Addressing feedback

Author: shraddhabang

docs/guide/gateway/customization.md

@@ -27,6 +27,9 @@ This configuration can then be applied by attaching the `LoadBalancerConfigurati
 **Attaching to a Gateway:**
 When attached directly to a `Gateway` resource, the specified configuration applies specifically to the Load Balancer provisioned for that individual Gateway.
 
+!!! note
+ Make sure that the `LoadBalancerConfiguration` must be in same namepace as the `Gateway`.
+
 ```yaml
 apiVersion: gateway.networking.k8s.io/v1
 kind: Gateway
@@ -63,7 +66,7 @@ spec:
 
 #### Conflict Resolution for `LoadBalancerConfiguration`
 
-It is possible for a `LoadBalancerConfiguration` to be attached to both a `Gateway` and its associated `GatewayClass`. In such scenarios, when identical fields are specified in both configurations, the LBC employs a merging algorithm to resolve conflicts. The precedence of values is determined by the `mergingMode` field, which is exclusively read from the `GatewayClass`'s `LoadBalancerConfiguration`. If `mergingMode` is not explicitly set, the `GatewayClass` configuration implicitly takes higher precedence.
+It is possible for a `LoadBalancerConfiguration` to be attached to both a `Gateway` and its associated `GatewayClass`. In such scenarios, when identical fields are specified in both configurations, the LBC employs a merging algorithm to resolve conflicts. The precedence of values is determined by the `mergingMode` field, which is exclusively read from the `GatewayClass`'s `LoadBalancerConfiguration`. If `mergingMode` is not explicitly set, the `GatewayClass` configuration implicitly takes higher precedence. For more info on `mergingMode`, refer this [doc](../loadbalancerconfig/#mergingmode)
 
 The following fields exhibit specific merge behaviors:
 

docs/guide/gateway/gateway.md

@@ -17,8 +17,8 @@ Mixing protocol layers, e.g. TCPRoute and HTTPRoute on the same Gateway, is not
 
 The LBC Gateway API implementation supports the following Gateway API routes:
 
-* L4 (NLBGatewayApi): UDPRoute, TCPRoute, TLSRoute >=v2.13.3
-* L7 (ALBGatewayApi): HTTPRoute
+* L4 (NLBGatewayAPI): UDPRoute, TCPRoute, TLSRoute >=v2.13.3
+* L7 (ALBGatewayAPI): HTTPRoute (Still work in progress, support matching and filtering is not added yet!)
 
 ## Prerequisites
 * LBC >= v2.13.0

docs/guide/gateway/l4gateway.md

@@ -13,14 +13,14 @@ The LBC instances dedicated to L4 routing monitor the following Gateway API reso
 * **`TLSRoute`**: Defines TLS-specific routing rules, enabling secure Layer 4 communication. These routes are satisfied by an **AWS NLB**.
 * **`TCPRoute`**: Defines TCP-specific routing rules, facilitating direct TCP traffic management. These routes are satisfied by an **AWS NLB**.
 * **`UDPRoute`**: Defines UDP-specific routing rules, facilitating UDP traffic management. These routes are satisfied by an **AWS NLB**.
-* **`LoadBalancerConfiguration` (CRD)**: A Custom Resource Definition utilized for fine-grained customization of the provisioned NLB. This CRD can be attached to a `Gateway` or its `GatewayClass`. For more info, please refer [How customization works](../customization)
-* **`TargetGroupConfiguration` (CRD)**: A Custom Resource Definition used for service-specific customizations of AWS Target Groups. This CRD is associated with a Kubernetes `Service`. For more info, please refer [How customization works](../customization)
+* **`LoadBalancerConfiguration` (LBC CRD)**: A Custom Resource Definition utilized for fine-grained customization of the provisioned NLB. This CRD can be attached to a `Gateway` or its `GatewayClass`. For more info, please refer [How customization works](../customization)
+* **`TargetGroupConfiguration` (LBC CRD)**: A Custom Resource Definition used for service-specific customizations of AWS Target Groups. This CRD is associated with a Kubernetes `Service`. For more info, please refer [How customization works](../customization)
 
 ### The Reconciliation Loop
 
 The LBC operates on a continuous **reconciliation loop** within your cluster to maintain the desired state of AWS Load Balancer resources:
 
-1. **Event Watching:** The L4-specific controller instance constantly monitors the Kubernetes API for changes to `GatewayClass`, `Gateway`, `TCPRoute`, `UDPRoute`, `TLSRoute`, `Services`, `LoadBalancerConfiguration`, and `TargetGroupConfiguration` resources relevant to NLB provisioning.
+1. **Event Watching:** The L4-specific controller instance constantly monitors the Kubernetes API for changes to the resources mentioned above to NLB provisioning.
 2. **Queueing:** Upon detecting any modification, creation, or deletion of these resources, the respective object is added to an internal processing queue.
 3. **Processing:**
  * The controller retrieves the resource from the queue.
@@ -89,13 +89,13 @@ The LBC implementation of the Gateway API for L4 routes, which provisions NLB, i
 
 #### Single Route Per L4 Gateway Listener:
 
-**Limitation**: Each L4 Gateway Listener (configured via a Gateway resource for TCP, UDP, or TLS protocols) is designed to handle traffic for precisely one L4 Route resource (TCPRoute, UDPRoute, or TLSRoute). The controller does not support scenarios where multiple Route resources attempt to attach to the same L4 Gateway Listener.
+**Limitation**: Each L4 Gateway Listener (configured via a Gateway resource for TCP, UDP, or TLS protocols) is designed to handle traffic for precisely one L4 Route resource (TCPRoute, UDPRoute, or TLSRoute). The controller does not support scenarios where multiple Route resources attempt to attach to the same L4 Gateway Listener and will throw a validation error during reconcile.
 
 **Reasoning**: This constraint simplifies L4 listener rule management on NLBs, which primarily offer a default action for a given port/protocol.
 
 #### Single Backend Reference Per L4 Route:
 
-**Limitation**: Each L4 Route resource (TCPRoute, UDPRoute, or TLSRoute) must specify exactly one backend reference (backendRef). The controller explicitly disallows routes with zero or more than one backendRef.
+**Limitation**: Each L4 Route resource (TCPRoute, UDPRoute, or TLSRoute) must specify exactly one backend reference (backendRef). The controller explicitly disallows routes with zero or more than one backendRef throwing a validation error during reconcile
 
 **Reasoning**: Unlike ALBs which support weighted target groups for traffic splitting across multiple backends, NLBs primarily forward traffic to a single target group for a given listener's default action. This aligns the LBC's L4 route translation with NLB's inherent capabilities, where weighted target groups are not a native feature for directly splitting traffic across multiple services on a single listener.
 

go.mod

@@ -42,7 +42,7 @@ require (
 k8s.io/client-go v0.33.1
 k8s.io/klog/v2 v2.130.1
 k8s.io/utils v0.0.0-20250604170112-4c0f3b243397
-sigs.k8s.io/controller-runtime v0.19.3
+sigs.k8s.io/controller-runtime v0.21.0
 sigs.k8s.io/gateway-api v1.2.0
 sigs.k8s.io/yaml v1.4.0
 )
@@ -85,11 +85,12 @@ require (
 github.com/docker/go-connections v0.5.0 // indirect
 github.com/docker/go-metrics v0.0.1 // indirect
 github.com/emicklei/go-restful/v3 v3.12.0 // indirect
-github.com/evanphx/json-patch/v5 v5.9.0 // indirect
+github.com/evanphx/json-patch/v5 v5.9.11 // indirect
 github.com/exponent-io/jsonpath v0.0.0-20210407135951-1de76d718b3f // indirect
 github.com/fatih/color v1.18.0 // indirect
 github.com/fatih/structs v1.1.0 // indirect
 github.com/felixge/httpsnoop v1.0.4 // indirect
+github.com/fsnotify/fsnotify v1.7.0 // indirect
 github.com/fxamacker/cbor/v2 v2.8.0 // indirect
 github.com/go-errors/errors v1.4.2 // indirect
 github.com/go-gorp/gorp/v3 v3.1.0 // indirect

go.sum

@@ -149,6 +149,8 @@ github.com/evanphx/json-patch v5.9.0+incompatible h1:fBXyNpNMuTTDdquAq/uisOr2lSh
 github.com/evanphx/json-patch v5.9.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk=
 github.com/evanphx/json-patch/v5 v5.9.0 h1:kcBlZQbplgElYIlo/n1hJbls2z/1awpXxpRi0/FOJfg=
 github.com/evanphx/json-patch/v5 v5.9.0/go.mod h1:VNkHZ/282BpEyt/tObQO8s5CMPmYYq14uClGH4abBuQ=
+github.com/evanphx/json-patch/v5 v5.9.11 h1:/8HVnzMq13/3x9TPvjG08wUGqBTmZBsCWzjTM0wiaDU=
+github.com/evanphx/json-patch/v5 v5.9.11/go.mod h1:3j+LviiESTElxA4p3EMKAB9HXj3/XEtnUf6OZxqIQTM=
 github.com/exponent-io/jsonpath v0.0.0-20210407135951-1de76d718b3f h1:Wl78ApPPB2Wvf/TIe2xdyJxTlb6obmF18d8QdkxNDu4=
 github.com/exponent-io/jsonpath v0.0.0-20210407135951-1de76d718b3f/go.mod h1:OSYXu++VVOHnXeitef/D8n/6y4QV8uLHSFXX4NeXMGc=
 github.com/fasthttp/websocket v1.4.3-rc.6 h1:omHqsl8j+KXpmzRjF8bmzOSYJ8GnS0E3efi1wYT+niY=
@@ -655,6 +657,8 @@ oras.land/oras-go v1.2.5 h1:XpYuAwAb0DfQsunIyMfeET92emK8km3W4yEzZvUbsTo=
 oras.land/oras-go v1.2.5/go.mod h1:PuAwRShRZCsZb7g8Ar3jKKQR/2A/qN+pkYxIOd/FAoo=
 sigs.k8s.io/controller-runtime v0.19.3 h1:XO2GvC9OPftRst6xWCpTgBZO04S2cbp0Qqkj8bX1sPw=
 sigs.k8s.io/controller-runtime v0.19.3/go.mod h1:j4j87DqtsThvwTv5/Tc5NFRyyF/RF0ip4+62tbTSIUM=
+sigs.k8s.io/controller-runtime v0.21.0 h1:CYfjpEuicjUecRk+KAeyYh+ouUBn4llGyDYytIGcJS8=
+sigs.k8s.io/controller-runtime v0.21.0/go.mod h1:OSg14+F65eWqIu4DceX7k/+QRAbTTvxeQSNSOQpukWM=
 sigs.k8s.io/gateway-api v1.2.0 h1:LrToiFwtqKTKZcZtoQPTuo3FxhrrhTgzQG0Te+YGSo8=
 sigs.k8s.io/gateway-api v1.2.0/go.mod h1:EpNfEXNjiYfUJypf0eZ0P5iXA9ekSGWaS1WgPaM42X0=
 sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 h1:gBQPwqORJ8d8/YNZWEjoZs7npUVDpVXUUOFfW6CgAqE=