--- layout: docs page_title: API Gateway for Kubernetes Technical Specifications description: >- Consul API Gateway is a service mesh add-on for Kubernetes deployments. Learn about its requirements for system resources, ports, and component versions, its Enterprise limitations, and compatible k8s cloud environments. --- # API Gateway for Kubernetes Technical Specifications This topic describes the technical specifications associated with using Consul API Gateway. ## Requirements Verify that your environment meets the following requirements prior to using Consul API Gateway. ### Datacenter Requirements Your datacenter must meet the following requirements prior to configuring the Consul API Gateway: - Kubernetes 1.21+ - `kubectl` 1.21+ - Consul 1.11.2+ - HashiCorp Consul Helm chart 0.47.1+ - Consul Service Mesh must be deployed on the Kubernetes cluster that API Gateway is deployed on. - Envoy: Envoy proxy support is determined by the Consul version deployed. Refer to [Envoy Integration](/consul/docs/connect/proxies/envoy) for details. ### TCP Port Requirements The following table describes the TCP port requirements for each component of the API Gateway. | Port | Description | Component | | ---- | ----------- | --------- | | 9090 | Secret discovery service (SDS) | Gateway controller pod
Gateway instance pod | | 20000 | Kubernetes readiness probe | Gateway instance pod | | Configurable | Port for scraping Prometheus metrics. Disabled by default. | Gateway controller pod | ## Consul Server Deployments - Consul Editions supported: OSS and Enterprise - Supported Consul Server deployment types: - Self-Managed - HCP Consul ### Limited Support of some Consul Features The following table lists API Gateway limitations related to specific Consul features | Consul Feature | Limitation | | -------------- | ---------- | | [Admin partitions](/consul/docs/enterprise/admin-partitions) | You can deploy Consul API Gateway into the `default` admin partition only. You can route to services in other `default` admin partitions through peered connections. Refer to [Route Traffic to Peered Services](/consul/docs/api-gateway/usage/route-to-peered-services) for additional information. | | Routing between datacenters | If you are connecting multiple Consul datacenters to create a federated network, you can route to services in other datacenters through peered connections. Refer to [Route Traffic to Peered Services](/consul/docs/api-gateway/usage/route-to-peered-services) for additional information. | ## Deployment Environments Consul API Gateway can be deployed in the following Kubernetes-based environments: - Generic Kubernetes - AWS Elastic Kubernetes Service (EKS) - Google Kubernetes Engine (GKE) - Azure Kubernetes Service (AKS) ## Kubernetes Gateway API Specification - Supported Versions See the Release Notes for the version of Consul API Gateway being used. ## Resource Allocations The following resources are allocated for each component of the API Gateway. ### Gateway Controller Pod - **CPU**: None. Either the namespace or cluster default is allocated, depending on the Kubernetes cluster configuration. - **Memory**: None. Either the the namespace or cluster default is allocated, depending on the Kubernetes cluster configuration. ### Gateway Instance Pod - **CPU**: None. Either the namespace or cluster default is allocated, depending on the Kubernetes cluster configuration. - **Memory**: None. Either the namespace or cluster default is allocated, depending on the Kubernetes cluster configuration.