Installing Gateway API

Gateway API is a collection of API resources that model networking in a Managed Service for Kubernetes cluster. These resources include GatewayClass, Gateway, HTTPRoute, and others.

In Managed Service for Kubernetes, Gateway API launches Yandex Application Load Balancer and the required auxiliary resources when a Kubernetes user declares the Gateway resource in a Managed Service for Kubernetes cluster.

Getting startedGetting started

1. If you do not have the Yandex Cloud command line interface yet, install and initialize it.

   The folder specified in the CLI profile is used by default. You can specify a different folder using the --folder-name or --folder-id parameter.

2. Create a service account required for Gateway API.

3. Assign the following roles to the service account:

   • alb.editor: To create the required resources.
   • vpc.publicAdmin: To manage external connectivity.
   • certificate-manager.admin: To use certificates registered in Yandex Certificate Manager.
   • compute.viewer: To use Managed Service for Kubernetes cluster nodes in balancer target groups.

4. Create an authorized key for the service account and save it to the sa-key.json file:

   yc iam key create \
     --service-account-name <name_of_service_account_for_Gateway_API> \
     --output sa-key.json
   

5. Make sure that the security groups for the Managed Service for Kubernetes cluster and its node groups are configured correctly. If any rule is missing, add it.

   Warning

   The configuration of security groups determines the performance and availability of the cluster and the services and applications running in it.

Installation using Yandex Cloud MarketplaceInstallation using Yandex Cloud Marketplace

1. Go to the folder page and select Managed Service for Kubernetes.
2. Click the name of the Managed Service for Kubernetes cluster you need and select the Marketplace tab.
3. Under Application available for installation, select Gateway API and click Go to install.
4. Configure the application:
   • Namespace: Select a namespace or create a new one.
   • Application name: Specify the app name.
   • Folder ID: Select the folder to create load balancers in.
   • Network ID: Select the cloud network to host the load balancers.
   • Subnet ID 1, Subnet ID 2, Subnet ID 3: Select the subnets to host the load balancers.
   • Service account key: Paste the contents of the sa-key.json file or create a new service account key.
5. Click Install.
6. Wait for the application to change its status to Deployed.

Installation using a Helm chartInstallation using a Helm chart

1. Install Helm v3.8.0 or higher.

2. Install kubectl and configure it to work with the created cluster.

3. To install a Helm chart with Gateway API, run the command below:

   helm pull oci://cr.yandex/yc-marketplace/yandex-cloud/gateway-api/gateway-api-helm/gateway-api \
     --version 0.4.31 \
     --untar && \
   helm install \
     --namespace <namespace> \
     --create-namespace \
     --set folderId='<folder_ID>' \
     --set networkId='<cloud_network_ID>' \
     --set subnet1Id='<subnet_1_ID>' \
     --set subnet2Id='<subnet_2_ID>' \
     --set subnet3Id='<subnet_3_ID>' \
     --set-file saKeySecretKey='<path_to_sa-key.json>' \
     gateway-api ./gateway-api/
   

   In the command, specify the network and its subnets to host the load balancers.

   Note

   If you are using a Helm version below 3.8.0, append the export HELM_EXPERIMENTAL_OCI=1 && \ string to the command to enable Open Container Initiative (OCI) support in the Helm client.

Use casesUse cases

• Setting up Gateway API.

See alsoSee also

• Gateway API project description.
• Gateway API description and configuration in the Application Load Balancer documentation.