Our great sponsors
-
gateway-api
Repository for the next iteration of composite service (e.g. Ingress) and load balancing APIs.
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
You should be able to use any ingress. They just use the service API for getting an external address, therefore allocating from your kubevip setup. The better ones are commercial and you quickly get into pay for use features, (gloo, ambassador) but they are usually backed with the Envoy proxy. I use Contour, its backed by Envoy and its ok. The challenge with Ingress is that the API is pretty limited so all of the Ingress controllers have their own API's that let you do thinks like header matches, rewrites and the usual stuff that's needed for gateways so you end up with an implementation specific configuration. There is a new api called the GatewayAPI that seeks to address this. You can learn about that at https://gateway-api.sigs.k8s.io/ We use the gateway API to create external API gateways, not really your use case but you might find it interesting. https://www.epick8sgw.io
Kusk-gateway deploys an Envoy-based gateway with a LoanBalancer so you could set it up as you described. The best part of it is that you can have the API and the gateway configured from the same OpenAPI specification (a IaC-esque way of deploying your gateway). https://github.com/kubeshop/kusk-gateway