Setup¶

Artifacts¶

Download all yaml artifacts referenced in all scenarios as a single .tgz file here.

Provision a cluster¶

On GCPLocally with k3d

#!/bin/sh

gcloud container clusters create my-k8s-cluster \
  --cluster-version latest \
  --machine-type n1-standard-2 \
  --num-nodes 3 \
  --network default \
  --scopes "https://www.googleapis.com/auth/ndev.clouddns.readwrite"

./setup/make-gke-cluster

#!/bin/sh

k3d cluster create my-k8s-cluster \
  --k3s-arg "--disable=traefik@server:0" \
  --port 80:80@loadbalancer \
  --port 443:443@loadbalancer

./setup/make-local-k3d-cluster

About k3d.

Install EG or TEG ¶

TEG installs Redis and the Envoy rate limit service, meaning that it's pre-configured for rate-limiting.

Install Envoy GatewayInstall TEG

helm install eg oci://docker.io/envoyproxy/gateway-helm \
  --version v1.1.0 \
  -n envoy-gateway-system --create-namespace

helm install teg oci://docker.io/tetrate/teg-envoy-gateway-helm \
  --version v1.1.0 \
  -n envoy-gateway-system --create-namespace

Review the deployments in envoy-gateway-system:

kubectl get deploy -n envoy-gateway-system

See architecture.

Install `external-dns`¶

A convenience that automatically configures DNS for routes.

Warning

This will not work locally, and requires edits to point to your DNS zone and provider.

kubectl apply -f setup/external-dns.yaml

Define a GatewayClass:¶

---
apiVersion: gateway.networking.k8s.io/v1
kind: GatewayClass
metadata:
  name: eg
spec:
  controllerName: gateway.envoyproxy.io/gatewayclass-controller

kubectl apply -f setup/gateway-class.yaml

Deploy a Gateway ¶

---
apiVersion: gateway.networking.k8s.io/v1
kind: Gateway
metadata:
  name: eg
spec:
  gatewayClassName: eg
  listeners:
  - name: http
    protocol: HTTP
    port: 80

kubectl apply -f setup/gateway-http.yaml

Wait for the gateway to become available:

kubectl wait gtw/eg --for=condition=Programmed

Test it¶

Obtain Gateway IPUsing a local k3d cluster

export GATEWAY_IP=$(kubectl get gtw eg -o jsonpath='{.status.addresses[0].value}')

For k3d, use 127.0.0.1 as your GATEWAY_IP

export GATEWAY_IP=127.0.0.1

curl -v http://$GATEWAY_IP/

*   Trying 34.121.222.176:80...
* Connected to 34.121.222.176 (34.121.222.176) port 80
> GET / HTTP/1.1
> Host: 34.121.222.176
> User-Agent: curl/8.7.1
> Accept: */*
>
* Request completely sent off
< HTTP/1.1 404 Not Found
< date: Tue, 07 May 2024 23:39:35 GMT
< content-length: 0
<
* Connection #0 to host 34.121.222.176 left intact

Why do we get a 404 (Not Found)?