Skip to content

[enterprise-4.12] OSSMDOC-720: Add more detail to Gateway API enablement docs #52895

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Nov 16, 2022
Merged

[enterprise-4.12] OSSMDOC-720: Add more detail to Gateway API enablement docs #52895

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
31 changes: 30 additions & 1 deletion modules/ossm-rn-new-features.adoc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -242,8 +242,22 @@ This release marks the end of support for {SMProductShortName} Control Planes ba
* Gateway injection is not a supported feature.

=== Kubernetes Gateway API
Kubernetes Gateway API is a technology preview feature that is disabled by default.
:FeatureName: Kubernetes Gateway API
include::snippets/technology-preview.adoc[]

Kubernetes Gateway API is a technology preview feature that is disabled by default. If the Kubernetes API deployment controller is disabled, you must manually deploy and link an ingress gateway to the created Gateway object.

If the Kubernetes API deployment controller is enabled, then an ingress gateway automatically deploys when a Gateway object is created.

==== Installing the Gateway API CRDs
The Gateway API CRDs do not come pre-installed by default on OpenShift clusters. Install the CRDs prior to enabling Gateway API support in the SMCP.

[source,terminal]
----
$ kubectl get crd gateways.gateway.networking.k8s.io || { kubectl kustomize "github.com/kubernetes-sigs/gateway-api/config/crd?ref=v0.4.0" | kubectl apply -f -; }
----

==== Enabling Kubernetes Gateway API
To enable the feature, set the following environment variables for the `Istiod` container in `ServiceMeshControlPlane`:

[source,yaml]
Expand All @@ -261,6 +275,21 @@ spec:
----
Restricting route attachment on Gateway API listeners is possible using the `SameNamespace` or `All` settings. Istio ignores usage of label selectors in `listeners.allowedRoutes.namespaces` and reverts to the default behavior (`SameNamespace`).

==== Manually linking an existing gateway to a Gateway resource
If the Kubernetes API deployment controller is disabled, you must manually deploy and then link an ingress gateway to the created Gateway resource.

[source,yaml]
----
apiVersion: gateway.networking.k8s.io/v1alpha2
kind: Gateway
metadata:
name: gateway
spec:
addresses:
- value: ingress.istio-gateways.svc.cluster.local
type: Hostname
----

== New features {SMProductName} 2.1.5.2

This release of {SMProductName} addresses Common Vulnerabilities and Exposures (CVEs), contains bug fixes, and is supported on OpenShift Container Platform 4.9 or later.
Expand Down