The Kusk team is proud to announce the beta release of Kusk Gateway, which adds API mocking capabilities, a CLI tool, and HTTP/SSL-related improvements.
The Kusk team is proud to announce the release of our first beta version of Kusk Gateway!
For the unfamiliar, Kusk Gateway is an open-source Ingress controller / API Gateway that makes your OpenAPI definition the source-of-truth for both functional and operational aspects of your APIs, enabling an iterative design-first approach to API development with Kubernetes.
The fact that we are releasing beta 1 means you can be confident that there won’t be any glaring breaking changes in future releases in the API, StaticRoute, and EnvoyFleet resources.
But you can expect lots of nice new features and squashed bugs as we continue our journey to a GA release later this spring.
Since the last Alpha release we have been focusing on making the core of Kusk Gateway production ready - but have also managed to squeeze in some new functionality.
Mocking has long been on our roadmap to implement and it's here at last. By using a dedicated x-kusk extension in your OpenAPI definition, mocking can be enabled at either the root, path or operation level and will result in Kusk Gateway returning the first example response defined in your OpenAPI definition for each operation. For example the following OpenAPI extension:
At the root level of your OpenAPI definition will result in Kusk Gateway returning a mock response for any request made to the API - effectively turning it into a full-fledged mock-server for your APIs without any additional configuration required.
Adding the extension for a specific operation or path will only return mock responses for the corresponding requests, which is useful when those operations are still under development or not available for any other reason.
Read more about mocking in the documentation.
Automatic HTTPS Redirection
It is now possible to enforce HTTPS on host names corresponding to your StaticRoutes and APIs using EnvoyFleets.
By providing a list of host names to https_redirect_hosts under the EnvoyFleet’s TLS section, when a request is made with any of the host names in this list, envoy will issue a 301 redirect to the HTTPS endpoint instead.
See the documentation for a complete reference of TLS options.
Autoreload rotated certificates
The possibility to automatically reload rotated certificates greatly eases the usage of SSL/HTTPS for your API endpoints. The Kusk Gateway manager automatically keeps track of all the TLS certificates stored in secrets used across all of your EnvoyFleets. When the manager detects a change, it will fetch the new secret and update the configuration without downtime.
Remove Dependency on Cert Manager
The previous release of Kusk Gateway relied on CertManager for certificate creation, mainly for our Mutating and Validating webhooks.
Although being a great component it’s not always feasible to require CertManager to be installed in the cluster as it’s another component that needs to be managed.
As of the beta release, we now generate our webhook certificates internally, removing the need to have CertManager installed and running.
KGW Command-line tool
Kusk Gateway now includes a command-line utility for creating Kusk Gateway API resources from your OpenAPI specification document, which is useful when you want to automate your OpenAPI deployment workflows as part of a CD pipeline.
Check out the KGW GitHub Repository for more information.
The road to GA
The main areas for improvement we are planning for the GA release include:
- A browser-based “dashboard” for managing/inspecting deployed APIs
- Auto-deployment of APIs based on kubernetes annotations
- Deploy an API through the dashboard
And a bunch of improvements to documentation, packaging, performance, etc.
You’re welcome to check out the 1.0.0 Release project on GitHub to see how things are going, don’t hesitate to jump in with comments and suggestions!
Try it out!
Head over to the Kusk Gateway GitHub repository to download the latest release - installation instructions and documentation are available there as well. If you have any questions or ideas please feel free to join our Discord server and get in touch.