Gateway API v1.5: Stabilizing Your Kubernetes Traffic Management
Gateway API v1.5 is a significant release that addresses the complexities of traffic management in Kubernetes. By moving existing Experimental features to a stable status, this version provides a more reliable framework for managing your application traffic. This transition is crucial for teams looking to enhance their deployment strategies without the instability of experimental features.
At the core of Gateway API v1.5 is the ListenerSet, which allows you to define listeners independently and merge them onto a target Gateway. This means you can manage your listeners more flexibly and efficiently. The Gateway controller plays a vital role here, merging listeners from both the Gateway resource and any attached ListenerSet resources. Additionally, the TLSRoute resource enables routing based on the Server Name Indication (SNI) presented during the TLS handshake, directing traffic to the appropriate Kubernetes backends. This is particularly useful for applications requiring secure connections.
In production, be aware that if you install Gateway API v1.5 over an earlier version, your existing Experimental TLSRoutes will become unusable. They will be stored in an unsupported version, which can lead to unexpected downtime or configuration issues. This release is already seeing a patch with v1.5.1, indicating active support and improvements. Make sure to test your configurations thoroughly before rolling them out to production to avoid any disruptions.
Key takeaways
- →Utilize ListenerSets to define and merge listeners independently for better traffic management.
- →Implement TLSRoutes to route requests based on SNI during the TLS handshake.
- →Be cautious when upgrading from earlier versions, as existing Experimental TLSRoutes may not be compatible.
- →Leverage the HTTPRoute resource to configure CORS settings directly within your routing rules.
Why it matters
This release stabilizes critical features that enhance traffic management, allowing teams to implement more robust and secure routing strategies in their Kubernetes environments. The ability to manage listeners and routes effectively can lead to improved application performance and reliability.
Code examples
1---
2apiVersion: gateway.networking.k8s.io/v1
3kind: Gateway
4metadata:
5 name: example-gateway
6 namespace: infra
7spec:
8 gatewayClassName: example-gateway-class
9 allowedListeners:
10 namespaces:
11 from: All
12 listeners:
13 - name: http
14 protocol: HTTP
15 port: 80
161---
2apiVersion: gateway.networking.k8s.io/v1
3kind: TLSRoute
4metadata:
5 name: foo-route
6spec:
7 parentRefs:
8 - name: example-gateway
9 sectionName: tls-passthrough
10 hostnames:
11 - "foo.example.com"
12 rules:
13 - backendRefs:
14 - name: foo-svc
15 port: 8443
161---
2apiVersion: gateway.networking.k8s.io/v1
3kind: HTTPRoute
4metadata:
5 name: cors
6spec:
7 parentRefs:
8 - name: same-namespace
9 rules:
10 - matches:
11 - path:
12 type: PathPrefix
13 value: /cors-behavior-creds-false
14 backendRefs:
15 - name: infra-backend-v1
16 port: 8080
17 filters:
18 - cors:
19 allowOrigins:
20 - https://app.example
21 type: CORS
22When NOT to use this
The official docs don't call out specific anti-patterns here. Use your judgment based on your scale and requirements.
Want the complete reference?
Read official docsBuilding a Memcached Operator with Go: A Practical Guide
Operators are a powerful way to extend Kubernetes, and building one with Go can streamline your application management. This guide walks you through creating a Memcached operator, focusing on the Custom Resource Definition (CRD) and the controller's role in reconciliation.
Mastering Admission Control in Kubernetes: What You Need to Know
Admission control is a critical gatekeeper in Kubernetes, ensuring that only valid requests reach your cluster. Understanding the difference between mutating and validating admission controllers can save you from costly misconfigurations.
CustomResourceDefinitions: Extending Kubernetes for Your Needs
Unlock the power of Kubernetes by extending its API with CustomResourceDefinitions (CRDs). Learn how to create custom resources that fit your application’s specific requirements, including namespaced and cluster-scoped options.
Get the daily digest
One email. 5 articles. Every morning.
No spam. Unsubscribe anytime.