Use Gateway API to define a routing rule - Ingress Gateway| Alibaba Cloud Documentation Center

Gateway API is an open source project managed by the SIG-NETWORK community. The project aims to evolve service networking by providing expressive, extensible, and role-oriented interfaces. You can use Gateway API to define routing rules for accessing applications in a cluster. This topic shows you how to use Gateway API to define a routing rule for accessing an application in a cluster.

Prerequisites

Create an ASM instance. For more information, see Create an ASM instance.
A Container Service for Kubernetes (ACK) cluster is created. For more information, see Create a managed Kubernetes cluster.
Add a cluster to the ASM instance. For more information, see Add a cluster to an ASM instance.
The ingress gateway service is deployed. For more information, see Deploy an ingress gateway service.

Step 1: Deploy a sample application in an ACK cluster

Enable automatic sidecar injection for the default namespace. For more information, see Enable automatic sidecar injection.
Use kubectl to connect to the ACK cluster. For more information, see Use kubectl on Cloud Shell to manage ACK clusters.

Use the following content to create a YAML file that is named httpbin:

apiVersion: v1
kind: ServiceAccount
metadata:
  name: httpbin
---
apiVersion: v1
kind: Service
metadata:
  name: httpbin
  labels:
    app: httpbin
    service: httpbin
spec:
  ports:
  - name: http
    port: 8000
    targetPort: 80
  selector:
    app: httpbin
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: httpbin
spec:
  replicas: 1
  selector:
    matchLabels:
      app: httpbin
      version: v1
  template:
    metadata:
      labels:
        app: httpbin
        version: v1
    spec:
      serviceAccountName: httpbin
      containers:
      - image: docker.io/kennethreitz/httpbin
        imagePullPolicy: IfNotPresent
        name: httpbin
        ports:
        - containerPort: 80

Run the following command to create the httpbin application:
```
kubectl apply -f httpbin.yaml
```
Run the following command to check whether the pod of the application runs as expected:
```
kubectl get pod |grep httpbin
```
The following output is expected:
```
httpbin-66cdbdb6c5-vhsh6          2/2     Running   0          11s
```

Step 2: Configure Gateway API in an ASM instance

Use kubectl to connect to an ASM instance. For more information, see Use kubectl to connect to an ASM instance.

Use the following content to create a YAML file that is named gw:

apiVersion: networking.x-k8s.io/v1alpha1
kind: GatewayClass
metadata:
  name: istio
spec:
  controller: istio.io/gateway-controller
---
apiVersion: networking.x-k8s.io/v1alpha1
kind: Gateway
metadata:
  name: gateway
  namespace: istio-system
spec:
  gatewayClassName: istio
  listeners:
  - hostname: "*"
    port: 80
    protocol: HTTP
    routes:
      namespaces:
        from: All
      selector:
        matchLabels:
          selected: "yes"
      kind: HTTPRoute
---
apiVersion: networking.x-k8s.io/v1alpha1
kind: HTTPRoute
metadata:
  name: http
  namespace: default
  labels:
    selected: "yes"
spec:
  gateways:
    allow: All
  hostnames: ["httpbin.aliyun.com"]
  rules:
  - matches:
    - path:
        type: Prefix
        value: /get
    filters:
    - type: RequestHeaderModifier
      requestHeaderModifier:
        add:
          my-added-header: added-value
    forwardTo:
    - serviceName: httpbin
      port: 8000

Configure a Gateway
port: the port number of the Gateway. Set the parameter to 80. Then, the httpbin application can be accessed by using port 80.
Configure an HTTPRoute
- hostnames: the host name. Set the parameter to httpbin.aliyun.com.
- path: Set the type parameter to Prefix and the value parameter to /get. The settings specify that the URLs that are used to access the httpbin application must contain the get parameter.

Run the following command to configure Gateway API:

kubectl --kubeconfig=<Name of the kubeconfig file of the ASM instance> apply -f gw.yaml

Step 3: Query the IP address of the ingress gateway

Log on to the ACK console.
In the left-side navigation pane of the ACK console, click Clusters.
On the Clusters page, find the cluster that you want to manage and click the name of the cluster or click Details in the Actions column. The details page of the cluster appears.
In the left-side navigation pane of the details page, choose Services and Ingresses > Services.
At the top of the Services page, select istio-system from the Namespace drop-down list. Find the ingress gateway that is named istio-ingressgateway and view the IP address whose port is 80 in the External Endpoint column.

Verify the routing rule

Run the following command to access the httpbin application:

curl -s -HHost:httpbin.aliyun.com "http://$INGRESS_HOST:$INGRESS_PORT/get"

Use the -H flag to set the Host HTTP header to httpbin.aliyun.com. The value of the Host HTTP header must be the same as the value of the hostnames parameter that is configured for the HTTPRoute.

The following output is expected:

{
  "args": {},
  "headers": {
    "Accept": "*/*",
    "Content-Length": "0",
    "Host": "httpbin.aliyun.com",
    "My-Added-Header": "added-value",
    "User-Agent": "curl/7.75.0",
    "X-Envoy-Attempt-Count": "1",
    "X-Envoy-External-Address": "xxxxxx"
  },
  "origin": "xxxxxx",
  "url": "http://httpbin.aliyun.com/get"
}

Run the following command to access the httpbin application:

curl -I -HHost:httpbin.aliyun.com "http://$INGRESS_HOST:$INGRESS_PORT/headers"

The following output is expected:

HTTP/1.1 404 Not Found

The application is accessed by using the URL that contains the get parameter, but fails to be accessed by using the URL that contains the headers parameter. This means that only URLs that contain the get parameter can be used to access the httpbin application. The results indicate that the routing rule that you defined by using Gateway API takes effect.