Self-managed gateways (BYO)
Provision static gateway proxies that you bootstrap and manage yourself.
By default, Gloo Gateway automatically spins up gateway proxies when you create a Gateway resource. To do that, a default gateway proxy template is used as well as the settings in the GatewayParameters and Settings resources. For more information, see Default gateway proxy setup.
You can choose to not leverage the automatic gateway management capabilities in Gloo Gateway, and instead, manage the gateway lifecycle yourself. This setup can be useful if you want to deploy a gateway proxy in a non-Kubernetes environment such as a virtual machine (VM), or if you want to have full control over the lifecycle of your gateway proxy.
Attention: Use this feature only if you want to install Gloo Gateway on a non-Kubernetes environment, such as VM. Keep in mind that no gateway proxy deployment or service is created when using self-managed Gateways. You are responsible for creating and bootstrapping the gateway proxy yourself by using an Envoy configuration that matches the Gateway resource’s name and namespace.
Before you begin
Follow the Get started guide to install Gloo Gateway. You do not need to create a Gateway resource, because you create a self-managed Gateway as part of this guide.
Create a self-managed gateway proxy
Create a GatewayParameters resource that allows you to create self-managed gateway proxies.
kubectl apply -f- <<EOF apiVersion: gateway.gloo.solo.io/v1alpha1 kind: GatewayParameters metadata: name: self-managed namespace: gloo-system spec: selfManaged: {} EOF
Create a Gateway that references the GatewayParameters resource that you created.
kubectl apply -f- <<EOF kind: Gateway apiVersion: gateway.networking.k8s.io/v1 metadata: name: self-managed namespace: gloo-system annotations: gateway.gloo.solo.io/gateway-parameters-name: "self-managed" spec: gatewayClassName: gloo-gateway listeners: - protocol: HTTP port: 80 name: http allowedRoutes: namespaces: from: All EOF
Verify that the Gateway is created.
kubectl get gateway self-managed -n gloo-system -o yaml
Verify that no gateway proxy deployment and service were created for your Gateway.
kubectl get pods -n gloo-system | grep self-managed kubectl get services -n gloo-system | grep self-managed
Create your own gateway proxy deployment. Note that this deployment needs to have valid Envoy configuration that includes the correct name and namespace of your Gateway resource to successfully bootstrap your gateway proxy and bind it to the Gateway resource. You can use the following template as a starting point to build your own Envoy configuration. To bind your gateway proxy with the Gateway resource, ensure that you replace
$GATEWAY_NAME
and$GATEWAY_NAMESPACE
with the name of the Gateway that you created earlier.admin: address: socket_address: { address: 127.0.0.1, port_value: 19000 } node: cluster: gloo-proxy-$GATEWAY_NAME.$GATEWAY_NAMESPACE metadata: role: gloo-kube-gateway-api~$GATEWAY_NAMESPACE~$GATEWAY_NAMESPACE-$GATEWAY_NAME static_resources: listeners: - name: read_config_listener address: socket_address: { address: 0.0.0.0, port_value: 8082 } filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager stat_prefix: ingress_http codec_type: AUTO route_config: name: main_route virtual_hosts: - name: local_service domains: ["*"] routes: - match: path: "/ready" headers: - name: ":method" string_match: exact: GET route: cluster: admin_port_cluster http_filters: - name: envoy.filters.http.router typed_config: "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router clusters: - name: xds_cluster alt_stat_name: xds_cluster connect_timeout: 5.000s load_assignment: cluster_name: xds_cluster endpoints: - lb_endpoints: - endpoint: address: socket_address: address: $CONTROLLER_HOST port_value: 9977 typed_extension_protocol_options: envoy.extensions.upstreams.http.v3.HttpProtocolOptions: "@type": type.googleapis.com/envoy.extensions.upstreams.http.v3.HttpProtocolOptions explicit_http_config: http2_protocol_options: {} upstream_connection_options: tcp_keepalive: keepalive_time: 10 type: STRICT_DNS respect_dns_ttl: true - name: admin_port_cluster connect_timeout: 5.000s type: STATIC lb_policy: ROUND_ROBIN load_assignment: cluster_name: admin_port_cluster endpoints: - lb_endpoints: - endpoint: address: socket_address: address: 127.0.0.1 port_value: 19000 dynamic_resources: ads_config: transport_api_version: V3 api_type: GRPC rate_limit_settings: {} grpc_services: - envoy_grpc: cluster_name: xds_cluster cds_config: resource_api_version: V3 ads: {} lds_config: resource_api_version: V3 ads: {}
Cleanup
You can optionally remove the resources that you set up as part of this guide.
kubectl delete gatewayparameters self-managed -n gloo-system
kubectl delete gateway self-managed -n gloo-system