helmfile.yaml
2.83 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
environments:
default:
values:
- namespace: istio-system
namePrefix: ""
version:
istio: 1.14.1
raw: 1.1.0
gateways:
- name: cluster-local-gateway
hosts:
- "*"
repositories:
- name: istio
url: https://istio-release.storage.googleapis.com/charts
- name: bedag
url: https://bedag.github.io/helm-charts/
---
helmfiles:
- path: istio-base.helmfile.yaml
values:
- namespace: {{ .Values.namespace }}
namePrefix: ""
version: {{ .Values.version.istio }}
- path: istiod.helmfile.yaml
values:
- namespace: {{ .Values.namespace }}
namePrefix: ""
version: {{ .Values.version.istio }}
releases:
- name: {{ $.Values.namePrefix }}gateways
namespace: {{ .Values.namespace }}
chart: charts/gateway
dependencies:
{{- range $gateway_index, $gateway := .Values.gateways }}
- chart: istio/gateway
alias: gatewayd-{{ $gateway.name }}
version: {{ $.Values.version.istio }}
- chart: bedag/raw
alias: gateway-{{ $gateway.name }}
version: {{ $.Values.version.raw }}
{{- end }}
values:
{{- range $gateway_index, $gateway := .Values.gateways }}
- gatewayd-{{ $gateway.name }}:
name: {{ $gateway.name }}
service:
type: LoadBalancer
loadBalancerIP: {{ $gateway | get "loadBalancerIP" "" }}
autoscaling:
enabled: false
gateway-{{ $gateway.name }}:
resources:
- apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: istio-cert-{{ $gateway.name }}
spec:
secretName: istio-cert-{{ $gateway.name }}
dnsNames:
- '*'
issuerRef:
name: ca-issuer
# We can reference ClusterIssuers by changing the kind here.
# The default value is Issuer (i.e. a locally namespaced Issuer)
kind: ClusterIssuer
group: cert-manager.io
- apiVersion: networking.istio.io/v1beta1
kind: Gateway
metadata:
name: {{ $gateway.name }}
spec:
selector:
istio: {{ $gateway.name }}
servers:
- hosts:
- '*'
port:
name: http
number: 80
protocol: HTTP
- hosts:
- '*'
port:
name: https
number: 443
protocol: HTTPS
tls:
credentialName: istio-cert-{{ $gateway.name }}
mode: SIMPLE
{{- end }}