85 lines
3.3 KiB
YAML
85 lines
3.3 KiB
YAML
{{- if (and .Values.apiGateway.enabled .Values.apiGateway.managedGatewayClass.enabled) }}
|
|
apiVersion: api-gateway.consul.hashicorp.com/v1alpha1
|
|
kind: GatewayClassConfig
|
|
metadata:
|
|
name: consul-api-gateway
|
|
labels:
|
|
app: {{ template "consul.name" . }}
|
|
chart: {{ template "consul.chart" . }}
|
|
heritage: {{ .Release.Service }}
|
|
release: {{ .Release.Name }}
|
|
component: api-gateway
|
|
spec:
|
|
consul:
|
|
{{- if .Values.client.enabled }}
|
|
{{/*
|
|
We use client agent nodes if we have them to support backwards compatibility in <=0.4 releases which
|
|
require connectivity between the registered Consul agent node and a deployment for health checking
|
|
(originating from the Consul node). Always leveraging the agents in the case that they're explicitly
|
|
opted into allows us to support users with agent node + "externalServers" configuration upgrading a
|
|
helm chart without upgrading api gateways. Otherwise, using "externalServers" when provided
|
|
without local agents will break gateways <=0.4.
|
|
*/}}
|
|
address: $(HOST_IP)
|
|
{{- else if .Values.externalServers.enabled }}
|
|
{{/*
|
|
"externalServers" specified and running in "agentless" mode, this will only work 0.5+
|
|
*/}}
|
|
address: {{ first .Values.externalServers.hosts }}
|
|
{{- else }}
|
|
{{/*
|
|
We have local network connectivity between deployments and the internal cluster, this
|
|
should be supported in all versions of api-gateway
|
|
*/}}
|
|
address: {{ template "consul.fullname" . }}-server.{{ .Release.Namespace }}.svc
|
|
{{- end }}
|
|
authentication:
|
|
{{- if .Values.global.acls.manageSystemACLs }}
|
|
managed: true
|
|
method: {{ template "consul.fullname" . }}-k8s-auth-method
|
|
{{- if .Values.global.enablePodSecurityPolicies }}
|
|
podSecurityPolicy: {{ template "consul.fullname" . }}-api-gateway
|
|
{{- end }}
|
|
{{- end }}
|
|
{{- if .Values.global.tls.enabled }}
|
|
scheme: https
|
|
{{- else }}
|
|
scheme: http
|
|
{{- end }}
|
|
ports:
|
|
{{- if .Values.externalServers.enabled }}
|
|
grpc: {{ .Values.externalServers.grpcPort }}
|
|
http: {{ .Values.externalServers.httpsPort }}
|
|
{{- else }}
|
|
grpc: 8502
|
|
{{- if .Values.global.tls.enabled }}
|
|
http: 8501
|
|
{{- else }}
|
|
http: 8500
|
|
{{- end }}
|
|
{{- end }}
|
|
{{- with .Values.apiGateway.managedGatewayClass.deployment }}
|
|
deployment:
|
|
{{- toYaml . | nindent 4 }}
|
|
{{- end }}
|
|
image:
|
|
consulAPIGateway: {{ .Values.apiGateway.image }}
|
|
envoy: {{ .Values.apiGateway.imageEnvoy }}
|
|
{{- if .Values.apiGateway.managedGatewayClass.nodeSelector }}
|
|
nodeSelector:
|
|
{{ tpl .Values.apiGateway.managedGatewayClass.nodeSelector . | indent 4 | trim }}
|
|
{{- end }}
|
|
{{- if .Values.apiGateway.managedGatewayClass.tolerations }}
|
|
tolerations:
|
|
{{ tpl .Values.apiGateway.managedGatewayClass.tolerations . | indent 4 | trim }}
|
|
{{- end }}
|
|
{{- if .Values.apiGateway.managedGatewayClass.copyAnnotations.service }}
|
|
copyAnnotations:
|
|
service:
|
|
{{ tpl .Values.apiGateway.managedGatewayClass.copyAnnotations.service.annotations . | nindent 6 | trim }}
|
|
{{- end }}
|
|
serviceType: {{ .Values.apiGateway.managedGatewayClass.serviceType }}
|
|
useHostPorts: {{ .Values.apiGateway.managedGatewayClass.useHostPorts }}
|
|
logLevel: {{ default .Values.global.logLevel .Values.apiGateway.managedGatewayClass.logLevel }}
|
|
{{- end }}
|