New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Running on 80 and 443 ports instead of 8080 and 8443 #1195
Comments
Hello 👋 I think it's not possible as of today because as you have noticed, these ports are hardcoded. However, it should not be very difficult to override the ports from values set in the // NewConfigFromMap creates a DeploymentConfig from the supplied Map.
func NewConfigFromMap(configMap map[string]string) (*Kourier, error) {
nc := DefaultConfig()
if err := cm.Parse(configMap,
+ cm.AsUint32(HTTPPortExternal, &nc.HTTPPortExternal),
+ cm.AsUint32(HTTPSPortExternal, &nc.HTTPSPortExternal),
cm.AsBool(enableServiceAccessLoggingKey, &nc.EnableServiceAccessLogging),
cm.AsBool(enableProxyProtocol, &nc.EnableProxyProtocol),
cm.AsString(clusterCert, &nc.ClusterCertSecret),
cm.AsDuration(IdleTimeoutKey, &nc.IdleTimeout),
cm.AsUint32(trustedHopsCount, &nc.TrustedHopsCount),
cm.AsStringSet(cipherSuites, &nc.CipherSuites),
cm.AsBool(enableCryptoMB, &nc.EnableCryptoMB),
asTracing(TracingCollectorFullEndpoint, &nc.Tracing),
); err != nil {
return nil, err
}
return nc, nil
} (and obviously 1. add these 2 fields in the I guess it's a good first issue if someone wants to contribute (and if maintainers are happy about this change). |
I'd be glad to contribute to making the ports configurable. Let me pick it up. |
Hey, I've created a PR with the changes, looking forward to a review #1202. |
Hi @flowingbits, sorry for the late reply.
Could you describe more about your use case. This choice has some consequences: |
@skonto, the use case is exactly that, pinning the ingress-controller data plane to a set of "ingress" machines and using them as entry points for HTTP traffic. For example, ingress-nginx lists this as one of the deployment methods on bare-metal environments: https://github.com/kubernetes/ingress-nginx/blob/main/docs/deploy/baremetal.md#via-the-host-network. Of course, this can be solved by having some sort of load-balancer, including MetalLB, but this adds one more component to deploy and operate. As you rightly noted, binding these ports will require running with root privileges and for some environments, it is an acceptable security-simplicity tradeoff. |
@skonto, up please |
I want to run Kourier on a bare-metal Kubernetes installation without a load-balancer controller. Thus, I want to run it with
hostNetwork: true
and ports 80 and 443 instead of 8080 and 8443 respectively. Please help me understand how to change the configuration to make it listen on those ports.UPD: Glance over
pkg/generator/caches.go
makes me think it's not possible, is that true?The text was updated successfully, but these errors were encountered: