Hybrid gateways - Update Gateway Controller Provisioning Logic #2377
Description
Problem Statement
To provision a Gateway correctly we need to provision a Konnect controlplane and a local DataPlane. Currently the gateway controller is not handling the provisioning of Konnect controlplanes.
Proposed Solution
Design doc ref: https://docs.google.com/document/d/1TlH7z2AQSvVvdIgU_osxRuZDTvX4E-6zuIxLBcPhWeg/edit?tab=t.0#heading=h.urfn7ys34vi7
The Gateway controller orchestrates the creation of all components required for a Konnect hybrid deployment based on the configuration provided.
The Gateway controller's reconciliation loop will be updated:
- Check if the referenced
GatewayClass'sparametersRefpoints to aGatewayConfigurationwith the.spec.konnect.APIAuthConfigurationfield set. - If so, provision the following resources, setting the
Gatewayas their owner:- A
KonnectAPIAuthConfigurationresource. The.specof this resource will be populated from theGatewayConfiguration. - A
KonnectGatewayControlPlaneresource to link theKonnectAPIAuthConfiguration. - A
KonnectExtensionresource to link theKonnectGatewayControlPlane. - A
DataPlaneresource, which will be configured via theKonnectExtensionto connect to Konnect.
- A
Additional Information
Acceptance Criteria
- Documentation is updated with this new feature / enhancement
- Tests are added for this feature / enhancement
- Helm chart is updated to work with this feature / enhancement
- As a user, I can create a
Gatewaywith aGatewayClasswho points to aGatewayConfigurationwith a konnect auth ref - For each
Gatewayoperator will create and reconcile aKonnectAPIAuthConfiguration, aKonnectGatewayControlPlane, aKonnectExtensionand aDataPlane - the
KonnectAPIAuthConfigurationwill have specs coming fromspec.konnect.APIAuthConfigurationof theGatewayConfiguration - the
KonnectGatewayControlPlanewill have specs coming fromspec.konnect.gatewayControlPlaneOptionsof theGatewayConfiguration
Metadata
Metadata
Assignees
Labels
No labels