From 759a4d3fd25cc03f6dfc02a230906883a4103ac5 Mon Sep 17 00:00:00 2001 From: lukasmetzner Date: Wed, 26 Nov 2025 13:54:00 +0100 Subject: [PATCH 1/3] docs: ingress and gateway api explanation --- docs/explanation/ingress-and-gateway-api.md | 9 +++++++++ 1 file changed, 9 insertions(+) create mode 100644 docs/explanation/ingress-and-gateway-api.md diff --git a/docs/explanation/ingress-and-gateway-api.md b/docs/explanation/ingress-and-gateway-api.md new file mode 100644 index 000000000..0686ac583 --- /dev/null +++ b/docs/explanation/ingress-and-gateway-api.md @@ -0,0 +1,9 @@ +# Ingress & Gateway API + +Ingress and the Gateway API rely on custom resource definitions (CRDs). These CRDs require controllers that observe changes and perform the necessary actions to move the system toward the desired state. + +A common example is the NGINX Ingress Controller, which watches for Ingress objects and configures an NGINX instance accordingly. To expose traffic to the outside world, the Ingress controller creates a Kubernetes Service of type `LoadBalancer`. At this point, the hcloud-cloud-controller-manager (HCCM) comes into play and provisions the corresponding Hetzner Cloud Load Balancer. This setup is referred to as an "Ingress-managed load balancer" (See: [What is an Ingress?](https://kubernetes.io/docs/concepts/services-networking/ingress/#what-is-ingress)). + +The Ingress resource is currently being phased out in favor of the Gateway API resources. This introduces the need for new controllers that watch and reconcile Gateway API objects. One such controller is the **NGINX Gateway Fabric**, which configures NGINX worker processes based on Gateway API specifications. Similar to the Ingress controller, it uses a Kubernetes Service of type `LoadBalancer` to expose traffic externally. + +Hetzner Cloud Load Balancers currently do not support L7 routing. Because of this limitation, we have not built an Ingress controller, and for the same reason we do not plan to build a Gateway API controller at this time. If Hetzner Cloud Load Balancers eventually gain the necessary L7 capabilities, we would reevaluate the need for building such a product. Such a controller would live in its own project and would not be part of HCCM. From 62c6382868370b852bde6d5aedf6d8159957960e Mon Sep 17 00:00:00 2001 From: lukasmetzner Date: Wed, 26 Nov 2025 13:56:17 +0100 Subject: [PATCH 2/3] docs: wip --- docs/explanation/ingress-and-gateway-api.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/explanation/ingress-and-gateway-api.md b/docs/explanation/ingress-and-gateway-api.md index 0686ac583..c1ee20556 100644 --- a/docs/explanation/ingress-and-gateway-api.md +++ b/docs/explanation/ingress-and-gateway-api.md @@ -4,6 +4,6 @@ Ingress and the Gateway API rely on custom resource definitions (CRDs). These CR A common example is the NGINX Ingress Controller, which watches for Ingress objects and configures an NGINX instance accordingly. To expose traffic to the outside world, the Ingress controller creates a Kubernetes Service of type `LoadBalancer`. At this point, the hcloud-cloud-controller-manager (HCCM) comes into play and provisions the corresponding Hetzner Cloud Load Balancer. This setup is referred to as an "Ingress-managed load balancer" (See: [What is an Ingress?](https://kubernetes.io/docs/concepts/services-networking/ingress/#what-is-ingress)). -The Ingress resource is currently being phased out in favor of the Gateway API resources. This introduces the need for new controllers that watch and reconcile Gateway API objects. One such controller is the **NGINX Gateway Fabric**, which configures NGINX worker processes based on Gateway API specifications. Similar to the Ingress controller, it uses a Kubernetes Service of type `LoadBalancer` to expose traffic externally. +The Ingress resource is currently being phased out in favor of the Gateway API resources. This introduces the need for new controllers that watch and reconcile Gateway API objects. One such controller is the **NGINX Gateway Fabric**, which configures an NGINX instance based on Gateway API specifications. Similar to the Ingress controller, it uses a Kubernetes Service of type `LoadBalancer` to expose traffic externally. Hetzner Cloud Load Balancers currently do not support L7 routing. Because of this limitation, we have not built an Ingress controller, and for the same reason we do not plan to build a Gateway API controller at this time. If Hetzner Cloud Load Balancers eventually gain the necessary L7 capabilities, we would reevaluate the need for building such a product. Such a controller would live in its own project and would not be part of HCCM. From e334d7d19de427079f52dc81bea9c40bade0d996 Mon Sep 17 00:00:00 2001 From: lukasmetzner Date: Thu, 27 Nov 2025 13:38:20 +0100 Subject: [PATCH 3/3] docs: fix ingress is not a CRD --- docs/explanation/ingress-and-gateway-api.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/explanation/ingress-and-gateway-api.md b/docs/explanation/ingress-and-gateway-api.md index c1ee20556..76f529d17 100644 --- a/docs/explanation/ingress-and-gateway-api.md +++ b/docs/explanation/ingress-and-gateway-api.md @@ -1,6 +1,6 @@ # Ingress & Gateway API -Ingress and the Gateway API rely on custom resource definitions (CRDs). These CRDs require controllers that observe changes and perform the necessary actions to move the system toward the desired state. +Ingress and Gateway API resources rely on controllers that watch for changes and take the actions needed to bring the system to the desired state. A common example is the NGINX Ingress Controller, which watches for Ingress objects and configures an NGINX instance accordingly. To expose traffic to the outside world, the Ingress controller creates a Kubernetes Service of type `LoadBalancer`. At this point, the hcloud-cloud-controller-manager (HCCM) comes into play and provisions the corresponding Hetzner Cloud Load Balancer. This setup is referred to as an "Ingress-managed load balancer" (See: [What is an Ingress?](https://kubernetes.io/docs/concepts/services-networking/ingress/#what-is-ingress)).