chore(gateway): update to Gateway API 1.1.0

2025-11-19 15:54:49 +00:00 · 2024-08-10 19:42:09 +02:00
parent 42c7fe1e12
commit 8668f58a38
10 changed files with 56 additions and 36 deletions
--- a/k8s/apps/media/jellyfin/http-route.yaml
+++ b/k8s/apps/media/jellyfin/http-route.yaml
@@ -0,0 +1,19 @@
 apiVersion: gateway.networking.k8s.io/v1
 kind: HTTPRoute
 metadata:
  name: jellyfin
  namespace: jellyfin
 spec:
  parentRefs:
    - name: stonegarden
      namespace: gateway
  hostnames:
    - "jellyfin.stonegarden.dev"
  rules:
    - matches:
        - path:
            type: PathPrefix
            value: /
      backendRefs:
        - name: jellyfin
          port: 8096
--- a/k8s/apps/media/jellyfin/kustomization.yaml
+++ b/k8s/apps/media/jellyfin/kustomization.yaml
@@ -14,4 +14,5 @@ resources:
  - svc.yaml
  - pvc.yaml
  - ingress.yaml
  - http-route.yaml
  - deployment.yaml
--- a/k8s/apps/media/plex/http-route.yaml
+++ b/k8s/apps/media/plex/http-route.yaml
@@ -0,0 +1,19 @@
 apiVersion: gateway.networking.k8s.io/v1
 kind: HTTPRoute
 metadata:
  name: plex
  namespace: plex
 spec:
  parentRefs:
    - name: stonegarden
      namespace: gateway
  hostnames:
    - "plex.stonegarden.dev"
  rules:
    - matches:
        - path:
            type: PathPrefix
            value: /
      backendRefs:
        - name: plex
          port: 32400
--- a/k8s/apps/media/plex/kustomization.yaml
+++ b/k8s/apps/media/plex/kustomization.yaml
@@ -15,4 +15,5 @@ resources:
  - svc.yaml
  - pvc.yaml
  - ingress.yaml
  - http-route.yaml
  - deployment.yaml
--- a/k8s/infra/crds/kustomization.yaml
+++ b/k8s/infra/crds/kustomization.yaml
@@ -2,4 +2,9 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
-  - https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.0.0/experimental-install.yaml
+  - https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/v1.1.0/config/crd/standard/gateway.networking.k8s.io_gatewayclasses.yaml
  - https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/v1.1.0/config/crd/experimental/gateway.networking.k8s.io_gateways.yaml
  - https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/v1.1.0/config/crd/standard/gateway.networking.k8s.io_httproutes.yaml
  - https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/v1.1.0/config/crd/standard/gateway.networking.k8s.io_referencegrants.yaml
  - https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/v1.1.0/config/crd/standard/gateway.networking.k8s.io_grpcroutes.yaml
  - https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/v1.1.0/config/crd/experimental/gateway.networking.k8s.io_tlsroutes.yaml
--- a/k8s/infra/network/cilium/values.yaml
+++ b/k8s/infra/network/cilium/values.yaml
@@ -59,6 +59,16 @@ enableCiliumEndpointSlice: true
 gatewayAPI:
  enabled: true
 envoy:
  enabled: true
  securityContext:
    capabilities:
      keepCapNetBindService: true
      envoy:
        - NET_BIND_SERVICE
        - NET_ADMIN
        - PERMON
        - BPF
 hubble:
  enabled: true
--- a/k8s/infra/network/gateway/cloudflare-api-token.yaml
+++ b/k8s/infra/network/gateway/cloudflare-api-token.yaml
@@ -1,12 +0,0 @@
 apiVersion: bitnami.com/v1alpha1
 kind: SealedSecret
 metadata:
  name: cloudflare-api-token
  namespace: gateway
 spec:
  encryptedData:
    api-token: AgCmFZ1eCTYUq41kgZUVr0QjzppHOh/O9frkrupm6WT+QWIaMCK3qq0XmnHWox1K1SHhmix4I4TBzMuvKd8MR2SaI4lfdD4DrNoxpKOKyIKcWWiwz2Lw6CTqTr6Wa+7Iyh5qk2jna20pnGzhp4e0YMwBrVCcelpH/TiZtzXY3FrSnv2+YiPsOR+cohv1OV2E9hUbbHMJGwJQsjVGwTaw1gmEKJIVpMaR86coM7J+5NIoEuG1LeV4ZaqxDG2oQ21V2OBv8gFsO1IrlP17PTKX1Uzvw18Xcvt5ybWQIuXJM8A+0YxwEYUDYj7FyYeDIhKwo/IyUWQKMHu0MKkLMcJ7dHI7fNGH8olvR1ZcTNvtiswa7Fx3c8c70V9Ldw1B09tj+hVfv8hoW6B8uX9C8QDaGY5dlKZr0u2rswK5UVwrgnpdVZt2kWSypqG9JJ8IdcR6OSxfixJpyKryQoK26lFSXHHLrqAvbF2uIyRbYa5q6wz7zUcdAEIAJ2cDLmZ5IFYzzTiDvlDBOUddnhOy2n76pUXDxH/4yKIYFMOZB+SkCFTh54ddbEkyW4or8UK+jzzp2SzRaW0cKj5QUbqSDu+yLm6RmTqpNrmNTjMNtQVOfFXBGm6aGS9Y61kEjIvmgTsKpla9k85RVeRiVy/tsngghp3mfIXzQHZZ4IzTuTya0zb7sJzyrOwqfPgnGZyt5RQZtYl8rG/09MkJgm1iVHdWd2Fd38SdcALXEX4Qpaf8Yk0fb9B2LrHWvmAT
  template:
    metadata:
      name: cloudflare-api-token
      namespace: gateway
--- a/k8s/infra/network/gateway/cloudflare-issuer.yaml
+++ b/k8s/infra/network/gateway/cloudflare-issuer.yaml
@@ -1,18 +0,0 @@
 apiVersion: cert-manager.io/v1
 kind: Issuer
 metadata:
  name: cloudflare-issuer
  namespace: gateway
 spec:
  acme:
    server: https://acme-v02.api.letsencrypt.org/directory
    #server: https://acme-staging-v02.api.letsencrypt.org/directory
    email: veghag@gmail.com
    privateKeySecretRef:
      name: cloudflare-key
    solvers:
      - dns01:
          cloudflare:
            apiTokenSecretRef:
              name: cloudflare-api-token
              key: api-token
--- a/k8s/infra/network/gateway/gw-stonegarden.yaml
+++ b/k8s/infra/network/gateway/gw-stonegarden.yaml
@@ -3,8 +3,6 @@ kind: Gateway
 metadata:
  name: stonegarden
  namespace: gateway
 #  annotations:
 #    cert-manager.io/issuer: cloudflare-issuer
 spec:
  gatewayClassName: cilium
  infrastructure:
@@ -30,7 +28,6 @@ spec:
        certificateRefs:
          - kind: Secret
            name: cert-stonegarden
            #name: cloudflare-cert
      allowedRoutes:
        namespaces:
          from: All
--- a/k8s/infra/network/gateway/kustomization.yaml
+++ b/k8s/infra/network/gateway/kustomization.yaml
@@ -5,7 +5,5 @@ resources:
  - cert-stonegarden.yaml
  - gateway-class.yaml
  - ns.yaml
  - cloudflare-api-token.yaml
  - cloudflare-issuer.yaml
  - gw-stonegarden.yaml
  - gw-tls-passthrough.yaml