I personally think there should be two reference implementations, the existing one with nginx and the new one with the GCE ingress and with GCP identity aware proxy (IAP).
Because IAP makes it fairly easy to implement a zero-trust access model, some companies in the community require that it has to be used for all self-hosted tools. If this is the case - obviously it's great that Flyte supports it.
But this doesn't mean at all that the nginx deployment path isn't valid anymore - it is certainly a lot simpler.
I personally think there should be two reference implementations, the existing one with nginx and the new one with the GCE ingress and with GCP identity aware proxy (IAP).
Because IAP makes it fairly easy to implement a zero-trust access model, some companies in the community require that it has to be used for all self-hosted tools. If this is the case - obviously it's great that Flyte supports it.
But this doesn't mean at all that the nginx deployment path isn't valid anymore - it is certainly a lot simpler.