Introduction
Networking in OpenShift is built on Kubernetes fundamentals but extends them with Routes and integrated HAProxy-based ingress. This enables secure, scalable service exposure for applications running inside the cluster.
π OpenShift Networking Basics
-
Services: Abstract pods and provide stable endpoints.
-
ClusterIP: Internal-only access.
-
NodePort: Exposes services on each node’s IP.
-
LoadBalancer: Integrates with cloud providers.
πͺ Routes in OpenShift
Routes are OpenShift’s native way to expose services externally.
Key Features:
-
DNS hostname mapping
-
TLS termination (edge, passthrough, re-encrypt)
-
Integrated HAProxy router
Example YAML:
yaml
apiVersion: route.openshift.io/v1
kind: Route
metadata:
name: my-secure-app
spec:
host: app.rshnetwork.com
to:
kind: Service
name: my-secure-service
tls:
termination: edge
insecureEdgeTerminationPolicy: Redirect
π Securing Routes
-
Use TLS termination for HTTPS traffic.
-
Redirect HTTP to HTTPS.
-
Apply wildcard certificates for multi-app domains.
π§ͺ Troubleshooting Tips
-
Check router pods: oc get pods -n openshift-ingress.
-
Inspect route details: oc describe route my-secure-app.
-
Validate DNS resolution with dig app.rshnetwork.com.
β Best Practices
-
Prefer Routes over NodePort for production.
-
Use re-encrypt termination for end-to-end TLS.
-
Monitor ingress traffic with Prometheus metrics.
πVisit RSH Network for practical insights into modern IT technologies.https://rshnetwork.com/
πGet expert cloud and security services to scale your infrastructure securely.https://rshnetwork.com/services
πStart your learning journey with industry-focused IT courses today.https://rshnetwork.com/courses
FAQs (0)
Sign in to ask a question. You can read FAQs without logging in.