mirror of
https://github.com/auricom/home-cluster.git
synced 2025-09-17 18:24:14 +02:00
fixup! feat: envoy-gateway
This commit is contained in:
auricom
@@ -19,6 +19,10 @@ endpointRoutes:
|
||||
enabled: true
|
||||
envoy:
|
||||
enabled: false
|
||||
gatewayAPI:
|
||||
enabled: true
|
||||
enableAlpn: true
|
||||
xffNumTrustedHops: 1
|
||||
hubble:
|
||||
enabled: false
|
||||
ipam:
|
||||
|
||||
@@ -33,4 +33,4 @@ spec:
|
||||
retries: 3
|
||||
valuesFrom:
|
||||
- kind: ConfigMap
|
||||
name: kubelet-csr-approver-helm-values
|
||||
name: kubelet-csr-approver-values
|
||||
|
||||
@@ -3,13 +3,13 @@
|
||||
apiVersion: source.toolkit.fluxcd.io/v1
|
||||
kind: OCIRepository
|
||||
metadata:
|
||||
name: envoy-gateway-operator
|
||||
name: envoy-gateway-crds
|
||||
spec:
|
||||
interval: 30m
|
||||
timeout: 60s
|
||||
url: oci://docker.io/envoyproxy/gateway-helm
|
||||
ref:
|
||||
tag: 1.4.0
|
||||
tag: v1.4.1
|
||||
layerSelector:
|
||||
mediaType: application/vnd.cncf.helm.chart.content.v1.tar+gzip
|
||||
operation: copy
|
||||
@@ -18,13 +18,13 @@ spec:
|
||||
apiVersion: helm.toolkit.fluxcd.io/v2
|
||||
kind: HelmRelease
|
||||
metadata:
|
||||
name: envoy-gateway-operator
|
||||
name: envoy-gateway-crds
|
||||
spec:
|
||||
interval: 1h
|
||||
timeout: 5m
|
||||
chartRef:
|
||||
kind: OCIRepository
|
||||
name: envoy-gateway-operator
|
||||
name: envoy-gateway-crds
|
||||
install:
|
||||
crds: CreateReplace
|
||||
remediation:
|
||||
@@ -34,8 +34,3 @@ spec:
|
||||
crds: CreateReplace
|
||||
remediation:
|
||||
retries: 5
|
||||
values:
|
||||
config:
|
||||
envoyGateway:
|
||||
gateway:
|
||||
controllerName: gateway.envoyproxy.io/gatewayclass-controller
|
||||
@@ -0,0 +1,6 @@
|
||||
---
|
||||
# yaml-language-server: $schema=https://raw.githubusercontent.com/SchemaStore/schemastore/master/src/schemas/json/kustomization.json
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- ./helmrelease.yaml
|
||||
@@ -5,7 +5,7 @@ kind: Gateway
|
||||
metadata:
|
||||
name: external
|
||||
# annotations:
|
||||
# external-dns.alpha.kubernetes.io/target: external.${SECRET_CLUSTER_DOMAIN}
|
||||
# external-dns.alpha.kubernetes.io/target: external.${SECRET_EXTERNAL_DOMAIN}
|
||||
spec:
|
||||
gatewayClassName: envoy-gateway
|
||||
addresses:
|
||||
@@ -13,19 +13,19 @@ spec:
|
||||
value: "${CLUSTER_LB_ENVOY_EXTERNAL}"
|
||||
# infrastructure:
|
||||
# annotations:
|
||||
# external-dns.alpha.kubernetes.io/hostname: external.${SECRET_CLUSTER_DOMAIN}
|
||||
# external-dns.alpha.kubernetes.io/hostname: external.${SECRET_EXTERNAL_DOMAIN}
|
||||
listeners:
|
||||
- name: http
|
||||
protocol: HTTP
|
||||
port: 80
|
||||
hostname: "*.${SECRET_CLUSTER_DOMAIN}"
|
||||
hostname: "*.${SECRET_EXTERNAL_DOMAIN}"
|
||||
allowedRoutes:
|
||||
namespaces:
|
||||
from: Same
|
||||
- name: https
|
||||
protocol: HTTPS
|
||||
port: 443
|
||||
hostname: "*.${SECRET_CLUSTER_DOMAIN}"
|
||||
hostname: "*.${SECRET_EXTERNAL_DOMAIN}"
|
||||
allowedRoutes:
|
||||
namespaces:
|
||||
from: All
|
||||
|
||||
@@ -2,7 +2,6 @@
|
||||
# yaml-language-server: $schema=https://raw.githubusercontent.com/SchemaStore/schemastore/master/src/schemas/json/kustomization.json
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
namespace: networking-system
|
||||
resources:
|
||||
- ./gateway.yaml
|
||||
- ./redirect.yaml
|
||||
|
||||
@@ -5,7 +5,7 @@ kind: Gateway
|
||||
metadata:
|
||||
name: internal
|
||||
# annotations:
|
||||
# external-dns.alpha.kubernetes.io/target: internal.${SECRET_CLUSTER_DOMAIN}
|
||||
# external-dns.alpha.kubernetes.io/target: internal.${SECRET_EXTERNAL_DOMAIN}
|
||||
spec:
|
||||
gatewayClassName: envoy-gateway
|
||||
addresses:
|
||||
@@ -13,19 +13,19 @@ spec:
|
||||
value: "${CLUSTER_LB_ENVOY_INTERNAL}"
|
||||
# infrastructure:
|
||||
# annotations:
|
||||
# external-dns.alpha.kubernetes.io/hostname: internal.${SECRET_CLUSTER_DOMAIN}
|
||||
# external-dns.alpha.kubernetes.io/hostname: internal.${SECRET_EXTERNAL_DOMAIN}
|
||||
listeners:
|
||||
- name: http
|
||||
protocol: HTTP
|
||||
port: 80
|
||||
hostname: "*.${SECRET_CLUSTER_DOMAIN}"
|
||||
hostname: "*.${SECRET_EXTERNAL_DOMAIN}"
|
||||
allowedRoutes:
|
||||
namespaces:
|
||||
from: Same
|
||||
- name: https
|
||||
protocol: HTTPS
|
||||
port: 443
|
||||
hostname: "*.${SECRET_CLUSTER_DOMAIN}"
|
||||
hostname: "*.${SECRET_EXTERNAL_DOMAIN}"
|
||||
allowedRoutes:
|
||||
namespaces:
|
||||
from: All
|
||||
|
||||
@@ -2,7 +2,6 @@
|
||||
# yaml-language-server: $schema=https://raw.githubusercontent.com/SchemaStore/schemastore/master/src/schemas/json/kustomization.json
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
namespace: networking-system
|
||||
resources:
|
||||
- ./gateway.yaml
|
||||
- ./redirect.yaml
|
||||
|
||||
@@ -3,7 +3,29 @@
|
||||
apiVersion: kustomize.toolkit.fluxcd.io/v1
|
||||
kind: Kustomization
|
||||
metadata:
|
||||
name: &app envoy-gateway
|
||||
name: &app envoy-gateway-crds
|
||||
namespace: &namespace network
|
||||
spec:
|
||||
commonMetadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: *app
|
||||
interval: 1h
|
||||
path: ./kubernetes/apps/network/envoy-gateway/crds
|
||||
prune: true
|
||||
retryInterval: 2m
|
||||
sourceRef:
|
||||
kind: GitRepository
|
||||
name: home-ops-kubernetes
|
||||
namespace: flux-system
|
||||
targetNamespace: *namespace
|
||||
timeout: 5m
|
||||
wait: false
|
||||
---
|
||||
# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
|
||||
apiVersion: kustomize.toolkit.fluxcd.io/v1
|
||||
kind: Kustomization
|
||||
metadata:
|
||||
name: &app envoy-gateway-operator
|
||||
namespace: &namespace network
|
||||
spec:
|
||||
commonMetadata:
|
||||
@@ -11,21 +33,24 @@ spec:
|
||||
app.kubernetes.io/name: *app
|
||||
interval: 1h
|
||||
path: ./kubernetes/apps/network/envoy-gateway/operator
|
||||
healthChecks:
|
||||
- apiVersion: helm.toolkit.fluxcd.io/v2
|
||||
kind: HelmRelease
|
||||
name: *app
|
||||
dependsOn:
|
||||
- name: envoy-gateway-crds
|
||||
namespace: *namespace
|
||||
- apiVersion: gateway.networking.k8s.io/v1
|
||||
kind: GatewayClass
|
||||
name: envoy-gateway
|
||||
healthCheckExprs:
|
||||
- apiVersion: gateway.networking.k8s.io/v1
|
||||
kind: GatewayClass
|
||||
failed: status.conditions.filter(e, e.type == 'Accepted').all(e, e.status == 'False')
|
||||
inProgress: status.conditions.filter(e, e.type == 'Accepted').all(e, e.status == 'Unknown')
|
||||
current: status.conditions.filter(e, e.type == 'Accepted').all(e, e.status == 'True')
|
||||
prune: false
|
||||
# healthChecks:
|
||||
# - apiVersion: helm.toolkit.fluxcd.io/v2
|
||||
# kind: HelmRelease
|
||||
# name: *app
|
||||
# namespace: *namespace
|
||||
# - apiVersion: gateway.networking.k8s.io/v1
|
||||
# kind: GatewayClass
|
||||
# name: envoy-gateway
|
||||
# healthCheckExprs:
|
||||
# - apiVersion: gateway.networking.k8s.io/v1
|
||||
# kind: GatewayClass
|
||||
# failed: status.conditions.filter(e, e.type == 'Accepted').all(e, e.status == 'False')
|
||||
# inProgress: status.conditions.filter(e, e.type == 'Accepted').all(e, e.status == 'Unknown')
|
||||
# current: status.conditions.filter(e, e.type == 'Accepted').all(e, e.status == 'True')
|
||||
prune: true
|
||||
retryInterval: 2m
|
||||
sourceRef:
|
||||
kind: GitRepository
|
||||
@@ -45,7 +70,7 @@ spec:
|
||||
interval: 1h
|
||||
retryInterval: 2m
|
||||
timeout: 5m
|
||||
prune: false
|
||||
prune: true
|
||||
commonMetadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: *app
|
||||
@@ -54,6 +79,7 @@ spec:
|
||||
kind: GitRepository
|
||||
name: home-ops-kubernetes
|
||||
namespace: flux-system
|
||||
targetNamespace: *namespace
|
||||
wait: false
|
||||
dependsOn:
|
||||
- name: envoy-gateway-operator
|
||||
@@ -69,7 +95,7 @@ spec:
|
||||
interval: 1h
|
||||
retryInterval: 2m
|
||||
timeout: 5m
|
||||
prune: false
|
||||
prune: true
|
||||
commonMetadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: *app
|
||||
@@ -78,6 +104,7 @@ spec:
|
||||
kind: GitRepository
|
||||
name: home-ops-kubernetes
|
||||
namespace: flux-system
|
||||
targetNamespace: *namespace
|
||||
wait: false
|
||||
dependsOn:
|
||||
- name: envoy-gateway-operator
|
||||
|
||||
@@ -10,7 +10,7 @@ spec:
|
||||
group: gateway.envoyproxy.io
|
||||
kind: EnvoyProxy
|
||||
name: proxy-config
|
||||
namespace: networking-system
|
||||
namespace: network
|
||||
---
|
||||
# yaml-language-server: $schema=https://schemas.budimanjojo.com/gateway.envoyproxy.io/envoyproxy_v1alpha1.json
|
||||
apiVersion: gateway.envoyproxy.io/v1alpha1
|
||||
|
||||
@@ -2,7 +2,5 @@
|
||||
# yaml-language-server: $schema=https://raw.githubusercontent.com/SchemaStore/schemastore/master/src/schemas/json/kustomization.json
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
namespace: networking-system
|
||||
resources:
|
||||
- ./gatewayclass.yaml
|
||||
- ./helmrelease.yaml
|
||||
|
||||
Reference in New Issue
Block a user