Documentation not clear

[msaustral]

Hi we are new with knative, we have couple of days trying to implement it on Digital Ocean without luck

We try to follow the documentation but there are many question:

Do we need to install serving and eventing and operator?

the documentation say that we can install serving or eventing or both but it does not say the differences to have any of them or both

It is really necessary serving or eventing?
what do we gain if we have both?
are the post installation yaml needed for a fresh installation?
what do we gain if we implement the optional eventing?
can we implement all the eventing optional or just some?

what are the differences between them, refering to the functionality of knative? :
-Install a default Channel (messaging) layer
-Install a Broker layer
-Install optional Eventing extensions

what do we gain if we implement the operator?

how does it work on the different combination, refering to the functionality of knative?

on the installation guide does not say that we have to check and customize all config-maps of every core before deployment

the configuration is on the operator section, wouldn't be better to set the configuration before implementing?

on the docs are no reference to http2, but on the config-map config-features we found

Controls whether http2 auto-detection should be enabled or not.

# 1. Enabled: http2 connection will be attempted via upgrade.
# 2. Disabled: http2 connection will only be attempted when port name is set to "h2c".
autodetect-http2: "enabled"

is there any other setting to do, example change the port from TCP to https or http2?
how does it work?

also found a setting on the Kafka
- name: HTTP2_DISABLE
value: "true"

Do we need to enable it to use http2?

[skonto]

Hi @msaustral

Do we need to install serving and eventing and operator?

You can install serving alone or eventing alone via yaml files. Or use the operator to install any of them.

For http2 support check this example. We don't support http2 autodetection yet, see #4283.

@pierDipi or @creydr could help with the Eventing questions? In general I think it is better to discuss Eventing at the corresponding repo.

[creydr]

Hi @msaustral,
as @skonto said: in general it is better to discuss Eventing questions in the corresponding repo (e.g. knative/eventing) - or bring this question up in the #knative-eventing slack channel. Anyhow regarding your question:

what are the differences between them, refering to the functionality of knative? :
-Install a default Channel (messaging) layer
-Install a Broker layer

As said in here Channel and Subscriptions tend to involve a linear flow of events, e.g. via a Sequence or Parallel. The events are broadcasted to all Subscribers and there is no way to filter them.

Brokers and Triggers implement a routing-based model, where events are fed into a Broker and then dispatched intelligently based on the type or other event properties. So this allows filtering as well.
Depending on the Broker implementation (e.g. if you use the eventing-kafka-broker), you can gain more benefits as performance increases compared to a channel implementation (see knative/eventing#5558 (comment))

-Install optional Eventing extensions

The "default" Broker implementation in knative eventing does not persist the events (runs only in-memory). Thus it is not recommended to use in production. Therefor we offer different Broker implementations like eventing-kafka-broker, which use Apache Kafka as the backing technology.

I hope this helps. Feel free to reach out to us in Slack (#knative-eventing) or raise an issue in knative/eventing if the documentation is unclear.

[msaustral]

Hi sorry to bother

example:

we have a custom nginx container image that has the port 8443 and http2 enable

our dns server clouldflare and tls certificate is clouldflare server side full strict

to implement Knative can we just implement operator with serving?

to the tls we create the secret and then

apiVersion: serving.knative.dev/v1beta1
kind: DomainMapping
metadata:
name: xxxx.com
namespace: xxx-qa
spec:
ref:
name: web-xxxx
kind: Service
apiVersion: serving.knative.dev/v1
tls:
secretName: xxxx-com

apiVersion: networking.internal.knative.dev/v1alpha1
kind: ClusterDomainClaim
metadata:
name: xxxxx.com
spec:
namespace: xxx-qa

But we can not make it work

are we missing something?

[msaustral]

Hi, I think I managed to almost make it work, now we are getting this error on the custom domain

400 Bad Request
The plain HTTP request was sent to HTTPS port
nginx

This is because the traffic to the pod is being sent by http and not https need it to work http2

How can we make all internal traffic https using the server side cloudflare certificate and kourier?

[skonto]

How can we make all internal traffic https using the server side cloudflare certificate and kourier?

The internal encryption feature is not there yet. You can read more about it here: knative/docs#5804.