open-consul/website/content/docs/api-gateway/tech-specs.mdx

---
layout: docs
page_title: API Gateway for Kubernetes Technical Specifications
description: >-
  Consul API Gateway is a service mesh add-on for Kubernetes deployments. Learn about its requirements for system resources, ports, and component versions, its Enterprise limitations, and compatible k8s cloud environments.
---

# API Gateway for Kubernetes Technical Specifications

This topic describes the technical specifications associated with using Consul API Gateway.

## Requirements

Verify that your environment meets the following requirements prior to using Consul API Gateway.

### Datacenter Requirements

Your datacenter must meet the following requirements prior to configuring the Consul API Gateway:

- Kubernetes 1.21+
- `kubectl` 1.21+
- Consul 1.11.2+
- HashiCorp Consul Helm chart 0.47.1+
- Consul Service Mesh must be deployed on the Kubernetes cluster that API Gateway is deployed on.
- Envoy:  Envoy proxy support is determined by the Consul version deployed. Refer to [Envoy Integration](/consul/docs/connect/proxies/envoy) for details.

### TCP Port Requirements

The following table describes the TCP port requirements for each component of the API Gateway.

| Port | Description | Component |
| ---- | ----------- | --------- |
| 9090 | Secret discovery service (SDS) | Gateway controller pod <br/> Gateway instance pod |
| 20000 | Kubernetes readiness probe | Gateway instance pod |
| Configurable | Port for scraping Prometheus metrics. Disabled by default. | Gateway controller pod |

## Consul Server Deployments

- Consul Editions supported: OSS and Enterprise
- Supported Consul Server deployment types:
  - Self-Managed
  - HCP Consul

### Limited Support of some Consul Features

The following table lists API Gateway limitations related to specific Consul features

| Consul Feature | Limitation |
| -------------- | ---------- |
| [Admin partitions](/consul/docs/enterprise/admin-partitions) | You can deploy Consul API Gateway into the `default` admin partition only. You can route to services in other `default` admin partitions through peered connections. Refer to [Route Traffic to Peered Services](/consul/docs/api-gateway/usage/route-to-peered-services) for additional information. |
| Routing between datacenters | If you are connecting multiple Consul datacenters to create a federated network, you can route to services in other datacenters through peered connections. Refer to [Route Traffic to Peered Services](/consul/docs/api-gateway/usage/route-to-peered-services) for additional information. |

## Deployment Environments

Consul API Gateway can be deployed in the following Kubernetes-based environments:

- Generic Kubernetes
- AWS Elastic Kubernetes Service (EKS)
- Google Kubernetes Engine (GKE)
- Azure Kubernetes Service (AKS)

## Kubernetes Gateway API Specification - Supported Versions

See the Release Notes for the version of Consul API Gateway being used.

## Resource Allocations

The following resources are allocated for each component of the API Gateway.

### Gateway Controller Pod

- **CPU**: None. Either the namespace or cluster default is allocated, depending on the Kubernetes cluster configuration.
- **Memory**: None. Either the the namespace or cluster default is allocated, depending on the Kubernetes cluster configuration.

### Gateway Instance Pod

- **CPU**: None. Either the namespace or cluster default is allocated, depending on the Kubernetes cluster configuration.
- **Memory**: None. Either the namespace or cluster default is allocated, depending on the Kubernetes cluster configuration.
added 'Tech Specs' section under API Gateway 2022-02-16 19:54:43 +00:00			`---`
			`layout: docs`
Update existing docs from Consul API Gateway -> API Gateway for Kubernetes (#16360) * Update existing docs from Consul API Gateway -> API Gateway for Kubernetes * Update page header to reflect page title change * Update nav title to match new page title 2023-02-22 17:34:27 +00:00			`page_title: API Gateway for Kubernetes Technical Specifications`
added 'Tech Specs' section under API Gateway 2022-02-16 19:54:43 +00:00			`description: >-`
/docs/api-gateway/configuration /docs/api-gateway/ 2022-09-23 20:59:02 +00:00			`Consul API Gateway is a service mesh add-on for Kubernetes deployments. Learn about its requirements for system resources, ports, and component versions, its Enterprise limitations, and compatible k8s cloud environments.`
added 'Tech Specs' section under API Gateway 2022-02-16 19:54:43 +00:00			`---`

Update existing docs from Consul API Gateway -> API Gateway for Kubernetes (#16360) * Update existing docs from Consul API Gateway -> API Gateway for Kubernetes * Update page header to reflect page title change * Update nav title to match new page title 2023-02-22 17:34:27 +00:00			`# API Gateway for Kubernetes Technical Specifications`
Add technical specifications 2022-02-22 21:57:04 +00:00
separated overview content and usage content into their own pages 2022-02-23 00:44:30 +00:00			`This topic describes the technical specifications associated with using Consul API Gateway.`

			`## Requirements`

			`Verify that your environment meets the following requirements prior to using Consul API Gateway.`

			`### Datacenter Requirements`
Add technical specifications 2022-02-22 21:57:04 +00:00
Move software requirements to Technical Specifications page 2022-02-22 22:43:46 +00:00			`Your datacenter must meet the following requirements prior to configuring the Consul API Gateway:`

			`- Kubernetes 1.21+`
			- `kubectl` 1.21+
API GW 0.3 Release Notes and updated Tech Specs 2022-06-21 00:00:11 +00:00			`- Consul 1.11.2+`
Update required Helm chart version to match APIGW release notes (#15168) 2022-10-31 20:31:10 +00:00			`- HashiCorp Consul Helm chart 0.47.1+`
Minor edits and additions to the API Gateway docs. 2022-02-24 15:25:58 +00:00			`- Consul Service Mesh must be deployed on the Kubernetes cluster that API Gateway is deployed on.`
docs: Migrate link formats (#15976) * Adding check-legacy-links-format workflow * Adding test-link-rewrites workflow * Updating docs-content-check-legacy-links-format hash * Migrating links to new format Co-authored-by: Kendall Strautman <kendallstrautman@gmail.com> 2023-01-25 16:52:43 +00:00			`- Envoy: Envoy proxy support is determined by the Consul version deployed. Refer to [Envoy Integration](/consul/docs/connect/proxies/envoy) for details.`
Move software requirements to Technical Specifications page 2022-02-22 22:43:46 +00:00
separated overview content and usage content into their own pages 2022-02-23 00:44:30 +00:00			`### TCP Port Requirements`

			`The following table describes the TCP port requirements for each component of the API Gateway.`

			`\| Port \| Description \| Component \|`
Docs: Release Notes reorg - adding ECS and NIA 2022-04-26 03:59:18 +00:00			`\| ---- \| ----------- \| --------- \|`
separated overview content and usage content into their own pages 2022-02-23 00:44:30 +00:00			`\| 9090 \| Secret discovery service (SDS) \| Gateway controller pod <br/> Gateway instance pod \|`
			`\| 20000 \| Kubernetes readiness probe \| Gateway instance pod \|`
			`\| Configurable \| Port for scraping Prometheus metrics. Disabled by default. \| Gateway controller pod \|`

Add technical specifications 2022-02-22 21:57:04 +00:00			`## Consul Server Deployments`

			`- Consul Editions supported: OSS and Enterprise`
			`- Supported Consul Server deployment types:`
Move software requirements to Technical Specifications page 2022-02-22 22:43:46 +00:00			`- Self-Managed`
Add technical specifications 2022-02-22 21:57:04 +00:00			`- HCP Consul`

Docs: add limitations to Tech Specs 2022-09-08 18:38:27 +00:00			`### Limited Support of some Consul Features`

Update website/content/docs/api-gateway/tech-specs.mdx Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com> 2022-09-08 19:51:44 +00:00			`The following table lists API Gateway limitations related to specific Consul features`
Docs: add limitations to Tech Specs 2022-09-08 18:38:27 +00:00
			`\| Consul Feature \| Limitation \|`
			`\| -------------- \| ---------- \|`
docs: Migrate link formats (#15976) * Adding check-legacy-links-format workflow * Adding test-link-rewrites workflow * Updating docs-content-check-legacy-links-format hash * Migrating links to new format Co-authored-by: Kendall Strautman <kendallstrautman@gmail.com> 2023-01-25 16:52:43 +00:00			\| [Admin partitions](/consul/docs/enterprise/admin-partitions) \| You can deploy Consul API Gateway into the `default` admin partition only. You can route to services in other `default` admin partitions through peered connections. Refer to [Route Traffic to Peered Services](/consul/docs/api-gateway/usage/route-to-peered-services) for additional information. \|
Update docs for the release of Consul API Gateway v0.5 (#15015) * added usage folder to organize use case docs for CAPIgw * Add peer field to MeshService configuration page * Add first pass at guide for routing to peered services * Add exception to same-datacenter restriction for referenced Consul service * Add example HTTPRoute referencing the MeshService as backendRef * Add example ServiceResolver * Add note about current ServiceResolver requirement ServiceResolver may eventually be created implicitly by the API gateway controller, but that decision is pending. * tweaks to the usage page for routing to peered services * tweaks to the description in the configuration reference * resolved TO-DOs from previous iteration * Remove datacenter federation from limited support matrix * added tolerations doc * Remove note excluding k8s 1.24 since we now support it * Reorder sections to maintain alphabetical sort * Add example configuration for MeshService resource * Adjust wording + indentation of other docs * Use consistent "example-" prefix for resource names in example code * reframed the tolerations documentation; STILL A WIP * add helm chart documentation * removed tolerations from gwcconfig configuration model reference * Apply suggestions from code review Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com> * update version to 0.5.0 * Update install.mdx * added release notes for v.0.5.x Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com> Co-authored-by: Sarah Alsmiller <sarah.alsmiller@hashicorp.com> Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com> Co-authored-by: sarahalsmiller <100602640+sarahalsmiller@users.noreply.github.com> 2022-11-17 23:42:25 +00:00			`\| Routing between datacenters \| If you are connecting multiple Consul datacenters to create a federated network, you can route to services in other datacenters through peered connections. Refer to [Route Traffic to Peered Services](/consul/docs/api-gateway/usage/route-to-peered-services) for additional information. \|`
Docs: add limitations to Tech Specs 2022-09-08 18:38:27 +00:00
Add technical specifications 2022-02-22 21:57:04 +00:00			`## Deployment Environments`

			`Consul API Gateway can be deployed in the following Kubernetes-based environments:`

			`- Generic Kubernetes`
			`- AWS Elastic Kubernetes Service (EKS)`
			`- Google Kubernetes Engine (GKE)`
			`- Azure Kubernetes Service (AKS)`

Docs: Release Notes reorg - adding ECS and NIA 2022-04-26 03:59:18 +00:00			`## Kubernetes Gateway API Specification - Supported Versions`
Add technical specifications 2022-02-22 21:57:04 +00:00
Docs: Release Notes reorg - adding ECS and NIA 2022-04-26 03:59:18 +00:00			`See the Release Notes for the version of Consul API Gateway being used.`
Add technical specifications 2022-02-22 21:57:04 +00:00
			`## Resource Allocations`

separated overview content and usage content into their own pages 2022-02-23 00:44:30 +00:00			`The following resources are allocated for each component of the API Gateway.`
Add technical specifications 2022-02-22 21:57:04 +00:00
			`### Gateway Controller Pod`

Docs: Release Notes reorg - adding ECS and NIA 2022-04-26 03:59:18 +00:00			`- CPU: None. Either the namespace or cluster default is allocated, depending on the Kubernetes cluster configuration.`
			`- Memory: None. Either the the namespace or cluster default is allocated, depending on the Kubernetes cluster configuration.`
Add technical specifications 2022-02-22 21:57:04 +00:00
			`### Gateway Instance Pod`

Docs: Release Notes reorg - adding ECS and NIA 2022-04-26 03:59:18 +00:00			`- CPU: None. Either the namespace or cluster default is allocated, depending on the Kubernetes cluster configuration.`
			`- Memory: None. Either the namespace or cluster default is allocated, depending on the Kubernetes cluster configuration.`