installer/charts/service-gateway/templates/gateway/gwclass.yaml at 2fe7f94fa64fe3ba45b283d370d37875faaaff54 · appscode-cloud/installer · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
{{- $gwConfig := dict
  "service" .Values.envoy.service
  "vaultServer" .Values.vaultServer
  "frontendTLSSecretRef" (dict "name" (printf "%s-gw-cert" (include "tenant.name" .)) "namespace" .Release.Namespace)
}}
apiVersion: gateway.networking.k8s.io/v1beta1
kind: GatewayClass
metadata:
  name: {{ include "tenant.name" . }}
  annotations:
    {{- dict "catalog.appscode.com/gateway-config" (toYaml $gwConfig) | toYaml | nindent 4 }}
    {{- with .Values.gatewayClass.annotations }}
      {{- toYaml . | nindent 4 }}
    {{- end }}
spec:
  controllerName: {{ .Values.gateway.config.envoyGateway.gateway.controllerName }}
  {{- with .Values.gatewayClass.description }}
  description: {{ . | quote }}
  {{- end }}
  parametersRef:
    group: gateway.envoyproxy.io
    kind: EnvoyProxy
    name: {{ include "tenant.name" . }}
    namespace: {{ .Release.Namespace }}
---
apiVersion: gateway.envoyproxy.io/v1alpha1
kind: EnvoyProxy
metadata:
  name: {{ include "tenant.name" . }}
  namespace: {{ .Release.Namespace }}
spec:
  mergeGateways: true
  provider:
    type: Kubernetes
    kubernetes:
      {{- if eq .Values.envoy.provisionerType "Deployment" }}
      envoyDeployment:
      {{- else }}
      envoyDaemonSet:
      {{- end }}
        container:
          image: "{{ .Values.envoy.image }}:{{ .Values.envoy.tag }}"
          {{- if eq "true" ( include "distro.openshift" . ) }}
          securityContext:
            {{- toYaml (omit .Values.envoy.securityContext "runAsUser" "runAsGroup" "fsGroup" "supplementalGroups") | nindent 12 }}
          {{- else }}
          securityContext:
            {{- toYaml .Values.envoy.securityContext | nindent 12 }}
          {{- end }}
        {{- if .Values.envoy.nodeSelector }}
        pod:
          nodeSelector:
            {{- toYaml .Values.envoy.nodeSelector | nindent 12 }}
        {{- end }}
        patch:
          value:
            spec:
              template:
                spec:
                  containers:
                  - name: shutdown-manager
                    {{- if eq "true" ( include "distro.openshift" . ) }}
                    securityContext:
                      {{- toYaml (omit .Values.envoy.securityContext "runAsUser" "runAsGroup" "fsGroup" "supplementalGroups") | nindent 22 }}
                    {{- else }}
                    securityContext:
                      {{- toYaml .Values.envoy.securityContext | nindent 22 }}
                    {{- end }}

      envoyService:
        {{- if eq .Values.infra.hostType "domain" }}
        annotations:
          external-dns.alpha.kubernetes.io/hostname: {{ include "gateway.domain" . }}
        {{- end }}
        externalTrafficPolicy: {{ .Values.envoy.service.externalTrafficPolicy }}
        {{- if .Values.envoy.service.externalIPs }}
        patch:
          value:
            spec:
              externalIPs: {{- toYaml .Values.envoy.service.externalIPs | nindent 14 }}
        {{- end }}
        type: {{ .Values.envoy.service.type }}