Kubernetes Gateway API Template

This Kubernetes template deploys a scalable, secure, and modern application architecture utilizing the Gateway APIthe next-generation standard for service networking.

Designed for organizations moving beyond the limitations of standard Ingress, this manifest provides a modular, role-oriented framework that separates infrastructure management from application development.

It eliminates common networking pitfalls such as annotation sprawl, manual SSL management, and rigid traffic routing.

---

What This Template Creates for Your Kubernetes Cluster

This stack provides a complete "browser-to-pod" flow, integrating advanced traffic management with automated security and scaling.

1. Next-Gen Traffic Infrastructure

• GatewayClass Defines the infrastructure provider (e.g., Envoy or Istio) and establishes the organizational standard for load balancing

• Gateway (prod-gateway) Acts as the entry point for all external traffic, managing public IP addresses and entry ports (HTTPS/443)

• HTTPRoute (main-app-route) Provides sophisticated L7 routing logic, mapping hostnames and URL paths to internal services

2. Automated Security & Identity

• Cert-Manager Integration Automatically provisions and renews SSL/TLS certificates via Let's Encrypt using the ClusterIssuer

• app-tls-secret A dynamically managed secret created by Cert-Manager to secure the "Front Door" with high-grade encryption

• app-secrets A secure, opaque storage for sensitive application data like database passwords and API keys, keeping them out of your source code

3. Decoupled Configuration & Discovery

• ConfigMap (app-config) Centralizes non-sensitive environment variables (log levels, API URLs), allowing configuration changes without rebuilding container images

• Headless-Ready Service Bridges the gap between the Gateway and the backend, providing stable DNS names for routing