what is the best practice to add authentication and authorization to servicepulse? We are hosting in K8s OpenShift
@wsmelton That’s definitely something we’d like to provide someday. I don’t know when it will happen. ServiceControl on containers is still very new and we need to do more analysis of different deployment strategies before we can “productize” deployment best practices in the form of a Helm chart.
We do now have a Kubernetes example in the PlatformContainerExamples repo. That’s where we recommend starting for now.
@stesme-delen This is highly dependent on your environment. We added the reverse proxy feature to the ServicePulse container so that you could take advantage of whatever your container orchestration environment provides for authenticating an ingress. If more than that is needed, you’ll ultimately need to create your own reverse proxy that authenticates however you need to in your environment, and then proxies to the ServicePulse container.
@stesme-delen I ended up using something called oauth2-proxy to perform the authentication with service-pulse
The docs mostly (all) mention using the particular/servicecontrol-ravendb Docker Image.
Is using a hosted RavenDB instance (eg. RavenDB Cloud - RavenDB NoSQL Database) an option or does this introduce too much latency, …?
PS: excellent work already!