-
Notifications
You must be signed in to change notification settings - Fork 2.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Is it possible to add additional Envoy configs to the Gateway API managed resources(Ingress controller)? #26941
Comments
Hi @heruscode, thanks for this question. Currently, there is no way to add extra Envoy config to Gateway API objects - we're hoping to build out this functionality in Cilium's Gateway API support instead. Could you add a bit more detail about what URL Rewriting and Direct Response config you'd like? We may then be able to turn this into a feature request. :) |
I have a use case for controlling maintenance pages at ingress level, for example, when I want to turn on maintenance-mode for some service, I can use a nginx config to return a direct response with an static html page on all paths or 503 error for api calls. Would also be useful to be able to rate-limit requests coming from the internet or doing some url rewrite to mutate the request before it reaches the backend |
Okay, so the two requests are:
Is that correct? |
correct |
We're hoping to add both of these things via Gateway API, but we need to define the language in upstream for them first. |
This issue has been automatically marked as stale because it has not |
I'm counting this as a feature request for Gateway API to be able to handle the two features above:
These are definitely on the roadmap upstream, so we should be able to talk more about them post-GA for Gateway API. |
@youngnick, thank you for your interest in this request. It would be great to have extending the Gateway API with custom Envoy configs. I can do it with manipulating the auto-generated envoy config but it is not convenient method. I want to add an oauth2 flow in the Gateway API. Is this feature planned? |
There IS a workaround. By no means b e a utiful ... However, here it is:
N.B. this is a rotten but working workaround. Rotten because:
N.B. it should also be perfectly possible to wait with creating you custom
Enjoy 🥇 |
IMO It would be nice to have analogical functionality in Cillium Gateway API impl. |
I’m trying to understand if its possible to add additional Envoy configs to the Gateway API managed resources(Ingress controller).
I currently have GKE managed cluster, with Cilium enabled ingress controller and I’m using Gateway API resources, I wanted to add some custom Envoy configs that Gateway API doesn’t seem to support(like adding some custom URL Rewriting and Direct Responses)
I tried to follow the official doc examples, but it only seems to affect the traffic within the service-mesh(a Service talking to another Service). What I’m trying to achieve is to customize Ingress traffic(traffic that is coming from real users on the internet)
I see that the Gateway resource auto creates/manages a CiliumEnvoyConfig/cilium-gateway-cilium-gateway that is responsible for the ingress service. Manually editing that manifests would be a no-go, I tried to create a secondary CiliumEnvoyConfig with a new listener pointing to the same ingress service but I had no success:
Is there anyway to append Envoy configs to the GatewayAPI managed resources?
The text was updated successfully, but these errors were encountered: