NIC Integration
Automatic Maintenance of NIC Entries for your own Services.
Hosts contained in Istio Gateways can be automatically registered as CNAMEs in the NIC for our Istio Ingressgateways through the annotation wwu.io/nic_node.
The value for this annotation is the entry for which the CNAME record should be generated.
Each cluster can only create CNAMEs for its own NIC entries, which are currently:
- Production:
- All Clusters:
istio.k8s.wwu.de - Einsteinstraße:
istio.ms1.k8s.wwu.de(In most cases, this is the correct one) - Schlossplatz:
istio.ms2.k8s.wwu.de
- All Clusters:
- Staging:
- All Clusters:
istio.staging.k8s.wwu.de - Einsteinstraße:
istio.ms1.staging.k8s.wwu.de(In most cases, this is the correct one) - Schlossplatz:
istio.ms2.staging.k8s.wwu.de
- All Clusters:
Only hosts that have been approved in the application are allowed in the Gateways.
This would for example configure example.uni-muenster.de as a CNAME in the NIC for the Istio Ingress gateway on the production cluster in the Einsteinstraße:
apiVersion: networking.istio.io/v1beta1
kind: Gateway
metadata:
annotations:
wwu.io/nic_node: istio.ms1.k8s.wwu.de
name: example
namespace: example
spec:
selector:
istio: ingressgateway
servers:
- hosts:
- example/example.uni-muenster.de
port:
name: http
number: 80
protocol: HTTP
tls:
httpsRedirect: true
- hosts:
- example/example.uni-muenster.de
port:
name: https
number: 443
protocol: HTTPS
tls:
credentialName: example--example-certificate
minProtocolVersion: TLSV1_3
mode: SIMPLE