Using kubernetes gateway.networking.k8s.io with metallb.io
TypeScriptTo use Kubernetes's Gateway API with MetalLB, you would typically follow these steps:
- Deploy MetalLB to your Kubernetes cluster. MetalLB provides load-balancing services to Kubernetes clusters that run on bare metal or on-premises, where external load balancers are not available.
- Configure the MetalLB with a pool of IP addresses that it can use to expose services.
- Deploy a Gateway resource along with a GatewayClass and attach service backends to the Gateway using GatewayRoutes.
Here's how you could achieve this with Pulumi and TypeScript. Before starting, ensure you've installed the Pulumi CLI and have a Kubernetes cluster accessible via
kubectl
and Pulumi.Detailed Explanation
The resource
kubernetes.networking.k8s.io/v1.Ingress
is the Pulumi resource for handling Kubernetes Ingress, which allows you to expose HTTP and HTTPS routes from outside the cluster to services within the cluster. However, we want to use the Gateway API (gateway.networking.k8s.io
), which is not present in the Pulumi search results.The Gateway API is an evolving feature and might be present in a newer version of the Pulumi Kubernetes provider, or it may be installed as a Custom Resource Definition (CRD) on your cluster. Since it's not returned in the search results, we will assume that it's a CRD, and Pulumi allows you to manage third-party resources by defining the CustomResource.
To proceed, we'll assume that MetalLB and the
gateway.networking.k8s.io
CRDs are installed on your cluster. Here's a program that outlines how you would create a Gateway resource bound to a specific GatewayClass provided by MetalLB.The program itself does not install MetalLB or the Gateway API CRDs. You would need to do that as a prerequisite, following instructions from the MetalLB installation guide and the Kubernetes Gateway API documentation.
Pulumi TypeScript Program
import * as k8s from "@pulumi/kubernetes"; // Define the GatewayClass pointing to MetalLB const gatewayClass = new k8s.apiextensions.CustomResource("metallb-gateway-class", { apiVersion: "gateway.networking.k8s.io/v1alpha1", kind: "GatewayClass", metadata: { name: "metallb-gateway-class", }, spec: { controller: "example.com/metallb-controller" } }); // Define the Gateway using the GatewayClass const gateway = new k8s.apiextensions.CustomResource("my-gateway", { apiVersion: "gateway.networking.k8s.io/v1alpha1", kind: "Gateway", metadata: { name: "my-gateway" }, spec: { gatewayClassName: "metallb-gateway-class", listeners: [{ protocol: "HTTP", port: 80, routes: { kind: "HTTPRoute", selector: { matchLabels: { "my-gateway-route": "true" } } } }] } }); // Deploy an example HTTPRoute resource that matches the gateway's listener const httpRoute = new k8s.apiextensions.CustomResource("my-http-route", { apiVersion: "gateway.networking.k8s.io/v1alpha1", kind: "HTTPRoute", metadata: { name: "my-http-route", labels: { "my-gateway-route": "true" } }, spec: { gateways: { allow: "All" }, hostnames: ["example.com"], rules: [{ matches: [{ path: { type: "PathPrefix", value: "/", } }], forwardTo: [{ serviceName: "my-service", port: 8080, }] }] } }); // Export the Gateway's address when it's available export const gatewayAddress = gateway.status.apply(status => status.addresses?.[0].value);
In this program, we use
CustomResource
to define theGatewayClass
andGateway
resources, which are not natively available in Pulumi's Kubernetes provider at the time of the search results. TheCustomResource
constructor can be used to provision any Kubernetes resources on the cluster, whether they're part of the core Kubernetes API or provided by CRDs.Steps to Run this Program
- Set up your Pulumi stack with
pulumi stack init
. - Install your dependencies with
npm install @pulumi/kubernetes
. - Save the code in a file named
index.ts
. - Deploy it with
pulumi up
.
Next Steps
After applying this configuration, MetalLB will assign an IP from its configured pool to the Gateway resource. You can check the assigned IP address by retrieving the export
gatewayAddress
. With MetalLB configured, access to the IP on the configured port (in this case, HTTP on port 80) will be handled by MetalLB and routed according to theHTTPRoute
specification, which could include forwarding to a single Service or to multiple services with more complex routing logic.Remember, this example assumes you have already installed the necessary components on your Kubernetes cluster. If you're just getting started, be sure to check and follow the prerequisites for MetalLB and the Gateway API in the Kubernetes documentation.