add traefik

clusters/cl01tl-standby/services/traefik/templates/certificate.yaml

@@ -1,19 +0,0 @@
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
-  name: traefik-certificate
-  namespace: {{ .Release.Namespace }}
-  labels:
-    app.kubernetes.io/name: {{ .Release.Name }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/version: {{ .Chart.AppVersion }}
-    app.kubernetes.io/component: web
-    app.kubernetes.io/part-of: {{ .Release.Name }}
-spec:
-  secretName: traefik-secret-tls
-  dnsNames:
-    - "alexlebens.net"
-    - "*.alexlebens.net"
-  issuerRef:
-    name: letsencrypt-issuer
-    kind: ClusterIssuer

clusters/cl01tl/deployment/argocd/templates/http-route.yaml

@@ -0,0 +1,30 @@
+# apiVersion: gateway.networking.k8s.io/v1
+# kind: HTTPRoute
+# metadata:
+#   name: http-route-argocd
+#   namespace: {{ .Release.Namespace }}
+#   labels:
+#     app.kubernetes.io/name: http-route-argocd
+#     app.kubernetes.io/instance: {{ .Release.Name }}
+#     app.kubernetes.io/version: {{ .Chart.AppVersion }}
+#     app.kubernetes.io/component: web
+#     app.kubernetes.io/part-of: {{ .Release.Name }}
+# spec:
+#   parentRefs:
+#     - group: gateway.networking.k8s.io
+#       kind: Gateway
+#       name: http-gateway
+#       namespace: kube-system
+#   hostnames:
+#     - argocd.alexlebens.net
+#   rules:
+#     - matches:
+#       - path:
+#           type: PathPrefix
+#           value: /
+#       backendRefs:
+#         - group: ''
+#           kind: Service
+#           name: argocd-server
+#           port: 80
+#           weight: 100

clusters/cl01tl/services/traefik/templates/certificate.yaml

@@ -0,0 +1,19 @@
+# apiVersion: cert-manager.io/v1
+# kind: Certificate
+# metadata:
+#   name: traefik-certificate
+#   namespace: {{ .Release.Namespace }}
+#   labels:
+#     app.kubernetes.io/name: {{ .Release.Name }}
+#     app.kubernetes.io/instance: {{ .Release.Name }}
+#     app.kubernetes.io/version: {{ .Chart.AppVersion }}
+#     app.kubernetes.io/component: web
+#     app.kubernetes.io/part-of: {{ .Release.Name }}
+# spec:
+#   secretName: traefik-secret-tls
+#   dnsNames:
+#     - "alexlebens.net"
+#     - "*.alexlebens.net"
+#   issuerRef:
+#     name: letsencrypt-issuer
+#     kind: ClusterIssuer

clusters/cl01tl/services/traefik/values.yaml

@@ -2,8 +2,29 @@ traefik:
   deployment:
     kind: DaemonSet
   ingressClass:
-    enabled: true
+    enabled: false
     isDefaultClass: true
+  experimental:
+  kubernetesGateway:
+    enabled: true
+  gateway:
+    enabled: true
+    listeners:
+      web:
+        port: 8000
+        hostname: "*.alexlebens.net"
+        protocol: HTTP
+        namespacePolicy: All
+      # websecure:
+      #   port: 443
+      #   hostname: "*.alexlebens.net"
+      #   protocol: HTTPS
+      #   namespacePolicy: All
+      #   certificateRefs:
+      #     - kind: Secret
+      #       name: websecure-gateway-cert
+      #       namespace: traefik
+      #   mode: Terminate
   ingressRoute:
     dashboard:
       enabled: true
@@ -14,9 +35,15 @@ traefik:
       allowCrossNamespace: true
       allowEmptyServices: true
     kubernetesIngress:
+      enabled: false
       allowEmptyServices: true
       publishedService:
         enabled: true
+    kubernetesGateway:
+      enabled: true
+      experimentalChannel: true
+      statusAddress:
+        ip: 10.232.1.21
   metrics:
     prometheus:
       service:
@@ -29,6 +56,7 @@ traefik:
   globalArguments: []
   ports:
     web:
+      port: 8000
       expose:
         default: true
       exposedPort: 80
@@ -84,5 +112,3 @@ traefik:
     type: LoadBalancer
     externalIPs:
       - 10.232.1.21
-      - 10.232.1.22
-      - 10.232.1.23