Files
argocd-apps/apps/base/puppet/gateway_puppetdb.yaml
T
unkinben 0f5c2fc24d
ci/woodpecker/pr/kubeconform Pipeline was successful
ci/woodpecker/pr/pre-commit Pipeline was successful
feat(puppet): migrate puppetdb Ingress to Gateway API
Replace nginx Ingress with Gateway + HTTPRoute using the traefik-internal
GatewayClass. TLS is terminated at the Gateway listener via cert-manager.
2026-05-22 00:10:25 +10:00

33 lines
927 B
YAML

---
apiVersion: gateway.networking.k8s.io/v1
kind: Gateway
metadata:
annotations:
cert-manager.io/cluster-issuer: vault-issuer
cert-manager.io/common-name: puppetdb.k8s.syd1.au.unkin.net
cert-manager.io/private-key-size: "4096"
external-dns.alpha.kubernetes.io/hostname: puppetdb.k8s.syd1.au.unkin.net
external-dns.alpha.kubernetes.io/target: 198.18.200.0
labels:
app.kubernetes.io/component: puppetdb
app.kubernetes.io/instance: puppetserver
app.kubernetes.io/name: puppetserver
app.kubernetes.io/version: 8.8.0
name: puppetdb
namespace: puppet
spec:
gatewayClassName: traefik-internal
listeners:
- allowedRoutes:
namespaces:
from: Same
hostname: puppetdb.k8s.syd1.au.unkin.net
name: https
port: 443
protocol: HTTPS
tls:
certificateRefs:
- kind: Secret
name: puppetdb-tls
mode: Terminate