Navigation :

HTTP

Learn how to use a virtual gateway resource to configure HTTP listeners for your gateway. HTTP listeners accept incoming HTTP traffic for a specific domain and port, and forward this traffic to a specified destination in the cluster.

HTTP listener setup

Before you begin

  1. Install Gloo Gateway in a single or multicluster setup, which includes installing Gloo components, an ingress gateway, a workspace, and workspace settings.
  2. Deploy the Bookinfo app without sidecars.
  3. Save the names of your clusters from your infrastructure provider as environment variables. 
    export CLUSTER_NAME=<cluster-name>

Configure virtual gateways

After deploying ingress gateway proxies, use a Gloo virtual gateway custom resource to consistently configure the ports, protocol, and TLS certificates.

  1. Create a VirtualGateway resource to configure a listener on your ingress gateway, and apply it to your cluster. For example, review the following sample configuration file.

    kubectl apply -f- <<EOF
apiVersion: networking.gloo.solo.io/v2
kind: VirtualGateway
metadata:
  name: istio-ingressgateway
  namespace: bookinfo
spec:
  listeners:
  - http: {}
    port:
      number: 80
  workloads:
  - selector:
      labels:
        istio: ingressgateway
EOF

    Review the following table to understand this configuration. For more information, see the API reference.

    Setting Description
    metadata Give a name and namespace for the virtual gateway. The namespace must be part of the workspace that you want the virtual gateway to manage gateways for.
    spec.listeners Set up the hostname and port that you want the gateway to listen for traffic on. You can specify which route tables bind to the virtual gateway by filtering on the host names in the allowedRouteTables setting. You might have more than one listener to configure different hosts, ports, and TLS secrets. For more information on TLS, see HTTPS.
    spec.workloads Use a spec.selector label for the ingress gateway service service that you want the virtual gateway to configure. You installed a gateway in the setup section.

  2. Apply a route table resource, which allows you to define how requests to endpoints should be routed. For example, if you deploy the Bookinfo and httpbin sample apps, you can create the following route table that forwards traffic to the productpage, reviews, ratings and httpbin apps via the virtual gateway. Or, you can create route tables for your own apps by following the guides in Route requests.

    kubectl apply -f- <<EOF
apiVersion: networking.gloo.solo.io/v2
kind: RouteTable
metadata:
  name: www-example-com
  namespace: bookinfo
spec:
  hosts:
    - www.example.com
  # Selects the virtual gateway you previously created
  virtualGateways:
    - name: istio-ingressgateway
      namespace: bookinfo
  http:
    # Route for the main productpage app
    - name: productpage
      matchers:
      - uri:
          prefix: /productpage
      forwardTo:
        destinations:
          - ref:
              name: productpage
              namespace: bookinfo
            port:
              number: 9080
    # Routes all /reviews requests to the reviews-v1 or reviews-v2 apps
    - name: reviews
      labels: 
        route: reviews
      matchers:
      - uri:
          prefix: /reviews
      forwardTo:
        destinations:
          - ref:
              name: reviews
              namespace: bookinfo
            port:
              number: 9080
    # Routes all /ratings requests to the ratings-v1 app
    - name: ratings-ingress
      labels:
        route: ratings
      matchers:
      - uri:
          prefix: /ratings
      forwardTo:
        destinations:
          - ref:
              name: ratings
              namespace: bookinfo
            port:
              number: 9080
    # Route for the httpbin app
    - name: httpbin-ingress
      labels:
        route: httpbin
      matchers:
      - headers:
        - name: X-httpbin
      forwardTo:
        destinations:
          - ref:
              name: httpbin
              namespace: httpbin
            port:
              number: 8000

EOF

  3. Save the external address of the ingress gateway. If you deployed your ingress gateway in a different namespace or with a different version, update the command. 

    export INGRESS_GW_IP=$(kubectl get svc -n gloo-mesh-gateways istio-ingressgateway -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
echo $INGRESS_GW_IP

    export INGRESS_GW_IP=$(kubectl get svc -n gloo-mesh-gateways istio-ingressgateway -o jsonpath='{.status.loadBalancer.ingress[0].hostname}')
echo $INGRESS_GW_IP

    Note: Depending on your environment, you might see <pending> instead of an external IP address. For example, if you are testing locally in kind or minikube, or if you have insufficent permissions in your cloud platform, you can instead port-forward the service port of the ingress gateway:

    kubectl -n gloo-mesh-gateways port-forward deploy/istio-ingressgateway 8081

  4. Send a request to each route to verify that you can reach the apps’ services. If not, try Debugging your route.

    • productpage: 
      curl -vik http://www.example.com:80/productpage --resolve www.example.com:80:$INGRESS_GW_IP

      Example output:

      HTTP/2 200 
...
    • ratings: 
      curl -vik http://www.example.com:80/ratings/1 --resolve www.example.com:80:$INGRESS_GW_IP

      Example output:

      HTTP/2 200
...
{"id":1,"ratings":{"Reviewer1":5,"Reviewer2":4}}
    • reviews: 
      curl -vik http://www.example.com:80/reviews/1 --resolve www.example.com:80:$INGRESS_GW_IP
curl -vik http://www.example.com:80/reviews/2 --resolve www.example.com:80:$INGRESS_GW_IP

      Example output:

      HTTP/2 200 
...
{"id": "1","podname": "reviews-v1-55b668fc65-6pc2c","clustername": "null","reviews": [{  "reviewer": "Reviewer1",  "text": "An extremely entertaining play by Shakespeare. The slapstick humour is refreshing!"},{  "reviewer": "Reviewer2",  "text": "Absolutely fun and entertaining. The play lacks thematic depth when compared to other plays by Shakespeare."}]}
    • httpbin: 
      curl -vik http://www.example.com:80/status/200 -H "X-httpbin: true" --resolve www.example.com:80:$INGRESS_GW_IP

      Example output:

      HTTP/2 200
    • productpage: 
      curl -vik http://www.example.com:80/productpage --resolve www.example.com:80:127.0.0.1

      Example output:

      HTTP/2 200 
...
    • ratings: 
      curl -vik http://www.example.com:80/ratings/1 --resolve www.example.com:80:127.0.0.1

      Example output:

      HTTP/2 200
...
{"id":1,"ratings":{"Reviewer1":5,"Reviewer2":4}}
    • reviews: 
      curl -vik http://www.example.com:80/reviews/1 --resolve www.example.com:80:127.0.0.1
curl -vik http://www.example.com:80/reviews/2 --resolve www.example.com:80:127.0.0.1

      Example output:

      HTTP/2 200 
...
{"id": "1","podname": "reviews-v1-55b668fc65-6pc2c","clustername": "null","reviews": [{  "reviewer": "Reviewer1",  "text": "An extremely entertaining play by Shakespeare. The slapstick humour is refreshing!"},{  "reviewer": "Reviewer2",  "text": "Absolutely fun and entertaining. The play lacks thematic depth when compared to other plays by Shakespeare."}]}
    • httpbin: 
      curl -vik http://www.example.com:80/status/200 -H "X-httpbin: true" --resolve www.example.com:80:127.0.0.1

      Example output:

      HTTP/2 200

    If you see an unsuccessful response such as the following, check the health of your Bookinfo pods and make sure that they are running.

    curl: (52) Empty reply from server

Next steps

Now that you have the virtual gateway configured, you can add other Gloo Gateway resources to control traffic that is routed through the gateway.