The documentation for Kubernetes gateways on GKE mentions that it doesn't support the Cloud CDN load balancing features. https://cloud.google.com/kubernetes-engine/docs/how-to/deploying-gateways#configure_a_proxy-only_sub....
What would be recommended way of still making use of Cloud CDN?
Would it be possible/acceptable to setup the gateway using an internal load balancer, and then using that load balancer as a backend of a Cloud CDN enabled load balancer?
Or is there just no way to use Cloud CDN with a kubernetes gateway?
Currently, Cloud CDN is only supported with Ingress and not Gateway. Hopefully in 1Q/1H 2024 we'll be rolling out CDN policy for Gateway as well.
Hi Gari, is there any update on this?
CDN for GKE Gateway is currently targeted for the early 2H of 2024 (ideally sometime in July).
You can track status at https://issuetracker.google.com/issues/263437663
@garisingh using an external Cloud CDN load balancer to connect to an internal load balancer isn't recommended or possible either then?
Is your goal to expose your service internally or externally? And are you looking for L7 or L4 protection?
To elaborate on what we want to achieve;
We have multiple web applications;
One is our public website, which should be accessible on example.com, with specific paths on that domain routed to that application.
Then for our customers we route the remaining traffic for any path on example.com to the customer application.
And since these are web applications we would like to make use of Cloud CDN for caching resources. We already have a CDN host for assets, but we would like to use Cloud CDN for caching of dynamic content as well for these applications.
We could achieve this with an Cloud CDN enabled for a kubernetes Ingress, but that requires the ingress configuration of multiple applications to be centralized.
With a kubernetes gateway the routes could be specified by each application/team separately.
Hello,
The documentation says it's not supported, however it seems to be working with the gke-l7-global-external-managed gateway Class (at least).
Using the same BackendConfig object as for Ingress, the CDN is created and working
Not sure if that's a miss in the documentation ?
What does your config look like, or more specifically, how do you link the BackendConfig and the Gateway?
The BackendConfig is associated to a Service, which is bound to the Gateway by the Httproute. I guess that makes the magic for the Gateway controller, but I would appreciate a feedback from Google's team to explain why it works whereas it's explicitely written it's not supported.
LinkedIn
Twitter
