GatewayClass capabilities


This page lists the capabilities of the GatewayClass resources available on Google Kubernetes Engine (GKE) and their supported specifications.

Table legend

For the various tables in this document, the legend for the tables is as follows:

  • indicates that the field is supported.
  • - indicates that the field is not supported.
  • If GKE supports some values in the field, the table describes what values are supported.

GatewayClass capabilities

The following table lists the distinguishing features of the GatewayClass resources available on GKE:

Features gke-l7-rilb gke-l7-rilb-mc gke-l7-gxlb gke-l7-gxlb-mc
Underlying data plane Internal HTTP(S) load balancer Internal HTTP(S) load balancer External HTTP(S) load balancer External HTTP(S) load balancer
Load balancer backend scope Regional Regional Global Global
Gateway listener network VPC internal VPC internal Internet Internet
GKE Gateway controller Regional Global Regional Global
Cluster scope Single cluster Multi-cluster Single cluster Multi-cluster
GKE version support 1.20 and later 1.20 and later 1.20 and later 1.20 and later
GKE mode of operation Standard Standard Standard Standard
Shared VPC support
Launch stage Preview Preview Preview Preview

Gateway

The following table lists the fields of the Gateway API specification that are supported by GKE:

Gateway field GatewayClass
spec.addresses gke-l7-rilb gke-l7-rilb-mc gke-l7-gxlb gke-l7-gxlb-mc
type IPAddress, NamedAddress
value Static regional internal address (resource name or address) Static global external address (resource name or address)
spec.listeners gke-l7-rilb gke-l7-rilb-mc gke-l7-gxlb gke-l7-gxlb-mc
protocol HTTP, HTTPS
port Either 80 or 8080, 443 80, 8080, 443
hostname
routes
spec.listeners.tls gke-l7-rilb gke-l7-rilb-mc gke-l7-gxlb gke-l7-gxlb-mc
mode Terminate
routeOverride.certificate Deny
certificateRef.name
spec.listeners.tls.options gke-l7-rilb gke-l7-rilb-mc gke-l7-gxlb gke-l7-gxlb-mc
networking.gke.io/pre-shared-certs Regional, self-managed SSL certificate resource reference Global SSL certificate resource reference (self- or Google-managed)
metadata.annotations field gke-l7-rilb gke-l7-rilb-mc gke-l7-gxlb gke-l7-gxlb-mc
networking.gke.io/FrontendConfig

HTTPRoute

The following table lists the values of the HTTPRoute API specification that are supported by GKE:

HTTPRoute field GatewayClass
gke-l7-rilb gke-l7-rilb-mc gke-l7-gxlb gke-l7-gxlb-mc
gateways
spec.hostnames
spec.rules.matches gke-l7-rilb gke-l7-rilb-mc gke-l7-gxlb gke-l7-gxlb-mc
path.type Exact, Prefix
path.value
header.type Exact
header.value
spec.filters gke-l7-rilb gke-l7-rilb-mc gke-l7-gxlb gke-l7-gxlb-mc
type RequestMirror, requestHeaderModifier
requestMirror
requestHeadderModifier.add
requestHeadderModifier.remove
requestHeadderModifier.set
spec.tls gke-l7-rilb gke-l7-rilb-mc gke-l7-gxlb gke-l7-gxlb-mc
certificateRef.name
spec.rules.forwardTo gke-l7-rilb gke-l7-rilb-mc gke-l7-gxlb gke-l7-gxlb-mc
serviceName
backendRef.kind ServiceImport ServiceImport
backendRef.group net.gke.io net.gke.io
backendRef.name
port
weight
filters

Service

The following table lists the metadata.annotations fields of Service objects that are relevant to the Gateway API:

metadata.annotations field gke-l7-rilb gke-l7-rilb-mc gke-l7-gxlb gke-l7-gxlb-mc
cloud.google.com/neg Not required when using Gateway. All Services are container-native by default.
cloud.google.com/backend-config Not supported in Preview but will be superseded by a different backend configuration mechanism upon GA. Not supported in Preview but will be superseded by a different backend configuration mechanism upon GA.
cloud.google.com/app-protocols