Goal
I'm trying to use the Kubernetes Gateway API with Kong deployed on Google Kubernetes Engine (GKE).
I'd like to have some sort of guide or a set of steps to properly setup and use the Gateway API in our GKE cluster, in order to be able to create a HTTPRoute and make Kong handle the related traffic.
Setup
We're deploying Kong through an Helm chart (kong/ingress dependency). Here's the Chart.yaml:
[...]dependencies: - name: ingress alias: kong-ingress version: 0.12.0 repository: https://charts.konghq.comHere's the values.yaml:
kong-ingress: controller: enabled: true gateway: enabled: true proxy: loadBalancerIP: "X.X.X.X" # External static IP from GKE certificates: enabled: true issuer: "kong-api-gateway" # We're also creating an Issuer based on letsencrypt proxy: enabled: true commonName: "our.hostname.com" admin: enabled: true commonName: "our.hostname.com" issuer: "kong-api-gateway" portal: enabled: false cluster: enabled: falseTest
I've been able to deploy the Kong echo service:
# DeploymentapiVersion: apps/v1kind: Deploymentmetadata: labels: app: echo name: echospec: replicas: 1 selector: matchLabels: app: echo strategy: {} template: metadata: labels: app: echo spec: containers: - image: kong/go-echo:latest name: echo ports: - containerPort: 1025 - containerPort: 1026 - containerPort: 1027 env: - name: NODE_NAME valueFrom: fieldRef: fieldPath: spec.nodeName - name: POD_NAME valueFrom: fieldRef: fieldPath: metadata.name - name: POD_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace - name: POD_IP valueFrom: fieldRef: fieldPath: status.podIP resources: {}---# ServiceapiVersion: v1kind: Servicemetadata: labels: app: echo name: echospec: ports: - port: 1025 name: tcp protocol: TCP targetPort: 1025 - port: 1026 name: udp protocol: TCP targetPort: 1026 - port: 1027 name: http protocol: TCP targetPort: 1027 selector: app: echoAnd expose it using an Ingress resource:
apiVersion: networking.k8s.io/v1kind: Ingressmetadata: name: echo namespace: kong-api-gateway annotations: konghq.com/strip-path: 'true'spec: ingressClassName: kong rules: - http: paths: - path: /echo pathType: ImplementationSpecific backend: service: name: echo port: number: 1027 host: 'our.hostname.com'Therefore, by sending a GET request to https://our.hostname.com/echo I get a response and the traffic is handled correctly by the Kong gateway:
$ curl -i -k -s https://our.hostname.com/echoHTTP/1.1 200 OKContent-Type: text/plain; charset=utf-8Content-Length: 183Connection: keep-aliveDate: Tue, 05 Mar 2024 09:28:42 GMTX-Kong-Upstream-Latency: 1X-Kong-Proxy-Latency: 0Via: kong/3.6.0X-Kong-Request-Id: 37cdd90730c6595e2364f736e74a6146Welcome, you are connected to node gke-test-europe-west1-default-pool-d1b60670-qqbd.Running on Pod echo-74c66b778-44j9l.In namespace kong-api-gateway.With IP address X.X.X.X.Problem
The Kong Ingress Controller documentation for the GKE deployment (docs.konghq.com) doesn't provide any information about the Gateway API.
What would be the steps I need to perform to utilize them?
Here's the Gateway api-resources installed in our cluster:
$ kubectl api-resources | { head -1; grep gateway; }NAME SHORTNAMES APIVERSION NAMESPACED KINDgatewayclasses gc gateway.networking.k8s.io/v1beta1 false GatewayClassgateways gtw gateway.networking.k8s.io/v1beta1 true Gatewayhttproutes gateway.networking.k8s.io/v1beta1 true HTTPRoutereferencegrants refgrant gateway.networking.k8s.io/v1beta1 true ReferenceGrantgcpgatewaypolicies networking.gke.io/v1 true GCPGatewayPolicyHTTPRoute example:
# Route /echoapiVersion: gateway.networking.k8s.io/v1beta1kind: HTTPRoutemetadata: name: echo annotations: konghq.com/strip-path: 'true'spec: parentRefs: # Gateway reference - name: kong rules: - matches: - path: type: PathPrefix value: /echo backendRefs: - name: echo kind: Service port: 1027