From the initial launch of Gloo in 2018, Solo has partnered with our customers and the community to set the standard for cloud-native gateway implementations on Kubernetes. Continuing to build in the open with the community was a key factor in our decision to adopt Kubernetes Gateway API and contribute Gloo to the CNCF as kgateway to bring an open governance foundation to the project. The next step in that journey was integrating kgateway into Gloo Gateway to deliver the latest in open source innovation around cloud-native API gateways to our customers.
Today we are excited to announce the availability of Gloo Gateway 2.0! This release fully integrates Gateway API and kgateway as the foundational components of our gateway offering, combined with the enterprise extensions and capabilities that make Gloo Gateway the leading cloud-native API Gateway in the market. Let’s take a quick look at some of the most exciting aspects of this 2.0 release.
Getting the Most Out of Gateway API
Gloo Gateway 2.0 delivers a comprehensive implementation of the latest Kubernetes Gateway API release 1.4, extended with many capabilities developed through real-world enterprise experience powering tier zero application infrastructure. These extensions empower platform and application teams to operate independently, securely, and at scale. Examples include:
Route Delegation: a common feature used in Gloo Gateway today is the concept of “route delegation”, i.e. the ability to split routing logic ownership and responsibility across different teams. We’ve brought this feature to the Gateway API by providing support for HTTPRoutes to reference other (child) HTTPRoutes. This model aligns cleanly with how large organizations delegate ownership and governance across business units.
Global Policy Attachment: Gloo Gateway introduces cross-namespace policy attachment, allowing global security, compliance, and observability policies to be defined centrally and applied across all resources in your cluster.
Label Selector Policy Attachment: Apart from explicitly referencing policy targets, Gloo allows for the attachment of policies to targets based on labels. This allows for efficient policy configuration and attachment in environments where policies need to target hundreds or even thousands of routes.
Multi-tenancy: Multiple Gloo control planes can be deployed on the same Kubernetes cluster, each control plane targeting a subset of namespaces. This allows our customers to deploy isolated, multi-tenant environments that can be individually owned and operated.
Isolated Gateway deployments: A feature often requested by our customers was to allow isolated dataplane deployments, where each gateway would have its own set of peripheral services (e.g. ExtAuth server, RateLimit server, etc.). Gloo Gateway v2 has first class support for these types of deployments, making it the ideal platform to implement cell-based gateway deployments.
Gateway API Extensions: Enterprise Power, Open Standards
Gloo Gateway 2.0 supports the vast array of advanced enterprise features that over the years have been developed in collaboration with our customers to support high performant workloads at scale. Features like authentication and authorization (ExtAuth) with JWT, OAuth/OIDC and OPA support, global rate limiting, and transformations are some of the core capabilities of the platform implemented as extensions to Kubernetes Gateway API.
The Gloo Gateway 2.0 release brings native integration with Istio and Ambient Mesh to support omni-directional traffic control for ingress, east-west, and egress traffic patterns, all using Gateway API as the consistent abstraction regardless of direction. When used as a multi-cluster ingress router with Ambient, Gloo Gateway enables advanced multi-cluster routing and service-level failover for fine-grained resiliency in failure scenarios.
With its native support for OpenTelemetry, Gloo Gateway 2.0 can integrate with any OTEL compliant platform to expose metrics of both the control plane and data plane components, push gateway access logs, and publish request and response tracing information. This creates a standards-based pipeline and open ecosystem to support enterprise observability requirements for incident response and troubleshooting, security and compliance auditing, usage analytics, and performance and capacity analysis. When combined with the Gloo Management UI, customers have a single pane of glass to monitor omni-directional traffic across Gloo Gateway and Gloo Mesh.
Expanding from Cloud-Native to AI-Native
A major new feature in the 2.0 release is the ability for Gloo Gateway to integrate with both Envoy Proxy and agentgateway to select the optimal data plane based on traffic type. From a single control plane installation and API based on Gateway API, Gloo Gateway will automatically delegate API traffic to the appropriate data plane:
- Envoy : the leading cloud-native L7 proxy for API traffic that handles traditional ingress, east-west, and egress traffic
- Agentgateway : a Rust-based data plane design from the ground up to cover the full range of AI connectivity including LLM consumption, inference routing, and agentic protocols such as MCP and A2A.
More information about product support for agentgateway as a data plane can be found in our announcement for Solo Enterprise for agentgateway.
How to Get Started
Gloo Gateway 2.0 represents the culmination of years of investment in open standards and customer-driven innovation. Whether you’re modernizing your existing gateways, preparing for ambient mesh adoption, or looking ahead to AI-native connectivity, this release provides a powerful, flexible foundation to build on. We’re excited to partner with you on this journey.
If you’d like to discuss migration planning, reach out to your Solo.io Customer Success Manager - we’re here to help.
%20a%20Bad%20Idea.png)
%20For%20More%20Dependable%20Humans.png)
