istio.io/istio@v0.0.0-20240520182934-d79c90f27776/pilot/pkg/config/kube/gateway/testdata/tls.yaml

istio.io/istio@v0.0.0-20240520182934-d79c90f27776/pilot/pkg/config/kube/gateway/testdata/tls.yaml (about)

     1  apiVersion: gateway.networking.k8s.io/v1beta1
     2  kind: GatewayClass
     3  metadata:
     4    name: istio
     5  spec:
     6    controllerName: istio.io/gateway-controller
     7  ---
     8  apiVersion: gateway.networking.k8s.io/v1beta1
     9  kind: Gateway
    10  metadata:
    11    name: gateway
    12    namespace: istio-system
    13  spec:
    14    addresses:
    15    - value: istio-ingressgateway
    16      type: Hostname
    17    gatewayClassName: istio
    18    listeners:
    19    - name: passthrough
    20      port: 34000
    21      protocol: TLS
    22      allowedRoutes:
    23        namespaces:
    24          from: All
    25      tls:
    26        mode: Passthrough
    27    - name: terminate
    28      hostname: "domain.example"
    29      port: 34000
    30      protocol: HTTPS
    31      allowedRoutes:
    32        namespaces:
    33          from: All
    34      tls:
    35        mode: Terminate
    36        certificateRefs:
    37        - name: my-cert-http
    38    - name: terminate-mtls
    39      hostname: "other.example"
    40      port: 34000
    41      protocol: HTTPS
    42      allowedRoutes:
    43        namespaces:
    44          from: All
    45      tls:
    46        mode: Terminate
    47        certificateRefs:
    48        - name: my-cert-http
    49        options:
    50          gateway.istio.io/tls-terminate-mode: MUTUAL
    51    - name: terminate-istio-mtls
    52      hostname: "egress.example"
    53      port: 34000
    54      protocol: HTTPS
    55      allowedRoutes:
    56        namespaces:
    57          from: All
    58      tls:
    59        mode: Terminate
    60        options:
    61          gateway.istio.io/tls-terminate-mode: ISTIO_MUTUAL
    62  ---
    63  apiVersion: gateway.networking.k8s.io/v1alpha2
    64  kind: TLSRoute
    65  metadata:
    66    name: tls
    67    namespace: default
    68  spec:
    69    parentRefs:
    70    - name: gateway
    71      namespace: istio-system
    72    rules:
    73    - backendRefs:
    74      - name: httpbin
    75        port: 443
    76  ---
    77  apiVersion: gateway.networking.k8s.io/v1alpha2
    78  kind: TLSRoute
    79  metadata:
    80    name: tls-match
    81    namespace: default
    82  spec:
    83    parentRefs:
    84    - name: gateway
    85      namespace: istio-system
    86    hostnames:
    87    - "foo.com"
    88    rules:
    89    - backendRefs:
    90      - name: httpbin-foo
    91        port: 443
    92  ---
    93  apiVersion: gateway.networking.k8s.io/v1beta1
    94  kind: HTTPRoute
    95  metadata:
    96    name: http
    97    namespace: default
    98  spec:
    99    parentRefs:
   100    - name: gateway
   101      namespace: istio-system
   102    hostnames: ["domain.example"]
   103    rules:
   104    - backendRefs:
   105      - name: httpbin
   106        port: 80