How to add security to run Ignite Web Console in k8s - kubernetes

I am running Ignite Web Console and Web Agent in k8s v1.9, but connection fails when using security - works fine without security. I am able to access Ignite REST API by passing 'X-Signature' value in Header using Postman, but see no way to do this through the Web Console. Same with dBeaver.

Web Console do not support connection to secured cluster.
I created issue: IGNITE-8428 Web Console: Support connect to secured cluster.
You can track it.

Related

IBM Cloud: Kubernetes add-on ALB Oauth2 Proxy for App ID integration fails to start

I deployed a containerized app to my IBM Cloud Kubernetes service in a VPC. The app uses App ID for authentication. The deployment pipeline ran successfully. The app seems ready, but when accessing its URL it gives an internal server error (500 status code).
From the Kubernetes dashboard I found that the ALB Oauth Proxy add-on is failing. It is deployed, but does not start.
The deployment seems to fail in the health checks (ping not successful). From the POD logs I found the following as last (and only) entry:
[provider.go:55] Performing OIDC Discovery...
Else, there is not much. Any advise?
Guessing from the missing logs and the failing pings, it seemed related to some network setup. Checking the VPC itself, I found that there was no Public Gateway attached to the subnet. Enabling it allowed outbound traffic. The oauth proxy could contact the App ID instance. The app is working as expected now.
Make sure that the VPC subnets allow outbound traffic and have a Public Gateway enabled.

Geoserver Admin UI Behind Spring Cloud Gateway Not Working As Expected

I'm working on moving our Geoserver 2.15.4 instance behind a Spring Cloud Gateway instance. These are all running in a standalone Docker instance on a local server. I've been able to get the requests for map data working fine. However the Admin interface is not functioning correctly. I can bring up the login page, but when I try to log in, it's not maintaining the route from the reverse proxy.
So instead of POSTing to https://HOST/geoserver-admin/xxxx, it's going to https://HOST/xxxx, which is failing.
My assumption is that I'll be able to pick up the X-Forwarded-* headers from the proxy, but what I can't figure out is how to update Tomcat and/or Geoserver configuration to pick up these headers.
Thanks!

possible to access an application in Websphere application server cluster without load balances or web server?

I am trying setting up an websphere application server cluster and deploy an web application on it. I have successfully access the application with a web server. but i have some question, if i would access the application bypassing the web server by using 9080 to the single server, i get error when sign in servlet respond.redirect to jsp page. the session was lost, are we not suppose to access the application in cluster environment with out the web server ?
As long as you target an individual server in the cluster, you should not lose your session or suffer any other ill effects for not using/having a proxy server between you and the cluster. You should look closely at the Cookies issued through that flow and make sure they don't have a bad domain or path and that you don't get redirected back through the webserver or otherwise to another JVM.
Also verify there is no DNS-based load balancing. If you don't have session persistence/distribution/replication it won't work.

Integrating Hazelcast with a web application running on tomcat with MongoDB as backend

I want to integrate Hazelcast with a web application running on a tomcat server. The backend is MongoDB. So far I have managed to integrate MongoDB with Hazelcast how do I integrate it with tomcat so that changes made to the DB through the UI can be seen in the IMaps used when i do a get call.
Not every get call will load from DB, only those keys that are not present in Hazelcast cluster will be loaded from the DB.
As for integrating with a web server, not sure what you meant there because the code that loads from DB runs on Hazelcast server. An application, whether it is a simple public static void main(...) or a web app running in a container or a web server, is a client to Hazelcast server - means, you will be required to use client proxies to connect to servers.

Accessing Azure Service Fabric application not working

I created a sample Stateless Web API Service Fabric Application and tested in local. I also created a Fabric cluster from Azure portal and deployed this application into cloud.
The endpoint of the cluster is - http://somename.westus.cloudapp.azure.com. When I am accessing the application with the endpoint specified in the ServiceManifest.xml, I am not getting response. I see timeout from the request trying for long time.
The url I tried is - http://somename.westus.cloudapp.azure.com:8901/api/values. 8901 is the endpoint defined in the ServiceManifest.xml.
Please let me know what I am missing here.
Many Thanks, Thirumalai M
As jimpaine suggested, the below url given solution for configuring prob port number from client.
https://azure.microsoft.com/en-gb/documentation/articles/service-fabric-connect-and-communicate-with-services/
I added the port 8901 in the prob, and the service started working.
You might want to ensure that the custom endpoint 8901 is enabled when you create your service fabric cluster in the portal, as described here
https://azure.microsoft.com/en-in/documentation/articles/service-fabric-cluster-creation-via-portal/#create-cluster-in-the-azure-portal