Pre-gateway API there were two ways to make unsecured ssl work beetween the traefik ingerss and a pod: You could use ServersTransport/TraefikServer/IngressRoute objects together or you could use Ingerss object with ServersTransport annatotation and chuck the definition into your toml dynamic config file.
How do you do the same with the Gateway API? I'm getting the tls: failed to verify certificate: x509: certificate signed by unknown authority, and I'm not sure how to tell traefik to ignore it.
If I use Ingress as I mentioned above it works fine.
---
apiVersion: v1
kind: Service
metadata:
name: portainer-agent
namespace: portainer
annotations:
traefik.ingress.kubernetes.io/service.serverstransport: insecure-transport@file
spec:
selector:
app: portainer-agent
ports:
- name: https
protocol: TCP
port: 443
targetPort: 9001
appProtocol: https
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: portainer-agent
namespace: portainer
spec:
parentRefs:
- name: traefik-gateway
namespace: traefik
hostnames:
- portainer-agent.mydomain.tld
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- name: portainer-agent
port: 443
weight: 1