Comment on Best reverse proxy with ACME to run in docker
silenium_dev@feddit.org 23 hours agoIf you’re moving to K8s, I recommend looking into K8s Gateway API, it’s the successor to the old Ingress API. There are other, more complete, implementations of it than Traefik. See https://gateway-api.sigs.k8s.io/
reabsorbthelight@lemmy.world 19 hours ago
Which gateway implementations would you recommend?
I’m looking to support HTTPS and Webdav
silenium_dev@feddit.org 12 hours ago
I’m using istio (in ambient mode, so it doesn’t put its sidecar into every pod I create), and Nextcloud behind it, works flawlessly. It does consume a bit of time to set up properly though.
TLS is handled via cert-manager, which works with both Ingress and Gateway API, independent of which implementation you choose.
I’ve also tried envoy gateway (had issues with uploading larger files via Nextcloud Web UI and Gradle publish to maven repo).
Cilium (a CNI) also has an integrated Gateway and Ingress API implementation, works fine, but lacks some of the most recent stable features, and quite some experimental features. But if you just need a HTTPS gateway without much fuss, it’s rock-solid. Setup time is also minimal for the Ingress/Gateway controller part. Cilium CNI on the other hand takes a lot of time to understand and configure, if you’re unfamiliar with networking in general.
Traefik is comparable with Cilium’s Gateway API implementation, also works, simple to setup, and might be better suited, if you’re already familiar with it using docker, as it’s the same concepts, just slightly different config (docker labels vs. Ingress/Gateway API with Traefik specific annotations).