openwhisk-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rodric Rabbah <rod...@gmail.com>
Subject http enablement in nginx for local development
Date Sun, 23 Jul 2017 14:28:17 GMT
If you've deployed openwhisk locally you'll have noticed that the nginx is
listening on port 443 only (https); for local development, we document a
workaround to the self-signed SSL certificate by bypassing nginx. This is
helpful for switching deployments from local to production where the latter
will have a valid certificate but the former requires some additional flags
for wsk CLI or curl to ignore the certificate.

A while ago PR 2042 was offered to open port 80 [1] and enables HTTP  as a
convenience for local dev since it avoids having to ignore the self-signed
cert. On the other hand, this path is not tested explicitly and could rot
but more so, without running the full test suite against both HTTP and
HTTPS deployments, I for one can't say what will and will not work.

At one point, we explored storing the insecure flag in the wsk CLI
properties file but ended up abandoning (see PR 1838 [2]) and instead
documenting a convenient but limited workaround instead (bypassing nginx).

[1] https://github.com/apache/incubator-openwhisk/pull/2042
[2] https://github.com/apache/incubator-openwhisk/pull/1838

I'm inclined to continue to only support HTTPS and in fact push this
protocol even further inside the deployment.

Thoughts?  I will summarize the dev list discussion on the PR as
appropriate and then we can decide that to do with the offered patch.

-r

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message