Added x509 and jwt rapps
Change-Id: Ic384fcad11dcb63fe4265d3dbcff5ea17f933cfc
diff --git a/rapps/keycloak.yaml b/rapps/keycloak.yaml
index 44aa3a7..8aa56cd 100644
--- a/rapps/keycloak.yaml
+++ b/rapps/keycloak.yaml
@@ -131,3 +131,66 @@
persistentVolumeClaim:
claimName: keycloak-certs-pv-claim
---
+apiVersion: networking.istio.io/v1alpha3
+kind: Gateway
+metadata:
+ name: kcgateway
+spec:
+ selector:
+ istio: ingressgateway # use istio default ingress gateway
+ servers:
+ - port:
+ number: 443
+ name: https
+ protocol: HTTPS
+ tls:
+ mode: PASSTHROUGH
+ hosts:
+ - keycloak.est.tech
+ - port:
+ number: 80
+ name: http
+ protocol: HTTP
+ hosts:
+ - "*"
+---
+apiVersion: networking.istio.io/v1alpha3
+kind: VirtualService
+metadata:
+ name: keycloak-tls-vs
+spec:
+ hosts:
+ - keycloak.est.tech
+ gateways:
+ - kcgateway
+ tls:
+ - match:
+ - port: 443
+ sniHosts:
+ - keycloak.est.tech
+ route:
+ - destination:
+ host: keycloak.default.svc.cluster.local
+ port:
+ number: 8443
+---
+apiVersion: networking.istio.io/v1beta1
+kind: VirtualService
+metadata:
+ name: keycloak-vs
+spec:
+ hosts:
+ - "*"
+ gateways:
+ - kcgateway
+ http:
+ - name: "keycloak-routes"
+ match:
+ - uri:
+ prefix: "/auth"
+ route:
+ - destination:
+ port:
+ number: 8080
+ host: keycloak.default.svc.cluster.local
+---