diff --git a/apps/base/cattle-system/gateway.yaml b/apps/base/cattle-system/gateway.yaml new file mode 100644 index 0000000..f553efb --- /dev/null +++ b/apps/base/cattle-system/gateway.yaml @@ -0,0 +1,27 @@ +--- +apiVersion: gateway.networking.k8s.io/v1 +kind: Gateway +metadata: + annotations: + cert-manager.io/cluster-issuer: vault-issuer + cert-manager.io/common-name: rancher.k8s.syd1.au.unkin.net + cert-manager.io/private-key-size: "4096" + external-dns.alpha.kubernetes.io/hostname: rancher.k8s.syd1.au.unkin.net + external-dns.alpha.kubernetes.io/target: "198.18.200.0" + name: rancher + namespace: cattle-system +spec: + gatewayClassName: traefik-internal + listeners: + - allowedRoutes: + namespaces: + from: Same + hostname: rancher.k8s.syd1.au.unkin.net + name: https + port: 443 + protocol: HTTPS + tls: + certificateRefs: + - kind: Secret + name: rancher-tls + mode: Terminate diff --git a/apps/base/cattle-system/httproute.yaml b/apps/base/cattle-system/httproute.yaml new file mode 100644 index 0000000..6e972da --- /dev/null +++ b/apps/base/cattle-system/httproute.yaml @@ -0,0 +1,20 @@ +--- +apiVersion: gateway.networking.k8s.io/v1 +kind: HTTPRoute +metadata: + name: rancher + namespace: cattle-system +spec: + hostnames: + - rancher.k8s.syd1.au.unkin.net + parentRefs: + - name: rancher + sectionName: https + rules: + - backendRefs: + - name: rancher + port: 80 + matches: + - path: + type: PathPrefix + value: / diff --git a/apps/base/cattle-system/ingress.yaml b/apps/base/cattle-system/ingress.yaml deleted file mode 100644 index 46ef0a7..0000000 --- a/apps/base/cattle-system/ingress.yaml +++ /dev/null @@ -1,29 +0,0 @@ ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: rancher - namespace: cattle-system - annotations: - cert-manager.io/cluster-issuer: vault-issuer - cert-manager.io/common-name: rancher.k8s.syd1.au.unkin.net - cert-manager.io/private-key-size: "4096" - external-dns.alpha.kubernetes.io/hostname: rancher.k8s.syd1.au.unkin.net - external-dns.alpha.kubernetes.io/target: "198.18.200.0" -spec: - ingressClassName: nginx - tls: - - hosts: - - rancher.k8s.syd1.au.unkin.net - secretName: rancher-tls - rules: - - host: rancher.k8s.syd1.au.unkin.net - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: rancher - port: - number: 80 diff --git a/apps/base/cattle-system/kustomization.yaml b/apps/base/cattle-system/kustomization.yaml index 4d589ff..6ccd3c8 100644 --- a/apps/base/cattle-system/kustomization.yaml +++ b/apps/base/cattle-system/kustomization.yaml @@ -6,4 +6,5 @@ resources: - namespace.yaml - vaultauth.yaml - vaultstaticsecret.yaml - - ingress.yaml + - gateway.yaml + - httproute.yaml