CloudEndpoint
CloudEndpoint Custom Resource
apiVersion: ngrok.k8s.ngrok.com/v1alpha1
kind: CloudEndpoint
The CloudEndpoint
custom resource is used to create centrally managed endpoints in the cloud. Cloud Endpoints are persistent, always-on endpoints that live within the ngrok cloud.
They exist permanently until they are explicitly deleted. Cloud Endpoints do not forward their traffic to an agent by default and instead only use their attached Traffic Policy to handle connections.
Using the traffic policy configuration, you may configure your Cloud Endpoints to route to one or more other internal ngrok endpoints.
For more information about cloud endpoints in ngrok, refer to the cloud endpoints page
CloudEndpoint Structure and Types
The following outlines the high level structure and typings of a CloudEndpoint
Loading…
CloudEndpoint Fields
The following sections outline each field of the CloudEndpoint
custom resource, whether they are required, what their default values are (if applicable), and a description of their purpose/constraints.
spec
spec
defines the desired state of the CloudEndpoint
Type: Object
Required: yes
Default: none
Fields:
Field Name | Type | Required | Default | Description |
---|---|---|---|---|
spec.url | string | yes | none | The unique URL for this CloudEndpoint that defines how the endpoint is accessed |
spec.trafficPolicyName | string | no | none | The name of an NgrokTrafficPolicy custom resource in the same namespace as the CloudEndpoint to use for traffic policy configuration |
spec.trafficPolicy | Object | no | none | Allows for a traffic policy to be provided to the CloudEndpoint using inline configuration |
spec.description | string | no | "Created by the ngrok-operator" | Human-readable description for this CloudEndpoint to help identify/describe it |
spec.metadata | string | no | "{"owned-by":"ngrok-operator"}" | String of arbitrary data associated with the object in the ngrok API/Dashboard |
spec.bindings | []string (enum) | no | none | List of Binding IDs to associate with the endpoint |
spec.poolingEnabled | bool | no | false | Whether or not the CloudEndpoint should enable pooling with other endpoints sharing the same URL |
spec.url
The unique URL for this cloud endpoint. This URL defines how the endpoint is accessed.
Type: string
Required: yes
Default: none
The following formats are accepted:
- Domain
- When using the domain format you are only defining the domain. The scheme and port will be inferred.
- example:
example.org
- Origin
- When using the origin format you are defining the protocol, domain and port. HTTP endpoints accept ports
80
or443
with respective protocol. - examples:
https://example.ngrok.app
https://example.ngrok.app:443
tcp://1.tcp.ngrok.io:12345
tls://example.ngrok.app
- When using the origin format you are defining the protocol, domain and port. HTTP endpoints accept ports
- Scheme (shorthand)
- When using scheme you are defining the protocol and will receive back a randomly assigned ngrok address.
- examples:
https://
tcp://
tls://
http://
- Empty When empty your endpoint will default to be https and receive back a randomly assigned ngrok address.
- Internal
- When ending your url with .internal, an internal endpoint will be created. Internal Endpoints cannot be accessed directly, but rather can only be accessed using the forward-internal traffic policy action.
- example:
some.domain.internal
spec.trafficPolicyName
Reference to an NgrokTrafficPolicy
custom resource in the same namespace as the CloudEndpoint
to use for traffic policy configuration.
It is invalid to configure both spec.trafficPolicyName
and spec.trafficPolicy
at the same time.
The referenced NgrokTrafficPolicy
must be in the same namespace as the CloudEndpoint
.
Type: string
Required: no
Default: none
spec.trafficPolicy
Reference to an NgrokTrafficPolicy
custom resource in the same namespace as the CloudEndpoint
to use for traffic policy configuration.
It is invalid to configure both spec.trafficPolicyName
and spec.trafficPolicy
at the same time.
For more information about writing ngrok traffic policies, refer to the traffic policy section.
Type: Object
Required: no
Default: none
Fields:
Field Name | Type | Required | Default | Description |
---|---|---|---|---|
spec.trafficPolicy.policy | json.RawMessage | yes | none | The inline traffic policy configuration to be used for this CloudEndpoint |
spec.trafficPolicy.policy
Allows you to supply a traffic policy for this AgentEndpoint
with inline configuration. An example has been included below.
For more information about writing ngrok traffic policies, refer to the traffic policy section.
Type: json.RawMessage
Required: yes
Default: none
spec.description
Human-readable description of this cloud endpoint that can be used to help identify/describe it.
Type: string
Required: no
Default: "Created by the ngrok-operator"
spec.metadata
String of arbitrary data associated with the object in the ngrok API/Dashboard.
Type: string
Required: no
Default: "{"owned-by":"ngrok-operator"}"
spec.bindings
List of Binding IDs to associate with the endpoint
Type: string
(enum)
Required: no
Default: none
Accepted Values: "public"
, "internal"
, or "kubernetes"
- A binding of
"internal"
will create an internalAgentEndpoint
that is only accessible from other endpoints using theforward-internal
traffic policy action.- Aside from setting
bindings: ["internal"]
, thespec.url
of theAgentEndpoint
must end in.internal
- Setting
bindings: ["public"]
will not work for internal endpoints (endpoints that have aspec.url
ending in.internal
)
- Aside from setting
- A binding of
"public"
will create a standardAgentEndpoint
with itsspec.url
accessible to the public internet- Setting
bindings: ["internal"]
will not work for public endpoints
- Setting
- A binding of
"kubernetes"
will create a Kubernetes bound endpoint. This causes the endpoint to not be publicly accessible to the public internet and will be projected into one or more of your Kubernetes clusters that are running the ngrok operator (depending on their endpoint selector configuration) asServices
.- With a
"kubernetes"
binding, thespec.url
becomes thename.namespace
of the projected Service. - For example, with a
spec.url
ofhttp://my-service.my-namespace
then a Service with namemy-service
in themy-namespace
namespace will be created by the ngrok operator. Other services within the Kubernetes cluster can make requests to this endpoint. This enables many different use-cases such as being able to project a service in one Kubernetes cluster to another Kubernetes cluster so that services running in the other cluster can make requests to it. This has the benefit of not needing to expose the endpoint to the public internet behind a publicly accessible URL.
- With a
spec.poolingEnabled
Configures whether pooling is always enabled for this CloudEndpoint
.
When pooling is enabled, if two different endpoints share the same spec.url
then requests will be balanced between them.
This is not limited to endpoints within the same cluster, or endpoints of the same type. For example, a CloudEndpoint
can be pooled with an agent endpoint created using the ngrok CLI if they both enable pooling and share the same URL.
It is recommended to include a prefix/suffix in the url to prevent unintended pooling. For example, if you are running a service foo
in the namespace bar
in two different
Kubernetes clusters, you may want to give each one a slightly different spec.url
that includes something such as a cluster identifier to prevent requests from being balanced between them.
You will receive an error back from the ngrok server if you attempt to create two different endpoints using the same URL if they do not both enable pooling. In this scenario, the older endpoint wins and the newer one will fail to be created.
Type: bool
Required: no
Default: false
Example CloudEndpoints
CloudEndpoint with inline traffic policy
The following CloudEndpoint
:
- Accepts traffic on the URL
https://example-cloud-endpoint.ngrok.io
- Adds an inline traffic policy that sends back a custom response
Loading…
CloudEndpoint with referenced traffic policy
The following CloudEndpoint
:
- Accepts traffic on the URL
https://example-cloud-endpoint.ngrok.io
- Adds a reference to a traffic policy that sends back a custom response
Loading…