Tetrate Service BridgeVersion: next
Gateways Management
Intro
Resources
Install IngressGateway
Define method to install IngressGateway on k8s/ocpConfigure Gateway as Ingress (Tier2)
Defines destination host for traffic entering the mesh and traffic routing policies (north-south)Install Tier1Gateway
Define method to install Tier1Gateway on k8s/ocpConfigure Gateway as Tier1
Defines way to configure workload to act as a gateway that distributes traffic across one or more ingress gateways
install.tetrate.io
tsb/gateway/v2
Install IngressGateway
Sample
sample/gateway-management/installingressgateway.yaml
apiVersion: install.tetrate.io/v1alpha1
kind: IngressGateway
metadata:
name: bookinfo-ingressgateway
namespace: bookinfo
spec:
kubeSpec:
service:
type: LoadBalancer
Details
- using
kubectl
oroc
to create IngressGateway deployment
Configure Gateway as Ingress (Tier2)
Sample
sample/gateway-management/ingressgateway.yaml
apiVersion: gateway.tsb.tetrate.io/v2
kind: Gateway
metadata:
organization: tsbdemo
tenant: bookinfo
workspace: bookinfo-workspace
group: bookinfo-gatewaygroup
name: bookinfo-ingress
spec:
workloadSelector:
namespace: bookinfo
labels:
app: bookinfo-gateway
http:
- name: bookinfo-plaintext
port: 80
hostname: bookinfo.tetrate.com
routing:
rules:
- redirect:
authority: bookinfo.tetrate.com
port: 443
redirectCode: 301
scheme: https
- name: bookinfo-secure
port: 443
hostname: bookinfo.tetrate.com
tls:
mode: SIMPLE
secretName: bookinfo-cert
routing:
rules:
- route:
serviceDestination:
host: ns1/productpage.ns1.svc.cluster.local
port: 9080
Fields
Interpretations of fields in the sample
workloadSelector
: gateway withapp: bookinfo-gateway
label will be the edge proxy.http
: application type.routing
: rules for traffic flows.tls
: tls mode and location of certs if required.serviceDestination
: destination service for traffic entering the mesh.
Install Tier1Gateway
Sample
sample/gateway-management/installtier1gateway.yaml
apiVersion: install.tetrate.io/v1alpha1
kind: Tier1Gateway
metadata:
name: bookinfo-tier1-gateway
namespace: tier1
spec:
kubeSpec:
service:
type: LoadBalancer
Details
- using
kubectl
oroc
to create Tier1Gateway deployment
Configure Gateway as Tier1
Sample
sample/gateway-management/ingressgateway.yaml
apiVersion: gateway.tsb.tetrate.io/v2
kind: Gateway
metadata:
organization: tsbdemo
tenant: bookinfo
workspace: bookinfo-workspace
group: bookinfo-tier1-gatewaygroup
name: bookinfo-tier1
spec:
workloadSelector:
namespace: tier1
labels:
app: bookinfo-tier1-gateway
http:
- name: bookinfo-plaintext
port: 80
hostname: bookinfo.tetrate.com
routing:
rules:
- redirect:
authority: bookinfo.tetrate.com
port: 443
redirectCode: 301
scheme: https
- name: bookinfo-secure
port: 443
hostname: bookinfo.tetrate.com
tls:
mode: SIMPLE
secretName: bookinfo-cert
routing:
rules:
- route:
clusterDestination:
- name: c1
weight: 90
- name: c2
weight: 10
Fields
Interpretations of fields in the sample
workloadSelector
: gateway withapp: bookinfo-gateway
label will be the edge proxy.http
: application type.routing
: rules for traffic flows.tls
: tls mode and location of certs if required.clusterDestination
: The destination clusters that contain ingress gateways exposing the hostname.