GatewayClass capabilities

Stay organized with collections Save and categorize content based on your preferences.

This page lists the capabilities of the GatewayClass resources available on Google Kubernetes Engine (GKE) and their supported specifications.

Table legend

For the various tables in this document, the legend for the tables is as follows:

  • indicates that the field is supported.
  • - indicates that the field is not supported.
  • If GKE supports some values in the field, the table describes what values are supported.

GatewayClass capabilities

The following table lists the distinguishing features of the GatewayClass resources available on GKE:

GatewayClass
Architecture and components gke-l7-rilb gke-l7-rilb-mc gke-l7-gxlb gke-l7-gxlb-mc gke-l7-global-external-managed gke-l7-global-external-managed-mc
GKE Gateway Controller Google-hosted Gateway controller
Location Google Cloud infrastructure
Platform GKE
Cluster type GKE Standard
Cluster scope Single cluster Multi-cluster Single cluster Multi-cluster Single cluster Multi-cluster
GKE version GKE 1.24+
API type CRD
API version gateway.networking.k8s.io/v1beta1
API enablement GKE Standard: CLI, REST API
CRD version 0.5.1
Launch stage GA Preview GA Preview Preview Preview
Multi-Cluster Services gke-l7-rilb gke-l7-rilb-mc gke-l7-gxlb gke-l7-gxlb-mc gke-l7-global-external-managed gke-l7-global-external-managed-mc
Required
API version net.gke.io/v1 net.gke.io/v1 net.gke.io/v1
Resource type ServiceExport ServiceExport ServiceExport
Load balancers gke-l7-rilb gke-l7-rilb-mc gke-l7-gxlb gke-l7-gxlb-mc gke-l7-global-external-managed gke-l7-global-external-managed-mc
Load balancer type Internal HTTP(S) load balancer Global external HTTP(S) load balancer (classic) Global external HTTP(S) load balancer
Load balancer scope Regional Global Global
Container-native load balancing (NEGs) (Default)
VPC gke-l7-rilb gke-l7-rilb-mc gke-l7-gxlb gke-l7-gxlb-mc gke-l7-global-external-managed gke-l7-global-external-managed-mc
Shared VPC support Load balancer and cluster in the host project
Shared Gateway/Ingress for multiple routes
Automated VPC firewall lifecycle management
Gateway IP Address gke-l7-rilb gke-l7-rilb-mc gke-l7-gxlb gke-l7-gxlb-mc gke-l7-global-external-managed gke-l7-global-external-managed-mc
Gateway IP address assignment Static or dynamic
Gateway IP address reachability VPC internal Internet Internet
Same IP address for multiple ports (HTTP, HTTPS)
Routing & Traffic Management gke-l7-rilb gke-l7-rilb-mc gke-l7-gxlb gke-l7-gxlb-mc gke-l7-global-external-managed gke-l7-global-external-managed-mc
Cross-namespace routing
Cross-project load balancing
Host/Path routing Prefix, Exact match
Header-based routing Exact match
Traffic splitting
Traffic mirroring
Traffic cut over
Traffic-based autoscaling Preview Preview Preview
User-defined request headers
Frontend Security gke-l7-rilb gke-l7-rilb-mc gke-l7-gxlb gke-l7-gxlb-mc gke-l7-global-external-managed gke-l7-global-external-managed-mc
SSL policy
HTTP-to-HTTPS redirect
Multiple TLS certificates support
Kubernetes Secrets-based certificates
Self-managed SSL certificates
Google-managed SSL certificates
Certificate Manager support
Backend service properties gke-l7-rilb gke-l7-rilb-mc gke-l7-gxlb gke-l7-gxlb-mc gke-l7-global-external-managed gke-l7-global-external-managed-mc
Connection draining timeout
Session affinity
HTTP access logging configuration
Backend service timeout
Custom load balancer health check configuration
TLS to backend services
Supported backend services protocols HTTP, HTTPS, HTTP/2 HTTP HTTP, HTTPS, HTTP/2 HTTP HTTP, HTTPS, HTTP/2 HTTP
Custom default backend
Additional services gke-l7-rilb gke-l7-rilb-mc gke-l7-gxlb gke-l7-gxlb-mc gke-l7-global-external-managed gke-l7-global-external-managed-mc
Cloud CDN
Identity-Aware Proxy (IAP)
Google Cloud Armor security policy

Supported Gateway API Fields

Gateway

The following table lists the fields of the Gateway API specification that are supported by GKE:

Gateway field GatewayClass
spec.addresses gke-l7-rilb gke-l7-rilb-mc gke-l7-gxlb gke-l7-gxlb-mc gke-l7-global-external-managed gke-l7-global-external-managed-mc
type NamedAddress
value Static regional internal address Static global external address Static global external address
spec.listeners gke-l7-rilb gke-l7-rilb-mc gke-l7-gxlb gke-l7-gxlb-mc gke-l7-global-external-managed gke-l7-global-external-managed-mc
protocol HTTP, HTTPS
port Either 80 or 8080, 443 80, 8080, 443 80, 8080, 443
hostname
routes
spec.listeners.tls gke-l7-rilb gke-l7-rilb-mc gke-l7-gxlb gke-l7-gxlb-mc gke-l7-global-external-managed gke-l7-global-external-managed-mc
mode Terminate
certificateRef
spec.listeners.tls.options gke-l7-rilb gke-l7-rilb-mc gke-l7-gxlb gke-l7-gxlb-mc gke-l7-global-external-managed gke-l7-global-external-managed-mc
networking.gke.io/pre-shared-certs Regional, self-managed SSL certificate resource reference Global SSL certificate resource reference (self- or Google-managed) Global SSL certificate resource reference (self- or Google-managed)

HTTPRoute

The following table lists the values of the HTTPRoute API specification that are supported by GKE:

HTTPRoute field GatewayClass
gke-l7-rilb gke-l7-rilb-mc gke-l7-gxlb gke-l7-gxlb-mc gke-l7-global-external-managed gke-l7-global-external-managed-mc
gateways
spec.hostnames
spec.rules.matches gke-l7-rilb gke-l7-rilb-mc gke-l7-gxlb gke-l7-gxlb-mc gke-l7-global-external-managed gke-l7-global-external-managed-mc
path.type Exact, Prefix
path.value
header.type Exact
header.value
spec.filters gke-l7-rilb gke-l7-rilb-mc gke-l7-gxlb gke-l7-gxlb-mc gke-l7-global-external-managed gke-l7-global-external-managed-mc
type RequestMirror, requestHeaderModifier RequestMirror, requestHeaderModifier
requestMirror
requestHeaderModifier.add
requestHeaderModifier.remove
requestHeaderModifier.set
spec.rules.forwardTo gke-l7-rilb gke-l7-rilb-mc gke-l7-gxlb gke-l7-gxlb-mc gke-l7-global-external-managed gke-l7-global-external-managed-mc
serviceName
backendRef.kind ServiceImport ServiceImport ServiceImport
backendRef.group net.gke.io net.gke.io net.gke.io
backendRef.name
port
weight
filters