Gateway API tutorials
Use TCPRoute
Available since
version 1.10
The Gateway API defines specialized resources for routing different types of network traffic. You would use a TCPRoute resource to route TCP traffic.
To add routing for TCP traffic:
-
Deploy a
Gatewayobject that includesTCPRoutein itsallowedRoutes.kindssection. This advertises that this Gateway, and by extension the ingress controller, watches for routes of this kind.default-namespace-gateway.yamlyamlapiVersion: gateway.networking.k8s.io/v1alpha2kind: Gatewaymetadata:name: default-namespace-gatewaynamespace: defaultspec:gatewayClassName: haproxy-ingress-gatewayclasslisteners:- allowedRoutes:kinds:- group: gateway.networking.k8s.iokind: TCPRoutenamespaces:from: Samename: listener1port: 8000protocol: TCPdefault-namespace-gateway.yamlyamlapiVersion: gateway.networking.k8s.io/v1alpha2kind: Gatewaymetadata:name: default-namespace-gatewaynamespace: defaultspec:gatewayClassName: haproxy-ingress-gatewayclasslisteners:- allowedRoutes:kinds:- group: gateway.networking.k8s.iokind: TCPRoutenamespaces:from: Samename: listener1port: 8000protocol: TCPApply the changes with
kubectl:nixkubectl apply -f default-namespace-gateway.yamlnixkubectl apply -f default-namespace-gateway.yaml -
Optional: If you will be creating
TCPRouteobjects that are in a namespace different from the namespace of the target service, you must define aReferenceGrantobject that allows cross-namespace communication.Below, the
ReferenceGrantallows a route in the default namespace to reference a service in the foo namespace. Note that thetosection does not need a namespace because aReferenceGrantcan refer only to resources defined in its own namespace.foo-referencegrant.yamlyamlapiVersion: gateway.networking.k8s.io/v1alpha2kind: ReferenceGrantmetadata:name: refgrantns1namespace: foospec:from:- group: "gateway.networking.k8s.io"kind: "TCPRoute"namespace: defaultto:- group: ""kind: "Service"foo-referencegrant.yamlyamlapiVersion: gateway.networking.k8s.io/v1alpha2kind: ReferenceGrantmetadata:name: refgrantns1namespace: foospec:from:- group: "gateway.networking.k8s.io"kind: "TCPRoute"namespace: defaultto:- group: ""kind: "Service"Apply the changes with
kubectl:nixkubectl apply -f foo-referencegrant.yamlnixkubectl apply -f foo-referencegrant.yaml -
Define a
TCPRouteresource to route TCP traffic to a Kubernetes service.example-route.yamlyamlapiVersion: gateway.networking.k8s.io/v1alpha2kind: TCPRoutemetadata:name: example-routenamespace: defaultspec:parentRefs:- group: gateway.networking.k8s.iokind: Gatewayname: default-namespace-gatewaynamespace: defaultrules:- backendRefs:- group: ''kind: Servicename: example-serviceport: 80weight: 10example-route.yamlyamlapiVersion: gateway.networking.k8s.io/v1alpha2kind: TCPRoutemetadata:name: example-routenamespace: defaultspec:parentRefs:- group: gateway.networking.k8s.iokind: Gatewayname: default-namespace-gatewaynamespace: defaultrules:- backendRefs:- group: ''kind: Servicename: example-serviceport: 80weight: 10From this snippet:
- The
parentRefssection references the gateways to which a route wants to attach. ThisTCPRoutewill attach to listeners defined in theGatewaywhoseallowedRouteshave matching kind and namespace rules. - The
backendRefssection refers to services where connections should be sent. Each item’sportattribute is the service’s listening port. Theweightattribute sets the proportion of connections that should go to the service, which is calculated byweight/(sum of all weights in this backendRefs list).
Apply the changes with
kubectl:nixkubectl apply -f example-route.yamlnixkubectl apply -f example-route.yaml - The
Do you have any suggestions on how we can improve the content of this page?