Install Gateway API

  1. Install gateway api CRDs and install nginx gateway fabric

kubectl apply -f https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.4.1/standard-install.yaml
helm install ngf oci://ghcr.io/nginx/charts/nginx-gateway-fabric \
--namespace nginx-gateway \
--create-namespace \
--version 2.4.2 \
--wait

  1. Verify the gateway pods

kubectl -n nginx-gateway get all

  1. Generate a gateway.yaml file with below contents and install gateway

    • For non-secure connection you can exclude the https section

    • For secure connection, include the https section and complete steps 5-10 before apply the the change (Step 4) to gateway

apiVersion: gateway.networking.k8s.io/v1
kind: Gateway
metadata:
    name: aizen-nginx-gateway
    namespace: nginx-gateway
spec:
    gatewayClassName: nginx
    listeners:
    - name: http
      protocol: HTTP
      port: 80
      allowedRoutes:
        namespaces:
            from: All

    ##Include the below section if you are using secure connections
    - name: https
      protocol: HTTPS
      port: 443
      allowedRoutes:
        namespaces:
            from: All
      tls:
        mode: Terminate
        certificateRefs:
        - name: aizen-tls

  1. Install the gateway

kubectl apply -f gateway.yaml

  1. Install certificate manager

kubectl apply -f https://github.com/cert-manager/cert-manager/releases/latest/download/cert-manager.yaml

  1. Generate certificate issuer (ss-certissuer.yaml)

apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
    name: selfsigned-issuer
spec:
    selfSigned: {}

  1. Apply certificate issuer

kubectl apply -f ss-certissuer.yaml

  1. Generate self-signed certificate for Aizen platform(ss-aizencert.yaml)

apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
    name: aizen-sscert
    namespace: nginx-gateway
spec:
    secretName: aizen-tls
    issuerRef:
        name: selfsigned-issuer
        kind: ClusterIssuer
    dnsNames:
        - a.b.c.com   <-- Provide you unique dns name associated with the external IP

  1. Apply self signed certificate

kubectl apply -f ss-aizencert.yaml

Note

Execute step 4 to create the gateway

  1. Verify the certificates

kubectl get certificate -n nginx-gateway
kubectl get secret aizen-tls -n nginx-gateway
kubectl -n nginx-gateway get gateway
kubectl -n nginx-gateway describe gateway aizen-nginx-gateway