Skip to content

Convert ingress to gateway #1077

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
ArnobKumarSaha wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Convert ingress to gateway #1077

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
411cf97
Convert ingress to gateway
ArnobKumarSaha Dec 17, 2025
5631fa1
update
ArnobKumarSaha Dec 26, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions charts/ace-installer/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -73,6 +73,8 @@ The following table lists the configurable parameters of the `ace-installer` cha
| helm.releases.aceshifter.version | | <code>"v2026.1.15"</code> |
| helm.releases.capi-catalog.enabled | | <code>false</code> |
| helm.releases.capi-catalog.version | | <code>"v2024.10.24"</code> |
| helm.releases.catalog-manager.enabled | | <code>false</code> |
| helm.releases.catalog-manager.version | | <code>"v2025.12.15"</code> |
| helm.releases.cert-manager.enabled | | <code>true</code> |
| helm.releases.cert-manager.version | | <code>"v1.18.2"</code> |
| helm.releases.cert-manager-csi-driver-cacerts.enabled | | <code>true</code> |
Expand All @@ -99,6 +101,8 @@ The following table lists the configurable parameters of the `ace-installer` cha
| helm.releases.panopticon.values | | <code>{"monitoring":{"agent":"prometheus.io/operator","enabled":true,"serviceMonitor":{"labels":{"release":"kube-prometheus-stack"}}}}</code> |
| helm.releases.reloader.enabled | | <code>true</code> |
| helm.releases.reloader.version | | <code>"1.0.79"</code> |
| helm.releases.service-gateway-presets.enabled | | <code>false</code> |
| helm.releases.service-gateway-presets.version | | <code>"v2025.12.15"</code> |
| helm.releases.stash-presets.enabled | | <code>false</code> |
| helm.releases.stash-presets.version | | <code>"v2026.1.15"</code> |
| helm.releases.cluster-manager-spoke.enabled | | <code>false</code> |
Expand Down
53 changes: 53 additions & 0 deletions charts/ace-installer/templates/featuresets/saas-core/catalog-manager.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,53 @@
{{- with (index .Values "helm" "releases" "catalog-manager") }}
{{- if .enabled }}

{{ $defaults := dict "registryFQDN" (include "registry.ghcr" $) }}

{{ $vals := dig "values" dict . }}
{{ $vals = mergeOverwrite $defaults $vals }}

apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: catalog-manager
namespace: {{ $.Release.Namespace }}
labels:
app.kubernetes.io/component: catalog-manager
app.kubernetes.io/part-of: saas-core
spec:
interval: 5m
timeout: 30m
releaseName: catalog-manager
targetNamespace: envoy-gateway-system
storageNamespace: envoy-gateway-system
install:
createNamespace: {{ $.Values.helm.createNamespace }}
remediation:
retries: -1
upgrade:
crds: CreateReplace
remediation:
retries: -1
dependsOn:
- name: kubedb
namespace: {{ $.Release.Namespace }}
{{- if (dig "cert-manager" "enabled" false $.Values.helm.releases) }}
- name: cert-manager
namespace: {{ $.Release.Namespace }}
{{- end }}
chart:
spec:
chart: catalog-manager
version: {{ .version | quote }}
interval: 60m
sourceRef:
kind: HelmRepository
name: appscode-charts-oci
namespace: {{ $.Release.Namespace }}

{{- with $vals }}
{{- dict "values" . | toYaml | nindent 2 }}
{{- end }}

{{- end }}
{{- end }}
53 changes: 53 additions & 0 deletions charts/ace-installer/templates/featuresets/saas-core/service-gateway-presets.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,53 @@
{{- with (index .Values "helm" "releases" "service-gateway-presets") }}
{{- if .enabled }}

{{ $defaults := dict "registryFQDN" (include "registry.ghcr" $) }}

{{ $vals := dig "values" dict . }}
{{ $vals = mergeOverwrite $defaults $vals }}

apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: service-gateway-presets
namespace: {{ $.Release.Namespace }}
labels:
app.kubernetes.io/component: service-gateway-presets
app.kubernetes.io/part-of: saas-core
spec:
interval: 5m
timeout: 30m
releaseName: service-gateway-presets
targetNamespace: ace-gw
storageNamespace: ace-gw
install:
createNamespace: {{ $.Values.helm.createNamespace }}
remediation:
retries: -1
upgrade:
crds: CreateReplace
remediation:
retries: -1
dependsOn:
- name: catalog-manager
namespace: {{ $.Release.Namespace }}
{{- if (dig "cert-manager" "enabled" false $.Values.helm.releases) }}
- name: cert-manager
namespace: {{ $.Release.Namespace }}
{{- end }}
chart:
spec:
chart: service-gateway-presets
version: {{ .version | quote }}
interval: 60m
sourceRef:
kind: HelmRepository
name: appscode-charts-oci
namespace: {{ $.Release.Namespace }}

{{- with $vals }}
{{- dict "values" . | toYaml | nindent 2 }}
{{- end }}

{{- end }}
{{- end }}
7 changes: 7 additions & 0 deletions charts/ace-installer/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -59,6 +59,9 @@ helm:
capi-catalog:
enabled: false
version: "v2024.10.24"
catalog-manager:
enabled: false
version: "v2025.12.15"
cert-manager:
enabled: true
version: "v1.18.2"
Expand Down Expand Up @@ -119,6 +122,9 @@ helm:
reloader:
enabled: true
version: "1.0.79"
service-gateway-presets:
enabled: false
version: "v2025.12.15"
stash-presets:
enabled: false
version: "v2026.1.15"
Expand All @@ -143,6 +149,7 @@ selfManagement:
enableFeatures: []
disableFeatures: []
useGateway: false

precheck:
enabled: true
# Docker registry containing app image
Expand Down
23 changes: 23 additions & 0 deletions charts/ace/templates/gateway/gateway.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
apiVersion: gateway.networking.k8s.io/v1
kind: Gateway
metadata:
name: {{ include "ace.fullname" . }}
namespace: {{ .Release.Namespace }}
labels:
{{- include "ace.labels" . | nindent 4 }}
spec:
gatewayClassName: ace
listeners:
- name: https
protocol: HTTPS
port: 443
tls:
mode: Terminate
certificateRefs:
- group: ""
kind: Secret
name: {{ include "ace.fullname" . }}-cert
namespace: {{ .Release.Namespace }}
allowedRoutes:
namespaces:
from: Same
34 changes: 34 additions & 0 deletions charts/ace/templates/gateway/route-home.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
{{ if and (index .Values "setupJob" "config" "selfManagement" "useGateway") (index .Values "platform-ui" "enabled") (not (eq .Values.global.platform.deploymentType "Hosted")) }}

apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: {{ include "ace.fullname" . }}-home
namespace: {{ .Release.Namespace }}
spec:
parentRefs:
- group: gateway.networking.k8s.io
kind: Gateway
name: {{ include "ace.fullname" . }}
namespace: {{ .Release.Namespace }}
sectionName: https
rules:
- matches:
- path:
type: PathPrefix
value: /
filters:
- type: URLRewrite
urlRewrite:
path:
type: ReplaceFullPath
replaceFullPath: /accounts/selfhost-home
backendRefs:
- group: ""
kind: Service
name: {{ include "ace.fullname" . }}-platform-api
namespace: {{ .Release.Namespace }}
port: 80
weight: 1

{{- end }}
93 changes: 93 additions & 0 deletions charts/ace/templates/gateway/route-main.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,93 @@
{{ if (index .Values "setupJob" "config" "selfManagement" "useGateway") }}

apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: {{ include "ace.fullname" . }}
namespace: {{ .Release.Namespace }}
spec:
parentRefs:
- group: gateway.networking.k8s.io
kind: Gateway
name: {{ include "ace.fullname" . }}
namespace: {{ .Release.Namespace }}
sectionName: https
rules:
- matches:
- path:
type: PathPrefix
value: /api
backendRefs:
- group: ""
kind: Service
name: {{ include "ace.fullname" . }}-platform-api
namespace: {{ .Release.Namespace }}
port: 80
weight: 1
- matches:
- path:
type: PathPrefix
value: /accounts
backendRefs:
- group: ""
kind: Service
name: {{ include "ace.fullname" . }}-platform-api
namespace: {{ .Release.Namespace }}
port: 80
weight: 1
- matches:
- path:
type: PathPrefix
value: /console
backendRefs:
- group: ""
kind: Service
name: {{ include "ace.fullname" . }}-cluster-ui
namespace: {{ .Release.Namespace }}
port: 80
weight: 1
- matches:
- path:
type: PathPrefix
value: /db
backendRefs:
- group: ""
kind: Service
name: {{ include "ace.fullname" . }}-kubedb-ui
namespace: {{ .Release.Namespace }}
port: 80
weight: 1
- matches:
- path:
type: PathPrefix
value: /id
backendRefs:
- group: ""
kind: Service
name: {{ include "ace.fullname" . }}-platform-ui
namespace: {{ .Release.Namespace }}
port: 80
weight: 1
- matches:
- path:
type: PathPrefix
value: /grafana
backendRefs:
- group: ""
kind: Service
name: {{ include "ace.fullname" . }}-grafana
namespace: {{ .Release.Namespace }}
port: 80
weight: 1
- matches:
- path:
type: PathPrefix
value: /prometheus
backendRefs:
- group: ""
kind: Service
name: {{ include "ace.fullname" . }}-trickster
namespace: {{ .Release.Namespace }}
port: 4000
weight: 1
{{- end }}
34 changes: 34 additions & 0 deletions charts/ace/templates/gateway/route-nats.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
{{ if (and (index .Values "setupJob" "config" "selfManagement" "useGateway") (and .Values.nats.enabled (not .Values.nats.nats.externalAccess))) }}

apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: {{ include "ace.fullname" . }}-nats
namespace: {{ .Release.Namespace }}
spec:
parentRefs:
- group: gateway.networking.k8s.io
kind: Gateway
name: {{ include "ace.fullname" . }}
namespace: {{ .Release.Namespace }}
sectionName: https
rules:
- matches:
- path:
type: PathPrefix
value: /nats # /nats(/|$)(.*)
filters:
- type: URLRewrite
urlRewrite:
path:
type: ReplacePrefixMatch
replacePrefixMatch: /
backendRefs:
- group: ""
kind: Service
name: {{ include "ace.fullname" . }}-nats
namespace: {{ .Release.Namespace }}
port: 443
weight: 1

{{- end }}
10 changes: 10 additions & 0 deletions charts/ace/templates/ingress/issuer.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -70,9 +70,19 @@ spec:
{{- else }}
# Use ACEM http challenge for everything else
http01:
{{ if (index .Values "setupJob" "config" "selfManagement" "useGateway") }}
gatewayHTTPRoute:
parentRefs:
- group: gateway.networking.k8s.io
kind: Gateway
name: {{ include "ace.fullname" . }}
namespace: {{ .Release.Namespace }}
sectionName: api
{{- else }}
ingress:
ingressClassName: {{ index .Values "ingress-nginx" "controller" "ingressClassResource" "name" }}
serviceType: ClusterIP
{{- end }}
{{- end }}
{{- end }}
{{- end }}