Uploaded image for project: 'Network Edge'
  1. Network Edge
  2. NE-1309

[OOP] Work upstream to promote passthrough in Gateway API

XMLWordPrintable

    • Icon: Story Story
    • Resolution: Unresolved
    • Icon: Major Major
    • None
    • None
    • BU Product Work
    • 8
    • False
    • None
    • False
    • OCPSTRAT-247 - Gateway API using Istio for Cluster Ingress - Tech Preview
    • 0
    • 0.000

      Blocker Issue for Enhanced Dev Preview

      Passthrough routing is required for OAuth.  TLSRoute makes it possible, but is still an alpha and experimental status. It was not promoted to beta when HTTPRoute was.

      However, there is https://github.com/kubernetes-sigs/gateway-api/blob/main/apis/v1beta1/gateway_types.go#L354-L355, which describes Passthrough as a type for TLSMode on HTTPRoute.

      Definition of experimental: https://gateway-api.sigs.k8s.io/concepts/versioning/#release-channels-eg-experimental-standard 

      https://gateway-api.sigs.k8s.io/concepts/api-overview/#tlsroute explains: "TLSRoute is for multiplexing TLS connections, discriminated via SNI. It's intended for where you want to use the SNI as the main routing method, and are not interested in properties of the higher-level protocols like HTTP. The byte stream of the connection is proxied without any inspection to the backend." Confirm that this is our intended use of passthough.

      Discussed in the Gateway API community meeting: https://docs.google.com/document/d/1eg-YjOHaQ7UD28htdNxBR3zufebozXKyI28cl2E11tU/edit#heading=h.v6hxh3jn3fd0

      Outstanding issues:

              cholman@redhat.com Candace Holman
              cholman@redhat.com Candace Holman
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated: