On Tue, Jan 17, 2017 at 5:38 AM, Rodolfo Carvalho <rcarv...@redhat.com> wrote:
> Some existing community work: > > https://github.com/openshift-s2i/s2i-caddy > Woohoo! Thanks for mentioning that one, Rodolfo :) It's a bit out of date now, but if people are using it I'll put some time into updating it (PRs also very welcome) I haven't tested it with SSL so it's likely that it doesn't work, though. Maybe caddy-on-openshift is better? > https://github.com/cw-aleks/caddy-on-openshift > There's also: https://github.com/ibotty/openshift-letsencrypt https://github.com/jetstack/kube-lego Traefik could replace the router, but it'll take a bit of work. I wanted to hack on this as a side project a long time ago, but haven't found the motivation to do it. https://github.com/containous/traefik Here were the instructions Clayton gave me when I asked him about it, in case someone wants to take this on: Router is three things: > > 1. Base image set up to run a proxy instance (like Apache, HAProxy, Nginx) > 2. A Go style template that transforms the config on disk into a config > 3. Reload script that is invoked when the config is regenerated > > For HAProxy, this is images/router/haproxy/Dockerfile, > haproxy-config.template, and reload-haproxy. You'll want to crib > closely from HAProxy since you need the openshift-router binary to > listen for the API. > > Supporting the full gamut of options is probably the hardest, but just > demonstrating HTTP and simple HTTPS, reloading, and an image is > probably not more than a few hours for someone familiar with the > frameworks. > > You can launch your custom router with "oadm router", use > "--type=mycustom-router" and/or --images="myrepo/myname" to customize > the name of the image. Cheers, Jonathan > > > Rodolfo Carvalho | OpenShift Customer Success > > On Tue, Jan 17, 2017 at 2:35 PM, Rodolfo Carvalho <rcarv...@redhat.com> > wrote: > >> Adding Tomas. >> >> Rodolfo Carvalho | OpenShift Customer Success >> >> On Tue, Jan 17, 2017 at 2:23 PM, N. Harrison Ripps <n...@redhat.com> >> wrote: >> >>> This came up shortly before the holidays; CCing Tomas Nozicka who has >>> investigated this. Tomas, have you had a chance to work on a proposal or >>> are you still in the research stage? >>> >>> —Harrison >>> >>> On Jan 17, 2017, at 08:09, Philippe Lafoucrière < >>> philippe.lafoucri...@tech-angels.com> wrote: >>> >>> Hi, >>> >>> Is there any plan to support automatic Let's Encrypt ssl cert creation / >>> renewal in Openshift? >>> Web servers like caddy (https://caddyserver.com/docs/automatic-https) >>> are supporting this natively. >>> (Caddy has, like all modern web servers, proxy/reverseproxy/loadbalancing >>> capabilities https://caddyserver.com/docs/proxy). >>> >>> Thanks, >>> Philippe >>> >>> -- >>> Philippe Lafoucrière - CEO >>> http://www.tech-angels.com >>> https://gemnasium.com >>> France : +33 (0) 3 65 96 02 92 >>> Canada: +1 (418) 478-1175 <%28418%29%20478-1175> >>> USA: +1 (954) 607-7443 <%28954%29%20607-7443> >>> >>> >>> _______________________________________________ >>> users mailing list >>> users@lists.openshift.redhat.com >>> http://lists.openshift.redhat.com/openshiftmm/listinfo/users >>> >>> >>> >>> _______________________________________________ >>> users mailing list >>> users@lists.openshift.redhat.com >>> http://lists.openshift.redhat.com/openshiftmm/listinfo/users >>> >>> >> > > _______________________________________________ > users mailing list > users@lists.openshift.redhat.com > http://lists.openshift.redhat.com/openshiftmm/listinfo/users > > -- Jonathan Yu / Software Engineer, OpenShift by Red Hat / Follow me on Twitter @jawnsy <https://twitter.com/jawnsy> *“Restlessness is discontent — and discontent is the first necessity of progress. Show me a thoroughly satisfied man — and I will show you a failure.”* — Thomas Edison
_______________________________________________ users mailing list users@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/users
