k8s/helm/setup/longhorn/istio-ingress.yaml

57 lines
1 KiB
YAML

---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: longhorn-cert
namespace: istio-system
spec:
secretName: longhorn-cert
commonName: longhorn.teapot.masked.name
dnsNames:
- longhorn.teapot.masked.name
issuerRef:
name: vault-issuer
kind: ClusterIssuer
group: cert-manager.io
...
---
apiVersion: networking.istio.io/v1beta1
kind: Gateway
metadata:
name: longhorn-gateway
namespace: longhorn-system
spec:
selector:
istio: ingressgateway-internal
servers:
- port:
number: 443
name: https
protocol: HTTPS
tls:
mode: SIMPLE
credentialName: longhorn-cert
hosts:
- longhorn.teapot.masked.name
...
---
apiVersion: networking.istio.io/v1beta1
kind: VirtualService
metadata:
name: longhorn-gateway
namespace: longhorn-system
spec:
hosts:
- longhorn.teapot.masked.name
gateways:
- longhorn-gateway
http:
- match:
- uri:
prefix: /
route:
- destination:
port:
number: 80
host: longhorn-frontend