We are leveraging the power of Kubernetes Gateway API to use it capabilities in Gateway and HTTPRoute.
We have a simple Gateway resource that uses a GKE External Global LoadBalancer. Below shows the full manifest code
kind: Gateway
apiVersion: gateway.networking.k8s.io/v1beta1
metadata:
name: external-http
namespace: infra-ns
spec:
gatewayClassName: gke-l7-global-external-managed
listeners:
- name: https
protocol: HTTPS
port: 443
allowedRoutes:
namespaces:
from: Selector
selector:
matchLabels:
shared-gateway-access: "true"
tls:
mode: Terminate
options:
networking.gke.io/pre-shared-certs: ipos-cert
addresses:
- type: NamedAddress
value: "l7lb-external-ip-address"
This Gateway is attached to multiple HTTPRoutes like so
rules:
- matches:
- path:
value: /api/v1/service
backendRefs:
- name: example-service
port: 80
The setup work well when requests are sent from code application clients. The problem is if request is sent through browser, we get a Cross-Origin Resource Sharing error: PreflightMissingAllowOriginHeader and request status says CORS error
How can we add the missing Allow Origin Header using Kubernetes Gateway API
CORS support is on the GKE Gateway roadmap, but for now you will need to add support from within your application backend.