OSDOCS-14879: add enablement procedure #94480
Conversation
|
@jldohmann: This pull request references OSDOCS-14879 which is a valid jira issue. Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target either version "4.20." or "openshift-4.20.", but it targets "openshift-4.19" instead. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
openshift-ci-robot
added
the
jira/valid-reference
openshift-ci
bot
added
the
size/M
|
🤖 Mon Jun 09 21:20:09 - Prow CI generated the docs preview: |
|
@jldohmann: all tests passed! Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
|
@jldohmann: This pull request references OSDOCS-14879 which is a valid jira issue. Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target either version "4.20." or "openshift-4.20.", but it targets "openshift-4.19" instead. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
@rhamini3 could you PTAL at this docs PR for QE ack? thank you |
jldohmann
added
the
peer-review-needed
lahinson
added
peer-review-in-progress
| [id="nw-ingress-gateway-api-enable_{context}"] | ||
| = Enabling Gateway API for the Ingress Operator | ||
|
|
||
| When you enable Gateway API, it installs the subscription, the Istio operator, the custom resource defintions (CRDs), and creates the Istio resources. The following procedure describes how to enable Gateway API. |
There was a problem hiding this comment.
| When you enable Gateway API, it installs the subscription, the Istio operator, the custom resource defintions (CRDs), and creates the Istio resources. The following procedure describes how to enable Gateway API. | |
| When you enable Gateway API, it installs the subscription, the Istio operator, the custom resource defintions (CRDs), and creates the Istio resources. |
From the SSG: Avoid self-referential language, such as "This topic covers…" or "Use this procedure to…".
There was a problem hiding this comment.
typo in "definitions"
| When you enable Gateway API, it installs the subscription, the Istio operator, the custom resource defintions (CRDs), and creates the Istio resources. The following procedure describes how to enable Gateway API. | |
| When you enable Gateway API, it installs the subscription, the Istio operator, the custom resource definitions (CRDs), and creates the Istio resources. The following procedure describes how to enable Gateway API. |
| ---- | ||
| <1> The controller name must be `v1` for the Ingress Operator to manage it. Setting this field to anything else will be ignored by the Ingress Operator, because it is assumed to be a different implementation. | ||
|
|
||
| . Create a secret using the default certificate: |
There was a problem hiding this comment.
| . Create a secret using the default certificate: | |
| . Create a secret by using the default certificate: |
ISG: https://www.ibm.com/docs/en/ibm-style?topic=word-usage#using
| spec: | ||
| controllerName: openshift.io/gateway-controller/v1 <1> | ||
| ---- | ||
| <1> The controller name must be `v1` for the Ingress Operator to manage it. Setting this field to anything else will be ignored by the Ingress Operator, because it is assumed to be a different implementation. |
There was a problem hiding this comment.
| <1> The controller name must be `v1` for the Ingress Operator to manage it. Setting this field to anything else will be ignored by the Ingress Operator, because it is assumed to be a different implementation. | |
| <1> The controller name must be `v1` for the Ingress Operator to manage it. If you set this field to anything else, the Ingress Operator ignores it because it is assumed to be a different implementation. |
There was a problem hiding this comment.
also suggest to mention that it will not be accepted in its status section
|
|
||
| .Procedure | ||
|
|
||
| . Create a `GatewayClass` object with the following manifest: |
There was a problem hiding this comment.
I might be overthinking here, but are you creating the object with a manifest, or are you creating a manifest file where you define the GatewayClass object?
| $ oc -n openshift-ingress create secret tls gwapi-wildcard --cert=wildcard.crt --key=wildcard.key | ||
| ---- | ||
|
|
||
| . Create a `Gateway` object with the following manifest: |
There was a problem hiding this comment.
Again, I might be overthinking here, but are you creating the object with a manifest, or are you creating a manifest file where you define the Gateway object?
| from: All | ||
| ---- | ||
| <1> The name of the previously created `GatewayClass` object. | ||
| <2> The associated listeners for the `Gateway` object. These listeners are for HTTP and HTTPS, and let you configure ingress to your applications using Gateway API `HTTPRoute` resources. |
There was a problem hiding this comment.
| <2> The associated listeners for the `Gateway` object. These listeners are for HTTP and HTTPS, and let you configure ingress to your applications using Gateway API `HTTPRoute` resources. | |
| <2> The associated listeners for the `Gateway` object. These listeners are for HTTP and HTTPS, and you use them to configure ingress to your applications by using Gateway API `HTTPRoute` resources. |
Minor revision to avoid anthropomorphic language.
| tls: | ||
| mode: Terminate | ||
| certificateRefs: | ||
| - name: gwapi-wildcard <3> |
There was a problem hiding this comment.
I don't see an explanation for callout 3.
There was a problem hiding this comment.
🤦 lol ofc i'd forget to add it. thank you, i'll update this with the callout
lahinson
added
peer-review-done
|
|
||
| :_mod-docs-content-type: PROCEDURE | ||
| [id="nw-ingress-gateway-api-enable_{context}"] | ||
| = Enabling Gateway API for the Ingress Operator |
There was a problem hiding this comment.
Is this under a section for Gateway API? I think a better title might be "Getting Started with Gateway API". But I guess it depends on the surrounding content.
| spec: | ||
| controllerName: openshift.io/gateway-controller/v1 <1> | ||
| ---- | ||
| <1> The controller name must be `v1` for the Ingress Operator to manage it. Setting this field to anything else will be ignored by the Ingress Operator, because it is assumed to be a different implementation. |
There was a problem hiding this comment.
| <1> The controller name must be `v1` for the Ingress Operator to manage it. Setting this field to anything else will be ignored by the Ingress Operator, because it is assumed to be a different implementation. | |
| <1> The controller name must be exactly as shown for the Ingress Operator to manage it. Setting this field to anything means the GatewayClass and all of its associated Gateways, GRPCRoutes, and HTTPRoutes will be ignored by the Ingress Operator. The controllerName is tied to the implementation and `openshift.io/gateway-controller/v1` is the only controllerName that can be used with the OpenShift implementation. |
There was a problem hiding this comment.
Actually, this little note should be highlighted as an "Important" note. We don't want anyone to miss this.
|
|
||
| [id="gateway-api-benefits_{context}"] | ||
| == Benefits of the Gateway API | ||
| == Benefits of Gateway API | ||
| The Gateway API provides the following benefits: |
There was a problem hiding this comment.
One more:
| The Gateway API provides the following benefits: | |
| Gateway API provides the following benefits: |
| The Gateway API provides the following benefits: | ||
|
|
||
| * Portability: While {product-title} uses HAProxy to improve Ingress performance, Gateway API does not rely on vendor-specific annotations to provide certain behavior. To get comparable performance as HAProxy, the `Gateway` objects need to be horizontally scaled or their associated nodes need to be vertically scaled. | ||
| * Separation of concerns: Gateway API uses a role-based approach to its resources, and more neatly fits into how a large organization structures its responsibilities and teams. Platform engineers might focus on `GatewayClass` resources, cluster admins might focus on configuring `Gateway` resources, and application developers might focus on routing their services with `HTTPRoute` resources. | ||
| * Extensibility: Additional functionality is developed as a standardized CRD. | ||
|
|
||
| [id="gateway-api-limitations_{context}"] | ||
| == Limitations of the Gateway API | ||
| == Limitations of Gateway API | ||
| The Gateway API has the following limitations: |
There was a problem hiding this comment.
| The Gateway API has the following limitations: | |
| Gateway API has the following limitations: |
|
one small suggestion, otherwise |
openshift-ci
bot
added
the
qe-approved
|
@jldohmann: This pull request references OSDOCS-14879 which is a valid jira issue. Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target either version "4.20." or "openshift-4.20.", but it targets "openshift-4.19" instead. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
Version(s): 4.19+
Issue: https://issues.redhat.com/browse/OSDOCS-14879
Link to docs preview: https://94480--ocpdocs-pr.netlify.app/openshift-enterprise/latest/networking/configuring_ingress_cluster_traffic/ingress-gateway-api.html#nw-ingress-gateway-api-enable_ingress-gateway-api
QE review:
Additional information: