Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Expanding KIngress Visibility Setting #6642

Closed
andrew-su opened this issue Jan 27, 2020 · 9 comments
Closed

Expanding KIngress Visibility Setting #6642

andrew-su opened this issue Jan 27, 2020 · 9 comments
Labels
area/networking kind/feature Well-understood/specified features, ready for coding. lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale.

Comments

@andrew-su
Copy link
Member

/area networking

In the current design of Knative routing, traffic enters the cluster through a public Load Balancer that perform traffic splitting to public KServices. Traffic within the cluster needs to go through a private LoadBalancer to perform traffic splitting to private KServices.

While the meaning of cluster-internal traffic is relatively clear, the meaning of ‘external traffic’ has much less clarity. So far in Knative we have equated that to traffic coming from the Internet. While that has been sufficient for some users, there are users who want to choose to expose the public KServices to different external LoadBalancer visible to completely different external networks.
@andrew-su andrew-su added the kind/feature Well-understood/specified features, ready for coding. label Jan 27, 2020
@andrew-su
Copy link
Member Author

Proposal

@andrew-su
Copy link
Member Author

/cc @tcnghia
/cc @shashwathi

@ilackarms
Copy link
Contributor

Similar to istio, Gloo has a Gateway CRD which is used to configure bind addresses, TLS configuration, and other options. In the case of Istio, the requirements and assumptions on the Gateway layer (as well as other control plane configuration such as corev1/service for the proxy instances).

Knative makes a few assumptions about this layer which are not well-documented. It would be helpful if part of this effort included some guidance for kingress implementers on what is expected from the gateway layer (i.e how to set up the proxies for the user).

@ilackarms
Copy link
Contributor

Something I'll add about the current implementation: outside of Knative, Gloo does not assume/hard-code references to specific proxies. Because of the assumption of the existence of an external/internal gateway in knative (reflected by the visibility setting on the Kingress CRD), Gloo is implement this assumption, though it limits the possible reference architectures for a Gloo-knative setup.

Consider a case where a each namespace in a cluster has its own internal gateway (we have seen this in a multi-tenant scenario). It would be useful if the knative visibility setting allowed selection of proxy instances by some mechanism. Perhaps selecting proxy pods or services by their labels?

Thanks to @tcnghia for tagging me on this

@scootweiss scootweiss mentioned this issue Jan 31, 2020
Closed
@knative-housekeeping-robot
Copy link

Issues go stale after 90 days of inactivity.
Mark the issue as fresh by adding the comment /remove-lifecycle stale.
Stale issues rot after an additional 30 days of inactivity and eventually close.
If this issue is safe to close now please do so by adding the comment /close.

Send feedback to Knative Productivity Slack channel or file an issue in knative/test-infra.

/lifecycle stale

@knative-prow-robot knative-prow-robot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Apr 27, 2020
@andrew-su
Copy link
Member Author

/remove-lifecycle stale

@knative-prow-robot knative-prow-robot removed the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Apr 27, 2020
This was referenced Jun 3, 2020
Closed
Closed
Closed
@tcnghia
Copy link
Contributor

tcnghia commented Jul 9, 2020

Progress is tracked here https://github.com/knative/serving/projects/43

@mattmoor
Copy link
Member

@tcnghia should we track this in networking? We can transfer issues there 😎

@github-actions
Copy link

This issue is stale because it has been open for 90 days with no
activity. It will automatically close after 30 more days of
inactivity. Reopen the issue with /reopen. Mark the issue as
fresh by adding the comment /remove-lifecycle stale.

@github-actions github-actions bot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Nov 16, 2020
@dprotaso dprotaso mentioned this issue Mar 11, 2021
Closed
@nak3 nak3 mentioned this issue Nov 21, 2021
Open
@nak3 nak3 mentioned this issue Jul 31, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/networking kind/feature Well-understood/specified features, ready for coding. lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@tcnghia @andrew-su @mattmoor @ilackarms @knative-prow-robot @knative-housekeeping-robot