16.3. 查找当前路由
验证您是否可以访问其默认主机名上的组件路由。
您可以通过查询
openshift-console和openshift-authentication项目中的路由列表来查找主机名。$ oc get routes -n openshift-console $ oc get routes -n openshift-authentication
输出示例
NAME HOST/PORT PATH SERVICES PORT TERMINATION WILDCARD console console-openshift-console.apps.my-example-cluster-aws.z9a9.p1.openshiftapps.com ... 1 more console https reencrypt/Redirect None downloads downloads-openshift-console.apps.my-example-cluster-aws.z9a9.p1.openshiftapps.com ... 1 more downloads http edge/Redirect None NAME HOST/PORT PATH SERVICES PORT TERMINATION WILDCARD oauth-openshift oauth-openshift.apps.my-example-cluster-aws.z9a9.p1.openshiftapps.com ... 1 more oauth-openshift 6443 passthrough/Redirect None
在这个输出中,您可以看到我们的基本主机名为
z9a9.p1.openshiftapps.com。运行以下命令,获取默认入口的 ID:
$ export INGRESS_ID=$(rosa list ingress -c ${CLUSTER_NAME} -o json | jq -r '.[] | select(.default == true) | .id')在移动到下一部分前,请确定所有字段都正确输出:
$ echo "Ingress ID: ${INGRESS_ID}"输出示例
Ingress ID: r3l6
通过运行这些命令,您可以看到集群的默认组件路由是:
-
console-openshift-console.apps.my-example-cluster-aws.z9a9.p1.openshiftapps.comfor Console -
downloads-openshift-console.apps.my-example-cluster-aws.z9a9.p1.openshiftapps.comfor Downloads -
oauth-openshift.apps.my-example-cluster-aws.z9a9.p1.openshiftapps.comfor OAuth
-
我们可以使用 rosa edit ingress 命令更改每个服务的主机名,并为我们的所有组件路由添加一个 TLS 证书。相关的参数包括在 rosa edit ingress 命令的命令行帮助摘录中:
$ rosa edit ingress -h Edit a cluster ingress for a cluster. Usage: rosa edit ingress ID [flags] [...] --component-routes string Component routes settings. Available keys [oauth, console, downloads]. For each key a pair of hostname and tlsSecretRef is expected to be supplied. Format should be a comma separate list 'oauth: hostname=example-hostname;tlsSecretRef=example-secret-ref,downloads:...'
在本例中,我们将使用以下自定义组件路由:
-
Console 的
console.my-new-domain.dev -
download.my-new-domain.devfor Downloads -
oauth.my-new-domain.devfor OAuth
