Skip to content

Gateway API: GRPCRoute not attaching to Gateway #39021

Closed
Closed
Gateway API: GRPCRoute not attaching to Gateway#39021
Labels
area/servicemeshGH issues or PRs regarding servicemeshfeature/k8s-gateway-apikind/community-reportThis was reported by a user in the Cilium community, eg via Slack.kind/enhancementThis would improve or streamline existing functionality.staleThe stale bot thinks this issue is old. Add "pinned" label to prevent this from becoming stale.
@phudtran

Description

@phudtran
phudtran
opened on Apr 17, 2025

Is there an existing issue for this?

  • I have searched the existing issues

Version

equal or higher than v1.17.2 and lower than v1.18.0

What happened?

GRPCRoute not supported in "Supported Kinds"

    Supported Kinds:
      Group:  gateway.networking.k8s.io
      Kind:   HTTPRoute
Events:       <none>

kubectl describe gateway user-service-gateway
Name:         user-service-gateway
Namespace:    default
Labels:       <none>
Annotations:  <none>
API Version:  gateway.networking.k8s.io/v1
Kind:         Gateway
Metadata:
  Creation Timestamp:  2025-04-17T23:33:33Z
  Generation:          1
  Resource Version:    759
  UID:                 43ebe852-3f1d-462a-9e14-7229846a5326
Spec:
  Gateway Class Name:  cilium
  Listeners:
    Allowed Routes:
      Namespaces:
        From:  All
    Name:      grpc
    Port:      50051
    Protocol:  HTTP
Status:
  Conditions:
    Last Transition Time:  2025-04-17T23:33:46Z
    Message:               Gateway successfully scheduled
    Observed Generation:   1
    Reason:                Accepted
    Status:                True
    Type:                  Accepted
    Last Transition Time:  2025-04-17T23:33:48Z
    Message:               Gateway successfully reconciled
    Observed Generation:   1
    Reason:                Programmed
    Status:                True
    Type:                  Programmed
  Listeners:
    Attached Routes:  0
    Conditions:
      Last Transition Time:  2025-04-17T23:33:46Z
      Message:               Listener Programmed
      Observed Generation:   1
      Reason:                Programmed
      Status:                True
      Type:                  Programmed
      Last Transition Time:  2025-04-17T23:33:46Z
      Message:               Listener Accepted
      Observed Generation:   1
      Reason:                Accepted
      Status:                True
      Type:                  Accepted
      Last Transition Time:  2025-04-17T23:33:46Z
      Message:               Resolved Refs
      Reason:                ResolvedRefs
      Status:                True
      Type:                  ResolvedRefs
    Name:                    grpc
    Supported Kinds:
      Group:  gateway.networking.k8s.io
      Kind:   HTTPRoute
Events:       <none>

kubectl describe grpcroute login-service-route
Name:         login-service-route
Namespace:    default
Labels:       <none>
Annotations:  <none>
API Version:  gateway.networking.k8s.io/v1
Kind:         GRPCRoute
Metadata:
  Creation Timestamp:  2025-04-17T23:33:33Z
  Generation:          1
  Resource Version:    727
  UID:                 73d58e58-568c-44b3-b610-181985a941e3
Spec:
  Parent Refs:
    Group:         gateway.networking.k8s.io
    Kind:          Gateway
    Name:          user-service-gateway
    Namespace:     default
    Section Name:  grpc
  Rules:
    Backend Refs:
      Group:
      Kind:    Service
      Name:    login-service
      Port:    50051
      Weight:  1
    Matches:
      Method:
        Method:   Login
        Service:  user.Login
        Type:     Exact
Status:
  Parents:
    Conditions:
      Last Transition Time:  2025-04-17T23:33:46Z
      Message:               Accepted GRPCRoute
      Observed Generation:   1
      Reason:                Accepted
      Status:                True
      Type:                  Accepted
      Last Transition Time:  2025-04-17T23:33:46Z
      Message:               Service reference is valid
      Observed Generation:   1
      Reason:                ResolvedRefs
      Status:                True
      Type:                  ResolvedRefs
    Controller Name:         io.cilium/gateway-controller
    Parent Ref:
      Group:         gateway.networking.k8s.io
      Kind:          Gateway
      Name:          user-service-gateway
      Namespace:     default
      Section Name:  grpc
Events:              <none>

manifests

apiVersion: gateway.networking.k8s.io/v1
kind: Gateway
metadata:
  name: user-service-gateway
spec:
  gatewayClassName: cilium
  listeners:
  - name: grpc
    protocol: HTTP
    port: ${GRPC_PORT}
    allowedRoutes:
      namespaces:
        from: All
---
apiVersion: gateway.networking.k8s.io/v1
kind: GRPCRoute
metadata:
  name: login-service-route
spec:
  parentRefs:
  - name: user-service-gateway
    namespace: default
    sectionName: grpc
  rules:
  - matches:
    - method:
        service: user.Login
        method: Login
    backendRefs:
    - name: login-service
      port: ${GRPC_PORT}

How can we reproduce the issue?

Bring up a kind cluster with

networking:
  disableDefaultCNI: true
  kubeProxyMode: "none"

Install cilium with Gateway API enabled

kubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/v1.2.0/config/crd/standard/gateway.networking.k8s.io_gatewayclasses.yaml
	kubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/v1.2.0/config/crd/standard/gateway.networking.k8s.io_gateways.yaml
	kubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/v1.2.0/config/crd/standard/gateway.networking.k8s.io_httproutes.yaml
	kubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/v1.2.0/config/crd/standard/gateway.networking.k8s.io_referencegrants.yaml
	kubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/v1.2.0/config/crd/standard/gateway.networking.k8s.io_grpcroutes.yaml
	kubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/v1.2.0/config/crd/experimental/gateway.networking.k8s.io_tlsroutes.yaml
	cilium install \
		--version 1.17.3 \
		--namespace kube-system \
		--set image.pullPolicy=IfNotPresent \
		--set ipam.mode=kubernetes \
		--set gatewayAPI.enabled=true \
		--set nodePort.enabled=true \
		--set kubeProxyReplacement=true \
		--set k8sServiceHost=kind-control-plane \
		--set k8sServicePort=6443  \
		--set gatewayAPI.enableAlpn=true

Cilium Version

1.17.3

Kernel Version

Darwin Kernel Version 24.4.0

Kubernetes Version

❯ kubectl version
Client Version: v1.32.3
Kustomize Version: v5.5.0
Server Version: v1.32.2

Regression

No response

Sysdump

No response

Relevant log output



Anything else?


No response


Cilium Users Document


    

  •  Are you a user of Cilium? Please add yourself to the Users doc
    • 



Code of Conduct


    

  •  I agree to follow this project's Code of Conduct
    • 

Metadata
Metadata
Assignees
No one assigned
    Labels
    area/servicemeshGH issues or PRs regarding servicemeshfeature/k8s-gateway-apikind/community-reportThis was reported by a user in the Cilium community, eg via Slack.kind/enhancementThis would improve or streamline existing functionality.staleThe stale bot thinks this issue is old. Add "pinned" label to prevent this from becoming stale.
    Type
    No type
    Projects
    No projects
    Milestone
    No milestone
    Relationships
    None yet
    Development
    No branches or pull requests
    Issue actions