disable gateway

clusters/cl01tl/management/headlamp/templates/http-route.yaml

@@ -1,30 +1,30 @@
-apiVersion: gateway.networking.k8s.io/v1
-kind: HTTPRoute
-metadata:
-  name: https-route-headlamp
-  namespace: {{ .Release.Namespace }}
-  labels:
-    app.kubernetes.io/name: https-route-headlamp
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/version: {{ .Chart.AppVersion }}
-    app.kubernetes.io/component: web
-    app.kubernetes.io/part-of: {{ .Release.Name }}
-spec:
-  parentRefs:
-    - group: gateway.networking.k8s.io
-      kind: Gateway
-      name: https-gateway
-      namespace: kube-system
-  hostnames:
-    - headlamp.alexlebens.net
-  rules:
-    - matches:
-      - path:
-          type: PathPrefix
-          value: /
-      backendRefs:
-        - group: ''
-          kind: Service
-          name: headlamp
-          port: 80
-          weight: 100
+# apiVersion: gateway.networking.k8s.io/v1
+# kind: HTTPRoute
+# metadata:
+#   name: https-route-headlamp
+#   namespace: {{ .Release.Namespace }}
+#   labels:
+#     app.kubernetes.io/name: https-route-headlamp
+#     app.kubernetes.io/instance: {{ .Release.Name }}
+#     app.kubernetes.io/version: {{ .Chart.AppVersion }}
+#     app.kubernetes.io/component: web
+#     app.kubernetes.io/part-of: {{ .Release.Name }}
+# spec:
+#   parentRefs:
+#     - group: gateway.networking.k8s.io
+#       kind: Gateway
+#       name: https-gateway
+#       namespace: kube-system
+#   hostnames:
+#     - headlamp.alexlebens.net
+#   rules:
+#     - matches:
+#       - path:
+#           type: PathPrefix
+#           value: /
+#       backendRefs:
+#         - group: ''
+#           kind: Service
+#           name: headlamp
+#           port: 80
+#           weight: 100

clusters/cl01tl/standalone/cilium/templates/gateway.yaml

@@ -1,36 +1,36 @@
-apiVersion: gateway.networking.k8s.io/v1
-kind: Gateway
-metadata:
-  name: https-gateway
-  namespace: {{ .Release.Namespace }}
-  labels:
-    app.kubernetes.io/name: https-gateway
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/version: {{ .Chart.AppVersion }}
-    app.kubernetes.io/component: web
-    app.kubernetes.io/part-of: {{ .Release.Name }}
-  annotations:
-    cert-manager.io/cluster-issuer: letsencrypt-issuer
-spec:
-  addresses:
-    - type: IPAddress
-      value: 10.232.1.23
-  gatewayClassName: cilium
-  listeners:
-    - name: https
-      protocol: HTTPS
-      port: 443
-      hostname: "*.alexlebens.net"
-      allowedRoutes:
-        namespaces:
-          from: Selector
-          selector:
-            matchLabels:
-              https-gateway-access: "true"
-      tls:
-        mode: Terminate
-        certificateRefs:
-          - group: ''
-            kind: Secret
-            name: https-gateway-cert
-            namespace: kube-system
+# apiVersion: gateway.networking.k8s.io/v1
+# kind: Gateway
+# metadata:
+#   name: https-gateway
+#   namespace: {{ .Release.Namespace }}
+#   labels:
+#     app.kubernetes.io/name: https-gateway
+#     app.kubernetes.io/instance: {{ .Release.Name }}
+#     app.kubernetes.io/version: {{ .Chart.AppVersion }}
+#     app.kubernetes.io/component: web
+#     app.kubernetes.io/part-of: {{ .Release.Name }}
+#   annotations:
+#     cert-manager.io/cluster-issuer: letsencrypt-issuer
+# spec:
+#   addresses:
+#     - type: IPAddress
+#       value: 10.232.1.23
+#   gatewayClassName: cilium
+#   listeners:
+#     - name: https
+#       protocol: HTTPS
+#       port: 443
+#       hostname: "*.alexlebens.net"
+#       allowedRoutes:
+#         namespaces:
+#           from: Selector
+#           selector:
+#             matchLabels:
+#               https-gateway-access: "true"
+#       tls:
+#         mode: Terminate
+#         certificateRefs:
+#           - group: ''
+#             kind: Secret
+#             name: https-gateway-cert
+#             namespace: kube-system

clusters/cl01tl/standalone/cilium/values.yaml

@@ -29,8 +29,6 @@ cilium:
         - SYS_RESOURCE
   l2announcements:
     enabled: true
-  bgpControlPlane:
-    enabled: true
   enableK8sEndpointSlice: true
   ciliumEndpointSlice:
     enabled: true
@@ -41,7 +39,7 @@ cilium:
       name: cilium-secrets
       sync: true
   gatewayAPI:
-    enabled: true
+    enabled: false
     enableAlpn: true
     enableAppProtocol: true
     secretsNamespace:
@@ -80,7 +78,7 @@ cilium:
     enabled: true
   ipv6:
     enabled: false
-  kubeProxyReplacement: "true"
+  kubeProxyReplacement: true
   l7Proxy: true
   nodePort:
     enabled: true
@@ -113,5 +111,3 @@ cilium:
     autoMount:
       enabled: false
     hostRoot: /sys/fs/cgroup
-  bpf:
-    masquerade: true