You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently, we do not have an API Gateway solution installed in our K8S cluster. This leads to a less dynamic and inefficient architecture, where managing API requests becomes fragmented across multiple services. Without a centralized entry point, each microservice has to handle its own routing, authentication, and load balancing, which increases the complexity of our system and makes it harder to enforce security policies
Because of missing service discovery we have to include port mappings in our DNS Name entries like so: https://sechub-int.app.corpintra.net:4443/auth/oauth/login (web ui) https://sechub-int.app.corpintra.net:9112/ (admin server)
Wanted
An API Gateway solution that can handle service discovery out of the box.
Further reasons to implement an API Gateway:
Centralized Access Management
Traffic Management
Service Discovery
Request/Response Transformation
Monitoring and Analytics
Reduced Latency
Versioning and Migration
Solution
Implement an API gateway in K8S using something like:
NGINX (ingress controller) + K8S Ingress
Kong (ingress controller) + K8S Ingress
Kubernetes API Gateway (not recommended because use cases are generally more complex for this)
I believe that the SecHub Web UI should be hosted on its own subdomain, as it functions as a distinct application. This approach would enhance organization and clarity, allowing users to easily navigate to and interact with the SecHub interface without confusion.
This simplifies routing in the API gateway by removing the need for arbitrary resource paths to differentiate between applications, making the overall configuration cleaner and more efficient.
Situation
Currently, we do not have an API Gateway solution installed in our K8S cluster. This leads to a less dynamic and inefficient architecture, where managing API requests becomes fragmented across multiple services. Without a centralized entry point, each microservice has to handle its own routing, authentication, and load balancing, which increases the complexity of our system and makes it harder to enforce security policies
Because of missing service discovery we have to include port mappings in our DNS Name entries like so:
https://sechub-int.app.corpintra.net:4443/auth/oauth/login
(web ui)https://sechub-int.app.corpintra.net:9112/
(admin server)Wanted
An API Gateway solution that can handle service discovery out of the box.
Further reasons to implement an API Gateway:
Solution
Implement an API gateway in K8S using something like:
I believe that the SecHub Web UI should be hosted on its own subdomain, as it functions as a distinct application. This approach would enhance organization and clarity, allowing users to easily navigate to and interact with the SecHub interface without confusion.
This simplifies routing in the API gateway by removing the need for arbitrary resource paths to differentiate between applications, making the overall configuration cleaner and more efficient.
-->
https://web.sechub-int.app.corpintra.net:4443/auth/oauth/login
instead of
https://sechub-int.app.corpintra.net:4443/web/auth/oauth/login
The text was updated successfully, but these errors were encountered: