Chapter 56: Traffic Engineering

Traffic engineering exposes your Kubernetes agent to the world with safe ingress, routing, and autoscaling. You build a traffic-engineer skill that covers Gateway API (the Ingress successor), Envoy Gateway, rate limiting, TLS, traffic splitting, and KEDA-based scaling.

---

Goals

• Understand Gateway API concepts and deploy Envoy Gateway
• Route traffic with HTTPRoute (paths, headers, query matching)
• Apply rate limiting, retries, timeouts, and circuit breaking
• Terminate TLS with CertManager
• Run canary/blue-green splits and autoscale with KEDA
• Manage LLM traffic with Envoy AI Gateway patterns
• Package the patterns into a reusable traffic-engineer skill

---

Lesson Progression

• L00: Build Your Traffic Engineering Skill
• L01-L03: Ingress fundamentals → Gateway API concepts
• L04-L06: Envoy Gateway setup; routing; rate limiting and resilience
• L07-L08: TLS with CertManager; traffic splitting (canary/blue-green)
• L09-L10: KEDA autoscaling; resilience patterns
• L11: Envoy AI Gateway for LLM traffic
• L12: Capstone—production traffic for the Task API; finalize the skill

Each lesson ends with a reflection to test, find gaps, and improve the skill.

---

Outcome & Method

You finish with production-ready ingress for the Task API: Gateway API + Envoy Gateway, TLS, rate limiting, resilience, canary/blue-green, KEDA autoscaling, and AI Gateway patterns—plus a reusable traffic-engineer skill. The chapter follows the skill-first flow: learn, apply, capstone, finalize.

---

Prerequisites

• Chapters 49-55 (containerized, deployed, observable service)
• Gateway/Helm familiarity for controller installs