Uploaded image for project: 'Application Authorization Framework'
  1. Application Authorization Framework
  2. AAF-530

AAF inside Kubernetes inaccessible for clients from outside

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Medium
    • Resolution: Duplicate
    • Affects Version/s: Casablanca Release
    • Fix Version/s: Casablanca Release
    • Labels:
      None
    • Sprint:
      Casablanca-RC2 (11/08/18)

      Description

      AAF services are using locator for linking clients with aaf-service.

      If AAF service is in Kubernetes then locator store its' internal port which is valid only inside Kubernetes. If call to locator is made from outside of kubernetes:

      Example:

      https://aaf-locator:30253/locate/org.osaaf.aaf.service:2.1

      Then response is with internal port:

      endpoint  
      0  
      name "org.osaaf.aaf.service"
      major 2
      minor 1
      patch 0
      pkg 0
      latitude 37.78187
      longitude -122.26147
      protocol "https"
      subprotocol  
      0 "TLSv1.1"
      1 "TLSv1.2"
      hostname "aaf-service"
      port 8100

       

      The port is from internal port range, not from external, so any CADI client can not connect to aaf-service due to inaccessible port number outside of kubernetes

        Attachments

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

          Activity

            People

            • Assignee:
              instrumental Jonathan Gathman
              Reporter:
              burdziak Olaf Burdziakowski
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: