I would like to know the best practice to design gateway to support many projects running in the same service mesh? Should we have only on gateway per project or separate gateway for each microservice for each project?
we decided to have separate g/w per microservice (you can change that to per namespace if that makes sense), this was because multiple teams share same k8 cluster, so they can deploy their own user gateway in their restricted namespace, logging will be separate, management will be with the respective teams instead of central k8 admin team.
also having common user gateway meaning big blast radius, and sharing a common gateway meaning ports exposed on gateway shouldn’t overlap with the teams.
overall, using separate gateway was beneficial in our environment because that gave each team the control over their gateway, yes there will be multiple ELBs created to expose that service which is additional cost but we are okay with that
so you need to decide based on your environment how to design gateways