WIP: istio-gateway(only the Gateway object, not the gatewayd).

Adam Heath
Showing 4 changed files with 97 additions and 0 deletions
istio-gateway/charts/gateway/gateway.yaml
istio-gateway/charts/gateway/kustomization.yaml
istio-gateway/environments/default-values.yaml
istio-gateway/helmfile.yaml
--- a/istio-gateway/charts/gateway/gateway.yaml 0 → 100644
View file @14ef1b3
+++ b/istio-gateway/charts/gateway/gateway.yaml 0 → 100644
View file @14ef1b3
+---
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: istio-gateway-cert
+spec:
+  secretName: istio-gateway
+  dnsNames:
+    - '*'
+  issuerRef:
+    name: ca-issuer
+    # We can reference ClusterIssuers by changing the kind here.
+    # The default value is Issuer (i.e. a locally namespaced Issuer)
+    kind: ClusterIssuer
+    group: cert-manager.io
+---
+apiVersion: networking.istio.io/v1beta1
+kind: Gateway
+metadata:
+  name: istio-gateway
+spec: {}
+
--- a/istio-gateway/charts/gateway/kustomization.yaml 0 → 100644
View file @14ef1b3
+++ b/istio-gateway/charts/gateway/kustomization.yaml 0 → 100644
View file @14ef1b3
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+resources:
+  - ./gateway.yaml
+
--- a/istio-gateway/environments/default-values.yaml 0 → 100644
View file @14ef1b3
+++ b/istio-gateway/environments/default-values.yaml 0 → 100644
View file @14ef1b3
+namespace: default
+name: default
+selector: {}
+tls:
+  hosts:
+    - "*"
+  issuerRef:
+    name: ca-issuer
+    # We can reference ClusterIssuers by changing the kind here.
+    # The default value is Issuer (i.e. a locally namespaced Issuer)
+    kind: ClusterIssuer
+    group: cert-manager.io
+  mode: SIMPLE
+http:
+  hosts:
+    - "*"
+
--- a/istio-gateway/helmfile.yaml 0 → 100644
View file @14ef1b3
+++ b/istio-gateway/helmfile.yaml 0 → 100644
View file @14ef1b3
+bases:
+  - ../common/environments.yaml
+
+---
+
+releases:
+  - name: istio-gateway-{{ .Values.name }}
+    namespace: {{ .Values.namespace }}
+    chart: charts/gateway
+    disableValidationOnInstall: true
+    values:
+      - nameSuffix: -{{ .Values.name }}
+    strategicMergePatches:
+      - apiVersion: networking.istio.io/v1beta1
+        kind: Gateway
+        metadata:
+          name: istio-gateway-{{ .Values.name }}
+          namespace: {{ .Values.namespace }}
+        spec:
+          selector: {{ .Values.selector | toYaml | nindent 12 }}
+          servers:
+            {{- if .Values.http.hosts }}
+            - port:
+                name: http
+                number: 80
+                protocol: HTTP
+              hosts: {{ .Values.http.hosts | toYaml | nindent 16 }}
+            {{- end }}
+            {{- if .Values.tls.hosts }}
+            - port:
+                name: https
+                number: 443
+                protocol: HTTPS
+              hosts: {{ .Values.http.hosts | toYaml | nindent 16 }}
+              tls:
+                credentialName: istio-gateway-cert-{{ .Values.name }}
+                mode: {{ .Values.tls.mode | quote }}
+            {{- end }}
+      - apiVersion: cert-manager.io/v1
+        kind: Certificate
+        metadata:
+          name: istio-gateway-cert-{{ .Values.name }}
+          namespace: {{ .Values.namespace }}
+        {{- if .Values.tls.hosts }}
+        spec:
+          secretName: istio-gateway-cert-{{ .Values.name }}
+          dnsNames: {{ .Values.tls.hosts | toYaml | nindent 12 }}
+          issuerRef: {{ .Values.tls.issuerRef | toYaml | nindent 12 }}
+        {{ else }}
+        $patch: delete
+        {{- end }}
+