Careful!

You are browsing documentation for a version of Kuma that is not the latest release.

Configure a built-in gateway

The built-in gateway is configured using a combination of MeshGateway, MeshHTTPRoute and MeshTCPRoute, and served by Envoy instances represented by Dataplanes configured as built-in gateways. Kuma policies are then used to configure built-in gateways.

New to Kuma? Checkout our guide to get quickly started with builtin gateways!

Deploying gateways

The process for deploying built-in gateways is different depending on whether you’re running in Kubernetes or Universal mode.

For managing gateway instances on Kubernetes, Kuma provides a MeshGatewayInstance CRD.

This resource launches kuma-dp in your cluster. If you are running a multi-zone Kuma, MeshGatewayInstance needs to be created in a specific zone, not the global cluster. See the dedicated section for using built-in gateways on multi-zone.

This resource manages a Kubernetes Deployment and Service suitable for providing service capacity for the MeshGateway with the matching kuma.io/service tag.

The kuma.io/service value you select will be used in MeshGateway to configure listeners.

apiVersion: kuma.io/v1alpha1
kind: MeshGatewayInstance
metadata:
  name: edge-gateway
  namespace: default
spec:
  replicas: 1
  serviceType: LoadBalancer
  tags:
    kuma.io/service: edge-gateway

See the MeshGatewayInstance docs for more options.

Kuma gateways are configured with the Envoy best practices for edge proxies.

Multi-zone

The Kuma Gateway resource types, MeshGateway, MeshHTTPRoute and MeshTCPRoute, are synced across zones by the Kuma control plane. If you have a multi-zone deployment, follow existing Kuma practice and create any Kuma Gateway resources in the global control plane. Once these resources exist, you can provision serving capacity in the zones where it is needed by deploying built-in gateway Dataplanes (in Universal zones) or MeshGatewayInstances (Kubernetes zones).

See the multi-zone docs for a refresher.