Link Search Menu Expand Document
napptive.github.io

Ingress Trait

The ingress trait provides an easy method to augment OAM applications by exposing a secure endpoint so your users can easily access the application. The trait automatically generates a secure endpoint to expose a container port.

Remember We provide a certificate for the endpoint signed by Let’s Encrypt, but it is your responsibility to implement authentication and authorization mechanisms at the application level.

Installation

The trait is already installed on the Napptive playground, so you can use it directly in your applications.

$ kubectl --kubeconfig napptive-kubeconfig get traitdefinitions.core.oam.dev
NAME                              DEFINITION-NAME
ingresses.core.napptive.com       ingresses.core.napptive.com
...

The Ingress Trait will be available for download soon for private clusters. Contact us if you are interested in installing the trait now.

Usage

Using the trait is as simple as adding it to the OAM ApplicationConfiguration on the selected component.

apiVersion: core.oam.dev/v1alpha2
kind: ApplicationConfiguration
...
spec:
  components:
    - componentName: drawio
      traits:
        - trait:
            apiVersion: core.napptive.com/v1alpha1
            kind: Ingress
            metadata:
              name: drawio-ingress
            spec:
              name: drawio
              protocol: HTTP
              port: 8080
              path: /
...

The trait accepts the following parameters:

Parameter Description
Name Name that will be associated with the generated endpoint. The system will automatically generated an endpoint with the following format: <name>-<username>.apps.playground.napptive.dev. This pattern is always used, so if you need to signal the component which is the exposed URL, we recommend creating an environment variable following that pattern.
protocol Protocol used to expose the endpoint. Only HTTP is supported for now
port Port of the parent component the requests will be redirected to.
path Path prefix indicating which requests are to be forwarded.
rewritePath Pattern to be applied to rewrite the request path.

Frequently Asked Questions (FAQ)

My application returns 503

The ingress will automatically redirect requests to the component even if the component has just started. Please wait some time depending on the image being execute so that the component is fully up and running.

I expected an http:// endpoint and got https://

Major browsers implement HTTP Strict Transport Security (STS) which translates in automatic promotion of plain requests to https://. We recomended adapting the client consuming the service to support TLS. Alternatively, check your browser documentation to see whether it is possible to switch off this protection layer.