Ingress Trait
The ingress trait provides an easy method to augment OAM applications by exposing a secure endpoint so your users can easily access the application. The trait automatically generates a secure endpoint to expose a container port.
Remember We provide a certificate for the endpoint signed by Let’s Encrypt, but it is your responsibility to implement authentication and authorization mechanisms at the application level.
Installation
The trait is already installed on the Napptive playground, so you can use it directly in your applications.
kubectl --kubeconfig napptive-kubeconfig get traitdefinitions.core.oam.dev
NAME DEFINITION-NAME
ingresses.core.napptive.com ingresses.core.napptive.com
...
The Ingress Trait will be available for download soon for private clusters. Contact us if you are interested in installing the trait now.
Usage
Using the trait is as simple as adding it to the OAM ApplicationConfiguration
on the selected component.
apiVersion: core.oam.dev/v1alpha2
kind: ApplicationConfiguration
...
spec:
components:
- componentName: drawio
traits:
- trait:
apiVersion: core.napptive.com/v1alpha1
kind: Ingress
metadata:
name: drawio-ingress
spec:
name: drawio
protocol: HTTP
port: 8080
path: /
...
The trait accepts the following parameters:
Parameter | Description |
---|---|
Name | Name that will be associated with the generated endpoint. The system will automatically generated an endpoint with the following format: <name>-<username>.apps.playground.napptive.dev . This pattern is always used, so if you need to signal the component which is the exposed URL, we recommend creating an environment variable following that pattern. |
protocol | Protocol used to expose the endpoint. Only HTTP is supported for now |
port | Port of the parent component the requests will be redirected to. |
path | Path prefix indicating which requests are to be forwarded. |
rewritePath | Pattern to be applied to rewrite the request path. |
Frequently Asked Questions (FAQ)
My application returns 503
The ingress will automatically redirect requests to the component even if the component has just started. Please wait some time depending on the image being execute so that the component is fully up and running.
I expected an http://
endpoint and got https://
Major browsers implement HTTP Strict Transport Security (STS) which translates in automatic promotion of plain requests to https://
. We recomended adapting the client consuming the service to support TLS. Alternatively, check your browser documentation to see whether it is possible to switch off this protection layer.