When we added Gateway API support to the Cilium Operator, we did it with the controller-runtime library - which works really well for related systems of resources like Gateway API.

However, that left us with two methods of watching Kubernetes objects that both end up in the same data model - Gateway API's controller-runtime, and Ingress' more traditional Informers. On top of which, the Hive model now has shared Informers available.

After talking it over with some other Service Mesh folks, we're proposing that we move the Ingress code to controller-runtime and its associated Reconcile pattern.

We believe that it should help with avoiding issues like:

• The concerns in Ingress Controller Scalability Optimizations #28699
• Ingress Controller: CiliumEnvoyConfig deleted in shared load balancer mode after deleting Cilium's IngressClass #28691
• Bug: Cilium does not clean up config on ingressClass change #23781
• cilium-operator delete CEC cilium-ingress when other ingressclass resources are created #28289
• and so on

Basically, the controller-runtime patterns are designed to make it easier to ensure that owned resources are cleaned up properly, and that changes in relevant resources lead to a reconciliation. For Ingress at the moment, we have to hand-roll all of that logic, which has lots of sharp edges that are easy to miss.