Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: updated Kibana app endpoint to private #346

Open
wants to merge 23 commits into
base: main
Choose a base branch
from
Open

fix: updated Kibana app endpoint to private #346

wants to merge 23 commits into from
+45 −4

Conversation

Ak-sky
Copy link
Member

@Ak-sky Ak-sky commented Nov 20, 2024
edited
Loading

Description

  • Updated Kibana app endpoint to private.
    Git Issue

Release required?

  • No release
  • Patch release (x.x.X)
  • Minor release (x.X.x)
  • Major release (X.x.x)
Release notes content
  • The Kibana application will be configured to use a private endpoint by default for receiving requests. This behavior can be customized by modifying the kibana_visibility variable.
  • Changing the Kibana visibility from private to public using the kibana_visibility variable makes it publicly accessible but disables access via IBM Cloud private network, with immediate effect and potential security implications.

Run the pipeline

If the CI pipeline doesn't run when you create the PR, the PR requires a user with GitHub collaborators access to run the pipeline.

Run the CI pipeline when the PR is ready for review and you expect tests to pass. Add a comment to the PR with the following text:

/run pipeline

Checklist for reviewers

  • If relevant, a test for the change is included or updated with this PR.
  • If relevant, documentation for the change is included or updated with this PR.

For mergers

  • Use a conventional commit message to set the release level. Follow the guidelines.
  • Include information that users need to know about the PR in the commit message. The commit message becomes part of the GitHub release notes.
  • Use the Squash and merge option.

@Ak-sky
Copy link
Member Author

Ak-sky commented Nov 20, 2024

/run pipeline

@Ak-sky
Copy link
Member Author

Ak-sky commented Nov 20, 2024

/run pipeline

ocofaigh
ocofaigh reviewed Nov 20, 2024
View reviewed changes
Copy link
Member

@ocofaigh ocofaigh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What impact does this have on upgrade? Is it going to tear down anything? Re-deploy kibana? Lets ensure we are deploying kibana as part of DA upgrade test for a start

@Ak-sky
Copy link
Member Author

Ak-sky commented Nov 20, 2024
edited
Loading

What impact does this have on upgrade? Is it going to tear down anything? Re-deploy kibana? Lets ensure we are deploying kibana as part of DA upgrade test for a start

It is only going to update the endpoint for the Kibana app from local_public to local_private. This means any existing users will no longer be able to access the Kibana app from the public internet and is only accessible via the IBM Cloud private network.

@Ak-sky
Copy link
Member Author

Ak-sky commented Nov 20, 2024

Also, due to the schematics limitations, we cannot run the upgrade test.

@Ak-sky
Copy link
Member Author

Ak-sky commented Nov 20, 2024

What impact does this have on upgrade? Is it going to tear down anything? Re-deploy kibana? Lets ensure we are deploying kibana as part of DA upgrade test for a start

It is only going to update the endpoint for the Kibana app from local_public to local_private. This means any existing users will no longer be able to access the Kibana app from the public internet and is only accessible via the IBM Cloud private network.

@ocofaigh , does this come under breaking change?

@ocofaigh
Copy link
Member

ocofaigh commented Nov 20, 2024
edited
Loading

@Ak-sky It depends on what actions occur. Will the kibana app be redeployed to to the config error (meaning dashbaord will go down). It seems the upgrade test is not deploying kibana. I think you need to change it so it does so we test that use case

@Ak-sky
Copy link
Member Author

Ak-sky commented Nov 20, 2024
edited
Loading

@Ak-sky It depends on what actions occur. Will the kibana app be redeployed to to the config error (meaning dashbaord will go down). It seems the upgrade test is not deploying kibana. I think you need to change it so it does so we test that use case

It does not redeploy Kibana, it is just an update of app endpoint.
Also DA runs in schematics so unable to do upgrade test.
image

image

@ocofaigh
Copy link
Member

ocofaigh commented Nov 20, 2024
edited
Loading

@Ak-sky If it was using public before, then how did the dashboard ever work since our DA only deploys private only ES instance?
ah sorry this is the code engine app endpoint

@ocofaigh
Copy link
Member

So @Ak-sky how is somebody supposed to hit the kibana url private endpoint in their browser? We will wan't to document that? Is it even possible to set up a VPN that can access it?

@Ak-sky
Copy link
Member Author

Ak-sky commented Nov 22, 2024

So @Ak-sky how is somebody supposed to hit the kibana url private endpoint in their browser? We will wan't to document that? Is it even possible to set up a VPN that can access it?

@ocofaigh, we need to discuss about this, I will add this topic for deep dive.

@Ak-sky
Copy link
Member Author

Ak-sky commented Nov 26, 2024

/run pipeline

ocofaigh
ocofaigh requested changes Nov 27, 2024
View reviewed changes
Copy link
Member

@ocofaigh ocofaigh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Left some comments. Also dont forget to add new vars to ibm_catalog.json. And use custom dropdown for the endpoint one

solutions/standard/variables.tf Outdated Show resolved Hide resolved
solutions/standard/variables.tf Outdated Show resolved Hide resolved
solutions/standard/variables.tf Outdated Show resolved Hide resolved
solutions/standard/variables.tf Outdated Show resolved Hide resolved
solutions/standard/variables.tf Show resolved Hide resolved
@Ak-sky Ak-sky requested a review from ocofaigh December 6, 2024 13:08
@ocofaigh
Copy link
Member

Wait for #363 to be merged fist

@Ak-sky
Copy link
Member Author

Ak-sky commented Dec 20, 2024

/run pipeline

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@daniel-butler-irl daniel-butler-irl Awaiting requested review from daniel-butler-irl daniel-butler-irl is a code owner

@shemau shemau Awaiting requested review from shemau shemau is a code owner

@ocofaigh ocofaigh Awaiting requested review from ocofaigh

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Ak-sky @ocofaigh