GatewayClass capabilities

Standard

This page lists the capabilities of the GatewayClass resources available on Google Kubernetes Engine (GKE) and their supported specifications.

For the various tables in this document, the legend for the tables is as follows:

indicates that the field is supported.
- indicates that the field is not supported.
If GKE supports some values in the field, the table describes what values are supported.

The following table lists the distinguishing features of the GatewayClass resources available on GKE:

Features	`gke-l7-rilb`	`gke-l7-rilb-mc`	`gke-l7-gxlb`	`gke-l7-gxlb-mc`
Underlying data plane	Internal HTTP(S) load balancer	Internal HTTP(S) load balancer	External HTTP(S) load balancer	External HTTP(S) load balancer
Load balancer backend scope	Regional	Regional	Global	Global
Gateway listener network	VPC internal	VPC internal	Internet	Internet
GKE Gateway controller	Regional	Global	Regional	Global
Cluster scope	Single cluster	Multi-cluster	Single cluster	Multi-cluster
GKE version support	1.20 and later	1.20 and later	1.20 and later	1.20 and later
GKE mode of operation	Standard	Standard	Standard	Standard
Shared VPC support
Launch stage	Preview	Preview	Preview	Preview

Gateway

The following table lists the fields of the Gateway API specification that are supported by GKE:

Gateway field	GatewayClass
`spec.addresses`	`gke-l7-rilb`	`gke-l7-rilb-mc`	`gke-l7-gxlb`	`gke-l7-gxlb-mc`
`type`	`IPAddress`, `NamedAddress`
`value`	Static regional internal address (resource name or address)		Static global external address (resource name or address)
`spec.listeners`	`gke-l7-rilb`	`gke-l7-rilb-mc`	`gke-l7-gxlb`	`gke-l7-gxlb-mc`
`protocol`	HTTP, HTTPS
`port`	Either 80 or 8080, 443		80, 8080, 443
`hostname`
`routes`
`spec.listeners.tls`	`gke-l7-rilb`	`gke-l7-rilb-mc`	`gke-l7-gxlb`	`gke-l7-gxlb-mc`
`mode`	`Terminate`
`routeOverride.certificate`	`Deny`
`certificateRef.name`
`spec.listeners.tls.options`	`gke-l7-rilb`	`gke-l7-rilb-mc`	`gke-l7-gxlb`	`gke-l7-gxlb-mc`
`networking.gke.io/pre-shared-certs`	Regional, self-managed SSL certificate resource reference		Global SSL certificate resource reference (self- or Google-managed)
`metadata.annotations` field	`gke-l7-rilb`	`gke-l7-rilb-mc`	`gke-l7-gxlb`	`gke-l7-gxlb-mc`
`networking.gke.io/FrontendConfig`

The following table lists the values of the HTTPRoute API specification that are supported by GKE:

HTTPRoute field	GatewayClass
	gke-l7-rilb	gke-l7-rilb-mc	gke-l7-gxlb	gke-l7-gxlb-mc
`gateways`
`spec.hostnames`
`spec.rules.matches`	`gke-l7-rilb`	`gke-l7-rilb-mc`	`gke-l7-gxlb`	`gke-l7-gxlb-mc`
`path.type`	`Exact`, `Prefix`
`path.value`
`header.type`	`Exact`
`header.value`
`spec.filters`	`gke-l7-rilb`	`gke-l7-rilb-mc`	`gke-l7-gxlb`	`gke-l7-gxlb-mc`
`type`	`RequestMirror`, `requestHeaderModifier`
`requestMirror`
`requestHeadderModifier.add`
`requestHeadderModifier.remove`
`requestHeadderModifier.set`
`spec.tls`	`gke-l7-rilb`	`gke-l7-rilb-mc`	`gke-l7-gxlb`	`gke-l7-gxlb-mc`
`certificateRef.name`
`spec.rules.forwardTo`	`gke-l7-rilb`	`gke-l7-rilb-mc`	`gke-l7-gxlb`	`gke-l7-gxlb-mc`
`serviceName`
`backendRef.kind`		`ServiceImport`		`ServiceImport`
`backendRef.group`		`net.gke.io`		`net.gke.io`
`backendRef.name`
`port`
`weight`
`filters`

The following table lists the metadata.annotations fields of Service objects that are relevant to the Gateway API:

`metadata.annotations` field	`gke-l7-rilb`	`gke-l7-gxlb`
`cloud.google.com/neg`	Not required when using Gateway. All Services are container-native by default.
`cloud.google.com/backend-config`	Not supported in Preview but will be superseded by a different backend configuration mechanism upon GA.	Not supported in Preview but will be superseded by a different backend configuration mechanism upon GA.
`cloud.google.com/app-protocols`