k8s/argo/istio-ingress/templates/istio-ingress.yaml

81 lines
1.6 KiB
YAML
Raw Normal View History

2023-07-08 18:58:17 +00:00
{{ if .Values.istio }}
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
2023-07-08 20:39:28 +00:00
name: {{ .Values.name }}-cert
2023-07-08 18:58:17 +00:00
namespace: istio-system
spec:
2023-07-08 20:39:28 +00:00
secretName: {{ .Values.name }}-cert
2023-07-08 18:58:17 +00:00
commonName: {{ .Values.istio.commonName }}
dnsNames:
- {{ .Values.istio.commonName }}
2023-07-08 19:11:47 +00:00
{{- range .Values.istio.sans }}
2023-07-08 18:58:17 +00:00
- {{ . }}
{{- end }}
issuerRef:
name: {{ .Values.istio.issuer }}
kind: ClusterIssuer
group: cert-manager.io
...
---
apiVersion: networking.istio.io/v1beta1
kind: Gateway
metadata:
2023-07-08 20:39:28 +00:00
name: {{ .Values.name }}-gateway
namespace: {{ .Values.namespace }}
2023-07-08 18:58:17 +00:00
spec:
selector:
istio: {{ .Values.istio.ingressSelector }}
servers:
- port:
number: 443
name: https
protocol: HTTPS
tls:
mode: SIMPLE
2023-07-08 20:39:28 +00:00
credentialName: {{ .Values.name }}-cert
2023-07-08 18:58:17 +00:00
hosts:
- {{ .Values.istio.commonName }}
2023-07-09 01:41:01 +00:00
{{- range .Values.istio.sans }}
- {{ . }}
{{- end }}
- port:
number: 80
2023-07-10 21:04:45 +00:00
name: http
protocol: HTTP
tls:
httpsRedirect: true
hosts:
- {{ .Values.istio.commonName }}
{{- range .Values.istio.sans }}
- {{ . }}
2023-07-09 01:41:01 +00:00
{{- end }}
2023-07-08 18:58:17 +00:00
...
---
apiVersion: networking.istio.io/v1beta1
kind: VirtualService
metadata:
2023-07-09 01:41:47 +00:00
name: {{ .Values.name }}
2023-07-08 20:39:28 +00:00
namespace: {{ .Values.namespace }}
2023-07-08 18:58:17 +00:00
spec:
hosts:
- {{ .Values.istio.commonName }}
gateways:
2023-07-08 20:39:28 +00:00
- {{ .Values.name }}-gateway
2023-07-08 18:58:17 +00:00
http:
- match:
- uri:
prefix: /
route:
- destination:
port:
number: {{ .Values.istio.port }}
2023-07-08 20:12:13 +00:00
host: {{ .Values.istio.backendHost }}
2023-07-12 16:52:12 +00:00
headers:
response:
set:
Strict-Transport-Security: max-age=31536000; includeSubDomains
2023-07-08 18:58:17 +00:00
...
{{ end }}