As it stands I'm running my k8s cluster using k3s and ingress-nginx.
I like the idea of openwhisk and openfaas because they seem widely supported.
In some of my services, I'm looking to have them accessible via ingress with user authentication protection (keycloak, oidc, oauth2). Would that be possible with any of these frameworks. I know openFaaS has it, but unfortunately oauth2 is behind a pay-wall.
Also, how is intra-service messaging handled? Is there a messaging bus service a-la-kafka or rabbitmq i can use? Do these frameworks have a custom message bus?
As it stands I'm running my k8s cluster using k3s and ingress-nginx.
I like the idea of openwhisk and openfaas because they seem widely supported.
In some of my services, I'm looking to have them accessible via ingress with user authentication protection (keycloak, oidc, oauth2). Would that be possible with any of these frameworks. I know openFaaS has it, but unfortunately oauth2 is behind a pay-wall.
Also, how is intra-service messaging handled? Is there a messaging bus service a-la-kafka or rabbitmq i can use? Do these frameworks have a custom message bus?
You can protect your services with a oauth2_proxy. Take a look at this article.
And I don't know anything about messaging bus in these frameworks.
Probably not the ideal way to protect openfaas, but I managed to set up the gateway using oauth2_proxy as recommended.
Using the helm chart, I had to disable basic authentication and the generation of the authentication password.
I used annotations to configure the ingress routing rules to pass through oauth2_proxy before reaching the openfaas gateway
This setup is demonstrated in the Ansible role I've created within my cluster initialization playbook:
github.com/mikeyGlitz/k3s-home-clu...