Gateway API
The Gateway API will soon become the standard for networking control in Kubernetes as a long-term replacement for Ingress
. This page shows you how to configure the LittleHorse Operator to use a TLSRoute
to allow traffic into your cluster.
info
Our founder Colt McNealy wrote an in-depth blog about using the Gateway API to access a Kafka Cluster on Strimzi, which you can find here. The concepts described there are similar even though the blog focuses on Apache Kafka rather than LittleHorse.
Prerequisites
You will need:
- An implementation of the Gateway Api, such as Envoy Gateway, deployed into your Kubernetes Cluster.
- Access to a
Gateway
resource with a port configured forTLS
as its protocol.
Configuring TLSRoute
s
Your LHCluster
will look like the following:
apiVersion: littlehorse.io/v1
kind: LHCluster
metadata:
name: basic-tlsroutes
namespace: littlehorse
spec:
server:
listeners:
- name: external
infrastructure:
tlsRoute:
advertisedPort: 2024
gatewayRef:
name: my-gateway
# The name of the listener on your Gateway. Must be configured
# for the TLS protocol
sectionName: lh-tls
advertisedListeners:
serverHostSuffix: ".test.littlehorse.cloud"
port: 2024
tls:
# specified as per our docs...
# ...
Note that once again it is required that a listener with TLSRoute
s enabled must also have TLS configured.