Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

k8s Gateway API support #814

Open
gemelen opened this issue Dec 4, 2024 · 4 comments
Open

k8s Gateway API support #814

gemelen opened this issue Dec 4, 2024 · 4 comments
Labels
enhancement New feature or request

Comments

@gemelen
Copy link

gemelen commented Dec 4, 2024

TL;DR

Add support for the Gateway API in the LoadBalancer managing part of the CCM, so its Gateway component would be provided with the LoadBalancer information on par with a LoadBalancer service type.

This would handle the cases when a k8s cluster is deployed and configured (exclusively or preferably) with the Gateway API approach of exposing services. That covers setups managed by latest versions of Cilium, Traefik, Nginx and others, see list of implementations and compatibility tables for v1.2, v1.1.

One related issue has already been raised here.

Expected behavior

In a cluster setup configured in a Gateway API fashion, a Gateway should be able to obtain an external address(es) from an (external) load balancer, created by or provided via Hetzner CCM.
@gemelen gemelen added the enhancement New feature or request label Dec 4, 2024
@zfrgt
Copy link

zfrgt commented Dec 4, 2024

that would be nice to have

@am-i-helpful
Copy link

Hi!
I was able to provision an external LB in Hetzner-Cloud using the Cilium Gateway-API following the public documentation of hccm I found here (https://github.com/vitobotta/hetzner-k3s/blob/main/docs/Load_balancers.md#load-balancers), and a bit of manual work annotating the service derived as part of 'Gateway' resource which I think is a bug at Cilium's end: cilium/cilium#36792.

In my opinion, the limitation is at the Cilium Gateway-API controller that they are not copying the metadata 'annotation' from the 'Gateway' resource to the provisioned service of type 'LoadBalancer', which would otherwise result in hccm to provision an external LoadBalancer automatically.

@kishoreinvits
Copy link

kishoreinvits commented Jan 7, 2025
edited
Loading

@gemelen , @am-i-helpful

If you are okay with experimental gateway CRDs, infrastructure annotations mentioned like below work with cilium. This is also mentioned in this cilium issue comment. The infrastructure field is GA and has been part of the Standard Channel since v1.2.0

That would be,

kubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/v1.1.0/config/crd/experimental/gateway.networking.k8s.io_gateways.yaml

kubectl apply -f - <<EOF
apiVersion: gateway.networking.k8s.io/v1
kind: Gateway
metadata:
  name: my-gateway
  namespace: my-cilium
spec:
  gatewayClassName: cilium
  infrastructure:
    annotations:
      load-balancer.hetzner.cloud/location: fsn1
EOF

Note that cilium v1.16 docs (latest at the time of writing) asks to use v1.1.0 Gateway API CRDs, so I don't recommend using v1.2.0 experimntal as mentioned in that comment until cilium specifies it.

@lukasmetzner
Copy link
Contributor

lukasmetzner commented Jan 14, 2025
edited
Loading

Hey,

the hcloud-cloud-controller-manager, which implements the cloud-provider interfaces, is not responsible for the Gateway API. This would require the implementation of a new Gateway Controller, which is currently not planned.

Best Regards,
Lukas

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@gemelen @zfrgt @kishoreinvits @lukasmetzner @am-i-helpful