Replace st2web https with http #72
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
arm4b
suggested changes
May 30, 2019
arm4b
reviewed
May 30, 2019
CHANGELOG.md
Outdated
| @@ -2,6 +2,9 @@ | |||
|
|
|||
| ## In Development | |||
|
|
|||
| ## v0.16.0 | |||
| * st2web now uses HTTP by default (#72) | |||
There was a problem hiding this comment.
Ideally to add a few more words that it's now recommended to rely on "LoadBalancer" or "Ingress" to add HTTPs layer on top of it.
There was a problem hiding this comment.
That's a good idea. Thanks.
We expect this will resolve: #73
arm4b
reviewed
May 30, 2019
arm4b
reviewed
May 30, 2019
README.md
Outdated
| @@ -83,6 +83,8 @@ kubectl exec -it ${ST2CLIENT} /bin/bash | |||
| ### [st2web](https://docs.stackstorm.com/latest/reference/ha.html#nginx-and-load-balancing) | |||
| st2web is a StackStorm Web UI admin dashboard. By default, st2web K8s config includes a Pod Deployment and a Service. | |||
| `2` replicas (configurable) of st2web serve the web app and proxy requests to st2auth, st2api, st2stream. | |||
| By default, st2web uses HTTP instead of HTTPS. Pass in ST2WEB_HTTPS environment variable with a non-zero value | |||
| (e.g. "1") and ensure SSL certificates are configured. | |||
There was a problem hiding this comment.
I don't think we need to mention ST2WEB_HTTPS or certificates here as it was designed for possible docker-compose use cases outside of K8s where users don't have concept of Ingress layer.
arm4b
reviewed
May 30, 2019
| @@ -83,6 +83,8 @@ kubectl exec -it ${ST2CLIENT} /bin/bash | |||
| ### [st2web](https://docs.stackstorm.com/latest/reference/ha.html#nginx-and-load-balancing) | |||
| st2web is a StackStorm Web UI admin dashboard. By default, st2web K8s config includes a Pod Deployment and a Service. | |||
| `2` replicas (configurable) of st2web serve the web app and proxy requests to st2auth, st2api, st2stream. | |||
| By default, st2web uses HTTP instead of HTTPS. Pass in ST2WEB_HTTPS environment variable with a non-zero value | |||
| (e.g. "1") and ensure SSL certificates are configured. | |||
| > **Note!** By default, st2web is a NodePort Service and is not exposed to the public net. | |||
| If your Kubernetes cluster setup supports the LoadBalancer service type, you can edit the corresponding helm values to configure st2web as a LoadBalancer service in order to expose it and the services it proxies to the public net. | |||
There was a problem hiding this comment.
Can mention Ingress here as well as that's one of the possible solutions apart of LoadBalancer.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
See StackStorm/st2-dockerfiles#20 for more context.
Since
st2webbackend now defaults to usingHTTPinstead ofHTTPS, remove all theHTTPSrelated stuff, including the certs. Update ports.Remaining tasks:
ST2WEB_HTTPS=0.