Skip to content

Add NodePort support to Gateway Chart #414

Description

@mmccanty

Which chart:
CAAPIM/gateway v3.0.38

Is your feature request related to a problem? Please describe.
We're building a set of K8s Clusters with a mix of cloud and on-prem architectures where Ingresses and LoadBalancers are difficult/resource-intensive to coordinate across different environments and can conflict with our already-extant proxy configurations. Most of our clusterized applications are instead set up with NodePort services for external access, which can more readily be added to proxy configs.

Describe the solution you'd like
We'd like to add NodePort support to the Layer7 Gateway service and management-service templates, with relevant values included (probably just one value each for setting the nodePort key of the two services).

Describe alternatives you've considered
We've tried setting the services to ClusterIP and using port-forward assignments, but we'd prefer a more stable "one and done" solution. As mentioned, Ingress definitions are not feasible with our existing proxies.

Additional context
The existing stable Chart does allow you to set both services to NodePort type, but does not have explicit setup for the nodePort: key-value pair. Setting the management-service to NodePort, for instance, results in yaml like this:

apiVersion: v1
kind: Service
metadata:
  annotations:
    description: The Gateway Management service
    meta.helm.sh/release-name: gateway-test
    meta.helm.sh/release-namespace: gateway
  creationTimestamp: "xxxxxxTxxxxxxZ"
  labels:
    app.kubernetes.io/managed-by: Helm
    chart: gateway-3.0.38
    heritage: Helm
    release: gateway-test
  name: gateway-test-management
  namespace: gateway
  resourceVersion: "xxxxxxxxxx"
  uid: xxxxxxxxxxxxxxxxxxxxxxxx
spec:
  clusterIP: xx.xx.xx.xx
  clusterIPs:
  - xx.xx.xx.xx
  externalTrafficPolicy: Cluster
  internalTrafficPolicy: Cluster
  ipFamilies:
  - IPv4
  ipFamilyPolicy: SingleStack
  ports:
  - name: management
    nodePort: 15626
    port: 9443
    protocol: TCP
    targetPort: management
  selector:
    app: gateway-test
    management-access: leader
    release: gateway-test
  sessionAffinity: None
  type: NodePort
status:
  loadBalancer: {}

where nodePort is arbitrarily set by k8s. Adding an explicit nodePort assignment to the templates, tied to a value, would circumvent this and allow external access to the services with minimal setup.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions