Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

K8S Gateway API - TLSRoute with wildcard hostname, ROUTER_FLAVOR=expressions #14252

Open
1 task done
piotrgasior opened this issue Feb 10, 2025 · 0 comments
Open
1 task done

K8S Gateway API - TLSRoute with wildcard hostname, ROUTER_FLAVOR=expressions #14252

piotrgasior opened this issue Feb 10, 2025 · 0 comments
Labels
area/ingress-controller Issues where Kong is running as a Kubernetes Ingress Controller area/kubernetes Issues where Kong is running on top of Kubernetes

Comments

@piotrgasior
Copy link

piotrgasior commented Feb 10, 2025
edited
Loading

Is there an existing issue for this?

  • I have searched the existing issues

Kong version ($ kong version)

Kong 3.9.0

Current Behavior

Gateway is configured in DB-less mode together with KIC 3.4.1.
The Gateway is deployed by helm chart with env: router_flavor: expressions

Gateway config cannot be updated with TLSRoute, which contains wildcard in the hostname definition, the error is:

invalid expression: length must be at least 1

Expected Behavior

Gateway should accept config with wildcard SNIs.

Steps To Reproduce

Kong deployment via Helm charts with FeatureGate and Router Flvaor env:

feature_gates: GatewayAlpha=true
router_flavor: expressions

Gateway:

apiVersion: gateway.networking.k8s.io/v1
kind: Gateway
metadata:
  name: somename
  namespace: somenamespace
spec:
  gatewayClassName: gatewayclassname
  listeners:
  - allowedRoutes:
      namespaces:
        from: All
    hostname: '*.example.net'
    name: tls
    port: 443
    protocol: TLS
    tls:
      mode: Passthrough

TLSRoute:

apiVersion: gateway.networking.k8s.io/v1alpha2
kind: TLSRoute
metadata:
  name: somename
  namespace: somenamespace
spec:
  hostnames:
  - '*.example.net'
  parentRefs:
  - group: gateway.networking.k8s.io
    kind: Gateway
    name: gatewayname
    sectionName: tls
  rules:
  - backendRefs:
    - kind: Service
      name: gateway-proxy
      port: 9443

Anything else?

No response
@xianghai2 xianghai2 added area/kubernetes Issues where Kong is running on top of Kubernetes area/ingress-controller Issues where Kong is running as a Kubernetes Ingress Controller labels Feb 12, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/ingress-controller Issues where Kong is running as a Kubernetes Ingress Controller area/kubernetes Issues where Kong is running on top of Kubernetes
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@xianghai2 @piotrgasior