Skip to main content

Gateway API

The Gateway API will soon become the standard for networking control in Kubernetes as a long-term replacement for Ingress. This page shows you how to configure the LittleHorse Operator to use a TLSRoute to allow traffic into your cluster.

info

Our founder Colt McNealy wrote an in-depth blog about using the Gateway API to access a Kafka Cluster on Strimzi, which you can find here. The concepts described there are similar even though the blog focuses on Apache Kafka rather than LittleHorse.

Prerequisites

You will need:

  1. An implementation of the Gateway Api, such as Envoy Gateway, deployed into your Kubernetes Cluster.
  2. Access to a Gateway resource with a port configured for TLS as its protocol.

Configuring TLSRoutes

Your LHCluster will look like the following:

apiVersion: littlehorse.io/v1
kind: LHCluster
metadata:
name: basic-tlsroutes
namespace: littlehorse
spec:
server:
listeners:
- name: external
infrastructure:
tlsRoute:
advertisedPort: 2024
gatewayRef:
name: my-gateway
# The name of the listener on your Gateway. Must be configured
# for the TLS protocol
sectionName: lh-tls
advertisedListeners:
serverHostSuffix: ".test.littlehorse.cloud"
port: 2024
tls:
# specified as per our docs...
# ...

Note that once again it is required that a listener with TLSRoutes enabled must also have TLS configured.