using globalExtAuth with Gateway API #5435
-
|
I have configured ExtensionService and Gateway APIs as below. kind: ContourDeployment
apiVersion: projectcontour.io/v1alpha1
metadata:
name: contour
namespace: projectcontour
spec:
runtimeSettings:
globalExtAuth:
extensionRef:
namespace: default
name: testserver
failOpen: false
responseTimeout: 1s
---
kind: GatewayClass
apiVersion: gateway.networking.k8s.io/v1beta1
metadata:
name: contour
spec:
controllerName: projectcontour.io/gateway-controller
parametersRef:
kind: ContourDeployment
group: projectcontour.io
name: contour
namespace: projectcontour
---
kind: Gateway
apiVersion: gateway.networking.k8s.io/v1beta1
metadata:
name: contour
spec:
gatewayClassName: contour
listeners:
- name: kuard
hostname: kuard.example.com
port: 443
protocol: HTTPS
tls:
mode: Terminate
certificateRefs:
- name: kuard-example-com-tls
kind: Secret
---
kind: HTTPRoute
apiVersion: gateway.networking.k8s.io/v1beta1
metadata:
name: kuard
labels:
app: kuard
spec:
parentRefs:
- group: gateway.networking.k8s.io
kind: Gateway
name: contour
hostnames:
- "kuard.example.com"
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- kind: Service
name: kuard
port: 80However, kuard service is not protected by globalExtAuth. Thank you! |
Beta Was this translation helpful? Give feedback.
Answered by
sunjayBhatia
Jun 8, 2023
Replies: 2 comments
-
|
Yep you are correct this is inconsistent at the moment, filed #5458 for an official issue as well |
Beta Was this translation helpful? Give feedback.
0 replies
Answer selected by
h-otter
-
|
Thank you!! |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Yep you are correct this is inconsistent at the moment, filed #5458 for an official issue as well