Is there an existing issue for this?
Current Behavior
According to the documentation (https://developer.konghq.com/kubernetes-ingress-controller/gateway-api/#unmanaged-gateways), when using unmanaged gateways, all routes are sent to all gateway instances with the same controller name.
When using two gateway instances, one with a listener for alpha.example.com and one with a listener for *.example.com, a route with a parentRef set to the first gateway but a different hostname (for example beta.example.com) will lead to a routing error instead of being handled by the wildcard gateway.
Expected Behavior
The beta.example.com route should be handled by the wildcard gateway when using unmanaged mode.
Steps To Reproduce
1. Deploy an unmanaged GatewayClass.
1. Deploy two Gateways, for example
apiVersion: gateway.networking.k8s.io/v1
kind: Gateway
metadata:
name: example
spec:
gatewayClassName: kong
listeners:
- allowedRoutes:
namespaces:
from: All
hostname: alpha.example.com
name: tls
port: 443
protocol: HTTPS
tls:
certificateRefs:
- group: ''
kind: Secret
name: some-certificate
mode: Terminate
---
apiVersion: gateway.networking.k8s.io/v1
kind: Gateway
metadata:
name: example-wildcard
spec:
gatewayClassName: kong
listeners:
- allowedRoutes:
namespaces:
from: All
hostname: *.example.com
name: tls
port: 443
protocol: HTTPS
tls:
certificateRefs:
- group: ''
kind: Secret
name: some-certificate
mode: Terminate
1. Now deploy an HTTPRoute with a parentRef set to example and a hostname set to `beta.example.com`
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: beta-route
spec:
hostnames:
- beta.example.com
parentRefs:
- group: gateway.networking.k8s.io
kind: Gateway
name: example
rules:
- backendRefs:
- group: ''
kind: Service
name: some-service
port: 80
weight: 1
matches:
- path:
type: PathPrefix
value: /
1. Navigate to `beta.example.com` to find a routing error messageKong Ingress Controller version
Kubernetes version
{
"clientVersion": {
"major": "1",
"minor": "31",
"gitVersion": "v1.31.0",
"gitCommit": "9edcffcde5595e8a5b1a35f88c421764e575afce",
"gitTreeState": "clean",
"buildDate": "2024-08-13T07:37:34Z",
"goVersion": "go1.22.5",
"compiler": "gc",
"platform": "windows/amd64"
},
"kustomizeVersion": "v5.4.2",
"serverVersion": {
"major": "1",
"minor": "32",
"gitVersion": "v1.32.4+rke2r1",
"gitCommit": "59526cd4867447956156ae3a602fcbac10a2c335",
"gitTreeState": "clean",
"buildDate": "2025-04-23T02:45:16Z",
"goVersion": "go1.23.6 X:boringcrypto",
"compiler": "gc",
"platform": "linux/amd64"
}
}Anything else?
No response
Is there an existing issue for this?
Current Behavior
According to the documentation (https://developer.konghq.com/kubernetes-ingress-controller/gateway-api/#unmanaged-gateways), when using unmanaged gateways, all routes are sent to all gateway instances with the same controller name.
When using two gateway instances, one with a listener for
alpha.example.comand one with a listener for*.example.com, a route with a parentRef set to the first gateway but a different hostname (for examplebeta.example.com) will lead to a routing error instead of being handled by the wildcard gateway.Expected Behavior
The
beta.example.comroute should be handled by the wildcard gateway when using unmanaged mode.Steps To Reproduce
Kong Ingress Controller version
Kubernetes version
{ "clientVersion": { "major": "1", "minor": "31", "gitVersion": "v1.31.0", "gitCommit": "9edcffcde5595e8a5b1a35f88c421764e575afce", "gitTreeState": "clean", "buildDate": "2024-08-13T07:37:34Z", "goVersion": "go1.22.5", "compiler": "gc", "platform": "windows/amd64" }, "kustomizeVersion": "v5.4.2", "serverVersion": { "major": "1", "minor": "32", "gitVersion": "v1.32.4+rke2r1", "gitCommit": "59526cd4867447956156ae3a602fcbac10a2c335", "gitTreeState": "clean", "buildDate": "2025-04-23T02:45:16Z", "goVersion": "go1.23.6 X:boringcrypto", "compiler": "gc", "platform": "linux/amd64" } }Anything else?
No response