Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Evolves the Gateway Name field #70

Closed
wants to merge 1 commit into from
Closed

Evolves the Gateway Name field #70

wants to merge 1 commit into from

Conversation

danehans
Copy link
Contributor

Evolves the following Gateway fields:

  • Name used for generating a listener wildcard certificate when unspecified by the TLS configuration.
  • Certificate godocs.

Partially fixes #49

/assign @bowei

@k8s-ci-robot k8s-ci-robot added the cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. label Feb 10, 2020
@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: danehans
To complete the pull request process, please assign thockin
You can assign the PR to them by writing /assign @thockin in a comment when ready.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the size/L Denotes a PR that changes 100-499 lines, ignoring generated files. label Feb 10, 2020
@k8s-ci-robot
Copy link
Contributor

@danehans: The following test failed, say /retest to rerun all failed tests:

Test name Commit Details Rerun command
pull-service-apis-docs f78c8e0 link /test pull-service-apis-docs

Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

jpeach
jpeach suggested changes Feb 11, 2020
View reviewed changes
Copy link
Contributor

@jpeach jpeach left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think that we should separate changes to certificate handling into its own PR, with use cases and all the rest. I would expect there to be a range of opinions around wildcard certificates :)

api/v1alpha1/gateway_types.go
//
// * Generating a wildcard certificate for the subdomain of Name when
// the TLS configuration of an HTTPS listener does not include a
// certificate.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't see any mention of wildcard certificates elsewhere in the spec. If this is a new feature, we should first capture a use case and then propose it independently.

api/v1alpha1/gateway_types.go
//
// If apiGroup and kind are empty, will default to Kubernetes Secrets resources.
// If unspecified, a wildcard certificate is generated for the subdomain of the
// listener's name.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think that wildcard certificate handling should be proposed and discussed as an independent item. Generating wildcard certificates is something that ought to require explicit configuration, and I don't think that it should happen as a side-effect of naming a listener.

I'll also note that many ingress controllers don't generate certificates, so I'm not sure the the spec should place requirements on them to do so.

@danehans
Copy link
Contributor Author

/hold

for resolution to #75

@k8s-ci-robot k8s-ci-robot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Feb 11, 2020
@danehans
Copy link
Contributor Author

Superseded by #76

@danehans danehans closed this Feb 11, 2020
jaison-tiu pushed a commit to jaison-tiu/gateway-api that referenced this pull request Apr 14, 2022
@boredabdel
Merge pull request kubernetes-sigs#70 from GoogleCloudPlatform/featur…
8a6accd 
…e/single-cluster-regional-lb

Single Cluster Regional L7 ILB with Gateway API
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jpeach jpeach jpeach requested changes

@bowei bowei Awaiting requested review from bowei

@thockin thockin Awaiting requested review from thockin

Assignees

@bowei bowei

Labels
cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. size/L Denotes a PR that changes 100-499 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Better modeling of a "virtual host"
4 participants
@danehans @k8s-ci-robot @jpeach @bowei