Docs Local Kubernetes Blog Enterprise Community Get Started GitHub

Listeners

Listeners are the entrypoints for traffic into agentgateway. Agentgateway supports both HTTP HTTP (Hypertext Transfer Protocol) The protocol used for transmitting web pages and data over the internet. Agentgateway primarily handles HTTP and HTTPS traffic. and TCP TCP (Transmission Control Protocol) A connection-oriented protocol that provides reliable, ordered delivery of data. Agentgateway supports TCP listeners for non-HTTP traffic. traffic, with and without TLS TLS (Transport Layer Security) A cryptographic protocol that provides secure communication over a network. Agentgateway supports TLS for both incoming connections (listeners) and outgoing connections (backends). .

HTTP Listeners

An HTTP listener can be configured by setting protocol: HTTP in the listener configuration. This is also the default protocol if no protocol is specified.

For example:

listeners:
- protocol: HTTP
  routes: []

HTTPS Listeners

Serving HTTPS HTTPS (HTTP Secure) HTTP over TLS/SSL, providing encrypted communication. Agentgateway supports HTTPS listeners with TLS certificate configuration. traffic requires TLS certificates and setting protocol: HTTPS in the listener configuration:

listeners:
- protocol: HTTPS
  tls:
    cert: examples/tls/certs/cert.pem
    key: examples/tls/certs/key.pem

By default, a listener will match any traffic on the port. Requests can be routed based on the hostname using the hostname field. The most exact match will be used, as well as the corresponding TLS certificates.

listeners:
- name: discrete
  protocol: HTTPS
  hostname: a.example.com
  tls:
    cert: examples/tls/certs/cert-a.pem
    key: examples/tls/certs/key-a.pem
- name: wildcard
  protocol: HTTPS
  hostname: "*.example.com"
  tls:
    cert: examples/tls/certs/cert-wildcard.pem
    key: examples/tls/certs/key-wildcard.pem

TCP Listeners

TCP listeners can be configured by setting protocol: TCP in the listener configuration. TCP listeners are useful when serving traffic that is not HTTP based.

Note

A large portion of agentgateway’s functionality is specific to HTTP traffic, and not available for TCP traffic.

listeners:
- name: default
  protocol: TCP
  tcpRoutes: []

Additionally, note the use of tcpRoutes instead of routes (which are HTTP routes) in the example.

TLS Listeners

For serving TLS traffic, the protocol: TLS can be used.

Note

TLS encrypted HTTP traffic should use HTTPS listeners.

TLS listeners can either terminate or passthrough TLS traffic. While both a TCP and TLS passthrough listener do not terminate TLS, the latter enables the use of routing based on the hostname (utilizing SNI).

listeners:
- hostname: passthrough.example.com
  protocol: TLS
  tcpRoutes: []
- hostname: termination.example.com
  protocol: TLS
  tcpRoutes: []
  tls:
    cert: examples/tls/certs/cert.pem
    key: examples/tls/certs/key.pem
PoliciesBackends