
    <gateway-name>   1/1     1            1           18s
  11. Run the following command to check if the service was successfully created. Note that your service IPs and ports will be different.

    kubectl get services

    It should return

    NAME             TYPE           CLUSTER-IP      EXTERNAL-IP   PORT(S)                      AGE
    <gateway-name>   LoadBalancer   <pending>     80:31620/TCP,443:30456/TCP   9m1s
  12. Go back to the Azure portal and select Overview.

  13. Confirm that Status shows a green check mark, followed by a node count that matches the number of replicas specified in the YAML file. This status means the deployed self-hosted gateway pods are successfully communicating with the API Management service and have a regular "heartbeat."

    Gateway status


Run the kubectl logs deployment/<gateway-name> command to view logs from a randomly selected pod if there's more than one. Run kubectl logs -h for a complete set of command options, such as how to view logs for a specific pod or container.

Next steps