diff --git a/infra/istio-system/templates/expose.yaml b/infra/istio-system/templates/expose.yaml index e15971c..34c77f7 100644 --- a/infra/istio-system/templates/expose.yaml +++ b/infra/istio-system/templates/expose.yaml @@ -1,53 +1,70 @@ +#apiVersion: networking.istio.io/v1 +#kind: Gateway +#metadata: +# name: istiod-gateway +#spec: +# selector: +# istio: eastwestgateway +# servers: +# - port: +# name: tls-istiod +# number: 15012 +# protocol: tls +# tls: +# mode: PASSTHROUGH +# hosts: +# - "*" +# - port: +# name: tls-istiodwebhook +# number: 15017 +# protocol: tls +# tls: +# mode: PASSTHROUGH +# hosts: +# - "*" +#--- +#apiVersion: networking.istio.io/v1 +#kind: VirtualService +#metadata: +# name: istiod-vs +#spec: +# hosts: +# - "*" +# gateways: +# - istiod-gateway +# tls: +# - match: +# - port: 15012 +# sniHosts: +# - "*" +# route: +# - destination: +# host: istiod.istio-system.svc.cluster.local +# port: +# number: 15012 +# - match: +# - port: 15017 +# sniHosts: +# - "*" +# route: +# - destination: +# host: istiod.istio-system.svc.cluster.local +# port: +# number: 443 +--- apiVersion: networking.istio.io/v1 kind: Gateway metadata: - name: istiod-gateway + name: cross-network-gateway spec: selector: istio: eastwestgateway servers: - port: - name: tls-istiod - number: 15012 - protocol: tls + number: 15443 + name: tls + protocol: TLS tls: - mode: PASSTHROUGH + mode: AUTO_PASSTHROUGH hosts: - - "*" - - port: - name: tls-istiodwebhook - number: 15017 - protocol: tls - tls: - mode: PASSTHROUGH - hosts: - - "*" ---- -apiVersion: networking.istio.io/v1 -kind: VirtualService -metadata: - name: istiod-vs -spec: - hosts: - - "*" - gateways: - - istiod-gateway - tls: - - match: - - port: 15012 - sniHosts: - - "*" - route: - - destination: - host: istiod.istio-system.svc.cluster.local - port: - number: 15012 - - match: - - port: 15017 - sniHosts: - - "*" - route: - - destination: - host: istiod.istio-system.svc.cluster.local - port: - number: 443 + - "*.local"