Uploaded image for project: 'OpenShift Request For Enhancement'
  1. OpenShift Request For Enhancement
  2. RFE-2156

Serverless route - insecureEdgeTerminationPolicy configuration

    XMLWordPrintable

Details

    • False
    • False
    • 0
    • 0% 0%

    Description

      When creating a Knative service, we are able to configure only 'DisableRouteAnnotation' or 'EnablePassthroughRouteAnnotation' options [1].

      If annotations are not set an 'edge' route with 'Allow' 'insecureEdgeTerminationPolicy' is created [2].

       

      tls: 
  insecureEdgeTerminationPolicy: Allow 
  termination: edge 

       
      On the other hand, when 'EnablePassthroughRouteAnnotation' is set through the annotation, a 'passthrough' route with 'Redirect' 'insecureEdgeTerminationPolicy' is created [3]:

       

      tls: 
  insecureEdgeTerminationPolicy: Redirect 
  termination: passthrough

       

      At this moment it is not possible to create an 'edge' route with 'Redirect' 'insecureEdgeTerminationPolicy'.

      in this RFE it is requested to allow configuring 'insecureEdgeTerminationPolicy' when creating a Knative service.

      [1] https://github.com/openshift-knative/serverless-operator/blob/ec25d6e5b82cbf2f57697027ec151036754c1d12/serving/ingress/pkg/reconciler/ingress/resources/route.go

      [2] https://github.com/openshift-knative/serverless-operator/blob/ec25d6e5b82cbf2f57697027ec151036754c1d12/serving/ingress/pkg/reconciler/ingress/resources/route.go#L133

      [3] https://github.com/openshift-knative/serverless-operator/blob/ec25d6e5b82cbf2f57697027ec151036754c1d12/serving/ingress/pkg/reconciler/ingress/resources/route.go#L145

       

      Attachments

        Activity

          People

            naisingh@redhat.com Naina S
            rhn-support-malonso Maria Del Mar Alonso
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: