diff --git a/modules/ossm-rn-new-features.adoc b/modules/ossm-rn-new-features.adoc index 5ee49898fee4..ce41bf560c14 100644 --- a/modules/ossm-rn-new-features.adoc +++ b/modules/ossm-rn-new-features.adoc @@ -242,8 +242,22 @@ This release marks the end of support for {SMProductShortName} Control Planes ba * Gateway injection is not a supported feature. === Kubernetes Gateway API -Kubernetes Gateway API is a technology preview feature that is disabled by default. +:FeatureName: Kubernetes Gateway API +include::snippets/technology-preview.adoc[] +Kubernetes Gateway API is a technology preview feature that is disabled by default. If the Kubernetes API deployment controller is disabled, you must manually deploy and link an ingress gateway to the created Gateway object. + +If the Kubernetes API deployment controller is enabled, then an ingress gateway automatically deploys when a Gateway object is created. + +==== Installing the Gateway API CRDs +The Gateway API CRDs do not come pre-installed by default on OpenShift clusters. Install the CRDs prior to enabling Gateway API support in the SMCP. + +[source,terminal] +---- +$ kubectl get crd gateways.gateway.networking.k8s.io || { kubectl kustomize "github.com/kubernetes-sigs/gateway-api/config/crd?ref=v0.4.0" | kubectl apply -f -; } +---- + +==== Enabling Kubernetes Gateway API To enable the feature, set the following environment variables for the `Istiod` container in `ServiceMeshControlPlane`: [source,yaml] @@ -261,6 +275,21 @@ spec: ---- Restricting route attachment on Gateway API listeners is possible using the `SameNamespace` or `All` settings. Istio ignores usage of label selectors in `listeners.allowedRoutes.namespaces` and reverts to the default behavior (`SameNamespace`). +==== Manually linking an existing gateway to a Gateway resource +If the Kubernetes API deployment controller is disabled, you must manually deploy and then link an ingress gateway to the created Gateway resource. + +[source,yaml] +---- + apiVersion: gateway.networking.k8s.io/v1alpha2 + kind: Gateway + metadata: + name: gateway + spec: + addresses: + - value: ingress.istio-gateways.svc.cluster.local + type: Hostname +---- + == New features {SMProductName} 2.1.5.2 This release of {SMProductName} addresses Common Vulnerabilities and Exposures (CVEs), contains bug fixes, and is supported on OpenShift Container Platform 4.9 or later.