Kubernetes Gateway API
Overview
The ngrok Kubernetes Operator allows access to Kubernetes Services using the new Gateway API.
This implementation includes CRDs for a Gateway as well as HTTPRoute
.
Additional routes, such as TLSRoute
and TCPRoute
will be added at a later date when they move from experimental to stable.
Install
Installing the ngrok Kubernetes Operator is easy using Helm.
Add the ngrok Kubernetes Operator repo to Helm:
helm repo add ngrok https://charts.ngrok.com
Add the latest Gateway API CRDs to your cluster:
kubectl apply -f https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.0.0/standard-install.yaml
Install the ngrok Kubernetes Operator:
export NAMESPACE=[YOUR_K8S_NAMESPACE]
export NGROK_AUTHTOKEN=[AUTHTOKEN]
export NGROK_API_KEY=[API_KEY]
helm install ngrok-operator ngrok/ngrok-operator \
--namespace $NAMESPACE \
--create-namespace \
--set credentials.apiKey=$NGROK_API_KEY \
--set credentials.authtoken=$NGROK_AUTHTOKEN \
--set clusterName=my-k8s-cluster \
--set ingress.enabled=true \
--set gateway.enabled=true
Install the GatewayClass object:
apiVersion: gateway.networking.k8s.io/v1
kind: GatewayClass
metadata:
name: ngrok
spec:
controllerName: ngrok.com/gateway-controller
Create An Edge With A Domain
This would create an Edge with the Domain example.ngrok.app
that routes traffic to the Kubernetes service example-service
running on port 80
.
apiVersion: gateway.networking.k8s.io/v1
kind: Gateway
metadata:
name: example-gateway
namespace: default
spec:
gatewayClassName: ngrok
listeners:
- name: example-web
hostname: "example.ngrok.app"
port: 443
protocol: HTTPS
tls:
mode: Terminate
certificateRefs:
- name: ngrokcert #ngrok will generate the cert so this cert does not be defined and will be ignored if defined
allowedRoutes:
kinds:
- kind: HTTPRoute
namespaces:
from: Selector
selector:
matchLabels:
expose-apps: "true"
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: my-route
namespace: ngrok-gateway
spec:
parentRefs:
- kind: Gateway
name: example-gateway
namespace: default
hostnames:
- "example.ngrok.app"
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- name: example-service
kind: Service
port: 80
Route Traffic Based On A Path
This would create an Edge with the Domain example.ngrok.app
that routes traffic from example.ngrok.app/foo
to the Kubernetes service example-service
running on port 80
.
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: my-route
namespace: default
spec:
parentRefs:
- kind: Gateway
name: example-gateway
namespace: default
hostnames:
- "example.ngrok.app"
rules:
- matches:
- path:
type: PathPrefix
value: /foo
backendRefs:
- name: example-service
kind: Service
port: 80
Modify Headers
This would modify request headers by removing the x-request-id
header, adding an additional one and setting another header to a specific value.
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: example-route
namespace: ngrok-gateway
spec:
rules:
- backendRefs:
- name: game-2048
port: 80
kind: Service
filters:
- type: RequestHeaderModifier
requestHeaderModifier:
remove: ["x-request-id"]
add:
- name: my-request-header-name
value: my-header-value
set:
- name: my-request-header-to-set
value: set-header-value
Redirect Traffic
This would redirect a request from "example.ngrok.app"
to "example.ngrok.app/paprika"
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: redirect-route
namespace: ngrok-gateway
spec:
parentRefs:
- name: ngrok-gateway
hostnames:
- "example.ngrok.app"
rules:
- filters:
- type: RequestRedirect
requestRedirect:
scheme: https
hostname: "example.ngrok.app"
statusCode: 301
path:
type: ReplacePrefixMatch
replacePrefixMatch: /paprika
matches:
- path:
type: PathPrefix
value: /
Pricing
The ngrok Kubernetes Operator is available to all ngrok users at no additional charge. You only incur costs if the resources provisioned by your usage of the ngrok Kubernetes Operator, such as endpoints or traffic policies, incur a cost. More information can be found on the pricing page