apiVersion: networking.istio.io/v1alpha3 kind: Gateway metadata: name: ingressgateway namespace: istio-system labels: {{ include "kubezero-lib.labels" . | indent 4 }} spec: selector: istio: ingressgateway servers: - port: number: 80 name: http protocol: HTTP2 hosts: {{- toYaml .Values.ingress.dnsNames | nindent 4 }} tls: httpsRedirect: true - port: number: 443 name: https protocol: HTTPS hosts: {{- toYaml .Values.ingress.dnsNames | nindent 4 }} tls: mode: SIMPLE privateKey: /etc/istio/ingressgateway-certs/tls.key serverCertificate: /etc/istio/ingressgateway-certs/tls.crt credentialName: public-ingress-cert {{- if .Values.ingress.private.enabled }} --- apiVersion: networking.istio.io/v1alpha3 kind: Gateway metadata: name: private-ingressgateway namespace: istio-system labels: {{ include "kubezero-lib.labels" . | indent 4 }} spec: selector: istio: private-ingressgateway servers: - port: number: 80 name: http protocol: HTTP2 hosts: {{- toYaml .Values.ingress.dnsNames | nindent 4 }} tls: httpsRedirect: true - port: number: 443 name: https protocol: HTTPS hosts: {{- toYaml .Values.ingress.dnsNames | nindent 4 }} tls: mode: SIMPLE privateKey: /etc/istio/ingressgateway-certs/tls.key serverCertificate: /etc/istio/ingressgateway-certs/tls.crt credentialName: public-ingress-cert - port: number: 5672 name: amqp protocol: TCP hosts: {{- toYaml .Values.ingress.dnsNames | nindent 4 }} - port: number: 5671 name: amqps protocol: TCP hosts: {{- toYaml .Values.ingress.dnsNames | nindent 4 }} - port: number: 24224 name: fluentd-forward protocol: TLS hosts: {{- toYaml .Values.ingress.dnsNames | nindent 4 }} tls: mode: SIMPLE privateKey: /etc/istio/ingressgateway-certs/tls.key serverCertificate: /etc/istio/ingressgateway-certs/tls.crt credentialName: public-ingress-cert {{- end }}