8.4 Accessing OUD Interfaces Through Ingress
Using the Helm chart, ingress objects are created according to configuration. The following table details the rules configured in ingress object(s) for access to Oracle Unified Directory (OUD) HTTP/HTTPS interfaces:
Port | NodePort | Host | Example Hostname | Path | Backend Service:Port | Example Service Name:Port |
---|---|---|---|---|---|---|
http/https | 30080/30443 | <deployment/release name>-admin-0 | oud-ds-rs-admin-0 | * | <deployment/release name>-0:adminhttps | oud-ds-rs-0:adminhttps |
http/https | 30080/30443 | <deployment/release name>-admin-N | oud-ds-rs-admin-N | * | <deployment/release name>-N:adminhttps | oud-ds-rs-1:adminhttps |
http/https | 30080/30443 | <deployment/release name>-admin | oud-ds-rs-admin | * | <deployment/release name>-lbr-admin:adminhttps | oud-ds-rs-lbr-admin:adminhttps |
http/https | 30080/30443 | * | * | /rest/v1/admin | <deployment/release name>-lbr-admin:adminhttps | oud-ds-rs-lbr-admin:adminhttps |
http/https | 30080/30443 | <deployment/release name>-http-0 | oud-ds-rs-http-0 | * | <deployment/release name>-http-0:http | oud-ds-rs-http-0:http |
http/https | 30080/30443 | <deployment/release name>-http-N | oud-ds-rs-http-N | * | <deployment/release name>-http-N:http | oud-ds-rs-http-N:http |
http/https | 30080/30443 | <deployment/release name>-http | oud-ds-rs-http | * | <deployment/release name>-lbr-http:http | oud-ds-rs-lbr-http:http |
http/https | * | * | * | /rest/v1/directory | <deployment/release name>-lbr-http:http | oud-ds-rs-lbr-http:http |
http/https | * | * | * | /iam/directory | <deployment/release name>-lbr-http:http | oud-ds-rs-lbr-http:http |
Note:
In the table above, example values are based on the value ‘oud-ds-rs
’ as the deployment/release name for Helm chart installation.
The NodePorts mentioned in the table are according to ingress configuration described in the
previous section. When External LoadBalancer is not available/configured, interfaces can be
accessed through NodePort on a Kubernetes node.
The following table details the rules configured in ingress object(s) for access to Oracle Unified Directory (OUD) LDAP/LDAPS interfaces. This is based on using the updated/upgraded configuration referenced in Installing the NGINX Controller:
Port | NodePort | Backend Service:Port | Example Service Name:Port |
---|---|---|---|
1389 | 31389 | <deployment/release name>-lbr-ldap:ldap | oud-ds-rs-lbr-ldap:ldap |
1636 | 31636 | <deployment/release name>-lbr-ldap:ldap | oud-ds-rs-lbr-ldap:ldaps |
1444 | 31444 | <deployment/release name>-lbr-admin:adminldaps | oud-ds-rs-lbr-admin:adminldaps |
3890 | 30890 | <deployment/release name>-ldap-0:ldap | oud-ds-rs-ldap-0:ldap |
6360 | 30360 | <deployment/release name>-ldap-0:ldaps | oud-ds-rs-ldap-0:ldaps |
3891 | 30891 | <deployment/release name>-ldap-1:ldap | oud-ds-rs-ldap-1:ldap |
6361 | 30361 | <deployment/release name>-ldap-1:ldaps | oud-ds-rs-ldap-1:ldaps |
3892 | 30892 | <deployment/release name>-ldap-2:ldap | oud-ds-rs-ldap-2:ldap |
6362 | 30362 | <deployment/release name>-ldap-2:ldaps | oud-ds-rs-ldap-2:ldaps |
4440 | 30440 | <deployment/release name>-0:adminldaps | oud-ds-rs-ldap-0:adminldaps |
4441 | 30441 | <deployment/release name>-1:adminldaps | oud-ds-rs-ldap-1:adminldaps |
4442 | 30442 | <deployment/release name>-2:adminldaps | oud-ds-rs-ldap-2:adminldaps |
- In the table above, example values are based on value ‘oud-ds-rs’ as the deployment/release name for helm chart installation.
- The NodePorts mentioned in the table are according to Ingress configuration described in Installing the NGINX Controller.
- When external LoadBalancer is not available/configured, interfaces can be accessed through NodePort on a Kubernetes Node.
Changes in /etc/hosts to Validate Hostname Based Ingress Rules
If it is not possible to update the DNS with the OUD hostname interfaces, then the
following entries can be added in
/etc/hosts
file on the host from where
OUD interfaces will be
accessed.<IP Address of External LBR or Kubernetes Node> oud-ds-rs-http oud-ds-rs-http-0 oud-ds-rs-http-1 oud-ds-rs-http-2 oud-ds-rs-http-N
<IP Address of External LBR or Kubernetes Node> oud-ds-rs-admin oud-ds-rs-admin-0 oud-ds-rs-admin-1 oud-ds-rs-admin-2 oud-ds-rs-admin-N
- In the table above, hostnames are based on the value ‘
oud-ds-rs
’ as the deployment/release name for Helm chart installation. - When External LoadBalancer is not available/configured, Interfaces can be accessed through NodePort on the Kubernetes Node.