Kubernetes 1.32: Gateway API and Sidecar Containers in Production

By /

Kubernetes 1.32: Gateway API and Sidecar Containers in Production

Kubernetes 1.32 graduates two features that fundamentally change how we route traffic and run sidecars: Gateway API goes GA, and native sidecar containers reach stable.

Gateway API Replaces Ingress

The Ingress resource was always limited — no TCP/UDP routing, no traffic splitting, no header-based matching without annotations. Gateway API fixes all of this with a role-oriented design:

apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
  name: api-routes
spec:
  parentRefs:
  - name: production-gateway
  rules:
  - matches:
    - path:
        value: /api/v2
      headers:
      - name: X-Canary
        value: "true"
    backendRefs:
    - name: api-v2-canary
      port: 8080
      weight: 100
  - matches:
    - path:
        value: /api/v2
    backendRefs:
    - name: api-v2-stable
      port: 8080
      weight: 90
    - name: api-v2-canary
      port: 8080
      weight: 10

Native Sidecar Containers

Init containers with restartPolicy: Always become sidecars that start before and stop after app containers. This fixes the long-standing issue of Istio proxies outliving application containers.

Migration is straightforward for most service mesh setups, and the startup ordering guarantees eliminate race conditions that plagued the old sidecar pattern.

Scroll to Top