Service network
The Gateway API controller has been configured to create a VPC Lattice service network and associate a Kubernetes cluster VPC with it automatically. A service network is a logical boundary that’s used to automatically implement service discovery and connectivity as well as apply access and observability policies to a collection of services. It offers inter-application connectivity over HTTP, HTTPS, and gRPC protocols within a VPC. As of today, the controller supports HTTP and HTTPS.
Before creating a Gateway, we need to formalize the types of load balancing implementations that are available via the Kubernetes resource model with a GatewayClass. The controller that listens to the Gateway API relies on an associated GatewayClass resource that the user can reference from their Gateway:
# Create a new Gateway Class for AWS VPC lattice provider
apiVersion: gateway.networking.k8s.io/v1beta1
kind: GatewayClass
metadata:
name: amazon-vpc-lattice
spec:
controllerName: application-networking.k8s.aws/gateway-api-controller
Lets create the GatewayClass:
The following YAML will create a Kubernetes Gateway resource which is associated with a VPC Lattice Service Network.
apiVersion: gateway.networking.k8s.io/v1beta1
kind: Gateway
metadata:
name: ${EKS_CLUSTER_NAME}
namespace: checkout
spec:
gatewayClassName: amazon-vpc-lattice
listeners:
- name: http
protocol: HTTP
port: 80
Apply it with the following command:
Verify that eks-workshop gateway is created:
NAME CLASS ADDRESS PROGRAMMED AGE
eks-workshop amazon-vpc-lattice True 29s
Once the gateway is created, find the VPC Lattice service network. Wait until the status is Reconciled (this could take about five minutes).
apiVersion: gateway.networking.k8s.io/v1beta1
kind: Gateway
status:
conditions:
message: 'aws-gateway-arn: arn:aws:vpc-lattice:us-west-2:1234567890:servicenetwork/sn-03015ffef38fdc005'
reason: Programmed
status: "True"
Now you can see the associated Service Network created in the VPC console under the Lattice resources in the AWS console.
