I'm really stuck on exposing my Gateway API to the external IP of my Google Compute instance and could use some help. Here's my setup: I have a Google Compute Instance with an external IP, running RKE2 along with Cilium CNI, and using the Gateway API with HTTP Routes. My certificate manager is set to a self-signed cluster issuer. Although I've got my gateway and certificate running, I'm confused about how to connect to the external IP of my instance with Cilium. Currently, I'm experimenting with host network mode, but it seems like the wrong approach. I'm getting a crash loop because Cilium requires certain capabilities such as CAP_NET_ADMIN and either CAP_SYS_ADMIN or CAP_BPF for its integration. Can anyone guide me on the best way to expose my Gateway API so I can resolve these issues?
1 Answer
Have you checked your GatewayClass setup to ensure it's configured for Cilium? It's crucial that the gateway class you’re using is correctly associated with Cilium. You might want to look into listing your GatewayClass and see if everything looks normal.
Thanks for the tip! I think I'm possibly on the wrong track. The best practice suggests avoiding host networking for cloud deployments due to scaling issues. Do you have any alternative methods to expose my cluster? I've heard the cloud might have other communication methods that could work since Cilium is still relatively new and I'm not as experienced.