New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
gateway-api: Support all the extended features #27472
gateway-api: Support all the extended features #27472
Conversation
/ci-gateway-api |
/ci-ingress |
53ab756
to
2dbda6e
Compare
/test-ingress |
/test-gateway |
/test-gateway-api |
/ci-gateway-api |
/ci-ingress |
6e0e633
to
4c7198c
Compare
/test |
4c7198c
to
93aff6f
Compare
/test |
1 similar comment
/test |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Blind ack for github-sec
considering the trivial changes.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM - thanks a lot @sayboras ! 🚀 Only some non blocking input from my side (see inline comments).
btw: I didn't check all functionality in detail and hope this is covered by Gateway-API conformance tests too.
This is to add the support for extended feature HTTPRouteHostRewrite. Signed-off-by: Tam Mach <tam.mach@cilium.io>
For prefix rewrite to work, we need to change the prefix match based on regex to PathSeparatedPrefix route match, so that the prefix match is recognized correctly. Signed-off-by: Tam Mach <tam.mach@cilium.io>
This commit is to enable HTTP redirect for port, schema and path. Small fix for TLS filter match on server name is done to avoid the below issue. As part of recent changes in upstream, if scheme and port are not specified, gateway listener port must be used. ```console 2023-08-16T11:28:20.797264246Z level=warning msg="NACK received for versions after 52 and up to 53; waiting for a version update before sending again" subsys=xds xdsAckedVersion=52 xdsClientNode="host~127.0.0.1~no-id~localdomain" xdsDetail="Error adding/updating listener(s) gateway-conformance-infra/cilium-gateway-same-namespace-with-https-listener/listener: error adding listener '127.0.0.1:10605': partial wildcards are not supported in \"server_names\"\n" xdsNonce=53 xdsStreamID=2 xdsTypeURL=type.googleapis.com/envoy.config.listener.v3.Listener ``` Signed-off-by: Tam Mach <tam.mach@cilium.io>
All validation logic in HTTPRoute is applied the same as with the normal backend, as backend for mirror requests is consolidated and merged with other backends in the same HTTPRoute. Signed-off-by: Tam Mach <tam.mach@cilium.io>
ad757d9
to
76e9da1
Compare
/test |
Description
This PR is to support the below extended feature in Gateway API, which is currently missing in profile conformance report https://github.com/kubernetes-sigs/gateway-api/blob/main/conformance/reports/v0.7.1/cilium-cilium.yaml.