Kick Your Automation Into High Gear With Kubernetes Gateway API and Gloo Gateway

December 20, 2023
manuel zapf

As we discussed earlier, the general availability of Kubernetes Gateway API represents a significant milestone within the Kubernetes ecosystem. The number of open source projects supporting Kubernetes Gateway API is growing rapidly, creating a robust open ecosystem for features and capabilities for Gateway API users.

For cloud-native API Gateway solutions such as Gloo Gateway, the adoption of the Kubernetes Gateway API offers great opportunities. Gloo Gateway provides the most advanced feature set from a cloud-native API Gateway perspective while adhering to open source standards to manage and control ingress for a Kubernetes cluster. Based on its support for open source and open standards, integration with third-party solutions within the Kubernetes ecosystem becomes a breeze.

For the community overall, this creates a force multiplier effect where each additional project adding support for the Kubernetes Gateway API standard creates additional value for all other tools in the ecosystem. We are already seeing significant benefits in integrating with the Gateway API ecosystem and look forward to driving adoption and innovation with community integrations and further extensions to the baseline Gateway API.

Full Automation of App Deployment and Traffic Management: Cert Manager, ExternalDNS & Argo Rollouts

Rolling out a new app in a Kubernetes cluster can be a cumbersome task. It typically requires multiple steps to allow proper routing to the app, such as:

  • Setting up a DNS entry for the domain of your app and pointing it to your API Gateway
  • Provisioning TLS certificates for that new domain and wiring them up with the API Gateway
  • Later on, rolling out that app and potentially testing the new version in a canary deployment before shifting all of the traffic over to the new app version.

You can achieve all of this by using Gloo Gateway in conjunction with other open source tools that support the Kubernetes Gateway API, such as ExternalDNS, Cert Manager, and Argo Rollouts. ExternalDNS can be configured to inspect HTTPRoute resources for their hostname and the Gateway it is bound to. It will then take the external address of the `Gateway` as well as the hostname to automatically create a DNS entry in the DNS provider that you configured.

After the DNS record is created, you can use Cert Manager to request a TLS certificate for your domain from Let’s Encrypt by utilizing the ACME protocol and the HTTP01 challenge. In this process, Cert Manager also creates a temporary HTTPRoute to solve the ACME challenge. When a valid TLS certificate is received, Cert Manager stores the certificate in the Kubernetes secret that you specified.

Lastly, Argo Rollouts is an open source project that provides enhanced deployment capabilities for apps, such as blue-green, canary, canary analysis, experimentation, or progressive delivery. To do a canary deployment for an app, Argo Rollout creates HTTPRoute resources with specific weights to enable traffic splitting on the app domain.

Because Gloo Gateway monitors HTTPRoute resources, traffic splitting during the rollout just works out of the box, which greatly enhances the use cases that can be solved with Gloo Gateway through its support for third party integrations.

To learn more about Gloo Gateway integrations and how to use them, see the Argo Rollouts and ExternalDNS guides in the Solo documentation.

The Future of Traffic Management

Gateway API represents a significant foundational component of cloud-native API gateways with tremendous potential for community integrations and extensions. Gloo Gateway provides a fully compliant implementation of Gateway API for core gateway and routing use cases, while also providing must-have enterprise features that are not included in the standard.

If you are interested in using the new offering in the current Beta Version already, you can follow this getting started guide to try it out first hand.

Cloud connectivity done right