fannullone
Flight Engineer
Flight Engineer
  • 282 Views

do280-4.12 / network-review lab / step 6 create route: port should be tls not 8080

From my understanding if the route is passthrough, it should deliver tls traffic to the service and it is up the the service to terminate TLS. Thefore used --port tls and not --port 8080 as in the solution:

oc create route passthrough product-route --service product --port tls --hostname product.apps.ocp4.example.com

It is working:
student@workstation ~]$ curl --cacert network-review/certs/ca.pem https://product.apps.ocp4.example.com/products
[{"id":1,"name":"rpi4_4gb","stock":10},{"id":2,"name":"rpi4_8gb","stock":5}]

0 Kudos
1 Reply
  • 160 Views

From specifications of targetPort in route:

MalborBoss_0-1713090875958.png

It can be either targetPort on pod, or name of port in endpoints. If you look at endpoints of product you can see that tls maps to port 8080, so its effectively the same:

MalborBoss_1-1713090958404.png

Therefore in this case it doesnt really matter if you use tls name or 8080 as port number.

0 Kudos
Join the discussion
You must log in to join this conversation.