net-gateway-api repository contains a KIngress implementation and testing for Knative integration with the Kubernetes Gateway API.
Note: the integration is beta because some features are still missing. You can find the tested Ingress and unavailable features here.
- http-option - disabling HTTP
- external-tls provisioning using HTTP-01 challenges is limited to 64 certs by the Gateway API
KIngress Conformance Tests
We run our Knative Ingress Conformance tests and are tracking support by different implementations here:
Versions to be installed are listed in hack/test-env.sh.
Requirements
- A Kind cluster
- Knative serving installed
ko(for installing the net-gateway-api)kubectlexport KO_DOCKER_REPO=kind.local
Getting started
Install Knative serving
kubectl apply -f https://github.com/knative/serving/releases/latest/download/serving-crds.yaml kubectl apply -f https://github.com/knative/serving/releases/latest/download/serving-core.yaml
Configure Knative
Ingress
Configuration so Knative serving uses the proper "ingress.class":
kubectl patch configmap/config-network \
-n knative-serving \
--type merge \
-p '{"data":{"ingress-class":"gateway-api.ingress.networking.knative.dev"}}'(OPTIONAL) Deploy a sample hello world app:
cat <<-EOF | kubectl apply -f - apiVersion: serving.knative.dev/v1 kind: Service metadata: name: helloworld-go spec: template: spec: containers: - image: gcr.io/knative-samples/helloworld-go env: - name: TARGET value: Go Sample v1 EOF
Install net-gateway-api
Load tested environment versions
source ./hack/test-env.sh
Install a supported implementation
Istio
# gateway-api CRD must be installed before Istio. echo ">> Installing Gateway API CRDs" kubectl apply -f third_party/gateway-api/gateway-api.yaml echo ">> Bringing up Istio" curl -sL https://istio.io/downloadIstioctl | sh - "$HOME"/.istioctl/bin/istioctl install -y --set values.global.proxy.clusterDomain="${CLUSTER_SUFFIX}" echo ">> Deploy Gateway API resources" kubectl apply -f ./third_party/istio
Contour
echo ">> Bringing up Contour" kubectl apply -f "https://raw.githubusercontent.com/projectcontour/contour/${CONTOUR_VERSION}/examples/render/contour-gateway-provisioner.yaml" # wait for operator deployment to be Available kubectl wait deploy --for=condition=Available --timeout=60s -n "projectcontour" contour-gateway-provisioner echo ">> Deploy Gateway API resources" kubectl apply -f ./third_party/contour
Envoy Gateway
echo ">> Bringing up Envoy Gateway" helm repo add envoyproxy https://charts.envoyproxy.io helm install eg oci://docker.io/envoyproxy/gateway-helm \ --version ${ENVOY_GATEWAY_VERSION} \ -n envoy-gateway-system --create-namespace \ -f ./third_party/envoy-gateway/helm/values-eg.yaml echo ">> Deploy Gateway API resources" kubectl apply --server-side -f ./third_party/envoy-gateway
(OPTIONAL) For testing purpose (Istio)
Use Kind with MetalLB - https://kind.sigs.k8s.io/docs/user/loadbalancer
For Mac setup a SOCK5 Proxy in the Docker KinD network and use the ALL_PROXY
environment variable
docker run --name kind-proxy -d --network kind -p 1080:1080 serjs/go-socks5-proxy export ALL_PROXY=socks5://localhost:1080 curl 172.18.255.200 -v -H 'Host: helloworld-test-image.default.example.com'
To learn more about Knative, please visit our Knative docs repository.
If you are interested in contributing, see CONTRIBUTING.md and DEVELOPMENT.md.