[
https://issues.jboss.org/browse/TEIIDSB-64?page=com.atlassian.jira.plugin...
]
Steven Hawkins commented on TEIIDSB-64:
---------------------------------------
Here's a good overview:
https://docs.openshift.com/container-platform/3.9/dev_guide/expose_servic...
The options are:
- NodePort -
https://access.redhat.com/solutions/3920661 - I don't think this should
be promoted as a solution as it's pretty low level. It requires you to determine the
extneral node ips of the nodes where the service is running.
- TLS with SNI - by default will require the traffic to go through port 443. Requires
passthrough encryption, which means all traffic will be encrypted unless two transports
are opened (JDBC). Does not work for the pg protocol as it is not end to end TLS, instead
it is negotiated post connection.
- A better NodePort solution is a LoadBalancer service - See
https://docs.openshift.com/container-platform/3.9/dev_guide/expose_servic...
and
https://docs.openshift.com/container-platform/3.10/admin_guide/tcp_ingres...
it can be created with just two commands or added to our templates. Note that the
external ip can be confusing. There is a default value based upon ingressIPNetworkCIDR,
but there are some doc issue
https://github.com/openshift/openshift-docs/issues/11024 The
simplest thing for minishift is to just use the console ip. Tested with pg. A downside
is that you don't control the exposed node port. I'll do some testing with Teiid
and determine how this interacts with the service level session affinity.
- External IP - I haven't spent much time on that as it appears more involved.
Research HA
-----------
Key: TEIIDSB-64
URL:
https://issues.jboss.org/browse/TEIIDSB-64
Project: Teiid Spring Boot
Issue Type: Quality Risk
Reporter: Steven Hawkins
Assignee: Steven Hawkins
Priority: Major
Teiid's pg, and jdbc assume session affinity. Also OData pagination works best with
session affinity.
For HA, and horizontal scaling, it would be good to have more than 1 pod alive and
receiving traffic. It appears that there is a sessionAffinity setting at a service level
https://kubernetes.io/docs/concepts/services-networking/service/ and some work that can be
done to customize routes
https://docs.openshift.com/container-platform/3.9/architecture/networking...
- but that doesn't appear to work for just tcp traffic.
--
This message was sent by Atlassian Jira
(v7.12.1#712002)