 You might have seen me in two days ago in Kubernetes made-ups. I'll say the same thing but if you're not please stay, okay? Because after this, I'll ask you guys and girls a few questions. I'll give you some swag, okay? I got approval from the organisers. We're going to give you something, so just stay. And try to learn something a bit how actually Kubernetes Gateway API and Ingress can help you in your platform delivery. Okay, a little bit on myself. I won't spend too much time. I'm a sales engineer based in Singapore in Kong. So previously, I'm like, everyone like you, right? I started working at software engineering, then deaf off, and then you do everything, right? You start especially. So happy to be here and invited for the talk. And the key thing that I want to give everyone is actually how this Gateway API can help you in turn of your Kubernetes deployment, alright? So agenda, I guess gives a recap, some technical overview, some demo if the network don't dies, actually it's my phone. So I better take it out, right? Because the Wi-Fi is not very nice. Okay, and the last part, Q&A, quizzes. I have three questions you can answer. My question, my colleagues sitting there will give you a pin. And then after that, you'll be dealing with a swag from Kong, okay? So it is something we want to share to the community here. Alright, so we have Kubernetes Ingress Controller. So what is it? I think there's so many talks in the past few days of you deploy something EK, AEKS. You probably heard of it or you might have used it and you might not know or your platform engineer already provided for you, right? So what is Ingress Controller in the Kubernetes clusters? Well, Ingress, okay. The best way that I can say it's like your front door where before I come out, I need to go to the booth and register, right? So Ingress Controller is kind of the front door to check in all the incoming requests to your clusters before they conceal the service and then do the necessary routing, right? So it's something like a load balance. But to leave in term, it's just a front door to see, okay, Robin, you should go to lecture hall 2.1. You shouldn't go 2.2. That's not your speaking slot. Okay, so that's how it actually works in the Kubernetes world. No much differences. Okay, that's how we typically deploy all this Ingress Controller to direct all this traffic when they've come into our cluster. Okay, very simple. So KONG itself, we have our KONG Ingress Controller. So I think if you deploy, you have been using other Ingress Controller like Nginx, right? And some others, right? So we have our own implementation basically the same thing, okay? Just that we add on with some of our KONG features like some of the API gateway feature that I don't want to talk too much about, right? I want to keep it a bit more generic open source today. So that's where our Ingress Controller works, where you come in, then do the redirections, etc. And also, enhance with some of our plugins, APL authentications, of all this. Right, so this one I won't go in much into detail, okay? So why we want to change the Ingress, right? We are creating Ingress Object easily, creating service. Why we want to do that? Why this gateway API was introduced if you went to the KubeCon like one, two years back? Why was it introduced as an experimenter right now, okay? So in county Ingress, support all this path matching, host matching, easy, right? So we will take load balancer implementation, create EKS and get the ALB up. Simple, okay? But then again, we realise that we need a bit more advanced usage of our gateway APIs. That's sorry, advanced use cases that Ingress doesn't support. Okay, that's where gateway API come into the picture, right? You can do header-based matching, header manipulation, traffic splitting example, 50-50 per cent new service come out, which I don't know later. How can you ensure that only 50 per cent of your incoming traffic go to the newer service? How can you do that using that kind of routing, okay? The Ingress actually don't do that, okay? So that's where gateway API come to the picture to do that kind of complex, a bit more advanced use cases. Okay, there's some other extension like other routing protocol at GRPC, TALS, okay? Okay, so what I said you try to read a bit because I will ask you question later, okay? So other routing protocol like GRPC, emphasize the data. And also custom resource definition for other backends and proprietary protocol. That's a possibility that actually this gateway API I want to achieve. All right. So quick example, I think it's better to illustrate with some, not captains, some pictures and some work, okay? So we have a company we have usually Alice Vox Cairo, very, very typical security 101, right? So, I mean a lot of you actually doing all these three things. You create an infra, you create a cluster, all the Kubernetes admin and application developer. So I think you can start especially do everything. So, so just think of the three, three percent. What's your role in the gateway API implementation? Okay, so gateway API implementation there's a gateway class, right? So infrastructure provider like Alice for example they're actually the one that you create define the gateway class from the, from the provider, right? So for example ACME.io it could be all Kubernetes about this AWS implementation application load balancer, network load balancer, Azure application gateway, GCP, etc. So F5, etc. So this is based on vendor specific. Okay, so I'm the one that actually create this for my cluster admin. Okay, I can be someone like that. Okay, then we move on to gateway this where the platform cluster operator come into place, right? The CKE, CKE Kubernetes administrator. And then this where you define the car gateway you want in your cluster. So you have external gateway for external LB and then expose port 80 or port 443 depending on your needs, okay? To receive that kind of traffic. So when you create this, right? If you put in maybe a cloud provider like Google Cloud or AWS you spin up a load balancer coming in and then listening to port 80. So that means my traffic can only come into port 80, right? Only can come to that door, right? So that's how it works. So this give bot that kind of cluster operator that flexibility to create external LB internal LB. Why is it important? Sometime your cluster to serve internal external traffic or some kind of specific traffic that certain load balancer need to that can address, right? So this give more segregation and responsibility on the kind of setting that you want. And then the rub rub is a I think the I think some something that resonate with a lot more of you if you're working with DEF, right? Like when you create a service your microservices you deploy your CICD you want to create your HelmFar and then create Kubernetes and that's where you come to place, right? How do you want to expose services like matching create a path so that external people can use. So all this is where it come to place. It's not very a difference from how you do ingress object. But you can see that there's HPP route and just I mentioned another route GRPC route, blah, blah, blah. So give you a lot more flexibility. Okay? So I think the question is how how it helps, right? I think as I think API it's like the ingress already covered simple use cases, right? But I think from what the school of thought is actually give you API try with things like a day to operation when you want to do upgrades and management of the cluster, right? So how it helps? So consistency like the infra provider like at least they can keep their gateway class of manifest consistent maybe only the vendor they change maybe from AKS to AWS to Azure while there's also allow them to have a fix of parameter reference here. Okay? So parameter reference like I just go a bit networking your subnet mask your internet IP or you can define it consistent across different gateway classes. Okay? So this give them bit more control on how they can reuse this kind of gateway classes templates. Okay? Then if I'm a Bob I want to upgrade to my new loop answer maybe because the like for example AWS classic loop answer I want to change to network loop answer, right? Because typically just change the gateway the gateway class here already, right? So actually fix you then I can just change the gateway class name to there. So all my POTS all these I see the POTS 80 listening POT 80 POT 443 I don't need to change I just need to change the naming of the gateway that I previously updated. Okay? So you can see that flexibility you can do and then you don't recreate your what engine next or what we install the manifest everything you don't I think it's very beneficial for developers especially want to do very simple thing you have your new service version 2 you want to only lack 10% of your of your internal employees to access you can just put weightage for like 1 okay? 10% so every 10% update in the traffic will go to the new service so they can test and then when it's already right then you can install service so you can do it easily using this gateway API okay? so it's not by 3 by Kong right? it's what actually gateway API can actually achieve whichever ingress controller implementation or do it if they support this okay? it's an open standard just emphasise it okay so some concept before I go for demo I just want to we go cheat it okay? this one I also mentioned so just just read the okay? in case I ask you question okay? just remember this okay? alright I'll do a quick demo on this basically I'll install a gateway I'll do a splitting into two service and then and then that's it okay let me do a quick demo I think I don't stand better alright? so see my VS Code right? I got a mouse here it's it's working okay? so see my VS Code actually I do I will share this the slide so this is my demo report right? so let me just show you a quick one so what I did is install a gateway okay? this is quite standard just install gateway and then the gateway class and then I have two department two service one HTTP and watch HTTP okay? I already install already and then next I will actually create a HTTP route and what I do is I will do a toggle of 50-50 so you'll see 50% echo and 50% HTTP okay? so I could do a quick demo on that so there's two service here and now I'll applying the route okay? the route is applied already now let me try to consume the service okay? I'm very lazy so I will copy and paste my command yeah I think developer are all like that oh okay I want to ask question already I want to ask question already ah why my request is not found you are sharp enough why my request is not found want one to try? yes please see? he is listening Tegui, can you help me? yes you are right I didn't put a header okay this is very ingress related okay? great job you are listening okay let me let's see now so you see that my header and look I'm expecting person at the end robin so that I can get so you see the first one will echo I'll take another one HTTP you see the toggle it's the same route same host okay? so it's I'm done 50-50 so you can see the magic of this using a basic HTTP route toggling just this 50-50 so developer easy for you you don't want to think of writing your code all these Kubernetes open standard you can do that easily so this is a very quick demo okay so this is what I just show so I won't say too much and additional rock support remember this TCP, GRPC, UDP so remember and this is how you can actually enable the gateway API using cong I'm not sure about other implementation but the side I shared to the organizer so I think you can download so all this information on there so basically this gateway API in cong is still in experimental you need to enable the feature gate so you have to enable and to use it and see if you got any feedback and send to the Kubernetes user group not to me which cong is sitting inside as part of the committee to actually do that okay, quiz ready? first one can I do suffix between gateway API yes our friend from API 6 give him yes, you know it you cannot answer the next question when they give chance to other people I think your implementation so you can do I think you're still in beta I didn't see okay so NIM 1 Kubernetes ingress controller implementation that support gateway API which I've been talking for the past 15 to 20 minutes organizer can I mean where you come from well open up raise your hand whatever say okay, gentlemen give him okay, so okay cong is one of the many ingress controller implementation I think API 6 do that and also engine so this is just a way to support okay last question is it possible to support GRPC route raise your hand gentlemen yes, yes you're right correct, so typically Kubernetes ingress is a way to GDP route and also maybe some flavor to TCP password but even J1 to support more modern protocol routing GRPC etc so that you can support your new use cases okay and this is a quick quick promo code for our education you can take a picture so if you happen to be using cong you want to upscale please use this promo code to get some 100% off to offset your certification because this is actually you have a projector and you do the test like a CKA AWS so it's the proper certification and then we still have our education that can go up and start for free maybe I send in a tiger education at cong or something that you can actually self base learning can do that free of charge also for the one on one courses alright then thank you thank you for your time for staying and hope you learn something and thank you for inviting me to the talk happy to hear that any questions I'm done asking so any question for me no question sorry ask question also got swag so this easy easy thing but don't ask me personal question there was no swag sorry when I come from Singapore that's very any questions on how can English control hell I mean not just cong it can be Kubernetes which I know AWS any questions yeah I don't think so so which means address a separate thing so this match is is address exposure of microservices so imagine you have 1000 services and you know everything do a cong up down up down there will be a spaghetti architecture no I don't think so it might address like you have small microservice to few but if you talk about a lot of microservice and more than 100 and you want to manage account inter-connected then a gateway is definitely not the even gateway API or any API gateway is not the right solution that's my tip you can do that but there's a lot of complex need to but then again service manage capability to overlap with some of the gateway API like this kind of grp0 using on void auto main TLS so it it depends on you but no I don't think so and just to highlight actually gateway API is not replacing your current way of English API no plan to replace that both adjust different thing you see so they say cannot replace they say so no you still use your ingress you won't die your HEP ingress you're using well continue to use it no need to rush to use gateway API okay just give it a bit more favor on that alright so whoever got the pin please go to my colleague and redeem a small t-shirt from Kong complimentary from Kong hope you take one take one only not everything just take a t-shirt for folder with pin you will see us again happy to join me not opens source me not all next year or something we can have a lot more talk on that thank you very much guys and girls thank you