mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-05 12:46:18 +01:00
122 lines
3.3 KiB
Plaintext
122 lines
3.3 KiB
Plaintext
// Module included in the following assemblies:
|
|
//
|
|
// * serverless/knative-serving/external-ingress-routing/configuring-service-routes.adoc
|
|
|
|
:_mod-docs-content-type: PROCEDURE
|
|
[id="serverless-openshift-routes_{context}"]
|
|
= Configuring {product-title} routes for Knative services
|
|
|
|
|
|
.Prerequisites
|
|
|
|
* The {ServerlessOperatorName} and Knative Serving component must be installed on your {product-title} cluster.
|
|
* Install the OpenShift CLI (`oc`).
|
|
|
|
.Procedure
|
|
|
|
. Create a Knative service that includes the `serving.knative.openshift.io/disableRoute=true` annotation:
|
|
+
|
|
[IMPORTANT]
|
|
====
|
|
The `serving.knative.openshift.io/disableRoute=true` annotation instructs {ServerlessProductName} to not automatically create a route for you. However, the service still shows a URL and reaches a status of `Ready`. This URL does not work externally until you create your own route with the same hostname as the hostname in the URL.
|
|
====
|
|
.. Create a Knative `Service` resource:
|
|
+
|
|
.Example resource
|
|
[source,yaml]
|
|
----
|
|
apiVersion: serving.knative.dev/v1
|
|
kind: Service
|
|
metadata:
|
|
name: <service_name>
|
|
annotations:
|
|
serving.knative.openshift.io/disableRoute: "true"
|
|
spec:
|
|
template:
|
|
spec:
|
|
containers:
|
|
- image: <image>
|
|
...
|
|
----
|
|
.. Apply the `Service` resource:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc apply -f <filename>
|
|
----
|
|
.. Optional. Create a Knative service by using the `kn service create` command:
|
|
+
|
|
.Example `kn` command
|
|
[source,terminal]
|
|
----
|
|
$ kn service create <service_name> \
|
|
--image=gcr.io/knative-samples/helloworld-go \
|
|
--annotation serving.knative.openshift.io/disableRoute=true
|
|
----
|
|
|
|
. Verify that no {product-title} route has been created for the service:
|
|
+
|
|
.Example command
|
|
[source,terminal]
|
|
----
|
|
$ $ oc get routes.route.openshift.io \
|
|
-l serving.knative.openshift.io/ingressName=$KSERVICE_NAME \
|
|
-l serving.knative.openshift.io/ingressNamespace=$KSERVICE_NAMESPACE \
|
|
-n knative-serving-ingress
|
|
----
|
|
+
|
|
You will see the following output:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
No resources found in knative-serving-ingress namespace.
|
|
----
|
|
|
|
. Create a `Route` resource in the `knative-serving-ingress` namespace:
|
|
+
|
|
[source,yaml]
|
|
----
|
|
apiVersion: route.openshift.io/v1
|
|
kind: Route
|
|
metadata:
|
|
annotations:
|
|
haproxy.router.openshift.io/timeout: 600s <1>
|
|
name: <route_name> <2>
|
|
namespace: knative-serving-ingress <3>
|
|
spec:
|
|
host: <service_host> <4>
|
|
port:
|
|
targetPort: http2
|
|
to:
|
|
kind: Service
|
|
name: kourier
|
|
weight: 100
|
|
tls:
|
|
insecureEdgeTerminationPolicy: Allow
|
|
termination: edge <5>
|
|
key: |-
|
|
-----BEGIN PRIVATE KEY-----
|
|
[...]
|
|
-----END PRIVATE KEY-----
|
|
certificate: |-
|
|
-----BEGIN CERTIFICATE-----
|
|
[...]
|
|
-----END CERTIFICATE-----
|
|
caCertificate: |-
|
|
-----BEGIN CERTIFICATE-----
|
|
[...]
|
|
-----END CERTIFICATE----
|
|
wildcardPolicy: None
|
|
----
|
|
<1> The timeout value for the {product-title} route. You must set the same value as the `max-revision-timeout-seconds` setting (`600s` by default).
|
|
<2> The name of the {product-title} route.
|
|
<3> The namespace for the {product-title} route. This must be `knative-serving-ingress`.
|
|
<4> The hostname for external access. You can set this to `<service_name>-<service_namespace>.<domain>`.
|
|
<5> The certificates you want to use. Currently, only `edge` termination is supported.
|
|
. Apply the `Route` resource:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc apply -f <filename>
|
|
----
|