From 1e8e321e9b2585cc7dc5fdb55f97dce171a88491 Mon Sep 17 00:00:00 2001 From: AnthonyEnr1quez <32233059+AnthonyEnr1quez@users.noreply.github.com> Date: Sun, 24 Nov 2024 19:07:07 -0600 Subject: [PATCH] yolo update all gateway stuff --- .../cert-manager/app/helm-release.yaml | 4 +- .../networking/envoy-gateway/app/config.yaml | 43 +++++++++++++++++++ .../envoy-gateway/app/gateway-class.yaml | 7 ++- .../envoy-gateway/app/helm-release.yaml | 10 +++-- .../envoy-gateway/app/kustomization.yaml | 1 + .../gateway-api/app/kustomization.yaml | 2 +- .../flux/repositories/oci/envoy-gateway.yaml | 2 +- 7 files changed, 60 insertions(+), 9 deletions(-) create mode 100644 kubernetes/home-lab/apps/networking/envoy-gateway/app/config.yaml diff --git a/kubernetes/home-lab/apps/networking/cert-manager/app/helm-release.yaml b/kubernetes/home-lab/apps/networking/cert-manager/app/helm-release.yaml index d242e548..63864128 100644 --- a/kubernetes/home-lab/apps/networking/cert-manager/app/helm-release.yaml +++ b/kubernetes/home-lab/apps/networking/cert-manager/app/helm-release.yaml @@ -8,7 +8,7 @@ spec: chart: spec: chart: cert-manager - version: v1.16.1 + version: v1.16.2 sourceRef: kind: HelmRepository name: jetstack @@ -27,7 +27,7 @@ spec: values: image: repository: quay.io/jetstack/cert-manager-controller - tag: v1.16.1@sha256:ae5e14401cde4dec8bccce7594f829cd491044aa66944272e1d4fccc941ec77c + tag: v1.16.2@sha256:ae5e14401cde4dec8bccce7594f829cd491044aa66944272e1d4fccc941ec77c installCRDs: true # webhook: extraArgs: diff --git a/kubernetes/home-lab/apps/networking/envoy-gateway/app/config.yaml b/kubernetes/home-lab/apps/networking/envoy-gateway/app/config.yaml new file mode 100644 index 00000000..c274c2e4 --- /dev/null +++ b/kubernetes/home-lab/apps/networking/envoy-gateway/app/config.yaml @@ -0,0 +1,43 @@ +--- +apiVersion: gateway.envoyproxy.io/v1alpha1 +kind: EnvoyProxy +metadata: + name: config + namespace: networking +spec: + telemetry: + metrics: + prometheus: {} + # shutdown: + # drainTimeout: 300s + logging: + level: + default: debug + provider: + type: Kubernetes + kubernetes: + envoyDeployment: + replicas: 1 + container: + image: envoyproxy/envoy:distroless-dev-bc0e51128f80b2c1b48fd80038779b242e8345d7 + resources: + requests: + cpu: 150m + memory: 640Mi + limits: + cpu: 500m + memory: 1Gi +--- +apiVersion: gateway.envoyproxy.io/v1alpha1 +kind: ClientTrafficPolicy +metadata: + name: enable-mtls + namespace: networking +spec: + targetRefs: + - group: gateway.networking.k8s.io + kind: Gateway + name: production + tls: + clientValidation: + optional: true diff --git a/kubernetes/home-lab/apps/networking/envoy-gateway/app/gateway-class.yaml b/kubernetes/home-lab/apps/networking/envoy-gateway/app/gateway-class.yaml index 095a10f5..ba91b61a 100644 --- a/kubernetes/home-lab/apps/networking/envoy-gateway/app/gateway-class.yaml +++ b/kubernetes/home-lab/apps/networking/envoy-gateway/app/gateway-class.yaml @@ -5,4 +5,9 @@ metadata: name: envoy-gateway namespace: networking spec: - controllerName: gateway.envoyproxy.io/gatewayclass-controller \ No newline at end of file + controllerName: gateway.envoyproxy.io/gatewayclass-controller + parametersRef: + group: gateway.envoyproxy.io + kind: EnvoyProxy + name: config + namespace: networking \ No newline at end of file diff --git a/kubernetes/home-lab/apps/networking/envoy-gateway/app/helm-release.yaml b/kubernetes/home-lab/apps/networking/envoy-gateway/app/helm-release.yaml index 0e9f3932..67db532c 100644 --- a/kubernetes/home-lab/apps/networking/envoy-gateway/app/helm-release.yaml +++ b/kubernetes/home-lab/apps/networking/envoy-gateway/app/helm-release.yaml @@ -21,8 +21,10 @@ spec: uninstall: keepHistory: false values: - config: + deployment: envoyGateway: - logging: - level: - default: debug + image: + repository: docker.io/envoyproxy/gateway + tag: v1.2.1 + rbac: + cluster: true diff --git a/kubernetes/home-lab/apps/networking/envoy-gateway/app/kustomization.yaml b/kubernetes/home-lab/apps/networking/envoy-gateway/app/kustomization.yaml index 5a536b54..96dd8b17 100644 --- a/kubernetes/home-lab/apps/networking/envoy-gateway/app/kustomization.yaml +++ b/kubernetes/home-lab/apps/networking/envoy-gateway/app/kustomization.yaml @@ -3,4 +3,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - helm-release.yaml + - config.yaml - gateway-class.yaml diff --git a/kubernetes/home-lab/apps/networking/gateway-api/app/kustomization.yaml b/kubernetes/home-lab/apps/networking/gateway-api/app/kustomization.yaml index cff8e4c6..49f4b5ac 100644 --- a/kubernetes/home-lab/apps/networking/gateway-api/app/kustomization.yaml +++ b/kubernetes/home-lab/apps/networking/gateway-api/app/kustomization.yaml @@ -2,4 +2,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - - github.com/kubernetes-sigs/gateway-api/config/crd?ref=v1.0.0 + - https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.2.0/experimental-install.yaml diff --git a/kubernetes/home-lab/flux/repositories/oci/envoy-gateway.yaml b/kubernetes/home-lab/flux/repositories/oci/envoy-gateway.yaml index 8b174b7c..49ac8a2e 100644 --- a/kubernetes/home-lab/flux/repositories/oci/envoy-gateway.yaml +++ b/kubernetes/home-lab/flux/repositories/oci/envoy-gateway.yaml @@ -8,5 +8,5 @@ spec: interval: 1h url: oci://docker.io/envoyproxy/gateway-helm ref: - tag: v1.0.2 + tag: v1.2.1 timeout: 3m