disable gateway

This commit is contained in:
2025-03-02 14:22:47 -06:00
parent 6811d37e9d
commit e918d88dd9
3 changed files with 68 additions and 72 deletions

View File

@@ -1,30 +1,30 @@
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: https-route-headlamp
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: https-route-headlamp
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: web
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
parentRefs:
- group: gateway.networking.k8s.io
kind: Gateway
name: https-gateway
namespace: kube-system
hostnames:
- headlamp.alexlebens.net
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- group: ''
kind: Service
name: headlamp
port: 80
weight: 100
# apiVersion: gateway.networking.k8s.io/v1
# kind: HTTPRoute
# metadata:
# name: https-route-headlamp
# namespace: {{ .Release.Namespace }}
# labels:
# app.kubernetes.io/name: https-route-headlamp
# app.kubernetes.io/instance: {{ .Release.Name }}
# app.kubernetes.io/version: {{ .Chart.AppVersion }}
# app.kubernetes.io/component: web
# app.kubernetes.io/part-of: {{ .Release.Name }}
# spec:
# parentRefs:
# - group: gateway.networking.k8s.io
# kind: Gateway
# name: https-gateway
# namespace: kube-system
# hostnames:
# - headlamp.alexlebens.net
# rules:
# - matches:
# - path:
# type: PathPrefix
# value: /
# backendRefs:
# - group: ''
# kind: Service
# name: headlamp
# port: 80
# weight: 100

View File

@@ -1,36 +1,36 @@
apiVersion: gateway.networking.k8s.io/v1
kind: Gateway
metadata:
name: https-gateway
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: https-gateway
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: web
app.kubernetes.io/part-of: {{ .Release.Name }}
annotations:
cert-manager.io/cluster-issuer: letsencrypt-issuer
spec:
addresses:
- type: IPAddress
value: 10.232.1.23
gatewayClassName: cilium
listeners:
- name: https
protocol: HTTPS
port: 443
hostname: "*.alexlebens.net"
allowedRoutes:
namespaces:
from: Selector
selector:
matchLabels:
https-gateway-access: "true"
tls:
mode: Terminate
certificateRefs:
- group: ''
kind: Secret
name: https-gateway-cert
namespace: kube-system
# apiVersion: gateway.networking.k8s.io/v1
# kind: Gateway
# metadata:
# name: https-gateway
# namespace: {{ .Release.Namespace }}
# labels:
# app.kubernetes.io/name: https-gateway
# app.kubernetes.io/instance: {{ .Release.Name }}
# app.kubernetes.io/version: {{ .Chart.AppVersion }}
# app.kubernetes.io/component: web
# app.kubernetes.io/part-of: {{ .Release.Name }}
# annotations:
# cert-manager.io/cluster-issuer: letsencrypt-issuer
# spec:
# addresses:
# - type: IPAddress
# value: 10.232.1.23
# gatewayClassName: cilium
# listeners:
# - name: https
# protocol: HTTPS
# port: 443
# hostname: "*.alexlebens.net"
# allowedRoutes:
# namespaces:
# from: Selector
# selector:
# matchLabels:
# https-gateway-access: "true"
# tls:
# mode: Terminate
# certificateRefs:
# - group: ''
# kind: Secret
# name: https-gateway-cert
# namespace: kube-system

View File

@@ -29,8 +29,6 @@ cilium:
- SYS_RESOURCE
l2announcements:
enabled: true
bgpControlPlane:
enabled: true
enableK8sEndpointSlice: true
ciliumEndpointSlice:
enabled: true
@@ -41,7 +39,7 @@ cilium:
name: cilium-secrets
sync: true
gatewayAPI:
enabled: true
enabled: false
enableAlpn: true
enableAppProtocol: true
secretsNamespace:
@@ -80,7 +78,7 @@ cilium:
enabled: true
ipv6:
enabled: false
kubeProxyReplacement: "true"
kubeProxyReplacement: true
l7Proxy: true
nodePort:
enabled: true
@@ -113,5 +111,3 @@ cilium:
autoMount:
enabled: false
hostRoot: /sys/fs/cgroup
bpf:
masquerade: true