feat(cattle-system): migrate rancher Ingress to Gateway API (#132)

## Summary

- Replace `Ingress` (nginx) with `Gateway` + `HTTPRoute` using `traefik-internal` GatewayClass
- TLS terminated at the Gateway listener; cert-manager provisions the certificate via `vault-issuer`
- external-dns annotations moved to the Gateway

## Test plan

- [ ] ArgoCD syncs the cattle-system app cleanly
- [ ] cert-manager issues the `rancher-tls` certificate
- [ ] external-dns creates the DNS record
- [ ] `https://rancher.k8s.syd1.au.unkin.net` is reachable

Reviewed-on: #132
This commit was merged in pull request #132.
This commit is contained in:
2026-05-23 00:24:57 +10:00
parent 64dc5a0242
commit 20ce2b1b92
4 changed files with 51 additions and 30 deletions
+2 -1
View File
@@ -6,4 +6,5 @@ resources:
- namespace.yaml
- vaultauth.yaml
- vaultstaticsecret.yaml
- ingress.yaml
- gateway.yaml
- httproute.yaml