-
Notifications
You must be signed in to change notification settings - Fork 0
K8s Shared HTTP Gateway
Andy Potanin edited this page Jun 21, 2026
·
1 revision
Creates a shared Kubernetes Gateway API gateway with a dedicated namespace for cluster-wide HTTP routing.
Use this module to provision the shared shared-http gateway that all tenant HTTPRoutes reference. This is a platform-level module typically deployed once per cluster from rabbit-infra.
- Gateway namespace creation.
- Gateway API
Gatewayresource creation (gateway.networking.k8s.io/v1). - GKE L7 global external managed load balancer integration.
- Static IP address binding via named address.
- Namespace-selector-based route admission using the
gateway-accesslabel.
- GCP credentials with permission to manage GKE and Kubernetes resources.
- A GKE cluster with Gateway API enabled (
gateway_api_config.channel: CHANNEL_STANDARD). - A static IP address provisioned by
gcp-static-ip.
- This module creates the
shared-httpgateway that tenantk8s-http-gateway-routemodules reference as a parent. - Only namespaces with the label
gateway-access: shared(set byk8s-access) can attach routes to this gateway. - The
gatewayClassNamemust match the GKE gateway class, typicallygke-l7-global-external-managed. -
static_ip_namereferences a named GCP static IP address (not the IP itself).
services:
- name: "k8s Shared HTTP Gateway"
module: "k8s-shared-http-gateway"
id: "shared-http-gateway"
deployment_order: 55
configurations:
namespace: "k8s-gateway"
gke_cluster_name: "rabbit-v5-1"
cluster_project_id: "rabbit-cdmsqarskcacnbpe"
gke_cluster_location: "us-central1"
static_ip_name: "gateway-api-ip"| Output | Description |
|---|---|
namespace |
The gateway namespace name. |
The fields below are public module inputs under configurations.
configurations:
namespace: "k8s-gateway"
gke_cluster_name: "rabbit-v5-1"
cluster_project_id: ""
gke_cluster_location: "us-central1"
port: 80
gateway_access: "shared"
gatewayClassName: "gke-l7-global-external-managed"
static_ip_name: "gateway-api-ip"
secret_labels:
creator: "automation"
r2a_module: "k8s-shared-http-gateway"| Field | Type | Required | Description |
|---|---|---|---|
namespace |
string | Yes | Namespace for the gateway. Defaults to k8s-gateway. |
gke_cluster_name |
string | Yes | GKE cluster name. |
cluster_project_id |
string | Yes | GCP project ID of the GKE cluster. |
gke_cluster_location |
string | Yes | GKE cluster region. |
port |
number | No | Gateway listener port. Defaults to 80. |
gateway_access |
string | No | Label value for namespace-based route admission. Defaults to shared. |
gatewayClassName |
string | No | GKE gateway class name. Defaults to gke-l7-global-external-managed. |
static_ip_name |
string | Yes | Named GCP static IP address for the gateway. |
secret_labels |
map[string] | No | Labels for associated secrets. |
- GCP GKE Cluster
- GCP GKE Node Pool
- GCP IAM
- GCP Monitoring
- GCP Networking
- GCP PostgreSQL Instance
- GCP Secret Manager
- GCP SQL Instance
- GCP Static IP
- GCP Storage