From 74abf0fbb30ffef01992b2207bd2990247e4ad9b Mon Sep 17 00:00:00 2001 From: Stefan Reimer Date: Tue, 25 Aug 2020 14:45:56 +0100 Subject: [PATCH 1/2] Make Istio Ingress hosts specific matching the cert --- charts/kubezero-istio/Chart.yaml | 2 +- .../kubezero-istio/templates/ingress-gateway.yaml | 14 +++++++------- charts/kubezero-istio/values.yaml | 5 +++-- 3 files changed, 11 insertions(+), 10 deletions(-) diff --git a/charts/kubezero-istio/Chart.yaml b/charts/kubezero-istio/Chart.yaml index e4ad7c1..e738d6e 100644 --- a/charts/kubezero-istio/Chart.yaml +++ b/charts/kubezero-istio/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: kubezero-istio description: KubeZero Umbrella Chart for Istio type: application -version: 0.2.3 +version: 0.2.4 appVersion: 1.6.7 home: https://kubezero.com icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png diff --git a/charts/kubezero-istio/templates/ingress-gateway.yaml b/charts/kubezero-istio/templates/ingress-gateway.yaml index 63b9de4..9fcfb33 100644 --- a/charts/kubezero-istio/templates/ingress-gateway.yaml +++ b/charts/kubezero-istio/templates/ingress-gateway.yaml @@ -14,7 +14,7 @@ spec: name: http protocol: HTTP2 hosts: - - "*" + {{- toYaml .Values.ingress.dnsNames | nindent 4 }} tls: httpsRedirect: true - port: @@ -22,7 +22,7 @@ spec: name: https protocol: HTTPS hosts: - - "*" + {{- toYaml .Values.ingress.dnsNames | nindent 4 }} tls: mode: SIMPLE privateKey: /etc/istio/ingressgateway-certs/tls.key @@ -47,7 +47,7 @@ spec: name: http protocol: HTTP2 hosts: - - "*" + {{- toYaml .Values.ingress.dnsNames | nindent 4 }} tls: httpsRedirect: true - port: @@ -55,7 +55,7 @@ spec: name: https protocol: HTTPS hosts: - - "*" + {{- toYaml .Values.ingress.dnsNames | nindent 4 }} tls: mode: SIMPLE privateKey: /etc/istio/ingressgateway-certs/tls.key @@ -66,17 +66,17 @@ spec: name: amqp protocol: TCP hosts: - - "*" + {{- toYaml .Values.ingress.dnsNames | nindent 4 }} - port: number: 5671 name: amqps protocol: TCP hosts: - - "*" + {{- toYaml .Values.ingress.dnsNames | nindent 4 }} - port: number: 24224 name: fluentd-forward protocol: TCP hosts: - - "*" + {{- toYaml .Values.ingress.dnsNames | nindent 4 }} {{- end }} diff --git a/charts/kubezero-istio/values.yaml b/charts/kubezero-istio/values.yaml index dc7017a..90633ff 100644 --- a/charts/kubezero-istio/values.yaml +++ b/charts/kubezero-istio/values.yaml @@ -9,8 +9,9 @@ ingress: private: enabled: true nodeSelector: "31080_31443_30671_30672_31224" - #dnsNames: - #- "*.example.com" + dnsNames: + - "*.example.com" + - "fck.me" istio-operator: hub: docker.io/istio -- 2.40.1 From c78e9c04ce263c91d11effcf54055b81c4d37ca2 Mon Sep 17 00:00:00 2001 From: Stefan Reimer Date: Tue, 25 Aug 2020 14:46:22 +0100 Subject: [PATCH 2/2] Fix default value --- charts/kubezero-istio/values.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/charts/kubezero-istio/values.yaml b/charts/kubezero-istio/values.yaml index 90633ff..f679646 100644 --- a/charts/kubezero-istio/values.yaml +++ b/charts/kubezero-istio/values.yaml @@ -10,8 +10,7 @@ ingress: enabled: true nodeSelector: "31080_31443_30671_30672_31224" dnsNames: - - "*.example.com" - - "fck.me" + - "*" istio-operator: hub: docker.io/istio -- 2.40.1