Hello,
I am trying to expose a Postgresql instance configured with TLS using Kong Gateway API and a TLSRoute. However, the gateway reports the message from the subject, and searching the documentation shows that I need a “service” and a “proxy” configured. Is there a working example of configuring Kong with gateway API for a TLSRoute?
The Gateway and TLSRoute are configured via Ansible:
- name: Add cnpg-tools Gateway
kubernetes.core.k8s:
wait: true
state: present
definition:
apiVersion: gateway.networking.k8s.io/v1
kind: Gateway
metadata:
name: cnpg-tools-gw
namespace: cnpg-tools
spec:
gatewayClassName: kong
listeners:
- name: postgres-tls
protocol: TLS
port: 5432
hostname: "cnpg-tools.{{ cluster_name }}.{{ default_domain }}"
tls:
mode: Passthrough
- name: Add cnpg-tools TLSRoute for our instance
kubernetes.core.k8s:
wait: true
state: present
definition:
apiVersion: gateway.networking.k8s.io/v1alpha2
kind: TLSRoute
metadata:
name: cnpg-tools-tlsroute
namespace: cnpg-tools
annotations:
external-dns.alpha.kubernetes.io/hostname: "cnpg-tools.{{ cluster_name }}.{{ default_domain }}"
spec:
hostnames:
- "cnpg-tools.{{ cluster_name }}.{{ default_domain }}"
parentRefs:
- name: cnpg-tools-gw
sectionName: postgres-tls
rules:
- backendRefs:
- name: cnpg-tools-cluster-rw
port: 5432
Thank you!
Stefanita Vilcu