(POC) API exposure using istio gateway controller with knative installed

[piotrmsc]

Description
Once #1641 is done we should verify if we can still use istio gateway controller from the istio-system for API exposure while having knative serving and knative eventing installed.

Installing serving will add the second gateway, which is used by knative directly, leaving istio one 'unused'. Kyma gateway definition (https://github.com/kyma-project/kyma/blob/master/resources/core/charts/gateway/templates/gateway.yaml) however, is referencing istio gateway controller. We need to check if we can still use this controller.

Setup must be tested locally, on CI (DiD) and on the cluster.

Reasons

Attachments

[kubadz]

There are no problems in using two gateways locally (one from Kyma and second from Knative) on two different Ingressgateways, as both expose different ports.
On the Azure cluster, there are also no problems because when we create service of type "LoadBalancer" for both Ingressgateways, they have different IP addresses assigned, so interacting with created knative services is possible on the IP of knative Ingressgateway.
For the testing purposes, I followed the knative getting started guide to test knative serving and run kyma core test suite to test if the APIs exposed with api-controller on Kyma gateway are still accessible. Everything was working correctly.

[kubadz]

For testing purposes I installed Kyma from PR #1664. The only thing I needed to change in installation on the cluster was the type of the knative-ingressgateway Service, which is currently changed to NodePort in job installing knative. Instead of NodePort it should be set to LoadBalancer because the new external IP must be assigned.

[kubadz]

After PR #1749 created by @sjanota will be merged, there will be the possibility to run Kyma with knative installed by adding --knative flag to the execution of run.sh.

Additional notes to installation on the cluster:

• to set the domain on which services created by knative will be exposed follow that tutorial: https://github.com/knative/docs/blob/master/serving/using-a-custom-domain.md
• by default the knative gateway will not use TLS. If you want to secure the communication between your services exposed with knative serving and web browsers, update the TLS configuration of knative gateway (you can use kyma default gateway as a reference)
• DNS settings will not be updated automatically, it needs to be done manually

[piotrmsc]

The decision is to go with POC 2 : #1598.