Another triumph for open source: popular project probably used by many megacorps only propped up by the weekend charity of a couple unpaid suckers over the years.
I've been using Envoy Gateway in my homelab and have found it to be good for my modest needs (single node k3s cluster running on an old PC). I needed to configure the underlying EnvoyProxy so that it would listen on specific IPs provided by MetalLB, and their docs were good enough to find my way through that.
^ I second Envoy Gateway! It has support for HTTPRoute like all the others, but also TCPRoute, UDPRoute, TLSRoute, GRPCRoute backed by Envoy and they have worked great for me on EKS clusters I manage for work. The migration from Ingress API to Gateway API hasn’t been bad, as you can have both running side-by-side (just not using the same LB) and the EnvoyPatchPolicy has been great for making advanced changes for things not covered by the manifests
But envoy configs are unreadable abominations, why would you choose it? How did you even learn how to configure it? It's documentation is so confusing.
You don't. Envoy is great if you programmatically configure it, or if you have very small and simple configs. It can't be maintained by a human. But if you have tools that generate it programmatically based on other config, you can read through it.
There are no maintainers. It was maintained by one engineer for years, he stepped down, and F5 (who bought nginx) don't want to contribute since they have a competitor.
Reading few blogs and forums about it today - people talking about switching to Gateway API (from "legacy" Ingress).
And I do not understand it:
1. Ingress still works, it's not deprecated.
2. There a lot of controllers, which supports both: Gateway API and Ingress (for example Traefik)
So, how Ingress Nginx retiring related / affects switch to Gateway API?
It doesn't but Kubernetes team was kind of like "Hey, while you are switching, maybe switch away from Ingress API?"
RIP, end of an era. Thank you everyone who worked on this, it was an extraordinarily useful and reliable project.
Another triumph for open source: popular project probably used by many megacorps only propped up by the weekend charity of a couple unpaid suckers over the years.
Does anyone know good resources on how to migrate and which gateway controllers are suitable replacements?
Ingresses with custom nginx attributes might be tricky to migrate.
I've been using Envoy Gateway in my homelab and have found it to be good for my modest needs (single node k3s cluster running on an old PC). I needed to configure the underlying EnvoyProxy so that it would listen on specific IPs provided by MetalLB, and their docs were good enough to find my way through that.
https://gateway.envoyproxy.io/
^ I second Envoy Gateway! It has support for HTTPRoute like all the others, but also TCPRoute, UDPRoute, TLSRoute, GRPCRoute backed by Envoy and they have worked great for me on EKS clusters I manage for work. The migration from Ingress API to Gateway API hasn’t been bad, as you can have both running side-by-side (just not using the same LB) and the EnvoyPatchPolicy has been great for making advanced changes for things not covered by the manifests
But envoy configs are unreadable abominations, why would you choose it? How did you even learn how to configure it? It's documentation is so confusing.
You don't. Envoy is great if you programmatically configure it, or if you have very small and simple configs. It can't be maintained by a human. But if you have tools that generate it programmatically based on other config, you can read through it.
What's the security back-story here?
Ingress nginx was the default ingress for pretty much the entire life of k8s. F5 bought nginx and made nginx ingress, which I've never met a user of.
Sad to see such a core component die, but I guess now everyone has to migrate to gateways.
Why would you kill a thing that works so well, is so flexible, and does not have an equal yet?
I do not understand.
There are no maintainers. It was maintained by one engineer for years, he stepped down, and F5 (who bought nginx) don't want to contribute since they have a competitor.
It wasn't the most loved part of k8s, to say the least.
Great, another deprecation to address in my EKS clusters :(