Requirements and limitations

Ensure the following requirements are met in order to run Airlock Microgateway successfully. Note that in addition to the following requirements, a valid license is required to operate Airlock Microgateway.

Platform requirements

Airlock Microgateway runs on Kubernetes version >= 1.28 and Istio >= 1.20. To ensure compatibility, we run automated tests with the following Kubernetes distributions:

Kubernetes distribution

Version(s)

Description

Google Kubernetes Engine

1.28, 1.29, 1.30

Anthos Service Mesh on Google Kubernetes Engine

1.22, 1.23

Istio versions 1.22, 1.23

OpenShift

4.17

Red Hat OpenShift Service Mesh

2.6

Istio version 1.20

K3s

1.28, 1.30, 1.31

Istio versions 1.22, 1.23

Kubernetes Gateway API support

Version

Description

Kubernetes Gateway API

v1.10

Standard Channel

Network communication

The following network communication is required:

From Pod

To service

To namespace

To port

To protocol

Protected web application Pod

airlock-microgateway-operator-xds

airlock-microgateway-system

13377

TCP

Additional components

Airlock Microgateway requires the following components to run:

Component

Tested version

Description

cert-manager

v1.16

The cert-manager is required to secure the connection between Kubernetes API server to the Microgateway Operator Webhook.

To install the cert-manager, follow the manual: installation of the cert-manager

Limitations

  • Mixing different versions like Airlock Microgateway Operator in version 4.x and Microgateway Engine in version 4.y is not supported.
  • WebSocket support is limited to HTTP/1.1.