MeshGatewayRoute

MeshGatewayRoute is a policy used to configure Kuma’s builtin gateway. It is used in combination with MeshGateway.

MeshGatewayRoute is a new Kuma dataplane policy that replaces TrafficRoute for Kuma Gateway. It configures how a gateway should process network traffic. At the moment, it targets HTTP routing use cases. MeshGatewayRoutes are attached to gateways by matching their selector to the MeshGateway listener tags.

To define MeshGatewayRoute that attaches a route to a listener with a tag: vhost=foo.example.com and routes traffic to the backend service do:

  1. type: MeshGatewayRoute
  2. mesh: default
  3. name: foo.example.com-backend
  4. selectors:
  5. - match:
  6. kuma.io/service: edge-gateway
  7. vhost: foo.example.com
  8. conf:
  9. http:
  10. rules:
  11. - matches:
  12. - path:
  13. match: PREFIX
  14. value: /
  15. backends:
  16. - destination:
  17. kuma.io/service: backend
  1. apiVersion: kuma.io/v1alpha1
  2. kind: MeshGatewayRoute
  3. mesh: default
  4. metadata:
  5. name: foo.example.com-backend
  6. spec:
  7. selectors:
  8. - match:
  9. kuma.io/service: edge-gateway
  10. vhost: foo.example.com
  11. conf:
  12. http:
  13. rules:
  14. - matches:
  15. - path:
  16. match: PREFIX
  17. value: /
  18. backends:
  19. - destination:
  20. kuma.io/service: backend

Listener tags

When Kuma binds a MeshGatewayRoute to a MeshGateway, careful specification of tags lets you control whether the MeshGatewayRoute will bind to one or more of the listeners declared on the MeshGateway.

Each listener stanza on a MeshGateway has a set of tags; Kuma creates the listener tags by combining these tags with the tags from the underlying builtin gateway Dataplane. A selector that matches only on the kuma.io/service tag will bind to all listeners on the MeshGateway, but a selector that includes listener tags will only bind to matching listeners. One application of this mechanism is to inject standard routes into all virtual hosts, without the need to modify MeshGatewayRoutes that configure specific applications.

Matching

MeshGatewayRoute allows HTTP requests to be matched by various criteria (e.g. URI path, HTTP headers). When Kuma generates the final Envoy configuration for a builtin gateway Dataplane, it combines all the matching MeshGatewayRoutes into a single set of routing tables, partitioned by the virtual hostname, which is specified either in the MeshGateway listener or in the MeshGatewayRoute.

Kuma sorts the rules in each table by specificity, so that routes with more specific match criteria are always ordered first. For example, a rule that matches on a HTTP header and a path is more specific than one that matches only on path, and the longest match path will be considered more specific. This ordering allows Kume to combine routing rules from multiple MeshGatewayRoute resources and still produce predictable results.

Filters

Every rule can include filters that further modifies requests. For example, by modifying headers and mirroring, redirecting, or rewriting requests.

For example, the following filters match /prefix, trim it from the path and set the Host header:

  1. ...
  2. - matches:
  3. - path:
  4. match: PREFIX
  5. value: /prefix/
  6. backends:
  7. - destination:
  8. kuma.io/service: backend
  9. filters:
  10. - requestHeader:
  11. set:
  12. - name: Host
  13. value: test.com
  14. - rewrite:
  15. replacePrefixMatch: "/"

Reference