From a567b0cedd3f0aa23e6583b6233a6212205f951d Mon Sep 17 00:00:00 2001 From: Sebastian Bernauer Date: Tue, 25 Apr 2023 09:20:06 +0200 Subject: [PATCH 1/9] Add concepts page on service exposition --- modules/concepts/nav.adoc | 3 ++- modules/concepts/pages/service_exposition.adoc | 16 ++++++++++++++++ 2 files changed, 18 insertions(+), 1 deletion(-) create mode 100644 modules/concepts/pages/service_exposition.adoc diff --git a/modules/concepts/nav.adoc b/modules/concepts/nav.adoc index cb658a023..13e7932de 100644 --- a/modules/concepts/nav.adoc +++ b/modules/concepts/nav.adoc @@ -1,5 +1,6 @@ * xref:concepts:index.adoc[] ** xref:roles-and-role-groups.adoc[] +** xref:service_exposition.adoc[] ** xref:service_discovery.adoc[] ** xref:logging.adoc[] ** xref:authentication.adoc[] @@ -10,4 +11,4 @@ ** xref:s3.adoc[] ** xref:tls_server_verification.adoc[] ** xref:pod_placement.adoc[] -** xref:cluster_operations.adoc[] \ No newline at end of file +** xref:cluster_operations.adoc[] diff --git a/modules/concepts/pages/service_exposition.adoc b/modules/concepts/pages/service_exposition.adoc new file mode 100644 index 000000000..e0c43ab66 --- /dev/null +++ b/modules/concepts/pages/service_exposition.adoc @@ -0,0 +1,16 @@ += Service exposition + +For some deployed products it's sufficient to be only accessible within the Kubernetes cluster, while others need to accessible from outside the Kubernetes cluster. +This can e.g. be from you internal corporate network when running on bare metal, you internal network in your cloud provider or the Internet. + +As of the release 23.4 our operators create a Kubernetes `Service` object to expose the deployed product. +For security reasons we default to the `ClusterIP` type, with the option to switch to a different type. +You can specify the type to use using the field `spec.clusterConfig.listenerClass` by setting it to either + +* `cluster-internal` => Use `ClusterIP` (default) +* `external-unstable` => Use `NodePort` +* `external-stable` => Use `LoadBalancer` + +Please note that as of the release 23.4 not every operator supports all the mentioned `Service` types. + +In a future release we will support `ListenerClasses` provided by the xref:listener-operator:index.adoc[listener-operator] to make things more flexible. From a3b70d0f3111d7a7aad7e88fd7f92ef74a9e2ab0 Mon Sep 17 00:00:00 2001 From: Sebastian Bernauer Date: Tue, 25 Apr 2023 09:31:15 +0200 Subject: [PATCH 2/9] Rename file --- modules/concepts/nav.adoc | 2 +- .../pages/{service_exposition.adoc => service-exposition.adoc} | 0 2 files changed, 1 insertion(+), 1 deletion(-) rename modules/concepts/pages/{service_exposition.adoc => service-exposition.adoc} (100%) diff --git a/modules/concepts/nav.adoc b/modules/concepts/nav.adoc index 13e7932de..995e21c95 100644 --- a/modules/concepts/nav.adoc +++ b/modules/concepts/nav.adoc @@ -1,6 +1,6 @@ * xref:concepts:index.adoc[] ** xref:roles-and-role-groups.adoc[] -** xref:service_exposition.adoc[] +** xref:service-exposition.adoc[] ** xref:service_discovery.adoc[] ** xref:logging.adoc[] ** xref:authentication.adoc[] diff --git a/modules/concepts/pages/service_exposition.adoc b/modules/concepts/pages/service-exposition.adoc similarity index 100% rename from modules/concepts/pages/service_exposition.adoc rename to modules/concepts/pages/service-exposition.adoc From 6e0124c4369263ef5015bc9b2900870031db81ec Mon Sep 17 00:00:00 2001 From: Sebastian Bernauer Date: Tue, 25 Apr 2023 09:47:16 +0200 Subject: [PATCH 3/9] Update modules/concepts/pages/service-exposition.adoc Co-authored-by: Malte Sander --- modules/concepts/pages/service-exposition.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/concepts/pages/service-exposition.adoc b/modules/concepts/pages/service-exposition.adoc index e0c43ab66..767d3542e 100644 --- a/modules/concepts/pages/service-exposition.adoc +++ b/modules/concepts/pages/service-exposition.adoc @@ -1,6 +1,6 @@ = Service exposition -For some deployed products it's sufficient to be only accessible within the Kubernetes cluster, while others need to accessible from outside the Kubernetes cluster. +For some deployed products it is sufficient to be only accessible within the Kubernetes cluster, while others need to be accessible from outside the Kubernetes cluster. This can e.g. be from you internal corporate network when running on bare metal, you internal network in your cloud provider or the Internet. As of the release 23.4 our operators create a Kubernetes `Service` object to expose the deployed product. From 93a0003e924dca2f703f90710dd06cec0a4b9ea3 Mon Sep 17 00:00:00 2001 From: Sebastian Bernauer Date: Tue, 25 Apr 2023 09:47:57 +0200 Subject: [PATCH 4/9] Update modules/concepts/pages/service-exposition.adoc Co-authored-by: Malte Sander --- modules/concepts/pages/service-exposition.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/concepts/pages/service-exposition.adoc b/modules/concepts/pages/service-exposition.adoc index 767d3542e..7f3845c49 100644 --- a/modules/concepts/pages/service-exposition.adoc +++ b/modules/concepts/pages/service-exposition.adoc @@ -1,7 +1,7 @@ = Service exposition For some deployed products it is sufficient to be only accessible within the Kubernetes cluster, while others need to be accessible from outside the Kubernetes cluster. -This can e.g. be from you internal corporate network when running on bare metal, you internal network in your cloud provider or the Internet. +This can e.g. be from your internal corporate network when running on bare metal, your internal network in your cloud provider or the Internet. As of the release 23.4 our operators create a Kubernetes `Service` object to expose the deployed product. For security reasons we default to the `ClusterIP` type, with the option to switch to a different type. From ec1425bcac496b28723021f650ca87f641b92ca9 Mon Sep 17 00:00:00 2001 From: Sebastian Bernauer Date: Tue, 25 Apr 2023 09:48:17 +0200 Subject: [PATCH 5/9] Update modules/concepts/pages/service-exposition.adoc Co-authored-by: Malte Sander --- modules/concepts/pages/service-exposition.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/concepts/pages/service-exposition.adoc b/modules/concepts/pages/service-exposition.adoc index 7f3845c49..bbd641797 100644 --- a/modules/concepts/pages/service-exposition.adoc +++ b/modules/concepts/pages/service-exposition.adoc @@ -5,7 +5,7 @@ This can e.g. be from your internal corporate network when running on bare metal As of the release 23.4 our operators create a Kubernetes `Service` object to expose the deployed product. For security reasons we default to the `ClusterIP` type, with the option to switch to a different type. -You can specify the type to use using the field `spec.clusterConfig.listenerClass` by setting it to either +You can specify the type within the custom resource field `spec.clusterConfig.listenerClass` by setting it to either: * `cluster-internal` => Use `ClusterIP` (default) * `external-unstable` => Use `NodePort` From 0342e8c7ab31b5ece685c318f4a6e68cf74507e6 Mon Sep 17 00:00:00 2001 From: Sebastian Bernauer Date: Tue, 25 Apr 2023 09:52:06 +0200 Subject: [PATCH 6/9] Update modules/concepts/pages/service-exposition.adoc Co-authored-by: Malte Sander --- modules/concepts/pages/service-exposition.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/concepts/pages/service-exposition.adoc b/modules/concepts/pages/service-exposition.adoc index bbd641797..e5e7b5b9a 100644 --- a/modules/concepts/pages/service-exposition.adoc +++ b/modules/concepts/pages/service-exposition.adoc @@ -4,7 +4,7 @@ For some deployed products it is sufficient to be only accessible within the Kub This can e.g. be from your internal corporate network when running on bare metal, your internal network in your cloud provider or the Internet. As of the release 23.4 our operators create a Kubernetes `Service` object to expose the deployed product. -For security reasons we default to the `ClusterIP` type, with the option to switch to a different type. +For security reasons, the Services default to the `ClusterIP` type in order to avoid exposing anything to the public. You can specify the type within the custom resource field `spec.clusterConfig.listenerClass` by setting it to either: * `cluster-internal` => Use `ClusterIP` (default) From 6ba6657e166a7ddfa48f0ce9285bdbc8df839457 Mon Sep 17 00:00:00 2001 From: Sebastian Bernauer Date: Tue, 25 Apr 2023 09:52:17 +0200 Subject: [PATCH 7/9] Update modules/concepts/pages/service-exposition.adoc Co-authored-by: Malte Sander --- modules/concepts/pages/service-exposition.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/concepts/pages/service-exposition.adoc b/modules/concepts/pages/service-exposition.adoc index e5e7b5b9a..d035f4eaa 100644 --- a/modules/concepts/pages/service-exposition.adoc +++ b/modules/concepts/pages/service-exposition.adoc @@ -11,6 +11,6 @@ You can specify the type within the custom resource field `spec.clusterConfig.li * `external-unstable` => Use `NodePort` * `external-stable` => Use `LoadBalancer` -Please note that as of the release 23.4 not every operator supports all the mentioned `Service` types. +Please note that as of the release 23.4 not all operators support all the mentioned `Service` types. In a future release we will support `ListenerClasses` provided by the xref:listener-operator:index.adoc[listener-operator] to make things more flexible. From 5e98b9a2e61bcec47992aa06db2e43b2c44c4f68 Mon Sep 17 00:00:00 2001 From: Sebastian Bernauer Date: Tue, 25 Apr 2023 09:52:30 +0200 Subject: [PATCH 8/9] Update modules/concepts/pages/service-exposition.adoc Co-authored-by: Malte Sander --- modules/concepts/pages/service-exposition.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/concepts/pages/service-exposition.adoc b/modules/concepts/pages/service-exposition.adoc index d035f4eaa..3b4160884 100644 --- a/modules/concepts/pages/service-exposition.adoc +++ b/modules/concepts/pages/service-exposition.adoc @@ -13,4 +13,4 @@ You can specify the type within the custom resource field `spec.clusterConfig.li Please note that as of the release 23.4 not all operators support all the mentioned `Service` types. -In a future release we will support `ListenerClasses` provided by the xref:listener-operator:index.adoc[listener-operator] to make things more flexible. +In a future release, the `ListenerClass` provided by the xref:listener-operator:index.adoc[listener-operator] will be supported to make things more flexible. From 5871a2042d1ea937721624b1ed57e434f44bca43 Mon Sep 17 00:00:00 2001 From: Sebastian Bernauer Date: Tue, 25 Apr 2023 09:54:42 +0200 Subject: [PATCH 9/9] Apply suggestion --- modules/concepts/pages/service-exposition.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/concepts/pages/service-exposition.adoc b/modules/concepts/pages/service-exposition.adoc index 3b4160884..d5a10ddad 100644 --- a/modules/concepts/pages/service-exposition.adoc +++ b/modules/concepts/pages/service-exposition.adoc @@ -3,7 +3,7 @@ For some deployed products it is sufficient to be only accessible within the Kubernetes cluster, while others need to be accessible from outside the Kubernetes cluster. This can e.g. be from your internal corporate network when running on bare metal, your internal network in your cloud provider or the Internet. -As of the release 23.4 our operators create a Kubernetes `Service` object to expose the deployed product. +As of the release 23.4, the Stackable Operators create Kubernetes Service objects to expose the deployed product. For security reasons, the Services default to the `ClusterIP` type in order to avoid exposing anything to the public. You can specify the type within the custom resource field `spec.clusterConfig.listenerClass` by setting it to either: