Defining multiple portal endpoints for a Kubernetes environment

Multiple public facing endpoints (portal-www) can be defined for the Developer Portal.

About this task

You can override the single endpoint definition for portal-www (and the associated portal-www-ingress TLS certificate), in order to support multiple portal-www endpoints.

For information about the endpoints for the Portal, see Installing the Developer Portal subsystem into a Kubernetes environment.

Following are the example endpoints for configuring different sites served by the same Portal service, as configured in this task:
  • https://banking.example.com/loans
  • https://insurance.example.com/vehicle
These unique endpoints allow portal sites to be defined on the Portal service with different host names and domains. They replace endpoints that distinguish different sites by sub paths, as shown in the following examples:
  • https://www.example.com/banking/loans
  • https://www.example.com/insurance/vehicle

Procedure

  1. Create TLS secrets for each portal-www endpoint by generating certificates
    Following is an example for how to generate certificates for each portal-www endpoint using openssl:
    openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout banking-tls.key -out banking-tls.crt -subj "/CN=banking.example.com"
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout insurance-tls.key -out insurance-tls.crt -subj "/CN=insurance.example.com"
  2. Store the SSL certificates in a secret. 
    kubectl create secret tls -n <portal-namespace> banking-tls --key banking-tls.key --cert banking-tls.crt
kubectl create secret tls -n <portal-namespace> insurance-tls --key insurance-tls.key --cert insurance-tls.crt
    Replace <portal-namespace> with the Kubernetes namespace that was used to deploy the Portal subsystem.
  3. Specify the portal-www endpoints in an extra values file.
    Create an extra values file or append to your current one. Enter the name and secret for each endpoint as an ingress setting in the extra values file. (One extra values file is allowed.) For instructions on creating an extra-values-file, see Creating an extra values file in a Kubernetes environment.
    apic-portal-www:
  ingress:
    web:
      hosts:
      - name: banking.example.com
        secret: banking-tls
      - name: insurance.example.com
        secret: insurance-tls
  4. Configure your Portal subsystem to load the extra values file with the following command: 
    apicup subsys set <portal-subsys> extra-values-file=<full-path-to-extra-values-file>
  5. Install the portal subsystem with the new extra values file using apicup subsys install portal-subsys.
    For more information on installing the Portal subsystem, see Installing the Developer Portal subsystem into a Kubernetes environment.
  6. If your deployment had existing Portal sites when you configured multiple endpoints, ensure that the Portal site URLs specified in the Manager UI Catalog settings page are consistent with the new endpoint URLs. Access the Catalog setting page, and review the URLs of those existing sites. Modify as appropriate.