Introduction

You can use APIG to selectively expose your workloads and microservices in Cloud Container Engine (CCE).

Expose CCE workloads using either of the following methods. Method 1 is recommended.

Method 1
Create a load balance channel on APIG to access pod IP addresses in CCE workloads, dynamically monitoring the changes of these addresses. When opening APIs of a containerized application, specify a load balance channel to access the backend service.
Method 2
Import a CCE workload to APIG. APIs and a load balance channel are generated and associated with each other to dynamically monitor pod IP address changes. Expose workloads and microservices in CCE using these APIs.

Figure 1 Accessing CCE workloads (composed of pods) through APIG
Click to enlarge

You do not need to set elastic IP addresses, reducing network bandwidth costs.
Workload addresses in CCE can be accessed through a load balance channel that is manually created or generated by importing a workload.
Workload pod addresses in CCE can be dynamically monitored and automatically updated by a load balance channel that is manually created or generated by importing a workload.
CCE workloads can be released by tag for testing and version switching.
Multiple authentication modes keep access secure.
Request throttling policies ensure secure access to your backend service.
Instead of direct access to containerized applications, APIG provides request throttling to ensure that your backend service runs stably.
Pod load balancing improves resource utilization and system reliability.

Only CCE Turbo clusters and CCE clusters using the VPC network model are supported.
The CCE cluster and your gateway must be in the same VPC or connected.
If you select a CCE cluster that uses the VPC network model, add the container CIDR block of the cluster in the Routes area of the gateway details page.

Parent topic: Selectively Exposing CCE Workloads with a Dedicated Gateway