NetScaler Kubernetes gateway controller CRDs
The following sections outline the supported parameters for each Kubernetes Gateway API CRD in the latest released version. Any parameters or CRD outside the supported parameters listed in this topic are currently not supported.
Gateway Class CRD
| Property | Description | Status |
|---|---|---|
| spec.controllerName | The name of the controller that must match with the name provided while deploying the controller. | Supported |
| spec.description | Human-readable description of the GatewayClass. | Supported |
| status.conditions | The status of this GatewayClass from the controller can be found in “Conditions.” | Supported |
Gateway CRD
| Property | Description | Status |
|---|---|---|
| spec.addresses | The list of IP addresses. The Controller uses all the addresses and creates an ipset. The Controller uses the ipset as virtual IP address of a content switching virtual server created on NetScaler. | Supported |
| spec.gatewayClassName | The name of the GatewayClass to which this Gateway belongs. | Supported |
| spec.listeners | The list of network endpoints (listeners) that the Gateway exposes. Currently the controller only supports a single listener. | Partially Supported |
| spec.listeners.name | The name of the listener. This name must be unique within a Gateway. | Supported |
| spec.listeners[].port | The port number for the listener. The Controller uses this port as content switching vitrual server port created on NetScaler. | Supported |
| spec.listeners[].protocol | The network protocol that the listener expects to receive. Controller uses this protocol as the virtual server IP address of a content switching virtual server created on NetScaler. | Supported |
| spec.listeners[].tls.certificateRefs | The CertificateRefs contains a series of references to Kubernetes objects that contain TLS certificates and private keys. Currently, the Controller only supports Kubernetes secrets. | Partially Supported |
HTTProute CRD
| Property | Description | Status |
|---|---|---|
| spec.hostnames | The list of host names this route matches. The Controller uses the hostname in the content switching policy rule expression. | Supported |
| spec.parentRefs[] | The references to the Gateways this route attaches to. Currently, the controller supports a single gateway reference. | Partially Supported |
| spec.parentRefs[].kind | Currently, the controller supports only the following parentRefs: Gateway | Partially Supported |
| spec.parentRefs[].name | The name of the Gateway Resource. | Supported |
| spec.parentRefs[].namespace | The namespace of the Gateway Resource. | Supported |
| spec.rules[] | Controller uses these rules for generating the content switching policy rule expression. | Supported |
| spec.rules[].matches | Controller uses path, method, queryparams, headers and so on to craft the content switching policy rule on NetScaler. | Supported |
| spec.rules[].backendRefs | Currently, Controller support only the following backendRefs: service, name, namespace, port, and a single backendrefs. | Partially Supported |
Points to note
- The controller considers only the the supported parameters listed earlier; any unsupported parameters are ignored.
- Future versions might extend support for additional parameters.
- Ensure that the
gatewayClassNameis correctly set for Gateway resources so that they are recognized by the controller. - All
parentRefsinHTTPRoutemust correctly reference existing and valid Gateways. - Status updates are dynamically managed and might take time to reflect based on system load.
- Logs must be monitored for any parsing or validation errors when applying CRDs.
- IP addresses used in Gateway CRD can’t be shared with Ingresses or Citrix Listener resources.
- Ensure that the Gatewayclass CRD is created before applying the Gateway and HTTProute CRDs.
NetScaler Kubernetes gateway controller CRDs
Copied!
Failed!