Skip to content

Commit

Permalink
feat: GKE Gateway API sample 2
Browse files Browse the repository at this point in the history
  • Loading branch information
@sho-abe
sho-abe committed Aug 22, 2023
1 parent e976d82 commit 42732c5
Show file tree
Hide file tree
Showing 12 changed files with 478 additions and 0 deletions.
4 changes: 4 additions & 0 deletions kubernetes2/base/namespace.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
apiVersion: v1
kind: Namespace
metadata:
name: gateway-infra
182 changes: 182 additions & 0 deletions kubernetes2/base/store.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,182 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: store-v1
spec:
replicas: 2
selector:
matchLabels:
app: store
version: v1
template:
metadata:
labels:
app: store
version: v1
spec:
containers:
- name: whereami
image: us-docker.pkg.dev/google-samples/containers/gke/whereami:v1.2.20
ports:
- name: http
containerPort: 8080
startupProbe:
httpGet:
path: /healthz
port: 8080
failureThreshold: 120
periodSeconds: 1
timeoutSeconds: 1
livenessProbe:
httpGet:
path: /healthz
port: 8080
failureThreshold: 3
periodSeconds: 2
timeoutSeconds: 1
readinessProbe:
httpGet:
path: /healthz
port: 8080
failureThreshold: 2
periodSeconds: 2
timeoutSeconds: 1
env:
- name: ECHO_HEADERS
value: "True"
- name: METADATA
value: "store-v1"
---
apiVersion: v1
kind: Service
metadata:
name: store-v1
spec:
selector:
app: store
version: v1
ports:
- port: 8080
targetPort: 8080
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: store-v2
spec:
replicas: 2
selector:
matchLabels:
app: store
version: v2
template:
metadata:
labels:
app: store
version: v2
spec:
containers:
- name: whereami
image: us-docker.pkg.dev/google-samples/containers/gke/whereami:v1.2.20
ports:
- name: http
containerPort: 8080
startupProbe:
httpGet:
path: /healthz
port: 8080
failureThreshold: 120
periodSeconds: 1
timeoutSeconds: 1
livenessProbe:
httpGet:
path: /healthz
port: 8080
failureThreshold: 3
periodSeconds: 2
timeoutSeconds: 1
readinessProbe:
httpGet:
path: /healthz
port: 8080
failureThreshold: 2
periodSeconds: 2
timeoutSeconds: 1
env:
- name: ECHO_HEADERS
value: "True"
- name: METADATA
value: "store-v2"
---
apiVersion: v1
kind: Service
metadata:
name: store-v2
spec:
selector:
app: store
version: v2
ports:
- port: 8080
targetPort: 8080
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: store-german
spec:
replicas: 2
selector:
matchLabels:
app: store
version: german
template:
metadata:
labels:
app: store
version: german
spec:
containers:
- name: whereami
image: us-docker.pkg.dev/google-samples/containers/gke/whereami:v1.2.20
ports:
- name: http
containerPort: 8080
startupProbe:
httpGet:
path: /healthz
port: 8080
failureThreshold: 120
periodSeconds: 1
timeoutSeconds: 1
livenessProbe:
httpGet:
path: /healthz
port: 8080
failureThreshold: 3
periodSeconds: 2
timeoutSeconds: 1
readinessProbe:
httpGet:
path: /healthz
port: 8080
failureThreshold: 2
periodSeconds: 2
timeoutSeconds: 1
env:
- name: ECHO_HEADERS
value: "True"
- name: METADATA
value: "Gutentag!"
---
apiVersion: v1
kind: Service
metadata:
name: store-german
spec:
selector:
app: store
version: german
ports:
- port: 8080
targetPort: 8080
23 changes: 23 additions & 0 deletions kubernetes2/custom_headers/gateway.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
kind: Gateway
apiVersion: gateway.networking.k8s.io/v1beta1
metadata:
name: external-http
namespace: gateway-infra
spec:
gatewayClassName: gke-l7-global-external-managed
listeners:
- name: https
protocol: HTTPS
port: 443
allowedRoutes:
kinds:
- kind: HTTPRoute
namespaces:
from: All
tls:
mode: Terminate
options:
networking.gke.io/pre-shared-certs: gke-gtw-test-cert
addresses:
- type: NamedAddress
value: gke-gtw-test-lb
81 changes: 81 additions & 0 deletions kubernetes2/custom_headers/http_route.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,81 @@
apiVersion: gateway.networking.k8s.io/v1beta1
kind: HTTPRoute
metadata:
name: default-backend
labels:
gateway: external-http
spec:
parentRefs:
- kind: Gateway
name: external-http
namespace: gateway-infra
sectionName: https
rules:
- backendRefs:
- name: store-v1
port: 8080
---
apiVersion: gateway.networking.k8s.io/v1beta1
kind: HTTPRoute
metadata:
name: store-external
labels:
gateway: external-http
spec:
parentRefs:
- kind: Gateway
name: external-http
namespace: gateway-infra
sectionName: https
rules:
- matches:
- path:
value: /
backendRefs:
- name: store-v1
port: 8080
- matches:
- path:
value: /v1-custom
filters:
- type: RequestHeaderModifier
requestHeaderModifier:
add:
- name: X-Version
value: "v1"
- name: X-Client-IP-Address
value: "{client_ip_address}"
- name: X-Client-Geo-Location
value: "{client_region},{client_city}"
backendRefs:
- name: store-v1
port: 8080
- matches:
- path:
value: /v2
backendRefs:
- name: store-v2
port: 8080
- matches:
- path:
value: /v2-custom
filters:
- type: ResponseHeaderModifier
responseHeaderModifier:
add:
- name: X-Version
value: "v2"
- name: X-Client-RTT
value: "{client_rtt_msec}"
set:
- name: server
value: "anonymous"
backendRefs:
- name: store-v2
port: 8080
- matches:
- path:
value: /de
backendRefs:
- name: store-german
port: 8080
23 changes: 23 additions & 0 deletions kubernetes2/iap/gateway.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
kind: Gateway
apiVersion: gateway.networking.k8s.io/v1beta1
metadata:
name: external-http
namespace: gateway-infra
spec:
gatewayClassName: gke-l7-global-external-managed
listeners:
- name: https
protocol: HTTPS
port: 443
allowedRoutes:
kinds:
- kind: HTTPRoute
namespaces:
from: All
tls:
mode: Terminate
options:
networking.gke.io/pre-shared-certs: gke-gtw-test-cert
addresses:
- type: NamedAddress
value: gke-gtw-test-lb
48 changes: 48 additions & 0 deletions kubernetes2/iap/http_route.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,48 @@
apiVersion: gateway.networking.k8s.io/v1beta1
kind: HTTPRoute
metadata:
name: default-backend
labels:
gateway: external-http
spec:
parentRefs:
- kind: Gateway
name: external-http
namespace: gateway-infra
sectionName: https
rules:
- backendRefs:
- name: store-v1
port: 8080
---
apiVersion: gateway.networking.k8s.io/v1beta1
kind: HTTPRoute
metadata:
name: store-external
labels:
gateway: external-http
spec:
parentRefs:
- kind: Gateway
name: external-http
namespace: gateway-infra
sectionName: https
rules:
- matches:
- path:
value: /
backendRefs:
- name: store-v1
port: 8080
- matches:
- path:
value: /v2
backendRefs:
- name: store-v2
port: 8080
- matches:
- path:
value: /de
backendRefs:
- name: store-german
port: 8080
15 changes: 15 additions & 0 deletions kubernetes2/iap/iap_policy.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
apiVersion: networking.gke.io/v1
kind: GCPBackendPolicy
metadata:
name: iap-store-v1
spec:
default:
iap:
enabled: true
oauth2ClientSecret:
name: iap-store-v1
clientID: ##CLIENT_ID##
targetRef:
group: ""
kind: Service
name: store-v1
Loading

0 comments on commit 42732c5

Please sign in to comment.