Skip to content

Commit

Permalink
docs: customize envoyproxy dualstack (#4639)
Browse files Browse the repository at this point in the history
* docs: customize envoyproxy dualstack

Signed-off-by: Juwon Hwang (Kevin) <juwon8891@gmail.com>

* docs: customize envoyproxy dualstack

Signed-off-by: Juwon Hwang (Kevin) <juwon8891@gmail.com>

* docs: customize envoyproxy dualstack

Signed-off-by: Juwon Hwang (Kevin) <juwon8891@gmail.com>

---------

Signed-off-by: Juwon Hwang (Kevin) <juwon8891@gmail.com>
  • Loading branch information
juwon8891 authored Dec 12, 2024
1 parent f467007 commit a41f1f1
Show file tree
Hide file tree
Showing 3 changed files with 150 additions and 9 deletions.
53 changes: 50 additions & 3 deletions site/content/en/docs/tasks/operations/customize-envoyproxy.md
Original file line number Diff line number Diff line change
Expand Up @@ -720,12 +720,12 @@ spec:
{{% /tab %}}
{{< /tabpane >}}

You can use [egctl translate][]
You can use [egctl x translate][]
to get the default xDS Bootstrap configuration used by Envoy Gateway.

After applying the config, the bootstrap config will be overridden by the new config you provided.
Any errors in the configuration will be surfaced as status within the `GatewayClass` resource.
You can also validate this configuration using [egctl translate][].
You can also validate this configuration using [egctl x translate][].

## Customize EnvoyProxy Horizontal Pod Autoscaler

Expand Down Expand Up @@ -1043,6 +1043,53 @@ spec:
{{% /tab %}}
{{< /tabpane >}}

## Customize EnvoyProxy IP Family

You can customize the IP family configuration for EnvoyProxy via the EnvoyProxy Config.
This allows the Envoy Proxy fleet to serve external clients over IPv4 as well as IPv6.

The below configuration sets the `ipFamily` to `DualStack` to allow ingressing IPv4 as well as IPv6 traffic.

**Note**: Envoy Gateway relies on the [Service](https://kubernetes.io/docs/concepts/services-networking/dual-stack/#services) spec of the BackendRef resource (linked to xRoutes) to decide which type of IP addresses to use to route to them.

{{< tabpane text=true >}}
{{% tab header="Apply from stdin" %}}

```shell
cat <<EOF | kubectl apply -f -
apiVersion: gateway.envoyproxy.io/v1alpha1
kind: EnvoyProxy
metadata:
name: custom-proxy-config
namespace: default
spec:
ipFamily: DualStack
EOF
```

{{% /tab %}}

{{% tab header="Apply from file" %}}
Save and apply the following resource to your cluster:

```yaml
---
apiVersion: gateway.envoyproxy.io/v1alpha1
kind: EnvoyProxy
metadata:
name: custom-proxy-config
namespace: default
spec:
ipFamily: DualStack # Supports: IPv4, IPv6, or DualStack
```

{{% /tab %}}
{{< /tabpane >}}

After applying the config, the EnvoyProxy deployment will be configured to use the specified IP family. When set to `DualStack`, both IPv4 and IPv6 networking will be enabled.

**Note**: Your cluster must support the selected IP family configuration. For DualStack support, ensure your Kubernetes cluster is properly configured for dual-stack networking.

[Gateway API documentation]: https://gateway-api.sigs.k8s.io/
[EnvoyProxy]: ../../../api/extension_types#envoyproxy
[egctl translate]: ../egctl/#validating-gateway-api-configuration
[egctl x translate]: ../operations/egctl#egctl-experimental-translate
53 changes: 50 additions & 3 deletions site/content/en/latest/tasks/operations/customize-envoyproxy.md
Original file line number Diff line number Diff line change
Expand Up @@ -720,12 +720,12 @@ spec:
{{% /tab %}}
{{< /tabpane >}}

You can use [egctl translate][]
You can use [egctl x translate][]
to get the default xDS Bootstrap configuration used by Envoy Gateway.

After applying the config, the bootstrap config will be overridden by the new config you provided.
Any errors in the configuration will be surfaced as status within the `GatewayClass` resource.
You can also validate this configuration using [egctl translate][].
You can also validate this configuration using [egctl x translate][].

## Customize EnvoyProxy Horizontal Pod Autoscaler

Expand Down Expand Up @@ -1043,6 +1043,53 @@ spec:
{{% /tab %}}
{{< /tabpane >}}

## Customize EnvoyProxy IP Family

You can customize the IP family configuration for EnvoyProxy via the EnvoyProxy Config.
This allows the Envoy Proxy fleet to serve external clients over IPv4 as well as IPv6.

The below configuration sets the `ipFamily` to `DualStack` to allow ingressing IPv4 as well as IPv6 traffic.

**Note**: Envoy Gateway relies on the [Service](https://kubernetes.io/docs/concepts/services-networking/dual-stack/#services) spec of the BackendRef resource (linked to xRoutes) to decide which type of IP addresses to use to route to them.

{{< tabpane text=true >}}
{{% tab header="Apply from stdin" %}}

```shell
cat <<EOF | kubectl apply -f -
apiVersion: gateway.envoyproxy.io/v1alpha1
kind: EnvoyProxy
metadata:
name: custom-proxy-config
namespace: default
spec:
ipFamily: DualStack
EOF
```

{{% /tab %}}

{{% tab header="Apply from file" %}}
Save and apply the following resource to your cluster:

```yaml
---
apiVersion: gateway.envoyproxy.io/v1alpha1
kind: EnvoyProxy
metadata:
name: custom-proxy-config
namespace: default
spec:
ipFamily: DualStack # Supports: IPv4, IPv6, or DualStack
```

{{% /tab %}}
{{< /tabpane >}}

After applying the config, the EnvoyProxy deployment will be configured to use the specified IP family. When set to `DualStack`, both IPv4 and IPv6 networking will be enabled.

**Note**: Your cluster must support the selected IP family configuration. For DualStack support, ensure your Kubernetes cluster is properly configured for dual-stack networking.

[Gateway API documentation]: https://gateway-api.sigs.k8s.io/
[EnvoyProxy]: ../../../api/extension_types#envoyproxy
[egctl translate]: ../egctl/#validating-gateway-api-configuration
[egctl x translate]: ../operations/egctl#egctl-experimental-translate
53 changes: 50 additions & 3 deletions site/content/en/v1.2/tasks/operations/customize-envoyproxy.md
Original file line number Diff line number Diff line change
Expand Up @@ -720,12 +720,12 @@ spec:
{{% /tab %}}
{{< /tabpane >}}

You can use [egctl translate][]
You can use [egctl x translate][]
to get the default xDS Bootstrap configuration used by Envoy Gateway.

After applying the config, the bootstrap config will be overridden by the new config you provided.
Any errors in the configuration will be surfaced as status within the `GatewayClass` resource.
You can also validate this configuration using [egctl translate][].
You can also validate this configuration using [egctl x translate][].

## Customize EnvoyProxy Horizontal Pod Autoscaler

Expand Down Expand Up @@ -1043,6 +1043,53 @@ spec:
{{% /tab %}}
{{< /tabpane >}}

## Customize EnvoyProxy IP Family

You can customize the IP family configuration for EnvoyProxy via the EnvoyProxy Config.
This allows the Envoy Proxy fleet to serve external clients over IPv4 as well as IPv6.

The below configuration sets the `ipFamily` to `DualStack` to allow ingressing IPv4 as well as IPv6 traffic.

**Note**: Envoy Gateway relies on the [Service](https://kubernetes.io/docs/concepts/services-networking/dual-stack/#services) spec of the BackendRef resource (linked to xRoutes) to decide which type of IP addresses to use to route to them.

{{< tabpane text=true >}}
{{% tab header="Apply from stdin" %}}

```shell
cat <<EOF | kubectl apply -f -
apiVersion: gateway.envoyproxy.io/v1alpha1
kind: EnvoyProxy
metadata:
name: custom-proxy-config
namespace: default
spec:
ipFamily: DualStack
EOF
```

{{% /tab %}}

{{% tab header="Apply from file" %}}
Save and apply the following resource to your cluster:

```yaml
---
apiVersion: gateway.envoyproxy.io/v1alpha1
kind: EnvoyProxy
metadata:
name: custom-proxy-config
namespace: default
spec:
ipFamily: DualStack # Supports: IPv4, IPv6, or DualStack
```

{{% /tab %}}
{{< /tabpane >}}

After applying the config, the EnvoyProxy deployment will be configured to use the specified IP family. When set to `DualStack`, both IPv4 and IPv6 networking will be enabled.

**Note**: Your cluster must support the selected IP family configuration. For DualStack support, ensure your Kubernetes cluster is properly configured for dual-stack networking.

[Gateway API documentation]: https://gateway-api.sigs.k8s.io/
[EnvoyProxy]: ../../../api/extension_types#envoyproxy
[egctl translate]: ../egctl/#validating-gateway-api-configuration
[egctl x translate]: ../operations/egctl#egctl-experimental-translate

0 comments on commit a41f1f1

Please sign in to comment.