sarex/iac
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
8a0caeb23d
iac/clusters/yc-k8s-test/infrastructure/patches/istio-config.yaml
ivan 8a0caeb23d ++
2026-05-12 14:56:33 +05:00

589 lines
20 KiB
YAML
Raw Blame History

apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: istio-config
namespace: default
spec:
interval: 5m
timeout: 10m
values:
global:
env: contour
environments:
contour:
certManager:
certificates:
platform-tls:
dnsNames:
- sarex.contour.infra.sarex.tech
issuerRef:
name: letsencrypt-issuer-istio
kind: ClusterIssuer
minio-tls:
dnsNames:
- minio.contour.infra.sarex.tech
issuerRef:
name: letsencrypt-issuer-istio
kind: ClusterIssuer
zitadel-tls:
dnsNames:
- zitadel.contour.infra.sarex.tech
issuerRef:
name: letsencrypt-issuer-istio
kind: ClusterIssuer
dashboard-tls:
dnsNames:
- dashboard.contour.infra.sarex.tech
issuerRef:
name: letsencrypt-issuer-istio
kind: ClusterIssuer
rabbitmq-tls:
dnsNames:
- rabbitmq.contour.infra.sarex.tech
issuerRef:
name: letsencrypt-issuer-istio
kind: ClusterIssuer
keycloak-tls:
dnsNames:
- keycloak.contour.infra.sarex.tech
issuerRef:
name: letsencrypt-issuer-istio
kind: ClusterIssuer
camunda-keycloak-tls:
dnsNames:
- camunda-keycloak.contour.infra.sarex.tech
issuerRef:
name: letsencrypt-issuer-istio
kind: ClusterIssuer
camunda-identity-tls:
dnsNames:
- camunda-identity.contour.infra.sarex.tech
issuerRef:
name: letsencrypt-issuer-istio
kind: ClusterIssuer
camunda-operate-tls:
dnsNames:
- camunda-operate.contour.infra.sarex.tech
issuerRef:
name: letsencrypt-issuer-istio
kind: ClusterIssuer
camunda-tasklist-tls:
dnsNames:
- camunda-tasklist.contour.infra.sarex.tech
issuerRef:
name: letsencrypt-issuer-istio
kind: ClusterIssuer
camunda-optimize-tls:
dnsNames:
- camunda-optimize.contour.infra.sarex.tech
issuerRef:
name: letsencrypt-issuer-istio
kind: ClusterIssuer
vault-tls:
dnsNames:
- vault.contour.infra.sarex.tech
issuerRef:
name: letsencrypt-issuer-istio
kind: ClusterIssuer
istio:
gateways:
platform:
name: platform-gateway
namespace: gateway
servers:
- hosts:
- sarex.contour.infra.sarex.tech
tls:
credentialName: platform-tls
minio:
name: minio-gateway
namespace: gateway
servers:
- hosts:
- minio.contour.infra.sarex.tech
tls:
credentialName: minio-tls
zitadel:
name: zitadel-gateway
namespace: gateway
servers:
- hosts:
- zitadel.contour.infra.sarex.tech
tls:
credentialName: zitadel-tls
dashboard:
name: dashboard-gateway
namespace: gateway
servers:
- hosts:
- dashboard.contour.infra.sarex.tech
tls:
credentialName: dashboard-tls
rabbitmq:
name: rabbitmq-gateway
namespace: gateway
servers:
- hosts:
- rabbitmq.contour.infra.sarex.tech
tls:
credentialName: rabbitmq-tls
keycloak:
name: keycloak-gateway
namespace: gateway
servers:
- hosts:
- keycloak.contour.infra.sarex.tech
tls:
credentialName: keycloak-tls
vault:
name: vault-gateway
namespace: gateway
servers:
- hosts:
- vault.contour.infra.sarex.tech
tls:
credentialName: vault-tls
camunda:
name: camunda-gateway
namespace: gateway
servers:
- hosts:
- camunda-keycloak.contour.infra.sarex.tech
tls:
credentialName: camunda-keycloak-tls
- hosts:
- camunda-identity.contour.infra.sarex.tech
tls:
credentialName: camunda-identity-tls
- hosts:
- camunda-operate.contour.infra.sarex.tech
tls:
credentialName: camunda-operate-tls
- hosts:
- camunda-tasklist.contour.infra.sarex.tech
tls:
credentialName: camunda-tasklist-tls
- hosts:
- camunda-optimize.contour.infra.sarex.tech
tls:
credentialName: camunda-optimize-tls
virtualServices:
platform:
name: sarex-frontend-virt-service
namespace: gateway
hosts:
- sarex.contour.infra.sarex.tech
gateways:
- gateway/platform-gateway
routes:
- path:
prefix: /admin/
service: backend-svc.django.svc.cluster.local
port: 80
- path:
prefix: /api/
service: backend-svc.django.svc.cluster.local
port: 80
- path:
prefix: /
service: frontend-svc.django.svc.cluster.local
port: 80
gateway-platform:
name: pdm-virt-service
namespace: gateway
hosts:
- sarex.contour.infra.sarex.tech
gateways:
- gateway/platform-gateway
routes:
- path:
prefix: /gateway/
rewrite: /
service: pdm-svc.documentations.svc.cluster.local
port: 80
resources-admin:
name: resources-admin-virt-service
namespace: gateway
hosts:
- sarex.contour.infra.sarex.tech
gateways:
- gateway/platform-gateway
routes:
- path:
prefix: /resource-management
rewrite: /resource-management
service: backend-svc.resources.svc.cluster.local
port: 80
srx-admin-frontend:
name: srx-admin-frontend-virt-service
namespace: gateway
hosts:
- sarex.contour.infra.sarex.tech
gateways:
- gateway/platform-gateway
routes:
- path:
prefix: /control-interface/
rewrite: /
service: frontend-svc.control-interface.svc.cluster.local
port: 80
workflows-frontend:
name: workflows-virt-service
namespace: gateway
hosts:
- sarex.contour.infra.sarex.tech
gateways:
- gateway/platform-gateway
routes:
- path:
prefix: /workflows/api/
rewrite: /api/
service: backend-svc.processing.svc.cluster.local
port: 80
- path:
prefix: /workflows/
rewrite: /
service: frontend-svc.processing.svc.cluster.local
port: 80
eav-api:
name: eav-api-virt-service
namespace: gateway
hosts:
- sarex.contour.infra.sarex.tech
gateways:
- gateway/platform-gateway
routes:
- path:
prefix: /eav/api/
rewrite: /api/
service: backend-svc.eav.svc.cluster.local
port: 80
issues-api:
name: issues-api-virt-service
namespace: gateway
hosts:
- sarex.contour.infra.sarex.tech
gateways:
- gateway/platform-gateway
routes:
- path:
prefix: /issues/api/
rewrite: /api/
service: backend-svc.issues.svc.cluster.local
port: 80
flows-api:
name: flows-api-virt-service
namespace: gateway
hosts:
- sarex.contour.infra.sarex.tech
gateways:
- gateway/platform-gateway
routes:
- path:
prefix: /flows/api/
rewrite: /api/
service: backend-svc.flows.svc.cluster.local
port: 80
rfi-api:
name: rfi-api-virt-service
namespace: gateway
hosts:
- sarex.contour.infra.sarex.tech
gateways:
- gateway/platform-gateway
routes:
- path:
prefix: /rfi/api/
rewrite: /api/
service: backend-svc.rfi.svc.cluster.local
port: 80
transmittals-api:
name: flows-api-virt-service
namespace: gateway
hosts:
- sarex.contour.infra.sarex.tech
gateways:
- gateway/platform-gateway
routes:
- path:
prefix: /transmittals/api/
rewrite: /api/
service: backend-svc.transmittal.svc.cluster.local
port: 80
workspaces-api:
name: workspaces-api-virt-service
namespace: gateway
hosts:
- sarex.contour.infra.sarex.tech
gateways:
- gateway/platform-gateway
routes:
- path:
prefix: /workspaces/api/
rewrite: /api/
service: backend-svc.workspaces.svc.cluster.local
port: 80
# workspaces-frontend:
# name: workspaces-frontend-virt-service
# namespace: gateway
# hosts:
# - sarex.contour.infra.sarex.tech
# gateways:
# - gateway/platform-gateway
# routes:
# - path:
# prefix: /workspaces-v2/
# rewrite: /
# service: frontend-svc.workspaces.svc.cluster.local
# port: 80
documentations-frontend:
name: documentations-frontend-virt-service
namespace: gateway
hosts:
- sarex.contour.infra.sarex.tech
gateways:
- gateway/platform-gateway
routes:
- path:
prefix: /documentations/static/
rewrite: /
service: frontend-svc.documentations.svc.cluster.local
port: 80
transmittal-frontend:
name: transmittal-frontend-virt-service
namespace: gateway
hosts:
- sarex.contour.infra.sarex.tech
gateways:
- gateway/platform-gateway
routes:
- path:
prefix: /transmittal/static/
rewrite: /
service: frontend-svc.transmittal.svc.cluster.local
port: 80
documentations-api:
name: documentations-api-virt-service
namespace: gateway
hosts:
- sarex.contour.infra.sarex.tech
gateways:
- gateway/platform-gateway
routes:
- path:
prefix: /documentations/api/
rewrite: /api/
service: backend-api-svc.documentations.svc.cluster.local
port: 80
filestream-api:
name: documentations-filestream-virt-service
namespace: gateway
hosts:
- sarex.contour.infra.sarex.tech
gateways:
- gateway/platform-gateway
routes:
- path:
prefix: /documentations/filestream/
rewrite: /
service: backend-filestream-svc.documentations.svc.cluster.local
port: 80
issues-frontend:
name: issues-frontend-virt-service
namespace: gateway
hosts:
- sarex.contour.infra.sarex.tech
gateways:
- gateway/platform-gateway
routes:
- path:
prefix: /issues/static/
rewrite: /
service: frontend-svc.issues.svc.cluster.local
port: 80
flows-frontend:
name: flows-frontend-virt-service
namespace: gateway
hosts:
- sarex.contour.infra.sarex.tech
gateways:
- gateway/platform-gateway
routes:
- path:
prefix: /flows/static/
rewrite: /
service: frontend-svc.flows.svc.cluster.local
port: 80
reviews-frontend:
name: reviews-frontend-virt-service
namespace: gateway
hosts:
- sarex.contour.infra.sarex.tech
gateways:
- gateway/platform-gateway
routes:
- path:
prefix: /reviews/static/
rewrite: /
service: frontend-svc.reviews.svc.cluster.local
port: 80
rfi-frontend:
name: rfi-frontend-virt-service
namespace: gateway
hosts:
- sarex.contour.infra.sarex.tech
gateways:
- gateway/platform-gateway
routes:
- path:
prefix: /rfi/static/
rewrite: /
service: frontend-svc.rfi.svc.cluster.local
port: 80
vault:
name: vault-virt-service
namespace: gateway
hosts:
- vault.contour.infra.sarex.tech
gateways:
- gateway/vault-gateway
routes:
- path:
prefix: /
service: vault-vault-contour.vault.svc.cluster.local
port: 8200
minio:
name: minio-virt-service
namespace: gateway
hosts:
- minio.contour.infra.sarex.tech
gateways:
- gateway/minio-gateway
routes:
- path:
prefix: /console/
service: minio-console.minio.svc.cluster.local
port: 9001
minio-api:
name: minio-api-virt-service
namespace: gateway
hosts:
- minio.contour.infra.sarex.tech
gateways:
- gateway/minio-gateway
routes:
- path:
prefix: /
service: minio.minio.svc.cluster.local
port: 9000
zitadel:
name: zitadel-virt-service
namespace: gateway
hosts:
- zitadel.contour.infra.sarex.tech
gateways:
- gateway/zitadel-gateway
routes:
- path:
prefix: /
service: zitadel-idp-contour.zitadel.svc.cluster.local
port: 8080
dashboard:
name: dashboard-virt-service
namespace: gateway
hosts:
- dashboard.contour.infra.sarex.tech
gateways:
- gateway/dashboard-gateway
routes:
- path:
prefix: /
service: dashboard-kong-proxy.kubernetes-dashboard.svc.cluster.local
port: 80
rabbitmq:
name: rabbitmq-virt-service
namespace: gateway
hosts:
- rabbitmq.contour.infra.sarex.tech
gateways:
- gateway/rabbitmq-gateway
routes:
- path:
prefix: /
service: rabbitmq.rabbitmq.svc.cluster.local
port: 15672
keycloak:
name: keycloak-virt-service
namespace: gateway
hosts:
- keycloak.contour.infra.sarex.tech
gateways:
- gateway/keycloak-gateway
routes:
- path:
prefix: /
service: keycloak-keycloak-contour.keycloak.svc.cluster.local
port: 80
camunda-keycloak:
name: camunda-keycloak-virt-service
namespace: gateway
hosts:
- camunda-keycloak.contour.infra.sarex.tech
gateways:
- gateway/camunda-gateway
routes:
- path:
prefix: /
service: camunda-keycloak.camunda.svc.cluster.local
port: 80
camunda-identity:
name: camunda-identity-virt-service
namespace: gateway
hosts:
- camunda-identity.contour.infra.sarex.tech
gateways:
- gateway/camunda-gateway
routes:
- path:
prefix: /
service: camunda-identity.camunda.svc.cluster.local
port: 80
camunda-operate:
name: camunda-operate-virt-service
namespace: gateway
hosts:
- camunda-operate.contour.infra.sarex.tech
gateways:
- gateway/camunda-gateway
routes:
- path:
prefix: /
service: camunda-operate.camunda.svc.cluster.local
port: 80
camunda-tasklist:
name: camunda-tasklist-virt-service
namespace: gateway
hosts:
- camunda-tasklist.contour.infra.sarex.tech
gateways:
- gateway/camunda-gateway
routes:
- path:
prefix: /
service: camunda-tasklist.camunda.svc.cluster.local
port: 80
camunda-optimize:
name: camunda-optimize-virt-service
namespace: gateway
hosts:
- camunda-optimize.contour.infra.sarex.tech
gateways:
- gateway/camunda-gateway
routes:
- path:
prefix: /
service: camunda-optimize.camunda.svc.cluster.local
port: 80
Reference in New Issue View Git Blame Copy Permalink