[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Origin V3 router update



In order to ensure this does not break folks, before it merges I am going to:

a) tag a commit in master as 0.2.1
b) tag all of our docker images with that same tag (if I can make it work cleanly).

Depending on how well this works out, we'll try that before subsequent major changes.


> On Jan 27, 2015, at 5:23 PM, Paul Weil <pweil redhat com> wrote:
> 
> All,
> 
> The beta1 refactor for adding TLS support to the OpenShift template router plugin is being merged soon [1].  For the most part all the changes are behind the scenes and should not affect your existing route files.  There are some items I'd like to call out:
> 
> 1.  The router now binds to host port 80 and 443 (previously only 80)
> 2.  The Route object now supports a new, optional TLS configuration object that identifies TLS termination strategies and certificates [2]
> 3.  Certificates in the JSON file must be single line strings with \\n line breaks
> 4.  For beta1, much of the config relies on SNI (to determine passthroughs, etc).  Traffic that is not SNI based that arrives on :443 will have TLS termination completed with a generic certificate.  Discussions of custom frontends with user specified ports have been brought up for future iterations. 
> 
> Installation of the router has also recently changed (not in this PR) and is worth noting.  When installing the router via hack/install-router.sh you now provide the full master url instead of just the ip address (ex https://1.1.1.1:8443).  This was to support the new secure master urls.  
> 
> A walk through of the use cases supported in beta1 along with examples of the corresponding configurations is available [3]. Please note, this walk through is using an nginx pod to simulate an application, it is not an nginx implementation of a template router.
> 
> If there are any questions or issues please feel free to contact me at this email address or on IRC (nick: pweil).
> 
> Thanks!
> 
> Paul
> 
> 
> [1] PR: https://github.com/openshift/origin/pull/652
> [2] Docs: https://github.com/pweil-/origin/blob/router-ssl/docs/routing.md#securing-your-routes
> [3] Demo: https://github.com/pweil-/hello-nginx-docker
> 
> _______________________________________________
> dev mailing list
> dev lists openshift redhat com
> http://lists.openshift.redhat.com/openshiftmm/listinfo/dev


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]