KubeZero/charts/kubezero-istio/templates/ingress-gateway.yaml

88 lines
2.1 KiB
YAML

apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: ingressgateway
namespace: istio-system
labels:
{{ include "kubezero-lib.labels" . | indent 4 }}
spec:
selector:
istio: ingressgateway
servers:
- port:
number: 80
name: http
protocol: HTTP2
hosts:
{{- toYaml .Values.ingress.dnsNames | nindent 4 }}
tls:
httpsRedirect: true
- port:
number: 443
name: https
protocol: HTTPS
hosts:
{{- toYaml .Values.ingress.dnsNames | nindent 4 }}
tls:
mode: SIMPLE
privateKey: /etc/istio/ingressgateway-certs/tls.key
serverCertificate: /etc/istio/ingressgateway-certs/tls.crt
credentialName: public-ingress-cert
{{- if .Values.ingress.private.enabled }}
---
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: private-ingressgateway
namespace: istio-system
labels:
{{ include "kubezero-lib.labels" . | indent 4 }}
spec:
selector:
istio: private-ingressgateway
servers:
- port:
number: 80
name: http
protocol: HTTP2
hosts:
{{- toYaml .Values.ingress.dnsNames | nindent 4 }}
tls:
httpsRedirect: true
- port:
number: 443
name: https
protocol: HTTPS
hosts:
{{- toYaml .Values.ingress.dnsNames | nindent 4 }}
tls:
mode: SIMPLE
privateKey: /etc/istio/ingressgateway-certs/tls.key
serverCertificate: /etc/istio/ingressgateway-certs/tls.crt
credentialName: public-ingress-cert
- port:
number: 5672
name: amqp
protocol: TCP
hosts:
{{- toYaml .Values.ingress.dnsNames | nindent 4 }}
- port:
number: 5671
name: amqps
protocol: TCP
hosts:
{{- toYaml .Values.ingress.dnsNames | nindent 4 }}
- port:
number: 24224
name: fluentd-forward
protocol: TLS
hosts:
{{- toYaml .Values.ingress.dnsNames | nindent 4 }}
tls:
mode: SIMPLE
privateKey: /etc/istio/ingressgateway-certs/tls.key
serverCertificate: /etc/istio/ingressgateway-certs/tls.crt
credentialName: public-ingress-cert
{{- end }}