Ensure the following requirements are met in order to run Airlock Microgateway successfully. Note that in addition to the following requirements, a valid license is required to operate Airlock Microgateway.
Platform requirements
Airlock Microgateway runs on Kubernetes version >= 1.28
and Istio >= 1.20
. To ensure compatibility, we run automated tests with the following Kubernetes distributions:
Kubernetes distribution | Version(s) | Description |
---|---|---|
Google Kubernetes Engine | 1.28, 1.29, 1.30 | |
Anthos Service Mesh on Google Kubernetes Engine | 1.22, 1.23 | Istio versions 1.22, 1.23 |
OpenShift | 4.17 | |
Red Hat OpenShift Service Mesh | 2.6 | Istio version 1.20 |
K3s | 1.28, 1.30, 1.31 | Istio versions 1.22, 1.23 |
Kubernetes Gateway API support
Version | Description | |
---|---|---|
Kubernetes Gateway API | v1.10 | Standard Channel |
Network communication
The following network communication is required:
From Pod | To service | To namespace | To port | To protocol |
---|---|---|---|---|
Protected web application Pod |
|
|
|
|
Additional components
Airlock Microgateway requires the following components to run:
Component | Tested version | Description |
---|---|---|
cert-manager | v1.16 | The cert-manager is required to secure the connection between Kubernetes API server to the Microgateway Operator Webhook. To install the cert-manager, follow the manual: installation of the cert-manager |
Limitations
- Mixing different versions like Airlock Microgateway Operator in version 4.x and Microgateway Engine in version 4.y is not supported.
- WebSocket support is limited to HTTP/1.1.
Further information and links
- Internal links:
- Configuration and monitoring of licenses
- External links:
- (Kubernetes) Resource Management for Pods and Containers