NetScaler Kubernetes Gateway Controller
Kubernetes offers various mechanisms for exposing applications, including Services and Ingress. While Ingress has been widely adopted, it has limitations in terms of expressiveness, extensibility, and support for advanced traffic management features.
The Kubernetes Gateway API is a next-generation API designed to address these limitations. It provides a more flexible, extensible, and role-oriented approach to managing external access to Kubernetes services. Key advantages of the Gateway API include:
- Role-Based Resource Model: Separates configuration responsibilities between different roles (for example, infrastructure provider, cluster operator, application developer).
- Enhanced Expressiveness: Supports advanced routing scenarios, traffic splitting, header-based routing, and more.
- Extensibility: Allows for custom extensions and features through GatewayClass parameters and policies.
- Portability: Aims for better portability across different Gateway implementations.
As organizations increasingly adopt Kubernetes for deploying and managing their applications, the need for robust and scalable solutions for handling external traffic becomes paramount. NetScaler, a leading Application Delivery Controller (ADC), provides a powerful and feature-rich solution, seamlessly integrating with Kubernetes by implementing the Kubernetes Gateway API.
This document provides an overview of the NetScaler Kubernetes Gateway API, outlining its key features, benefits, and how it enables secure and efficient application delivery in Kubernetes environments.
NetScaler as a Kubernetes Gateway API provider
NetScaler provides a robust and mature implementation of the Gateway API, building upon its years of experience as a leading ADC. This integration allows organizations to benefit from NetScaler’s advanced features within their Kubernetes clusters. The NetScaler Kubernetes Gateway API implementation relies on the following key components:
- NetScaler Kubernetes Gateway Controller: The NetScaler Ingress Controller converts Ingress objects into NetScaler configurations, while the NetScaler Kubernetes Gateway translates Gateway API objects into NetScaler configurations. NetScaler Kubernetes Gateway continuously monitors the Kubernetes API server for changes in the gateway API resources. The NetScaler Kubernetes Gateway is a separate deployment from the NetScaler Ingress Controller. If both Ingress and Gateway API functionalities are needed, both the NetScaler Ingress Controller and the NetScaler Kubernetes Gateway must be deployed.
- Custom Resource Definitions (CRDs): NetScaler introduces custom resource definitions that extend the Kubernetes API to represent NetScaler-specific configurations and features. These CRDs work with the standard Gateway API resources.
- Gateway API Resources: NetScaler supports the core Gateway API resources, such as GatewayClass, Gateway, HTTPRoute, TCPRoute, and TLSRoute. These resources define how external traffic must be handled and routed to back-end services.
Use Cases
The NetScaler Kubernetes Gateway API implementation enables a wide range of use cases, including:
- Securely Exposing Microservices: Protect microservices deployed in Kubernetes with NetScaler’s advanced security features.
- Load Balancing External Traffic: Distribute external traffic across multiple instances of Kubernetes services for high availability and performance.
- Implementing Advanced Routing Rules: Define complex routing rules based on headers, paths, and other criteria.
- Enabling TLS Termination: Offload TLS encryption and decryption to NetScaler for improved performance and security.
- Implementing Canary Deployments: Gradually roll out new application versions to a subset of users before a full deployment.
- Traffic Splitting for A/B Testing: Direct different percentages of traffic to different application versions for A/B testing.
- Integrating with Identity Providers: Implement pre-authentication and authorization using NetScaler’s integration with various identity providers.