Last active
May 16, 2024 19:13
-
-
Save jm96441n/c0645d345c4a92f8b5ea6af272a19d63 to your computer and use it in GitHub Desktop.
apigw-multiple-policys
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Contains values that affect multiple components of the chart. | |
| global: | |
| imageK8S: hashicorp/consul-k8s-control-plane:1.3 | |
| image: hashicorp/consul-enterprise:1.18-ent | |
| logLevel: debug | |
| tls: | |
| enabled: true | |
| acls: | |
| manageSystemACLs: true | |
| enterpriseLicense: | |
| secretName: "license" | |
| secretKey: "key" | |
| server: | |
| enabled: true | |
| # The number of server agents to run. This determines the fault tolerance of the cluster. | |
| replicas: 1 | |
| # Contains values that configure the Consul UI. | |
| ui: | |
| enabled: true | |
| connectInject: | |
| #this needs to be true for newly created services to be added to the service mesh | |
| #so they will display a topology tab. They won't if they're not explicitly in the service mesh | |
| enabled: true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: gateway.networking.k8s.io/v1beta1 | |
| kind: Gateway | |
| metadata: | |
| name: api-gateway | |
| spec: | |
| gatewayClassName: consul | |
| listeners: | |
| - protocol: HTTP | |
| port: 9001 | |
| name: listener-one |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: gateway.networking.k8s.io/v1beta1 | |
| kind: Gateway | |
| metadata: | |
| name: api-gateway-2 | |
| spec: | |
| gatewayClassName: consul | |
| listeners: | |
| - protocol: HTTP | |
| port: 9002 | |
| name: listener-two |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: consul.hashicorp.com/v1alpha1 | |
| kind: ProxyDefaults | |
| metadata: | |
| name: global | |
| spec: | |
| config: | |
| protocol: http |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| set -e | |
| if [ -z "$(kind get clusters | rg "basic")" ]; then | |
| kind create cluster --config cluster.yaml | |
| fi | |
| kind load docker-image consul-k8s-control-plane:local -n basic | |
| kubectl create namespace consul | |
| kubectl create secret generic license -n consul --from-literal="key=$CONSUL_LICENSE" | |
| # The following line assumes that you have compiled the image locally using `make docker/dev` from the consul-k8s repo | |
| kind load docker-image consul-k8s-control-plane:local -n basic | |
| echo "helm installing" | |
| helm upgrade --install consul hashicorp/consul -f ./consul_values.yaml -n consul --create-namespace --wait | |
| echo "helm is done" | |
| kubectl wait --timeout=180s --for=condition=Available=True deployments/consul-consul-connect-injector -n consul | |
| kubectl apply -f ./proxy-defaults.yaml | |
| kubectl apply -f ./gw.yaml | |
| kubectl apply -f ./gw2.yaml | |
| while ! kubectl get deployments api-gateway; do sleep 1; done | |
| kubectl wait --timeout=180s --for=condition=Available=True deployments/api-gateway || true | |
| kubectl get svc -n consul | |
| kubectl port-forward service/consul-consul-ui 8501:443 -n consul & |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment