One thing that I really like on OpenShift, is that it very often eat its own food. To my opinion, it is generally a sign of a good design, but that’s another story. In this blog, I wanted to give a clue on how to make the OpenShift console run on port 443 by using the openshift-router facilities, service and endpoints. This could be very useful for example, if you do have some network setup preventing access to port 8443, which is often the case on corporate networks.
As a disclaimer, I want just to state that this is not (well for now) a production-proof design but, at least you can use it for demonstration purposes or simply to understand the way OpenShift externalservices works.
You will guess that the idea here, is to create an OpenShift external service pointing to the OpenShift master URL and then create a route that will be served by openshift-router to forward request to the OpenShift master itself. It this road, need to create and OpenShift Endpoint as stated by documentation. And the final trick, is to change your masterPublicURL and master publicURL parameters in master-config.yaml OpenShift configuration to match the route’s URL.
Here is the configuration: You will need to get: – Your master internal IP address – A wildcard entry or DNS entry pointing to your openshift-router nodes (can also the be the master itself if you are running the router on master) – That’s all
So, let’s assume the following settings: My master’s domaine name is: pass.mycompany.com My master’s internal IP address is: 192.168.1.1 My openshift-router runs on IP 18.104.22.168 and my DNS entry pass.mycompany.com points to it
and the last point, is to modify your master-config.yaml to change any occurrences to masterPublicURL or publicURL to https://paas.mycompany.com:443. Keep in mind that the certificates that you have generated for the console must be valid for the host URL you are pointing to, and must update your corsAllowedOrigins to add the new domain you are pointing to.