BoundEndpoint
BoundEndpoint Custom Resource
apiVersion: bindings.k8s.ngrok.com/v1alpha1
kind: BoundEndpoint
BoundEndpoint is a type used to identify which bound endpoints you have in each Kubernetes cluster running the ngrok operator.
They are managed automatically by the ngrok operator and should not generally need to be created/deleted manually. When you create an ngrok endpoint
with a binding of "kubernetes" this will result in a Kubernetes bound endpoint.
Kubernetes bound endpoints will be projected into your Kubernetes clusters that are running the ngrok operator as BoundEndpoint resources that cause the
ngrok operator to project the endpoint into the cluster as a Service so that other services within the Kubernetes cluster can make requests to the endpoint by
sending requests to the projected Service that was created for the endpoint.
In-practice, this enables you to do things such as create a Kubernetes bound endpoint for a service in one cluster, and project it as a Service into one or more other clusters
running the ngrok operator. Doing so allows for cross-cluster networking without needing to expose your services to the public internet.
The ngrok operator does not do this by default, and you will need to enable the feature with the bindings.enabled helm value to create the Pods/Deployment from the operator that enable this feature.
The BoundEndpoint resources are automatically created/updated/deleted in response to CloudEndpoint and AgentEndpoint resources with spec.bindings: \["kubernetes"\] and
any endpoints created from the ngrok CLI, API, and dashboard with a binding type of "kubernetes".
The ngrok operator includes a container argument --bindings-endpoint-selectors (helm value bindings.endpointSelectors) that will limit the endpoints that can be bound to
the cluster that this operator is running in. Unless this is configured, by default all Kubernetes bound endpoints will be projected into the cluster when the bindings feature is enabled.
For more information about Kubernetes bound endpoints, you can reference the Kubernetes endpoints page. For a guide on using Kubernetes bound endpoints with the ngrok operator, please see the bound endpoints guide.
BoundEndpoint Structure and Types
The following outlines the high level structure and typings of a BoundEndpoint
Loading…
BoundEndpoint Fields
The following sections outline each field of the BoundEndpoint custom resource, whether they are required, what their default values are (if applicable), and a description of their purpose/constraints.
spec
spec defines the desired state of the BoundEndpoint
Type: Object
Required: yes
Default: none
Fields:
| Field Name | Type | Required | Default | Description |
|---|---|---|---|---|
spec.endpointURI | string | yes | none | The unique identifier representing the BoundEndpoint, format: <scheme>://<service>.<namespace>:<port> |
spec.scheme | string (enum) | yes | none | Describes how the data packets are framed by the pod forwarders mTLS connection |
spec.port | uint16 | yes | none | The Service port this Endpoint uses internally to communicate with its Upstream Service |
spec.target | Object | yes | none | The target Service that this Endpoint projects |
spec.endpointURI
The endpointURI is the unique identifier representing the BoundEndpoint + its Endpoints
- Format:
<scheme>://<service>.<namespace>:<port>
Type: string
Required: yes
Default: none
spec.scheme
Scheme is a user-defined field for endpoints that describe how the data packets are framed by the pod forwarders mTLS connection
Type: string (enum)
Required: yes
Default: none
Allowed Values: tcp, http, https, tls
spec.port
Port is the Service port this Endpoint uses internally to communicate with its Upstream Service
Type: uint16
Required: yes
Default: none
spec.target
The target Service that this Endpoint projects
Type: Object
Required: yes
Default: none
Fields:
| Field Name | Type | Required | Default | Description |
|---|---|---|---|---|
spec.target.service | string | yes | none | The name of the Service that this Endpoint projects |
spec.target.namespace | string | yes | none | The destination Namespace for the Service this Endpoint projects |
spec.target.protocol | string (enum) | yes | none | The Service protocol this Endpoint uses |
spec.target.port | int32 | yes | none | The Service targetPort this Endpoint's Target Service uses for requests |
spec.target.metadata | Object | no | none | Annotations and labels to be added to the Service this Endpoint projects |
spec.target.service
The name of the Service that this Endpoint projects
Type: string
Required: yes
Default: none
spec.target.namespace
The destination Namespace for the Service this Endpoint projects
Type: string
Required: yes
Default: none
spec.target.protocol
The Service protocol this Endpoint uses. Currently, only TCP is supported.
Type: string (enum)
Required: yes
Default: none
Allowed Values: TCP
spec.target.port
The Service targetPort this Endpoint's Target Service uses for requests
Type: int32
Required: yes
Default: none
spec.target.metadata
Metadata is a subset of metav1.ObjectMeta that is added to the Service. Currently, it supports setting labels and annotations on the projected Service.
Type: Object
Required: no
Default: none
Fields:
| Field Name | Type | Required | Default | Description |
|---|---|---|---|---|
spec.target.metadata.labels | map[string]string | no | none | Labels to be set on the projected Service |
spec.target.metadata.annotations | map[string]string | no | none | Annotations to be set on the projected Service |
spec.target.metadata.labels
A map of string keys and values that will be added to the projected Service's metadata.labels
Type: map[string]string
Required: no
Default: none
spec.target.metadata.annotations
A map of string keys and values that will be added to the projected Service's metadata.annotations
Type: map[string]string
Required: no
Default: none
Example BoundEndpoint
The following BoundEndpoint will bind the endpoint with URL http://my-service.my-namespace:80
and project it as a Service my-service in the my-namespace namespace on port 80.
Loading…