Use Serving with OpenShift ingress sharding
This page describes how OpenShift Serverless Serving can be used with OpenShift ingress sharding.
|
OpenShift Serverless Serving is a Developer Preview feature only. OpenShift Serverless - Developer Preview releases contain features and functionalities that might not be fully tested. Customers are encouraged to provide feedback on Developer Preview releases. Developer Preview releases are not production-ready, and customers are recommended to avoid using the project for production or business-critical workloads. |
-
You have access to an OpenShift account with cluster administrator access.
-
You have an existing OpenShift routing setup that uses ingress shards
OpenShift Serverless can be configured to match specific ingress shards with different domains with a label selector. The following is an example of how your ingress shard could be configured. The relevant fields are marked:
apiVersion: operator.openshift.io/v1
kind: IngressController
metadata:
name: ingress-dev (1)
namespace: openshift-ingress-operator
spec:
routeSelector:
matchLabels:
router: dev (2)
domain: "dev.serverless.cluster.example.com" (3)
#... other settings ...
---
apiVersion: operator.openshift.io/v1
kind: IngressController
metadata:
name: ingress-prod (1)
namespace: openshift-ingress-operator
spec:
routeSelector:
matchLabels:
router: prod (2)
domain: "prod.serverless.cluster.example.com" (3)
#... other settings ...| 1 | The names of your ingress shard, here as an example dev and prod for different stages |
| 2 | A label selector to match the ingress shard |
| 3 | A custom domain for the ingress shard |
Replace these values with your own configuration.
KnativeServing CustomResourceTo match the ingress shards, you need to configure KnativeServing to use the same domains and labels as your ingress shards.
For this you need to create or edit your KnativeServing resource and add the spec.config.domain field:
spec:
config:
domain: (1)
dev.serverless.cluster.example.com: |
selector:
router: dev
prod.serverless.cluster.example.com: |
selector:
router: prod| 1 | These values have to match to the ones in the ingress shard configuration. |
You can now target a specific ingress shard in your Knative Service resources using a label:
apiVersion: serving.knative.dev/v1
kind: Service
metadata:
name: hello-dev
labels:
router: dev (1)
spec:
template:
spec:
containers:
- image: docker.io/openshift/hello-openshift
---
apiVersion: serving.knative.dev/v1
kind: Service
metadata:
name: hello-prod
labels:
router: prod (1)
spec:
template:
spec:
containers:
- image: docker.io/openshift/hello-openshift| 1 | This have to match the configuration in KnativeServing |
With this setup, your Knative Services should use the correct route and the selected ingress shard:
$ oc get ksvc
NAME URL LATESTCREATED LATESTREADY READY REASON
hello-dev https://hello-dev-default.dev.serverless.cluster.example.com hello-dev-00001 hello-dev-00001 True
hello-prod https://hello-prod-default.prod.serverless.cluster.example.com hello-prod-00001 hello-prod-00001 True$ oc get route -n knative-serving-ingress -o jsonpath='{range .items[*]}{@.metadata.name}{" "}{@.spec.host}{" "}{@.status.ingress[*].routerName}{"\n"}{end}'
route-19e6628b-77af-4da0-9b4c-1224934b2250-323461616533 hello-prod-default.prod.serverless.cluster.example.com ingress-prod
route-cb5085d9-b7da-4741-9a56-96c88c6adaaa-373065343266 hello-dev-default.dev.serverless.cluster.example.com ingress-dev|
Please be aware that even with OpenShift ingress sharding in place, the OpenShift Serverless traffic is still routed through a single Knative Ingress Gateway and the activator component in the |