-
Notifications
You must be signed in to change notification settings - Fork 9
Expand file tree
/
Copy pathgw-external.yaml.tpl
More file actions
77 lines (76 loc) · 2.42 KB
/
Copy pathgw-external.yaml.tpl
File metadata and controls
77 lines (76 loc) · 2.42 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
{{- if .Values.gateways.external }}
---
apiVersion: gateway.networking.k8s.io/v1
kind: Gateway
metadata:
name: {{ .Values.gateways.external.name }}
namespace: {{ .Values.gateways.external.namespace }}
annotations:
cert-manager.io/cluster-issuer: {{ .Values.gateways.external.issuer | default "understack-cluster-issuer"}}
labels:
{{- include "envoy-configs.labels" . | nindent 4 }}
spec:
gatewayClassName: {{ .Values.gateways.external.className }}
listeners:
{{- range .Values.routes.http }}
{{- $listenerName := .name | default (index (splitList "." .fqdn) 0) }}
- name: {{ $listenerName }}
port: {{ $.Values.gateways.external.port | default 443 }}
protocol: HTTPS
hostname: {{ .fqdn }}
tls:
mode: Terminate
certificateRefs:
- name: {{ $listenerName }}-tls
allowedRoutes:
namespaces:
{{- if .selector }}
from: Selector
selector:
{{- .selector | toYaml | nindent 12 }}
{{- else }}
from: {{ .from | default "All" }}
{{- end }}
{{- end }}
{{- range .Values.routes.tls }}
{{- $listenerName := .name | default (index (splitList "." .fqdn) 0) }}
- name: {{ $listenerName }}
port: {{ .gatewayPort | default ($.Values.gateways.external.port | default 443) }}
protocol: TLS
hostname: {{ .fqdn | quote }}
tls:
mode: Passthrough
allowedRoutes:
namespaces:
{{- if .selector }}
from: Selector
selector:
{{- .selector | toYaml | nindent 12 }}
{{- else }}
from: {{ .from | default "All" }}
{{- end }}
{{- end }}
{{- if .Values.gateways.external.serviceAnnotations }}
infrastructure:
parametersRef:
group: gateway.envoyproxy.io
kind: EnvoyProxy
name: {{ .Values.gateways.external.name }}-proxy
{{- end }}
{{- if .Values.gateways.external.serviceAnnotations }}
---
apiVersion: gateway.envoyproxy.io/v1alpha1
kind: EnvoyProxy
metadata:
name: {{ .Values.gateways.external.name }}-proxy
namespace: {{ .Values.gateways.external.namespace }}
spec:
provider:
type: Kubernetes
kubernetes:
envoyService:
annotations:
{{- .Values.gateways.external.serviceAnnotations | toYaml | nindent 10 }}
externalTrafficPolicy: {{ .Values.gateways.external.externalTrafficPolicy | default "Cluster" }}
{{- end }}
{{- end }}