Console
    Contact Us Start free

    GatewayClass capabilities

    This page lists the capabilities of the GatewayClass resources available on Google Kubernetes Engine (GKE) and their supported specifications.

    Table legend

    For the various tables on this page, the legend for the tables is as follows:

    • indicates that the field is supported.
    • - indicates that the field is not supported.
    • If GKE supports some values in the field, the table describes what values are supported.

    GatewayClass capabilities

    The following table lists the distinguishing features of the GatewayClass resources available on GKE.

    Architecture

    Feature
    gke-l7-global-external-managed
    gke-l7-global-external-managed-mc
    gke-l7-regional-external-managed
    gke-l7-regional-external-managed-mc
    gke-l7-rilb
    gke-l7-rilb-mc
    gke-l7-gxlb
    gke-l7-gxlb-mc
    GKE Gateway Controller
    Google-hosted Gateway controller
    Location
    Google Cloud infrastructure
    Platform
    GKE
    Cluster type
    GKE Autopilot or GKE Standard
    Cluster scope
    Single cluster
    Multi-cluster
    Single cluster
    Multi-cluster
    Single cluster
    Multi-cluster
    Single cluster
    Multi-cluster
    GKE version
    GKE Autopilot: 1.26 and later
    GKE Standard: 1.24 and later
    API type
    CRD
    CRD versions
    New clusters and cluster upgrades:
    GKE 1.24 to 1.27.10, 1.28.4, 1.29.0: 0.7.0
    GKE 1.27.10 and later, 1.28.4 and later, 1.29.0 to 1.29.2: 0.8.1
    GKE 1.29.3 and later, 1.30.0 to 1.30.2: 1.0.0
    GKE 1.30.3-gke.1225000 and later: 1.1.0
    API versions
    gateway.networking.k8s.io/v1beta1 (CRD versions: 0.7.0 and later, including 1.0.0)
    gateway.networking.k8s.io/v1 (CRD versions: 1.0.0 and later)
    API enablement
    GKE Autopilot: enabled by default
    Launch stage
    GA
    GA
    GA
    GA
    GA
    GA
    GA
    GA

    Multi-cluster Services

    Feature gke-l7-global-external-managed gke-l7-global-external-managed-mc gke-l7-regional-external-managed gke-l7-regional-external-managed-mc gke-l7-rilb gke-l7-rilb-mc gke-l7-gxlb gke-l7-gxlb-mc
    Required
    API version
    		 net.gke.io/v1 net.gke.io/v1 net.gke.io/v1 net.gke.io/v1
    Resource type
    		 ServiceExport ServiceExport ServiceExport ServiceExport

    Load balancer

    Feature
    gke-l7-global-external-managed
    gke-l7-global-external-managed-mc
    gke-l7-regional-external-managed
    gke-l7-regional-external-managed-mc
    gke-l7-rilb
    gke-l7-rilb-mc
    gke-l7-gxlb
    gke-l7-gxlb-mc
    Type
    Global external Application Load Balancer
    Regional external Application Load Balancer
    Internal Application Load Balancer
    Classic Application Load Balancer
    Load balancer scope
    Global
    Regional
    Regional
    Global
    Container-native load balancing
    (Default, using GCE_VM_IP_PORT zonal NEGs )

    VPC

    Feature
    gke-l7-global-external-managed
    gke-l7-global-external-managed-mc
    gke-l7-regional-external-managed
    gke-l7-regional-external-managed-mc
    gke-l7-rilb
    gke-l7-rilb-mc
    gke-l7-gxlb
    gke-l7-gxlb-mc
    Shared VPC support
    All clusters and fleet host project in the same Shared VPC host or service project
    Shared Gateway/Ingress for multiple routes
    Automated VPC firewall lifecycle management
    Note: You must deploy firewall rules manually for Gateways in a Shared VPC environment.
    For more information, see required firewall rules for Gateways.

    Gateway IP address

    Feature
    gke-l7-global-external-managed
    gke-l7-global-external-managed-mc
    gke-l7-regional-external-managed
    gke-l7-regional-external-managed-mc
    gke-l7-rilb
    gke-l7-rilb-mc
    gke-l7-gxlb
    gke-l7-gxlb-mc
    Gateway IP address assignment
    Static or dynamic
    Network Service tier IP address
    Premium Tier
    Standard Tier or Premium Tier
    Standard Tier
    Premium Tier
    Premium Tier
    Gateway IP address reachability
    Internet
    Internet
    VPC internal
    Internet
    Same IP address for multiple ports (HTTP, HTTPS)

    Routing and traffic management

    Feature
    gke-l7-global-external-managed
    gke-l7-global-external-managed-mc
    gke-l7-regional-external-managed
    gke-l7-regional-external-managed-mc
    gke-l7-rilb
    gke-l7-rilb-mc
    gke-l7-gxlb
    gke-l7-gxlb-mc
    Global Access
    Implicit for Global load balancers
    Implicit for Global load balancers
    Implicit for Global load balancers
    Cross-region backend load balancing
    Cross-project load balancing
    Backend services and NEGs must be in the same project
    (Managed by the GKE Gateway controller)
    Cross-namespace routing
    Host/Path routing
    Prefix, Exact match
    Header-based routing
    Exact match
    Path redirects
    URL rewrites
    Traffic splitting
    Traffic mirroring
    Traffic cut over
    Traffic-based autoscaling
    Preview
    Preview
    Preview
    Preview
    Custom request headers
    Custom response headers
    GCPRoutingExtension
    Not supported
    Not supported
    Preview
    Not supported
    Preview
    Not supported
    Not supported
    Not supported
    GCPTrafficExtension
    Preview
    Not supported
    Preview
    Not supported
    Preview
    Not supported
    Not supported
    Not supported

    Frontend security

    Feature gke-l7-global-external-managed gke-l7-global-external-managed-mc gke-l7-regional-external-managed gke-l7-regional-external-managed-mc gke-l7-rilb gke-l7-rilb-mc gke-l7-gxlb gke-l7-gxlb-mc
    SSL policy
    HTTP-to-HTTPS redirect
    Multiple TLS certificates support
    Kubernetes Secrets-based certificates
    Self-managed Compute Engine SSL certificates
    Google-managed Compute Engine SSL certificates
    Self-managed SSL certificates with Certificate Manager
    Google-managed SSL certificates with Certificate Manager




    Backend service properties

    Feature
    gke-l7-global-external-managed
    gke-l7-global-external-managed-mc
    gke-l7-regional-external-managed
    gke-l7-regional-external-managed-mc
    gke-l7-rilb
    gke-l7-rilb-mc
    gke-l7-gxlb
    gke-l7-gxlb-mc
    Connection draining timeout
    Session affinity
    HTTP access logging configuration
    Backend service timeout
    Custom load balancer health check configuration
    TLS to backend services
    Supported backend services protocols
    HTTP, HTTPS, HTTP/2
    Custom default backend

    Additional Google Cloud services

    Features gke-l7-global-external-managed gke-l7-global-external-managed-mc gke-l7-regional-external-managed gke-l7-regional-external-managed-mc gke-l7-rilb gke-l7-rilb-mc gke-l7-gxlb gke-l7-gxlb-mc
    Identity-Aware Proxy (IAP)
    Google Cloud Armor backend security policy
    Cloud CDN
    GCPRoutingExtension Support
    GCPTrafficExtension Support

    Supported Gateway API Fields

    The following tables list the fields of the Gateway API specification that are supported by GKE.

    Gateway

    spec.addresses

    For more information, see spec.addresses in the Gateway documentation.

    Fields
    gke-l7-global-external-managed
    gke-l7-global-external-managed-mc
    gke-l7-regional-external-managed
    gke-l7-regional-external-managed-mc
    gke-l7-rilb
    gke-l7-rilb-mc
    gke-l7-gxlb
    gke-l7-gxlb-mc
    type
    NamedAddress
    value
    Static global external address
    Static regional external address
    Static regional internal address
    Static global external address

    spec.listeners

    For more information, see spec.listeners in the Gateway documentation.

    Fields
    gke-l7-global-external-managed
    gke-l7-global-external-managed-mc
    gke-l7-regional-external-managed
    gke-l7-regional-external-managed-mc
    gke-l7-rilb
    gke-l7-rilb-mc
    gke-l7-gxlb
    gke-l7-gxlb-mc
    protocol
    HTTP, HTTPS
    port
    80 or 8080 (HTTP), 443 (HTTPS)
    name
    hostname
    tls
    allowedRoutes

    spec.listeners.tls

    For more information, see spec.listeners.tls in the Gateway documentation.

    Fields
    gke-l7-global-external-managed
    gke-l7-global-external-managed-mc
    gke-l7-regional-external-managed
    gke-l7-regional-external-managed-mc
    gke-l7-rilb
    gke-l7-rilb-mc
    gke-l7-gxlb
    gke-l7-gxlb-mc
    mode
    Terminate
    certificateRefs

    spec.listeners.tls.options

    For more information, see spec.listeners.tls.options in the Gateway documentation.

    Fields
    gke-l7-global-external-managed
    gke-l7-global-external-managed-mc
    gke-l7-regional-external-managed
    gke-l7-regional-external-managed-mc
    gke-l7-rilb
    gke-l7-rilb-mc
    gke-l7-gxlb
    gke-l7-gxlb-mc
    networking.gke.io/pre-shared-certs
    Global SSL certificate resource reference (self- or Google-managed)
    Regional, self-managed SSL certificate resource reference
    Regional, self-managed SSL certificate resource reference
    Global SSL certificate resource reference (self- or Google-managed)

    GCPTrafficExtension ( Preview )

    The following tables list the values of the GCPTrafficExtension API specification that are supported by GKE.

    spec.targetRefs

    For more information, see spec.targetRefs in the Gateway documentation.

    Fields
    gke-l7-global-external-managed
    gke-l7-global-external-managed-mc
    gke-l7-regional-external-managed
    gke-l7-regional-external-managed-mc
    gke-l7-rilb
    gke-l7-rilb-mc
    gke-l7-gxlb
    gke-l7-gxlb-mc
    group
    gateway.networking.k8s.io
    kind
    Gateway
    name

    spec.extensionChains.extensions.BackendRef

    For more information, see spec.extensionChains.extensions.BackendRef in the Gateway documentation.

    Fields
    gke-l7-global-external-managed
    gke-l7-global-external-managed-mc
    gke-l7-regional-external-managed
    gke-l7-regional-external-managed-mc
    gke-l7-rilb
    gke-l7-rilb-mc
    gke-l7-gxlb
    gke-l7-gxlb-mc
    group
    (empty)
    kind
    Service
    name
    port

    spec.extensionChains.extensions.googleAPIServiceName

    Fields gke-l7-global-external-managed gke-l7-global-external-managed-mc gke-l7-regional-external-managed gke-l7-regional-external-managed-mc gke-l7-rilb gke-l7-rilb-mc gke-l7-gxlb gke-l7-gxlb-mc
    googleAPIServiceName

    GCPRoutingExtension ( Preview )

    The following tables list the values of the GCPRoutingExtension API specification that are supported by GKE.

    spec.targetRefs

    For more information, see spec.targetRefs in the Gateway documentation.

    Fields
    gke-l7-global-external-managed
    gke-l7-global-external-managed-mc
    gke-l7-regional-external-managed
    gke-l7-regional-external-managed-mc
    gke-l7-rilb
    gke-l7-rilb-mc
    gke-l7-gxlb
    gke-l7-gxlb-mc
    group
    gateway.networking.k8s.io
    kind
    Gateway
    name

    spec.extensionChains.extensions.BackendRef

    For more information, see spec.extensionChains.extensions.BackendRef in the Gateway documentation.

    Fields
    gke-l7-global-external-managed
    gke-l7-global-external-managed-mc
    gke-l7-regional-external-managed
    gke-l7-regional-external-managed-mc
    gke-l7-rilb
    gke-l7-rilb-mc
    gke-l7-gxlb
    gke-l7-gxlb-mc
    group
    (empty)
    kind
    Service
    name
    port

    HTTPRoute

    The following tables list the values of the HTTPRoute API specification that are supported by GKE.

    spec.parentRefs

    For more information, see spec.parentRefs in the Gateway documentation.

    Fields gke-l7-global-external-managed gke-l7-global-external-managed-mc gke-l7-regional-external-managed gke-l7-regional-external-managed-mc gke-l7-rilb gke-l7-rilb-mc gke-l7-gxlb gke-l7-gxlb-mc
    parentRefs.group
    parentRefs.kind
    parentRefs.namespace
    parentRefs.name
    parentRefs.sectionName
    parentRefs.port

    spec.hostnames

    For more information, see spec.hostnames in the Gateway documentation.

    Fields gke-l7-global-external-managed gke-l7-global-external-managed-mc gke-l7-regional-external-managed gke-l7-regional-external-managed-mc gke-l7-rilb gke-l7-rilb-mc gke-l7-gxlb gke-l7-gxlb-mc
    precise, wildcard

    spec.rules

    For more information, see spec.rules in the Gateway documentation.

    Fields
    gke-l7-global-external-managed
    gke-l7-global-external-managed-mc
    gke-l7-regional-external-managed
    gke-l7-regional-external-managed-mc
    gke-l7-rilb
    gke-l7-rilb-mc
    gke-l7-gxlb
    gke-l7-gxlb-mc
    path.type
    Exact, PathPrefix
    path.value
    headers.type
    Exact
    headers.name
    headers.value
    queryParams
    method

    spec.rules.backendRefs

    For more information, see spec.rules.backendRefs in the Gateway documentation.

    Fields
    gke-l7-global-external-managed
    gke-l7-global-external-managed-mc
    gke-l7-regional-external-managed
    gke-l7-regional-external-managed-mc
    gke-l7-rilb
    gke-l7-rilb-mc
    gke-l7-gxlb
    gke-l7-gxlb-mc
    backendRef.group
    (empty), gateway.networking.k8s.io, net.gke.io
    backendRef.kind
    Service
    ServiceImport
    Service
    ServiceImport
    Service
    ServiceImport
    Service
    ServiceImport
    backendRef.name
    backendRef.namespace
    backendRef.port
    backendRef.weight
    backendRef.filters

    spec.rules.filters

    For more information, see spec.rules.filters in the Gateway documentation.

    Fields
    gke-l7-global-external-managed
    gke-l7-global-external-managed-mc
    gke-l7-regional-external-managed
    gke-l7-regional-external-managed-mc
    gke-l7-rilb
    gke-l7-rilb-mc
    gke-l7-gxlb
    gke-l7-gxlb-mc
    type
    requestHeaderModifier, responseHeaderModifier, requestMirror, requestRedirect, urlRewrite
    requestHeaderModifier.add
    requestHeaderModifier.remove
    requestHeaderModifier.set
    responseHeaderModifier.add
    responseHeaderModifier.remove
    responseHeaderModifier.set
    requestMirror.backendRef
    requestRedirect.scheme
    HTTP, HTTPS
    requestRedirect.hostname
    requestRedirect.path
    replaceFullPath, replacePrefixMatch
    requestRedirect.port
    requestRedirect.statusCode
    urlRewrite.hostname
    urlRewrite.path
    replacePrefixMatch

    ReferenceGrant

    The following tables list the values of the ReferenceGrant API specification that are supported by GKE.

    spec.from

    For more information, see spec.from in the Gateway documentation.

    Fields
    gke-l7-global-external-managed
    gke-l7-global-external-managed-mc
    gke-l7-regional-external-managed
    gke-l7-regional-external-managed-mc
    gke-l7-rilb
    gke-l7-rilb-mc
    gke-l7-gxlb
    gke-l7-gxlb-mc
    group
    (empty), gateway.networking.k8s.io, net.gke.io
    kind
    Gateway, HTTPRoute
    namespace

    spec.to

    For more information, see spec.to in the Gateway documentation.

    Fields
    gke-l7-global-external-managed
    gke-l7-global-external-managed-mc
    gke-l7-regional-external-managed
    gke-l7-regional-external-managed-mc
    gke-l7-rilb
    gke-l7-rilb-mc
    gke-l7-gxlb
    gke-l7-gxlb-mc
    group
    (empty), gateway.networking.k8s.io, net.gke.io
    kind
    Secret, Service, ServiceImport
    name
    Design a Mobile Site
    View Site in Mobile | Classic
    Share by: