fannullone
Flight Engineer
Flight Engineer
  • 340 Views

do280-4.12 / network-review lab / step 6 create route: port should be tls not 8080

From my understanding if the route is passthrough, it should deliver tls traffic to the service and it is up the the service to terminate TLS. Thefore used --port tls and not --port 8080 as in the solution:

oc create route passthrough product-route --service product --port tls --hostname product.apps.ocp4.example.com

It is working:
student@workstation ~]$ curl --cacert network-review/certs/ca.pem https://product.apps.ocp4.example.com/products
[{"id":1,"name":"rpi4_4gb","stock":10},{"id":2,"name":"rpi4_8gb","stock":5}]

0 Kudos
1 Reply
MalborBoss
Flight Engineer
Flight Engineer
  • 218 Views

From specifications of targetPort in route:

MalborBoss_0-1713090875958.png

It can be either targetPort on pod, or name of port in endpoints. If you look at endpoints of product you can see that tls maps to port 8080, so its effectively the same:

MalborBoss_1-1713090958404.png

Therefore in this case it doesnt really matter if you use tls name or 8080 as port number.

Join the discussion
You must log in to join this conversation.