13 Routing Traffic using the Gateway API

 

This chapter covers

  • Differences between Ingress and the Gateway API
  • Using Istio as the Gateway API provider
  • Exposing HTTP and TLS services externally
  • Exposing TCP, UDP, and GRPC services externally
  • Traffic routing, mirroring, and splitting

In the previous chapter, you learned how to expose Services externally using the Ingress resource. However, the features supported by the standard Ingress API are limited. For real-world applications, you’re forced to use non-standard extensions provided by your chosen Ingress implementation. As an alternative, a new API has now been introduced: the Gateway API.

The purpose of the Gateway API is to provide users with a broader set of capabilities to expose Kubernetes Services to the outside world through one or more gateway proxies. These proxies support not only HTTP and TLS, but also generic TCP and UDP Services. So while Ingress is an L7 proxy, the Gateway API supports proxies down to L4. In this chapter, you’ll learn more about this new API.

Before you begin, create the kiada Namespace, change to the Chapter13/ directory, and apply all the manifests in the SETUP/ directory by running the following commands:

$ kubectl create ns kiada
$ kubectl config set-context --current --namespace kiada
$ kubectl apply -f SETUP -R
NOTE

13.1 Introducing the Gateway API

13.1.1 Comparing Gateway API to Ingress

13.1.2 Understanding the Gateway API implementation

13.1.3 Deploying Istio as the Gateway API provider

13.2 Deploying a Gateway

13.2.1 Understanding gateway classes

13.2.2 Creating a Gateway object

13.2.3 Exploring the Gateway’s status

13.3 Exposing HTTP services using HTTPRoute

13.3.1 Creating a simple HTTPRoute

13.3.2 Splitting traffic between multiple backends

13.3.3 Routing HTTP requests to different backends

13.3.4 Augmenting HTTP traffic with filters

13.4 Configuring a gateway for TLS

13.4.1 Terminating TLS sessions at the Gateway

13.4.2 End-to-end encryption using TLSRoutes and pass-through TLS

13.5 Exposing other types of Services

13.5.1 Exposing a TCP service with a TCPRoute

13.5.2 UDPRoute

13.5.3 GRPCRoute

13.6 Using Gateway API resources across Namespaces

13.6.1 Sharing a Gateway across Namespaces

13.6.2 Routing to a Service in a different Namespace

13.7 From ingress gateways to service mesh

13.8 Summary