[DM-12923] Adopt GKE Ingress resources for LTD Keeper - Jira

XML

Word

Printable

Details

Type: Story
Status: Done
Resolution: Done
Fix Version/s: None
Component/s: Stack Documentation and UX
Labels:
- lsst-the-docs
- ltd-keeper

Story Points:
1.6
Epic Link:
sqre-s18-doc-infrastructure-1
Team:
SQuaRE

Description

Replace the nginx-ssl-proxy currently being used for LTD Keeper with Kubernetes's native Ingress resource. This should simplify the deployment, and since it is managed by Google Cloud Platform, should have better security.

Tutorial: https://cloud.google.com/kubernetes-engine/docs/tutorials/http-balancer

Attachments

Activity

Ascending order - Click to sort in descending order

Hide

Permalink

Jonathan Sick added a comment - 07/Dec/17 5:45 PM

I've learned that two factors are required to implement Ingress:

The backend service needs to be a NodePort type, different from the default ClusterIP type I was using before.
The backend needs to respond with a 200 status to a request on /. Turns out Keeper was not doing this initially because it was using the Flask SERVER_NAME variable that bound the application to respond only to requests with the full keeper.lsst.codes hostname, not the proxy's hostname. Simply removing the SERVER_NAME configuration altogether solves this problem.

Show

Jonathan Sick added a comment - 07/Dec/17 5:45 PM I've learned that two factors are required to implement Ingress: The backend service needs to be a NodePort type, different from the default ClusterIP type I was using before. The backend needs to respond with a 200 status to a request on / . Turns out Keeper was not doing this initially because it was using the Flask SERVER_NAME variable that bound the application to respond only to requests with the full keeper.lsst.codes hostname, not the proxy's hostname. Simply removing the SERVER_NAME configuration altogether solves this problem.

Hide

Permalink

Jonathan Sick added a comment - 13/Dec/17 1:52 PM

Released as v 1.7.0

Show

Jonathan Sick added a comment - 13/Dec/17 1:52 PM Released as v 1.7.0

People

Assignee:: Jonathan Sick

Reporter:: Jonathan Sick

Watchers:: Jonathan Sick

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 05/Dec/17 3:44 PM

Updated:: 13/Dec/17 1:52 PM

Resolved:: 13/Dec/17 1:52 PM

Jenkins

No builds found.

Data Management