haproxy-ingress VS gateway-api

This was all running on Kubernetes, coupled with Google Cloud SQL for PostgreSQL and an HAProxy deployment managed by an ingress controller (jcmoraisjr/haproxy-ingress with a modified config file template). Branch or test deployments were a little different: the database was deployed on Kubernetes directly, to make it simple to deploy additional environments without spinning up resources outside of Kubernetes.

It's implementation-dependent and implementations offer different features, e.g., Nginx, Traefik, HAProxy, etc.

HAProxy Ingress is an ingress controller for HAProxy.

Which k8s-HAProxy do you use, this https://github.com/haproxytech/kubernetes-ingress or this https://github.com/jcmoraisjr/haproxy-ingress or voyager?

# cilium/playbook.yml - name: Bootstrap the Kubernetes cluster hosts: localhost gather_facts: false become: true environment: KUBECONFIG: ~/.kube/config vars: helm_version: v3.14.4 kube_context: k3d-k3s-default tasks: - name: Install Kubernetes library ansible.builtin.pip: name: kubernetes<30 state: present - name: Install helm binary ansible.builtin.shell: cmd: "{{ lookup('ansible.builtin.url', 'https://git.io/get_helm.sh', split_lines=false) }}" creates: /usr/local/bin/helm environment: DESIRED_VERSION: "{{ helm_version }}" - name: Install Kubernetes gateway CRDs kubernetes.core.k8s: src: "{{ item }}" state: present context: "{{ kube_context }}" loop: - https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.0.0/standard-install.yaml - https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.0.0/experimental-install.yaml - name: Install cilium block: - name: Add cilium helm repository kubernetes.core.helm_repository: name: cilium repo_url: https://helm.cilium.io - name: Install cilium helm release kubernetes.core.helm: name: cilium chart_ref: cilium/cilium namespace: kube-system state: present chart_version: 1.15.x kube_context: "{{ kube_context }}" values: gatewayAPI: enabled: true kubeProxyReplacement: true encryption: enabled: true type: wireguard operator: replicas: 1

It has already been a couple of years since the Kubernetes Ingress was defined as a “frozen” feature while further development will be added to the Gateway API.

Kubernetes provides two APIs to achieve this, the Ingress API and the Gateway API.

With all that said, K8s is not really meant to function as an API gateway to arbitrary services. You should look into API gateways such as NGINX, Kong or others, service meshes as others have already pointed out, or have a look at the K8s Gateway API the SIG is currently working on. The last one is in the early stages of adoption, but it could provide you with a nice way to do an API Gateway right in K8s.

Maybe there's something in the new fangled gateways.

Keep an eye on the Gateway API GAMMA Initiative as it is currently evolving with the goal of streamlining how services meshes can implement the Gateway API and reduce some overlap.

The selling point for me was ability to configure it using Kubernetes CRD's and future support of the Gateway API (under development - <https://gateway-api.sigs.k8s.io/>).

Developers can version their API now within helm charts or even yaml templates held along the code in their repositories.

-- https://gateway-api.sigs.k8s.io

While you're learning about ingresses, also look into the k8s Gateway API, which is the next generation. https://gateway-api.sigs.k8s.io/