The EWC Managed Kubernetes Service allows you to select CNI while creating a cluster. In this page we describe example cilium configuration which can be used to work with Ingress or Gateway API.
In order for Cilium to work as ingress controller or gateway controller we need to enable this explicitly. In a KKP user cluster this can be done while creating the cluster or on an existing cluster.
The point of change is the Cilium chart values which is deployed by KKP as an Addon application.
Besides existing values add the following:
ingressController:
enforceHttps: false
enabled: true
default: true
loadbalancerMode: shared
enableProxyProtocol: true
service:
annotations:
loadbalancer.openstack.org/proxy-protocol: "true"
name: cilium-ingress
type: LoadBalancer |
gatewayAPI: enabled: true enableProxyProtocol: true |
If you edited the Cilium values during cluster creation, nothing else needs to be done and once the cluster comes up, it will have the required settings to support Ingress or Gateway API.
If you made the changes on an existing cluster:
KKP would now try to redeploy Cilium with new values:
wait for the status to turn green:
Please make sure you have Gateway API CRDs installed before enabling Gateway API in Cilium. If you installed CRDs later, restart the cilium operator:
|
The Gateway API CRDs can be installed (v1.4.1) as:
|
Make sure that the Cilium version installed on the cluster supports the version of Gateway API CRDs. |