-
Notifications
You must be signed in to change notification settings - Fork 0
/
gateway-example.yaml
156 lines (156 loc) · 3.12 KB
/
gateway-example.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
########### GATEWAY ############
apiVersion: gateway.networking.k8s.io/v1
kind: Gateway
metadata:
name: unifi-gateway
namespace: unifi
spec:
gatewayClassName: cilium
addresses:
- value: 192.168.0.100
listeners:
- name: http-management
port: 8080
protocol: HTTP
hostname: controller.example.com
allowedRoutes:
namespaces:
from: Same
- name: https-management
port: 8443
protocol: TLS
hostname: unifi.example.com
tls:
mode: Passthrough
allowedRoutes:
namespaces:
from: Same
- name: http-portal
port: 80
protocol: HTTP
hostname: portal.example.com
allowedRoutes:
namespaces:
from: Same
- name: https-portal
port: 443
protocol: HTTPS
hostname: portal.example.com
tls:
mode: Terminate
certificateRefs:
- kind: Secret
name: portal-example-com-tls
allowedRoutes:
namespaces:
from: Same
- name: udp-stun
port: 3478
protocol: UDP
allowedRoutes:
namespaces:
from: Same
- name: udp-inform
port: 10001
protocol: UDP
allowedRoutes:
namespaces:
from: Same
- name: udp-discovery
port: 1900
protocol: UDP
allowedRoutes:
namespaces:
from: Same
---
########### UDP CONTROLLER ROUTES ############
apiVersion: gateway.networking.k8s.io/v1alpha2
kind: UDPRoute
metadata:
name: unifi-udproute
namespace: unifi
spec:
parentRefs:
- name: unifi-gateway
rules:
- backendRefs:
- name: unifi-controller-app
port: 3478
- backendRefs:
- name: unifi-controller-app
port: 10001
- backendRefs:
- name: unifi-controller-app
port: 1900
---
########### CONTROLLER ROUTES ############
apiVersion: gateway.networking.k8s.io/v1alpha2
kind: TLSRoute
metadata:
name: unifi-tlsroute-8443
namespace: unifi
spec:
parentRefs:
- name: unifi-gateway
namespace: unifi
sectionName: https-management
hostnames:
- unifi.example.com
rules:
- backendRefs:
- name: unifi-controller-app
port: 8443
---
apiVersion: gateway.networking.k8s.io/v1beta1
kind: HTTPRoute
metadata:
name: unifi-httproute-8080
namespace: unifi
spec:
parentRefs:
- name: unifi-gateway
namespace: unifi
sectionName: http-management
hostnames:
- unifi.example.com
rules:
- backendRefs:
- name: unifi-controller-app
port: 8080
---
########### PORTAL ROUTES ############
apiVersion: gateway.networking.k8s.io/v1beta1
kind: HTTPRoute
metadata:
name: portal-httproute-443
namespace: unifi
spec:
parentRefs:
- name: unifi-gateway
namespace: unifi
sectionName: https-portal
hostnames:
- portal.example.com
rules:
- backendRefs:
- name: unifi-controller-app
port: 80
---
apiVersion: gateway.networking.k8s.io/v1beta1
kind: HTTPRoute
metadata:
name: portal-redirect-http-to-https
namespace: unifi
spec:
parentRefs:
- name: unifi-gateway
namespace: unifi
sectionName: http-portal
hostnames:
- portal.example.com
rules:
- filters:
- type: RequestRedirect
requestRedirect:
scheme: https
statusCode: 301