diff --git a/apps/base/puppet/gateway_puppetdb.yaml b/apps/base/puppet/gateway_puppetdb.yaml new file mode 100644 index 0000000..d61ed86 --- /dev/null +++ b/apps/base/puppet/gateway_puppetdb.yaml @@ -0,0 +1,33 @@ +--- +apiVersion: gateway.networking.k8s.io/v1 +kind: Gateway +metadata: + annotations: + cert-manager.io/cluster-issuer: vault-issuer + cert-manager.io/common-name: puppetdb.k8s.syd1.au.unkin.net + cert-manager.io/private-key-size: "4096" + external-dns.alpha.kubernetes.io/hostname: puppetdb.k8s.syd1.au.unkin.net + external-dns.alpha.kubernetes.io/target: 198.18.200.4 + labels: + traefik.io/instance: internal + app.kubernetes.io/component: puppetdb + app.kubernetes.io/instance: puppetserver + app.kubernetes.io/name: puppetserver + app.kubernetes.io/version: 8.8.0 + name: puppetdb + namespace: puppet +spec: + gatewayClassName: traefik-internal + listeners: + - allowedRoutes: + namespaces: + from: Same + hostname: puppetdb.k8s.syd1.au.unkin.net + name: https + port: 443 + protocol: HTTPS + tls: + certificateRefs: + - kind: Secret + name: puppetdb-tls + mode: Terminate diff --git a/apps/base/puppet/httproute_puppetdb.yaml b/apps/base/puppet/httproute_puppetdb.yaml new file mode 100644 index 0000000..401e272 --- /dev/null +++ b/apps/base/puppet/httproute_puppetdb.yaml @@ -0,0 +1,25 @@ +--- +apiVersion: gateway.networking.k8s.io/v1 +kind: HTTPRoute +metadata: + labels: + app.kubernetes.io/component: puppetdb + app.kubernetes.io/instance: puppetserver + app.kubernetes.io/name: puppetserver + app.kubernetes.io/version: 8.8.0 + name: puppetdb + namespace: puppet +spec: + hostnames: + - puppetdb.k8s.syd1.au.unkin.net + parentRefs: + - name: puppetdb + sectionName: https + rules: + - backendRefs: + - name: puppetdb + port: 8080 + matches: + - path: + type: PathPrefix + value: / diff --git a/apps/base/puppet/ingress_puppetdb.yaml b/apps/base/puppet/ingress_puppetdb.yaml deleted file mode 100644 index 4f28a7f..0000000 --- a/apps/base/puppet/ingress_puppetdb.yaml +++ /dev/null @@ -1,34 +0,0 @@ ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - annotations: - kubernetes.io/ingress.class: nginx - external-dns.alpha.kubernetes.io/hostname: puppetdb.k8s.syd1.au.unkin.net - external-dns.alpha.kubernetes.io/target: 198.18.200.0 - cert-manager.io/cluster-issuer: vault-issuer - cert-manager.io/common-name: puppetdb.k8s.syd1.au.unkin.net - cert-manager.io/private-key-size: "4096" - labels: - app.kubernetes.io/component: puppetdb - app.kubernetes.io/instance: puppetserver - app.kubernetes.io/name: puppetserver - app.kubernetes.io/version: 8.8.0 - name: puppetdb - namespace: puppet -spec: - rules: - - host: puppetdb.k8s.syd1.au.unkin.net - http: - paths: - - backend: - service: - name: puppetdb - port: - number: 8080 - path: / - pathType: Prefix - tls: - - hosts: - - puppetdb.k8s.syd1.au.unkin.net - secretName: puppetdb-tls diff --git a/apps/base/puppet/kustomization.yaml b/apps/base/puppet/kustomization.yaml index 99cd358..8d44f05 100644 --- a/apps/base/puppet/kustomization.yaml +++ b/apps/base/puppet/kustomization.yaml @@ -27,7 +27,8 @@ resources: - horizontalpodautoscaler_puppetserver-puppetdb-autoscaler.yaml - gateway_puppetboard.yaml - httproute_puppetboard.yaml - - ingress_puppetdb.yaml + - gateway_puppetdb.yaml + - httproute_puppetdb.yaml - service_puppetserver-agents-to-puppet.yaml - service_puppet-headless.yaml - service_puppet.yaml