GatewayClass capabilities

Stay organized with collections Save and categorize content based on your preferences.

This page lists the capabilities of the GatewayClass resources available on Google Kubernetes Engine (GKE) and their supported specifications.

Table legend

For the various tables in this document, the legend for the tables is as follows:

  • indicates that the field is supported.
  • - indicates that the field is not supported.
  • If GKE supports some values in the field, the table describes what values are supported.

GatewayClass capabilities

The following table lists the distinguishing features of the GatewayClass resources available on GKE:

GatewayClass gke-l7-rilb gke-l7-rilb-mc gke-l7-gxlb gke-l7-gxlb-mc
Architecture and components
GKE Gateway Controller Google-hosted Gateway controller Google-hosted Gateway controller Google-hosted Gateway controller Google-hosted Gateway controller
Location Google Cloud infrastructure Google Cloud infrastructure Google Cloud infrastructure Google Cloud infrastructure
Platform GKE GKE GKE GKE
Cluster type GKE Standard GKE Standard GKE Standard GKE Standard
Cluster scope Single cluster Multi-cluster Single cluster Multi-cluster
GKE version GKE 1.24+ GKE 1.24+ GKE 1.24+ GKE 1.24+
API type CRD CRD CRD CRD
API version gateway.networking.k8s.io/v1beta1 gateway.networking.k8s.io/v1beta1 gateway.networking.k8s.io/v1beta1 gateway.networking.k8s.io/v1beta1
API enablement GKE Standard: CLI GKE Standard: CLI GKE Standard: CLI GKE Standard: CLI
CRD version 0.5.1 0.5.1 0.5.1 0.5.1
Launch stage GA Preview GA Preview
Multi-Cluster Services
Required
API version net.gke.io/v1 net.gke.io/v1
Resource type ServiceExport ServiceExport
Load balancers
Load balancer type Internal HTTP(S) load balancer Internal HTTP(S) load balancer Global external HTTP(S) load balancer (classic) Global external HTTP(S) load balancer (classic)
Load balancer scope Regional Regional Global Global
Container-native load balancing (NEGs) (Default) (Default) (Default) (Default)
VPC
Shared VPC support Load balancer and cluster in the host project Load balancer and cluster in the host project Load balancer and cluster in the host project Load balancer and cluster in the host project
Shared Gateway/Ingress for multiple routes
Automated VPC firewall lifecycle management
Gateway IP Address
Gateway IP address assignment Static or dynamic Static or dynamic Static or dynamic Static or dynamic
Gateway IP address reachability VPC internal VPC internal Internet Internet
Same IP address for multiple ports (HTTP, HTTPS)
Routing & Traffic Management
Cross-namespace routing
Cross-project load balancing
Host/Path routing Prefix, Exact match Prefix, Exact match Prefix, Exact match Prefix, Exact match
Header-based routing Exact match Exact match Exact match Exact match
Traffic splitting
Traffic mirroring
Traffic cut over
Traffic-based autoscaling Preview Preview
User-defined request headers
Frontend Security
SSL policy
HTTP-to-HTTPS redirect
Multiple TLS certificates support
Kubernetes Secrets-based certificates
Self-managed SSL certificates
Google-managed SSL certificates
Certificate Manager support
Backend service properties
Connection draining timeout
Session affinity
HTTP access logging configuration
Backend service timeout
Custom load balancer health check configuration
TLS to backend services
Supported backend services protocols HTTP, HTTPS, HTTP/2 HTTP HTTP, HTTPS, HTTP/2 HTTP
Custom default backend
Additional services
Cloud CDN
Identity-Aware Proxy (IAP)
Google Cloud Armor security policy

Gateway

The following table lists the fields of the Gateway API specification that are supported by GKE:

Gateway field GatewayClass
spec.addresses gke-l7-rilb gke-l7-rilb-mc gke-l7-gxlb gke-l7-gxlb-mc
type NamedAddress
value Static regional internal address Static global external address
spec.listeners gke-l7-rilb gke-l7-rilb-mc gke-l7-gxlb gke-l7-gxlb-mc
protocol HTTP, HTTPS
port Either 80 or 8080, 443 80, 8080, 443
hostname
routes
spec.listeners.tls gke-l7-rilb gke-l7-rilb-mc gke-l7-gxlb gke-l7-gxlb-mc
mode Terminate
certificateRef
spec.listeners.tls.options gke-l7-rilb gke-l7-rilb-mc gke-l7-gxlb gke-l7-gxlb-mc
networking.gke.io/pre-shared-certs Regional, self-managed SSL certificate resource reference Global SSL certificate resource reference (self- or Google-managed)

HTTPRoute

The following table lists the values of the HTTPRoute API specification that are supported by GKE:

HTTPRoute field GatewayClass
gke-l7-rilb gke-l7-rilb-mc gke-l7-gxlb gke-l7-gxlb-mc
gateways
spec.hostnames
spec.rules.matches gke-l7-rilb gke-l7-rilb-mc gke-l7-gxlb gke-l7-gxlb-mc
path.type Exact, Prefix
path.value
header.type Exact
header.value
spec.filters gke-l7-rilb gke-l7-rilb-mc gke-l7-gxlb gke-l7-gxlb-mc
type RequestMirror, requestHeaderModifier
requestMirror
requestHeaderModifier.add
requestHeaderModifier.remove
requestHeaderModifier.set
spec.rules.forwardTo gke-l7-rilb gke-l7-rilb-mc gke-l7-gxlb gke-l7-gxlb-mc
serviceName
backendRef.kind ServiceImport ServiceImport
backendRef.group net.gke.io net.gke.io
backendRef.name
port
weight
filters