From 539b9249b0234c51825892c74ff1da22e05e4ec7 Mon Sep 17 00:00:00 2001 From: Harald Pehl Date: Wed, 18 Dec 2024 14:26:15 +0100 Subject: [PATCH] Add 'Things to keep in mind' section; fix typos --- ...4-12-18-Management-Console-on-OpenShift.adoc | 17 ++++++++++++----- 1 file changed, 12 insertions(+), 5 deletions(-) diff --git a/_posts/2024-12-18-Management-Console-on-OpenShift.adoc b/_posts/2024-12-18-Management-Console-on-OpenShift.adoc index 6cea2d78..b49a5fd6 100644 --- a/_posts/2024-12-18-Management-Console-on-OpenShift.adoc +++ b/_posts/2024-12-18-Management-Console-on-OpenShift.adoc @@ -20,7 +20,7 @@ The console is an integral part of WildFly and is activated by default when runn * Allowed origin: + The console uses the https://developer.mozilla.org/en-US/docs/Web/API/Fetch_API[fetch API] to talk to the management interface of a running WildFly instance. In an OpenShift environment, the origins of the public route and the management interface itself are different. That's why we need to tell WildFly that it is ok to make requests to the management interface from another origin (see https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS[CORS policies] for more details). -You can build such an image on your own based on the official WildFly images available at https://quay.io/repository/wildfly/wildfly[quay.io/wildfly/wildfly] (see "Extending the image"). Another way is to use the pre-built images from https://quay.io/repository/halconsole/wildfly[quay.io/halconsole/wildfly]. These images are mainly meant for HAL development and testing, but already meet these requirements, which makes them suitable for our use case. In particular the images add a management user `admin:admin` and have a list of preconfigured allowed origins. +You can build such an image on your own based on the official WildFly images available at https://quay.io/repository/wildfly/wildfly[quay.io/wildfly/wildfly] (see "Extending the image"). Another way is to use the pre-built images from https://quay.io/repository/halconsole/wildfly[quay.io/halconsole/wildfly]. These images are mainly meant for HAL development and testing but already meet these requirements, which makes them suitable for our use case. In particular the images add a management user `admin:admin` and have a list of preconfigured allowed origins. To add the allowed origin for the public route, we make use of the https://github.com/jmesnil/kubectl-jboss-cli/[`jboss-cli`] `kubectl` plugin. This plugin makes it straightforward to connect to a WildFly instance running on OpenShift and execute CLI commands. Please visit https://github.com/jmesnil/kubectl-jboss-cli/ to find out how to install and use the plugin. @@ -58,20 +58,27 @@ exit === Online version of the management console -As an alternative to adding the allowed origin, you can also use of the online version of the management console available at https://hal.github.io/console. This URL ships the latest version of the management console. +As an alternative to adding the allowed origin, you can also use the online version of the management console available at https://hal.github.io/console. This URL ships the latest version of the management console. -NOTE: The management console is a single-page application (https://en.wikipedia.org/wiki/Single-page_application[SPA]) without any server side dependencies. As such it can run on its own and connect to an arbitrary management interface. The online version of the console makes use of this fact. See https://hal.github.io/documentation/get-started/#standalone-mode for more details. +NOTE: The management console is a single-page application (https://en.wikipedia.org/wiki/Single-page_application[SPA]) without any server side dependencies. As such, it can run on its own and connect to an arbitrary management interface. The online version of the console makes use of this fact. See https://hal.github.io/documentation/get-started/#standalone-mode for more details. . Create the application as above and find the hostname of the public route using `oc get routes`. . Open https://hal.github.io/console . Add a management interface to the public route: + -Give an arbitrary name, select *https* as scheme, enter the hostname of the public route _without_ https and port *80*: +Give an arbitrary name, select *https* as a scheme, enter the hostname of the public route _without_ https and port *80*: + image::hal/add-management-interface.png[Add management interface] . Click *Add* and then *Connect* . Login using `admin:admin` +== Things to keep in mind + +Please note that the above instructions are just a workaround to access the OpenShift management console as long as there is no more compatible, container-friendly way. In particular, the approach ignores some principles that should not be applied in a cloud environment: + +* Changing the management configuration of a pod is an antipattern as it will not outlive a pod restart. At that point, you'll have to reconfigure the allowed origin. +* With a route, you are accessing pods behind a service. If your deployments have multiple pods, it's complex and hacky to access a specific pod or configure all pods. + == Outlook -We're currently working on the https://github.com/hal/foundation[next-gen management console]. This version will also support a dedicated variant for OpenShift that will integrate with the OpenShift management console. For more information you can watch the https://www.youtube.com/watch?v=Karu90yDIhs&t=571s[talk] on the next-gen management console from the last https://www.wildfly.org/conference/[WildFly mini conference], get the https://www.wildfly.org/assets/data/conference/202411_wmc_nextgen_console.pdf[slides] or reach out to us in the HAL Zulip https://wildfly.zulipchat.com/#narrow/channel/174373-hal[channel]. +We're currently working on the https://github.com/hal/foundation[next-gen management console]. This version will also support a dedicated variant for OpenShift that will integrate with the OpenShift management console and addresses the limitations mentioned above. For more information you can watch the https://www.youtube.com/watch?v=Karu90yDIhs&t=571s[talk] on the next-gen management console from the last https://www.wildfly.org/conference/[WildFly mini conference], get the https://www.wildfly.org/assets/data/conference/202411_wmc_nextgen_console.pdf[slides] or reach out to us in the HAL Zulip https://wildfly.zulipchat.com/#narrow/channel/174373-hal[channel].