Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 14 Next »

When updating your yuuvis® Momentum installation to version 2021 Autumn, manual configuration changes are required for some services.

Core

Configuration Changes for the AUTHENTICATION Service


Access to '/manage/**' Endpoints

The /manage/** endpoints provided by the AUTHENTICATION Service are now available via a separate port that is protected from external access. Especially for customers using the Tenant Management services, the configuration of the AUTHENTICATION Service has to be adjusted and an ancillary Kubernetes Service has to be created as follows.

Adjust the 'authentication-prod.yml' file:

  • Expose the individual /manage endpoints in the authorization.accesses section.

    Deprecated ConfigurationNew Configuration
    authorization.accesses:
### manage-endpoints
  - endpoints: /manage/info,/manage/health
    expose: true
    authorization.accesses:
### manage-endpoints
  - endpoints: /manage/**
    expose: true

  • Add the following two lines in order to select the port number 9091 for the /manage endpoints.

    management.server.port: 9091
management.server.servlet.context-path: /

Adjust the Kubernetes Service:

  • Run the command.

    kubectl -n yuuvis edit svc authentication

  • Remove the label yuuvis: "true".

    Deprecated ConfigurationNew Configuration
      labels:
    app: yuuvis
    name: authentication
    yuuvis: "true"
  name: authentication
    labels:
  app: yuuvis
  name: authentication
name: authentication

Create a new Kubernetes Service:

  • Create a new file authentication-manage-service.yaml with the following content:

    apiVersion: v1
kind: Service
metadata:
  labels:
    app: yuuvis
    name: authentication-manage
  name: authentication-manage
spec:
  ports:
  - name: "80"
    port: 80
    targetPort: 9091
  selector:
    name: authentication
  type: ClusterIP

  • Run the command:

    kubectl -n yuuvis apply -f authentication-manage-service.yaml

Adjust the ports for liveness probe and readiness probe:

  • Run the command:

    kubectl -n yuuvis edit deploy authentication

  • Adjust the configuration:

    Deprecated ConfigurationNew Configuration
    livenessProbe:
  failureThreshold: 3
  httpGet:
    path: /manage/info
    port: 8080
    scheme: HTTP
...
readinessProbe:
  failureThreshold: 3
  httpGet:
    path: /manage/info
    port: 8080
    scheme: HTTP
    livenessProbe:
  failureThreshold: 3
  httpGet:
    path: /manage/info
    port: 9091
    scheme: HTTP
...
readinessProbe:
  failureThreshold: 3
  httpGet:
    path: /manage/info
    port: 9091
    scheme: HTTP

Restart the AUTHENTICATION service.


  • No labels