Managing Ingress Gateway Route Tables with kubectl
With the kubectl command you can create, update, move, list, view,
and delete an ingress gateway route table. The following topics detail how to manage these
operations with kubectl.
Required IAM Policy for Ingress Gateway Route Table
To use an ingress gateway route table, an administrator must grant you the required type of access in a policy (IAM). Whether you're using the Console, the REST API with an SDK, the CLI, Kubernetes kubectl, or other tool, the correct permissions are required.
When an action produces a permission denied or unauthorized message, confirm a couple of settings with your administrator. The administrator must ensure that the correct type of access is granted and the correct compartment is specified.
For example, to allow users in the group MeshAdmins to create, update, and delete all ingress route tables in the compartment sales-app:
Allow group MeshAdmins to manage mesh-ingress-gateway-route-tables in compartment sales-appFor Service Mesh IAM policy reference details for each resource, see: Service Mesh IAM Policies.
For a step-by-step guide to set up all the required IAM policies for a Service Mesh, see: Set up Policies required for Service Mesh
View Kubernetes Configuration Options for Ingress Gateway Route Tables
You can view the Kubernetes CLI ingress gateway route table YAML configuration options by displaying the Custom Resource Definition (CRD). Use the following command:
kubectl describe crd ingressgatewayroutetables.servicemesh.oci.oracle.comIn the CRD, you see the fields used in a YAML configuration file under
spec:schema:openAPIV3Schema:properties:spec. CRD output also
includes information about field types, ranges, and limits. The following section
provides an example of a YAML configuration file.
Create, Update, or Move an Ingress Gateway Route Table
To create an ingress gateway route table, use the kubectl apply
command. For example:
kubectl apply -f ingress-gateway-rt.yamlThe following is the sample yaml configuration file used to create
an ingress gateway route table:
apiVersion: servicemesh.oci.oracle.com/v1beta1
kind: IngressGatewayRouteTable
metadata:
name: <sample-ingress-gateway>-route-table # Name of Ingress Gateway Route Table
namespace: <sample-namespace>
spec:
compartmentId: ocid1.compartment.oc1..aaa...
name: <sample-ig-rt> # Ingress Gateway Route Table name inside the mesh
description: This Ingress Gateway Route Table
ingressGateway:
ref:
name: <sample-ingress-gateway>
routeRules:
- httpRoute:
ingressGatewayHost:
name: samplehost
path: /foo
pathType: PREFIX
isGrpc: false
destinations:
- virtualService:
ref:
name: <vs-sample-page>
kubectl: - Change the configuration file as needed.
- Save the file.
- Run the
applycommand again.
- Update the compartment OCID to the value of the target compartment.
- Save the file.
- Run the
applycommand again.
Get a List of Ingress Gateway Route Tables
To get a list of ingress gateway route tables in your namespace, use the following command:
kubectl get ingressgatewayroutetables -n <namespace>View an Ingress Gateway Route Table
To view the details of a specific ingress gateway route table in your namespace, use the following command:
kubectl describe ingressgatewayroutetable <name> -n <namespace>Delete an Ingress Gateway Route Table
To delete of a specific ingress gateway route table in your namespace, use the following command:
kubectl delete ingressgatewayroutetable <name> -n <namespace>