feat(consul): address PR review feedback
ci/woodpecker/pr/pre-commit Pipeline was successful
ci/woodpecker/pr/kubeconform Pipeline was canceled

- Fix consul HTTPRoute backend: consul-consul-ui -> consul-ui
- Add consul.service.consul hostname to Gateway (cert SAN) and HTTPRoute
- Add consul-svc listener on 443 for consul.service.consul SNI routing
- Convert PDB inline patch to patches/consul-server-pdb.yaml
- Set server.disruptionBudget.maxUnavailable: 1 explicitly in values
- Expose consul DNS service as LoadBalancer (purelb 198.18.200.5) for anycast
- Remove sandbox overlay (not needed in production GitOps)
This commit is contained in:
2026-05-23 22:11:41 +10:00
parent 0c73cc7594
commit f224b17ca1
7 changed files with 49 additions and 101 deletions
@@ -6,13 +6,10 @@ resources:
- ../../../base/consul
patches:
- target:
- path: patches/consul-server-pdb.yaml
target:
kind: PodDisruptionBudget
name: consul-server
patch: |-
- op: replace
path: /apiVersion
value: policy/v1
helmCharts:
- name: consul
@@ -0,0 +1,3 @@
- op: replace
path: /apiVersion
value: policy/v1
+7
View File
@@ -12,6 +12,9 @@ server:
connect: true
disruptionBudget:
maxUnavailable: 1
extraConfig: |
{
"disable_remote_exec": true,
@@ -49,3 +52,7 @@ connectInject:
dns:
enabled: true
type: LoadBalancer
annotations: |
purelb.io/service-group: "common"
purelb.io/addresses: 198.18.200.5