Expose services publicly. #29
Conversation
An optional new annotation allows services to be exposed publicly. The syntax currently allows a single value, '*', which routes any traffic with the default server name, or any altnames defined via hostnames-aliases arriving via the public listen port. For clarity, the http-listen port has been renamed to the `http-private-listen-port` and a new configuration option, `http-public-listen-port` has been added.
|
@bcwaldon This came up as a potential need for Berlin - the auth API may need to be accessed outside of the VPN (e.g. customer support not working on their network, or because they simply don't have peering with us right now). I thought I'd just dive into it. If I can get Shubam's github name I would cc him here as well since this was something we wanted him to look at. Design wise, there's a few ways we could have done this. I chose the syntax that exists because annotations are key/value pairs. Originally I had thought of making this behave lie boolean but I don't like the value being meaningless (e.g. if the annotation exists, regardless of the value we consider it public). So I chose '*' with the thinking that a subset of the valid hostnames could be exposed publicly in the future. |
|
@s26mehta the variable name change is going to require an update to the environment passed in through klondike. |
An optional new annotation allows services to be exposed publicly. The syntax
currently allows a single value, '*', which routes any traffic with the
default server name, or any altnames defined via hostnames-aliases arriving
via the public listen port.
For clarity, the http-listen port has been renamed to the
http-private-listen-portand a new configuration option,http-public-listen-porthas been added.