feat(consul): address PR review feedback
- Fix consul HTTPRoute backend: consul-consul-ui -> consul-ui - Add consul.service.consul hostname to Gateway (cert SAN) and HTTPRoute - Add consul-svc listener on 443 for consul.service.consul SNI routing - Convert PDB inline patch to patches/consul-server-pdb.yaml - Set server.disruptionBudget.maxUnavailable: 1 explicitly in values - Expose consul DNS service as LoadBalancer (purelb 198.18.200.5) for anycast - Remove sandbox overlay (not needed in production GitOps)
This commit is contained in:
@@ -6,13 +6,10 @@ resources:
|
||||
- ../../../base/consul
|
||||
|
||||
patches:
|
||||
- target:
|
||||
- path: patches/consul-server-pdb.yaml
|
||||
target:
|
||||
kind: PodDisruptionBudget
|
||||
name: consul-server
|
||||
patch: |-
|
||||
- op: replace
|
||||
path: /apiVersion
|
||||
value: policy/v1
|
||||
|
||||
helmCharts:
|
||||
- name: consul
|
||||
|
||||
@@ -0,0 +1,3 @@
|
||||
- op: replace
|
||||
path: /apiVersion
|
||||
value: policy/v1
|
||||
@@ -12,6 +12,9 @@ server:
|
||||
|
||||
connect: true
|
||||
|
||||
disruptionBudget:
|
||||
maxUnavailable: 1
|
||||
|
||||
extraConfig: |
|
||||
{
|
||||
"disable_remote_exec": true,
|
||||
@@ -49,3 +52,7 @@ connectInject:
|
||||
|
||||
dns:
|
||||
enabled: true
|
||||
type: LoadBalancer
|
||||
annotations: |
|
||||
purelb.io/service-group: "common"
|
||||
purelb.io/addresses: 198.18.200.5
|
||||
|
||||
Reference in New Issue
Block a user