You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The Gateway API was originally designed to manage traffic from clients outside the cluster to services inside the cluster -- the ingress or north/south case. Over time, interest from service mesh users prompted the creation of the GAMMA initiative to define how the Gateway API could also be used for inter-service or east/west traffic within the same cluster.
When you create a VPC Lattice Service, you are given a DNS name that represents it (globally unique and externally resolvable). However, from outside of the VPC, the DNS name resolves to a series of IP addresses in the 169.254.171.x/24 range (within the IPv4 Link-Local range 169.254/16 defined in RFC3927) and fd00:ec2:80::/64 range (within the IPv6 Link-local range fe80::/10 defined in RFC4291).
seems to indicate that aws-application-networking-k8s
indicates that this Gateway Controller (which relies on VPC Lattice) only implements east/west traffic at the moment.
Could this controller be extended to support ingress (north/south) traffic?
On another note, the limitation imposed by such IP range is that it is only accessible within the VPCs that are associated to the service network, but it can still be outside of the cluster - e.g. another EC2 instance in the same VPC.
@solmonk, I believe this workaround creates unnecessary complexity and overhead, especially in large microservice environments heavily reliant on EKS and ingress routing. Integrating Gateway API support would be incredibly beneficial. As suggested, perhaps merging with the AWS Load Balancer Controller (https://github.com/kubernetes-sigs/aws-load-balancer-controller) could be a great option to handle both north-south (internet) and east-west (internal) traffic.
I believe Gateway API was meant to be v2 of Ingress API. Also, as per the documentation for Gateway API:
The existence of https://github.com/aws-solutions-library-samples/guidance-for-external-connectivity-amazon-vpc-lattice and the following excerpt:
indicates that this Gateway Controller (which relies on VPC Lattice) only implements east/west traffic at the moment.
Could this controller be extended to support ingress (north/south) traffic?
It almost seems to me like aws-load-balancer-controller and this controller may need to merge in some way to fully support all Gateway API capabilities. (Related: kubernetes-sigs/aws-load-balancer-controller#1338)
The text was updated successfully, but these errors were encountered: