Add Enhanced Dev Preview documentation #8
Conversation
gcs278
force-pushed
the
enhanced-dev-preview
branch
2 times, most recently
from
e8a0b26
to
1edde27
Compare
| ``` | ||
|
|
||
| Next, let’s modify our existing HTTPRoute to direct traffic based on path. We will add a `/foo` path match on the | ||
| existing rule for the `foo-app` application as well as a new rule with a `/bar` path match and a backendRef pointing to the |
There was a problem hiding this comment.
Maybe it would be better to spell out "backend reference":
| existing rule for the `foo-app` application as well as a new rule with a `/bar` path match and a backendRef pointing to the | |
| existing rule for the `foo-app` application as well as a new rule with a `/bar` path match and a backend reference pointing to the |
Alternatively, you could use `backendref`.
| advanced usages of Gateway API. | ||
|
|
||
| ## Route Matching | ||
| Gateway API has a powerful API for directing traffic based on request characteristics such as path, headers, query |
There was a problem hiding this comment.
| Gateway API has a powerful API for directing traffic based on request characteristics such as path, headers, query | |
| Gateway API is a powerful API for directing traffic based on request characteristics such as path, headers, query |
or
| Gateway API has a powerful API for directing traffic based on request characteristics such as path, headers, query | |
| Gateway API provides a powerful API for directing traffic based on request characteristics such as path, headers, query |
| @@ -0,0 +1,178 @@ | |||
| # Getting Started | |||
|
|
|||
| As a follow on to the Openshift 4.12 Developer Preview of Gateway API, OpenShift has released Enhanced Developer Preview for Gateway API support in OCP 4.13.z. With Enhanced Dev Preview, developers can now install and configure Gateway API with the Ingress Operator. | |||
There was a problem hiding this comment.
Can we start calling it OpenShift Istio Gateway API now?
| As a follow on to the Openshift 4.12 Developer Preview of Gateway API, OpenShift has released Enhanced Developer Preview for Gateway API support in OCP 4.13.z. With Enhanced Dev Preview, developers can now install and configure Gateway API with the Ingress Operator. | ||
|
|
||
| In Enhanced Dev Preview, the ingress operator will manage the following: | ||
| * Installing Istio via v2.4 of the OpenShift Service Mesh (OSSM) operator |
There was a problem hiding this comment.
| * Installing Istio via v2.4 of the OpenShift Service Mesh (OSSM) operator | |
| * Installing the OpenShift Service Mesh (OSSM) operator version 2.4.0 to access Istio |
|
|
||
| In Enhanced Dev Preview, the ingress operator will manage the following: | ||
| * Installing Istio via v2.4 of the OpenShift Service Mesh (OSSM) operator | ||
| * Installing Gateway API CRDs (v0.5.1) |
There was a problem hiding this comment.
| * Installing Gateway API CRDs (v0.5.1) | |
| * Installing version 0.5.1 Gateway API custom resource definitions |
| * Installing Istio via v2.4 of the OpenShift Service Mesh (OSSM) operator | ||
| * Installing Gateway API CRDs (v0.5.1) | ||
| * Configuring a Service Mesh Control Plane (SMCP) | ||
| * Automatic creation of DNS Records for Gateways (using Istio’s automated deployments only) |
There was a problem hiding this comment.
Some mention of the load balancer would be good. Also, I'm not sure people will know what Istio's automated deployments only will mean in this context (even I don't know). Do you mean that DNS records are only created if the automated deployment is enabled? But I think automated deployment is the default, and people cannot change that.
There was a problem hiding this comment.
Load Balancing was originally left out since the Ingress Operator doesn't actually do anything with Load Balancers, that's actually an Istio respondiblity. I'll add a bullet that reflects that the Ingress Operator is enabling Istio to make this to happen and hopefully that will make it clear.
My link got dropped for Automated Deployments. We don't support DNS with manual deployments (see bug https://issues.redhat.com/browse/OCPBUGS-8526).
Do you mean that DNS records are only created if the automated deployment is enabled? But I think automated deployment is the default, and people cannot change that.
No - DNS records will only be created if you use an automated deployment. Yes, we enable/allow automated deployments by default, but you can still chose to deploy a manual deployment style Gateway, which might leave the user confused as it doesn't create a DNS record.
I reworded to be focused on Gateway API object, regarding spec.addresses, let me know if that makes it clearer.
|
|
||
| ## Prerequisites | ||
| * A non-production OpenShift Cluster, version v4.13.z or greater, on a cloud platform that supports Kubernetes external load balancers | ||
| * If OSSM is already installed, it must be OSSM 2.4 |
There was a problem hiding this comment.
| * If OSSM is already installed, it must be OSSM 2.4 | |
| * If OSSM is already installed, it must be OSSM 2.4.0. |
| $ oc rollout status deployment -w -n demo-app foo-app | ||
| ``` | ||
|
|
||
| Create the HTTPRoute that will direct requests for http.example.com to our new backend server, foo-app. Note that the parentRefs points to the Gateway, rules specify a backendRefs to our service, and hostnames align with the Gateway’s Listeners hostnames: |
There was a problem hiding this comment.
| Create the HTTPRoute that will direct requests for http.example.com to our new backend server, foo-app. Note that the parentRefs points to the Gateway, rules specify a backendRefs to our service, and hostnames align with the Gateway’s Listeners hostnames: | |
| Create the HTTPRoute that will direct requests for "*.gwapi.${DOMAIN}" to our new backend server, foo-app. Note that the parentRefs points to the Gateway, rules specify a backendRefs to our service, and hostnames align with the Gateway’s Listeners hostnames: |
| port: 8080 | ||
| EOF | ||
| ``` | ||
| Wait for the gateway deployment (Envoy) to be ready: |
There was a problem hiding this comment.
I wouldn't even mention Envoy here. If you do, it should be introduced much earlier, and not with just one word :)
| server: istio-envoy | ||
| app: foo | ||
| ... | ||
| ``` |
There was a problem hiding this comment.
Something to lead to the next section maybe, like:
Thanks for trying OpenShift Istio Gateway API. If you'd like to learn more, go to section on Getting Creative.
| @@ -0,0 +1,178 @@ | |||
| # Getting Started | |||
|
|
|||
There was a problem hiding this comment.
If you haven't read the original blog with an overview of the Gateway API components, please take a minute to review it at link to IntroGatewayAPI.md
There was a problem hiding this comment.
Oh my links got dropped when I copied/pasted - Added a sentence like this with a link to the original blog.
| You’ve successfully configured Gateway API to match traffic based on path, query parameters, and headers. | ||
|
|
||
| ## TLS Termination with Gateway API | ||
| In OpenShift, we have the concept of [termination types](https://docs.openshift.com/container-platform/4.11/networking/routes/secured-routes.html) |
There was a problem hiding this comment.
Maybe update to a 4.13 version of the docs.
gcs278
force-pushed
the
enhanced-dev-preview
branch
from
1edde27
to
5e013e4
Compare
| advanced usages of Gateway API. | ||
|
|
||
| ## Route Matching | ||
| Gateway API has a powerful API for directing traffic based on request characteristics such as path, headers, query |
| ``` | ||
|
|
||
| Next, let’s modify our existing HTTPRoute to direct traffic based on path. We will add a `/foo` path match on the | ||
| existing rule for the `foo-app` application as well as a new rule with a `/bar` path match and a backendRef pointing to the |
| You’ve successfully configured Gateway API to match traffic based on path, query parameters, and headers. | ||
|
|
||
| ## TLS Termination with Gateway API | ||
| In OpenShift, we have the concept of [termination types](https://docs.openshift.com/container-platform/4.11/networking/routes/secured-routes.html) |
| @@ -0,0 +1,178 @@ | |||
| # Getting Started | |||
|
|
|||
There was a problem hiding this comment.
Oh my links got dropped when I copied/pasted - Added a sentence like this with a link to the original blog.
| @@ -0,0 +1,178 @@ | |||
| # Getting Started | |||
|
|
|||
| As a follow on to the Openshift 4.12 Developer Preview of Gateway API, OpenShift has released Enhanced Developer Preview for Gateway API support in OCP 4.13.z. With Enhanced Dev Preview, developers can now install and configure Gateway API with the Ingress Operator. | |||
| $ oc create namespace demo-app | ||
| ``` | ||
|
|
||
| Create a demo application deployment and service using oc new-app, our cakephp-ingress-demo project, and the foo git branch. This will create a simple server, foo-app, that will allow us to test connectivity. Then use the oc rollout command to wait for it to be rolled out: |
| $ oc rollout status deployment -w -n demo-app foo-app | ||
| ``` | ||
|
|
||
| Create the HTTPRoute that will direct requests for http.example.com to our new backend server, foo-app. Note that the parentRefs points to the Gateway, rules specify a backendRefs to our service, and hostnames align with the Gateway’s Listeners hostnames: |
| port: 8080 | ||
| EOF | ||
| ``` | ||
| Wait for the gateway deployment (Envoy) to be ready: |
| server: istio-envoy | ||
| app: foo | ||
| ... | ||
| ``` |
| targetPort: 8080 | ||
| ``` | ||
|
|
||
| First, create the Gateway with a Listener that will listen for requests on a URL under the cluster domain. The Gateway must be created in the openshift-ingress namespace and specify the GatewayClass created earlier. By default, Istio will automatically provision a gateway deployment and service with the same name upon creation of this Gateway object: |
gcs278
force-pushed
the
enhanced-dev-preview
branch
4 times, most recently
from
5179c05
to
2fd044d
Compare
| referencegrants.gateway.networking.k8s.io 2023-04-04T18:02:56Z | ||
| ``` | ||
|
|
||
| Confirm the Ingress Operator has created the SMCP and it is ready: |
There was a problem hiding this comment.
This took 40 seconds on OpenShift 4.14. May want to tell them to wait for it.
There was a problem hiding this comment.
The first thing I see is a somewhat misleading message like below, so I would tell them to wait a minute or two and then check.
oc get smcp -n openshift-ingress
error: the server doesn't have a resource type "smcp"
There was a problem hiding this comment.
Yea I actually ran this myself recently, it takes a long time to show up, I'll be more specific.
gcs278
force-pushed
the
enhanced-dev-preview
branch
2 times, most recently
from
c347ec3
to
5bd05e7
Compare
|
Can you add an image at the top ? It's super helpful, even if it's just an image that says the name of the feature. |
gcs278
force-pushed
the
enhanced-dev-preview
branch
from
5bd05e7
to
4a7d8a9
Compare
@candita Did you mean a picture in the blog post page? I have already added the Gateway Arch image to https://github.com/gcs278/network-edge-tools/blob/enhanced-dev-preview/docs/blogs/EnhancedDevPreviewGatewayAPI/IntroEnhancedDevPreview.md A bit of copy/paste, but is that what you are asking about? |
gcs278
force-pushed
the
enhanced-dev-preview
branch
3 times, most recently
from
afe8ab3
to
60f3fb4
Compare
|
|
||
| ## New Features in Developer Preview | ||
|
|
||
| With this Developer Preview update, developers can now install and configure OpenShift Istio Gateway API with the |
There was a problem hiding this comment.
Istio is an implementation detail. We're not hiding that we use Istio, but neither are we emphasizing it, and we definitely aren't calling the feature "OpenShift Istio Gateway API". Can we just say "install and configure Gateway API", or "install and configure the capability to use Gateway API"?
There was a problem hiding this comment.
i thought we were calling it that, that it was PM's request to incorporate Istio?
There was a problem hiding this comment.
For the last blog we called it "Gateway API with OpenShift Networking"
There was a problem hiding this comment.
Updated to just Gateway API, but I will make sure I use Gateway API with OpenShift Networking as the proper name.
| their focus to exploring and leveraging the powerful API that Gateway API has to offers. | ||
|
|
||
| The Ingress Operator now handles the management and configuration of the following: | ||
| * Installing the OpenShift Service Mesh (OSSM) operator version 2.4.0 to access Istio |
There was a problem hiding this comment.
Again, Istio and OSSM are implementation details. Can you reframe this to emphasize that the Ingress Operator provides the capability to use Gateway API, and de-emphasize (even if only slightly) that the implementation uses OSSM, Istio, and Envoy? Consider the difference between these two statements:
- The purpose of this feature is to install OSSM, so that you can use Gateway API.
- The purpose of this feature is to enable you to use Gateway API, which we accomplish through using OpenShift Service Mesh.
There was a problem hiding this comment.
Attempted to de-empathize.
|
|
||
| The Ingress Operator now handles the management and configuration of the following: | ||
| * Installing the OpenShift Service Mesh (OSSM) operator version 2.4.0 to access Istio | ||
| * Installing version 0.5.1 Gateway API custom resource definitions |
There was a problem hiding this comment.
| * Installing version 0.5.1 Gateway API custom resource definitions | |
| * Installing version 0.5.1 Gateway API custom resource definitions (CRDs) |
| The Ingress Operator now handles the management and configuration of the following: | ||
| * Installing the OpenShift Service Mesh (OSSM) operator version 2.4.0 to access Istio | ||
| * Installing version 0.5.1 Gateway API custom resource definitions | ||
| * Configuring a Service Mesh Control Plane (SMCP) for creating the Istio control plane |
There was a problem hiding this comment.
SMCP is an implementation detail of an implementation detail. Does it need to be mentioned this early in the blog post?
| * Installing version 0.5.1 Gateway API custom resource definitions | ||
| * Configuring a Service Mesh Control Plane (SMCP) for creating the Istio control plane | ||
| * Enabling creation of Load Balancers via Istio’s [automated deployments](https://istio.io/latest/docs/tasks/traffic-management/ingress/gateway-api/#automated-deployment) | ||
| * Automatic creation of DNS Records for Gateways with empty [spec.addresses](https://gateway-api.sigs.k8s.io/references/spec/#gateway.networking.k8s.io%2fv1beta1.GatewaySpec) |
There was a problem hiding this comment.
Are we anticipating that the reader will create gateways with nonempty spec.addresses? It seems too early in the blog post to mention spec.addresses, and when we do mention it, I think it should be to say that the reader shouldn't expect setting spec.addresses to work.
There was a problem hiding this comment.
Okay, we can mention it in the Getting Started section. Removed.
| ```shell | ||
| $ oc create -n openshift-ingress secret tls edge-cert --key=certs/edge.key --cert=certs/edge.crt | ||
| ``` |
There was a problem hiding this comment.
| ```shell | |
| $ oc create -n openshift-ingress secret tls edge-cert --key=certs/edge.key --cert=certs/edge.crt | |
| ``` | |
| ```console | |
| $ oc create -n openshift-ingress secret tls edge-cert --key=certs/edge.key --cert=certs/edge.crt | |
| route.route.openshift.io/edge-cert created | |
| ``` |
| $ oc create -n openshift-ingress secret tls edge-cert --key=certs/edge.key --cert=certs/edge.crt | ||
| ``` | ||
| Certificates are handled differently in Gateway API compared to OpenShift Route objects. Gateway API uses references to | ||
| Kubernetes Secret objects whereas the OpenShift Route API embeds the certificate and key strings in the Route object. |
There was a problem hiding this comment.
Please capitalize "secret" or "Secret" consistently.
| Certificates are handled differently in Gateway API compared to OpenShift Route objects. Gateway API uses references to | ||
| Kubernetes Secret objects whereas the OpenShift Route API embeds the certificate and key strings in the Route object. | ||
|
|
||
| Next, let’s configure our Gateway to terminate TLS. We will add an additional Listener with the same wildcard domain |
There was a problem hiding this comment.
Why is "Listener" capitalized?
There was a problem hiding this comment.
I was trying to refer to a proper API field, a proper noun, but based on https://gateway-api.sigs.k8s.io/api-types/gateway/, they don't capitalize, so I won't.
|
|
||
| Next, let’s configure our Gateway to terminate TLS. We will add an additional Listener with the same wildcard domain | ||
| using port 443 to our existing Gateway from the example above: | ||
| ```yaml |
There was a problem hiding this comment.
| ```yaml | |
| ```console |
| EOF | ||
| ``` | ||
| Now test the route we just created over port 443: | ||
| ```shell |
There was a problem hiding this comment.
| ```shell | |
| ```console |
A new picture would be better. Even just a picture of the name of the feature. |
|
|
||
| ## Prerequisites | ||
|
|
||
| * A non-production OpenShift Cluster, version v4.13.z or greater, on a cloud platform that supports Kubernetes external |
There was a problem hiding this comment.
| * A non-production OpenShift Cluster, version v4.13.z or greater, on a cloud platform that supports Kubernetes external | |
| * A non-production OpenShift Cluster, version v4.13.z or greater, on a cloud platform that supports Kubernetes service |
gcs278
force-pushed
the
enhanced-dev-preview
branch
from
60f3fb4
to
eb367e4
Compare
|
|
||
| ## New Features in Developer Preview | ||
|
|
||
| With this Developer Preview update, developers can now install and configure OpenShift Istio Gateway API with the |
There was a problem hiding this comment.
Updated to just Gateway API, but I will make sure I use Gateway API with OpenShift Networking as the proper name.
| The Ingress Operator now handles the management and configuration of the following: | ||
| * Installing the OpenShift Service Mesh (OSSM) operator version 2.4.0 to access Istio | ||
| * Installing version 0.5.1 Gateway API custom resource definitions | ||
| * Configuring a Service Mesh Control Plane (SMCP) for creating the Istio control plane |
|
|
||
| The Ingress Operator now handles the management and configuration of the following: | ||
| * Installing the OpenShift Service Mesh (OSSM) operator version 2.4.0 to access Istio | ||
| * Installing version 0.5.1 Gateway API custom resource definitions |
| their focus to exploring and leveraging the powerful API that Gateway API has to offers. | ||
|
|
||
| The Ingress Operator now handles the management and configuration of the following: | ||
| * Installing the OpenShift Service Mesh (OSSM) operator version 2.4.0 to access Istio |
There was a problem hiding this comment.
Attempted to de-empathize.
| * Installing version 0.5.1 Gateway API custom resource definitions | ||
| * Configuring a Service Mesh Control Plane (SMCP) for creating the Istio control plane | ||
| * Enabling creation of Load Balancers via Istio’s [automated deployments](https://istio.io/latest/docs/tasks/traffic-management/ingress/gateway-api/#automated-deployment) | ||
| * Automatic creation of DNS Records for Gateways with empty [spec.addresses](https://gateway-api.sigs.k8s.io/references/spec/#gateway.networking.k8s.io%2fv1beta1.GatewaySpec) |
There was a problem hiding this comment.
Okay, we can mention it in the Getting Started section. Removed.
|
|
||
| Next, let’s configure our Gateway to terminate TLS. We will add an additional Listener with the same wildcard domain | ||
| using port 443 to our existing Gateway from the example above: | ||
| ```yaml |
| EOF | ||
| ``` | ||
| Now test the route we just created over port 443: | ||
| ```shell |
| Create a demo application deployment and service using `oc new-app`, our cakephp-ingress-demo project, and the foo git branch. This will create a simple server, foo-app, that will allow us to test connectivity. Then use the `oc rollout` command to wait for it to be rolled out: | ||
| ```shell | ||
| $ oc new-app -n demo-app --name foo-app https://github.com/openshiftdemos/cakephp-ingress-demo#foo | ||
| $ oc rollout status deployment -w -n demo-app foo-app | ||
| ``` |
There was a problem hiding this comment.
Done and added the expected output.
| First, let’s create another demo application deployment and service using `oc new-app`, our `cakephp-ingress-demo` | ||
| project, and the `bar` git branch. This will be used as an alternate server backend, `bar-app`, to direct traffic to: | ||
| ```shell | ||
| $ oc new-app -n demo-app --name bar-app https://github.com/openshiftdemos/cakephp-ingress-demo#bar | ||
| $ oc rollout status deployment -w -n demo-app bar-app | ||
| ``` |
There was a problem hiding this comment.
Added expected output (to both, just to be consistent).
| ```shell | ||
| $ oc wait -n openshift-ingress --for=condition=ready gateways.gateway.networking.k8s.io demo-gateway |
There was a problem hiding this comment.
Added the expected output
gcs278
force-pushed
the
enhanced-dev-preview
branch
from
eb367e4
to
fbcf0f2
Compare
|
@candita I tried my hand at my graphic design...does the image https://github.com/gcs278/network-edge-tools/blob/enhanced-dev-preview/docs/blogs/EnhancedDevPreviewGatewayAPI/IntroEnhancedDevPreview.md look okay? |
gcs278
force-pushed
the
enhanced-dev-preview
branch
from
fbcf0f2
to
11e81ab
Compare
It looks good. My only comment is that you could try centering it. |
| opt in to use it. The feature gate is a part of the “customNoUpgrade” featureSet, which means the cluster will no longer | ||
| be upgradable after enabling. | ||
|
|
||
| Only enable this feature on a non-production cluster. Once this feature gate is enabled, it can never be disabled. |
There was a problem hiding this comment.
This is a good place to mention that enabling the feature gate will restart all nodes.
There was a problem hiding this comment.
Okay, I already mentioned in https://github.com/openshift/network-edge-tools/pull/8/files#diff-eb7ec84d04a7daa7ba6958f451020085d2ad3a2bde1a85f732982563b97986a2R35-R36, but I can also add a mention here.
Done.
gcs278
force-pushed
the
enhanced-dev-preview
branch
from
11e81ab
to
57b9385
Compare
@candita thanks - markdown actually doesn't have syntax to center, but I enlarged the image so it is centered. When the blog team converted the last blog, they centered the image anyways, so I think we should be safe for the conversion. |
gcs278
force-pushed
the
enhanced-dev-preview
branch
2 times, most recently
from
03e4ab7
to
1d29951
Compare
| targetPort: 8080 | ||
| ``` | ||
|
|
||
| First, create the Gateway with a Listener (`spec.listeners` instance) that will listen on a port for HTTP requests that |
There was a problem hiding this comment.
This still has Listener capitalized. Maybe change the listener/Listener references throughout to be listener to signify the object reference?
There was a problem hiding this comment.
Good catch, I forgot this one. Now that I look again, even Gateway API docs aren't consistent (some Listeners some listeners).
I'll update to lower case to be consistent.
| When the Gateway from the previous step is created, the Ingress Operator will automatically create a DNSRecord CR with the hostname from the listener: | ||
| ```console | ||
| $ oc get dnsrecord -n openshift-ingress -l istio.io/gateway-name=demo-gateway | ||
| NAME AGE | ||
| gateway-7b49f58c6-wildcard 6m11s | ||
| ``` | ||
|
|
||
| The Ingress Operator will then create a DNS record using the cloud-specific API (for example, Route 53 on AWS) and update the status on the DNSRecord CR: | ||
| ```console | ||
| $ oc get dnsrecord -n openshift-ingress -l istio.io/gateway-name=demo-gateway -o yaml |
There was a problem hiding this comment.
These two commands are the same. Can these two paragraphs be consolidated?
There was a problem hiding this comment.
Good point, combined into one.
|
@gcs278 it looks really good. I have a couple of comments on the Getting Started section, which are nice-to-haves. |
gcs278
force-pushed
the
enhanced-dev-preview
branch
from
1d29951
to
ffc9807
Compare
|
/lgtm |
|
Holding for @Miciah last review. |
openshift-ci
bot
added
the
do-not-merge/hold
|
|
||
| The features mentioned in this Developer Preview update are accessible through [OpenShift's feature gate mechanism](https://docs.openshift.com/container-platform/4.13/nodes/clusters/nodes-cluster-enabling-features.html). | ||
| By implementing Gateway API support under a feature gate, it is not activated by default, requiring users to explicitly | ||
| opt in to use it. The feature gate is a part of the “customNoUpgrade” featureSet, which means the cluster will no longer |
There was a problem hiding this comment.
It's a minor detail, but the "CustomNoUpgrade" feature set itself is empty; enabling this feature set then allows the cluster-admin to specify individual features in the cluster config.
| opt in to use it. The feature gate is a part of the “customNoUpgrade” featureSet, which means the cluster will no longer | |
| opt in to use it. The feature gate can be enabled by configuring the “CustomNoUpgrade” feature set, which means the cluster will no longer |
|
|
||
|  | ||
|
|
||
| As a follow-on to the Openshift 4.12 Developer Preview of Gateway API, OpenShift has released an enhanced Developer |
There was a problem hiding this comment.
Just a suggestion—it feels more natural to me to say that Red Hat has done something involving OpenShift than to say that OpenShift has done something. (Sometimes we talk about "the OpenShift org", but that's more of an internal thing.)
| As a follow-on to the Openshift 4.12 Developer Preview of Gateway API, OpenShift has released an enhanced Developer | |
| As a follow-on to the Openshift 4.12 Developer Preview of Gateway API, Red Hat has released an enhanced Developer |
|
|
||
| ## New Features in Developer Preview | ||
|
|
||
| With this Developer Preview update, developers can now install and configure the capability to use Gateway API with the |
There was a problem hiding this comment.
| With this Developer Preview update, developers can now install and configure the capability to use Gateway API with the | |
| With this Developer Preview update, a cluster administrator can now install and configure the capability to use Gateway API with the |
or
| With this Developer Preview update, developers can now install and configure the capability to use Gateway API with the | |
| With this Developer Preview update, you can now install and configure the capability to use Gateway API with the |
There was a problem hiding this comment.
I like the you. Done.
| With this Developer Preview update, developers can now install and configure the capability to use Gateway API with the | ||
| Ingress Operator, seamlessly installing all the necessary Gateway API components without any external downloads. By | ||
| delegating the responsibility of installation and configuration to the Ingress Operator, developers can now dedicate | ||
| their focus to exploring and leveraging the powerful API that Gateway API has to offers. |
There was a problem hiding this comment.
| their focus to exploring and leveraging the powerful API that Gateway API has to offers. | |
| their focus to exploring and leveraging the powerful API that Gateway API has to offer. |
There was a problem hiding this comment.
darn, i missed this. Done.
| * Enabling creation of Load Balancers via Istio’s [automated deployments](https://istio.io/latest/docs/tasks/traffic-management/ingress/gateway-api/#automated-deployment) | ||
| * Automatically creating DNS Records for Gateways | ||
|
|
||
| These updates provide OpenShift developers with the opportunity to explore and utilize Gateway API using our existing |
There was a problem hiding this comment.
| These updates provide OpenShift developers with the opportunity to explore and utilize Gateway API using our existing | |
| These updates provide OpenShift developers with the opportunity to explore and utilize Gateway API using Red Hat's existing |
| path: /foo | ||
| ``` | ||
| In Gateway API, we can translate this concept to terminating the TLS encryption at the Gateway before forwarding traffic | ||
| to the upstream server via the HTTPRoute configuration. |
There was a problem hiding this comment.
Better to avoid ambiguous words like "upstream", which different implementations use to mean opposite things.
| to the upstream server via the HTTPRoute configuration. | |
| to the destination pod via the HTTPRoute configuration. |
|
|
||
| ## Prerequisites | ||
|
|
||
| * A non-production OpenShift Cluster, version v4.13.5 or greater, on a cloud platform that supports Kubernetes service |
There was a problem hiding this comment.
| * A non-production OpenShift Cluster, version v4.13.5 or greater, on a cloud platform that supports Kubernetes service | |
| * A non-production OpenShift Cluster, version 4.13.5 or greater, on a cloud platform that supports Kubernetes service |
| load balancers (e.g. GCP, AWS, and Azure) | ||
| * If OSSM is already installed, it must be OSSM 2.4.0 | ||
| * If OSSM is already installed, you must not have any existing ServiceMeshControlPlane CRs | ||
| * The [OpenShift CLI](https://docs.openshift.com/container-platform/4.11/cli_reference/openshift_cli/getting-started-cli.html#cli-installing-cli_cli-developer-commands) binary (oc) |
There was a problem hiding this comment.
| * The [OpenShift CLI](https://docs.openshift.com/container-platform/4.11/cli_reference/openshift_cli/getting-started-cli.html#cli-installing-cli_cli-developer-commands) binary (oc) | |
| * The [OpenShift CLI](https://docs.openshift.com/container-platform/4.13/cli_reference/openshift_cli/getting-started-cli.html#cli-installing-cli_cli-developer-commands) binary (oc) |
There was a problem hiding this comment.
Ah good catch. Done.
Installing Gateway API with OSSM/Istio via the ingress operator - IntroEnhancedDevPreview page for intro (blog post) - GettingStarted page for installation - GettingCreative page for more advanced examples Both adapted from IntroGatewayAPI documentation
gcs278
force-pushed
the
enhanced-dev-preview
branch
from
ffc9807
to
207e644
Compare
|
/lgtm |
|
/remove-hold |
openshift-ci
bot
removed
the
do-not-merge/hold
Installing Gateway API with OSSM/Istio via the ingress operator
Both adapted from IntroGatewayAPI documentation