Skip to main content
logoTetrate Service BridgeVersion: next

Gateway Routes

Gateway resources can specify rich rules to define how traffic is routed, and how additional capabilities are applied.

Getting Started

These examples use the bookinfo application, which is deployed and exposed as follows:

The bookinfo app consists of several services and in these examples we will call these services directly:

ServiceNamePortExample URL
productpagebookinfo/productpage.bookinfo.svc.cluster.local9080/ or /productpage
reviewsbookinfo/reviews.bookinfo.svc.cluster.local9080/reviews/0
ratingsbookinfo/ratings.bookinfo.svc.cluster.local9080/ratings/0
detailsbookinfo/details.bookinfo.svc.cluster.local9080/details/0

A basic Gateway configuration that routes to each service would look like the following:

apiVersion: gateway.tsb.tetrate.io/v2
kind: Gateway
metadata:
  organization: tetrate
  tenant: default
  workspace: bookinfo-ws
  group: bookinfo-gwgroup
  name: bookinfo-gateway
spec:
  workloadSelector:
    namespace: bookinfo
    labels:
      app: bookinfo-gw
  http:
    - name: bookinfo
      port: 80
      hostname: "bookinfo.tetrate.io"
      routing:
        rules:
          - match:
             - uri:
                 prefix: "/reviews"
            route:
              serviceDestination:
                host: "bookinfo/reviews.bookinfo.svc.cluster.local"
                port: 9080
          - match:
             - uri:
                 prefix: "/ratings"
            route:
              serviceDestination:
                host: "bookinfo/ratings.bookinfo.svc.cluster.local"
                port: 9080
          - match:
             - uri:
                 prefix: "/details"
            route:
              serviceDestination:
                host: "bookinfo/details.bookinfo.svc.cluster.local"
                port: 9080
          - route:
              serviceDestination:
                host: "bookinfo/productpage.bookinfo.svc.cluster.local"
                port: 9080

Extending the configuration

Individual routes can be extended with custom timeouts and CORS policies. These settings can also be defined at a top-level:

apiVersion: gateway.tsb.tetrate.io/v2
kind: Gateway
metadata:
  organization: tetrate
  tenant: default
  workspace: bookinfo-ws
  group: bookinfo-gwgroup
  name: bookinfo-gateway
spec:
  workloadSelector:
    namespace: bookinfo
    labels:
      app: bookinfo-gw
  http:
    - name: bookinfo
      port: 80
      hostname: "bookinfo.tetrate.io"
      routing:
        # default CORS policy
        corsPolicy:
          allowOrigin:
            - "https://app.example.com"
          allowMethods:
            - GET
          allowHeaders:
            - "content-type"
            - "authorization"
          allowCredentials: true
        rules:
          - match:
             - uri:
                 prefix: "/reviews"
            # path-level CORS Policy and timout for /reviews
            corsPolicy:
              allowOrigin:
                - "https://app.example.com"
              allowMethods:
                - GET
                - POST
                - OPTIONS
              allowHeaders:
                - "content-type"
                - "authorization"
              allowCredentials: true
            timeout: 2s
            route:
              serviceDestination:
                host: "bookinfo/reviews.bookinfo.svc.cluster.local"
                port: 9080
          - match:
             - uri:
                 prefix: "/ratings"
            route:
              serviceDestination:
                host: "bookinfo/ratings.bookinfo.svc.cluster.local"
                port: 9080
          - match:
             - uri:
                 prefix: "/details"
            route:
              serviceDestination:
                host: "bookinfo/details.bookinfo.svc.cluster.local"
                port: 9080
          - route:
              serviceDestination:
                host: "bookinfo/productpage.bookinfo.svc.cluster.local"
                port: 9080

The HTTP settings

The HTTP Settings form the anchor for configuring a service to listen for. Within the http settings, you can define:

  • The internal name, and a port and hostname to listen for
  • Optional tls settings, where the Gateway should listen for and terminate HTTPS traffic
  • authentication and authorization settings work together to define how requests are authenticated, and if the requesting identity is authorized to access the resource
  • rateLimiting settings define rate-limits for requests, either local or globally, and grouped by user-defined criteria
  • failoverSettings settings define how the gateway should select another target if the preferred or default target is not available
  • openapi settings define how a request should be matched against a provided OpenAPI specification

... and finally, but perhaps most importantly, routing settings use rules to define specific routes, upstreams and traffic management settings for certain paths.

The HTTP Route Rule settings

The HTTP Route Rule settings are used to define specific routeing and traffic management rules for certain paths.

Within the rules, define:

  • The match condition, identifying whether this rule matches each incoming request
  • Statements to modify, redirect or directResponse (respond directly to the request)
  • The target destination (route) for the matching request
  • Additional traffic management settings, such as timeout and corsPolicy