DEV Community

Discussion on: Selecting a Kubernetes Serverless Framework

 
mikeyglitz profile image
mikeyGlitz

As it stands I'm running my k8s cluster using k3s and ingress-nginx.
I like the idea of openwhisk and openfaas because they seem widely supported.
In some of my services, I'm looking to have them accessible via ingress with user authentication protection (keycloak, oidc, oauth2). Would that be possible with any of these frameworks. I know openFaaS has it, but unfortunately oauth2 is behind a pay-wall.

Also, how is intra-service messaging handled? Is there a messaging bus service a-la-kafka or rabbitmq i can use? Do these frameworks have a custom message bus?

Thread Thread
 
rasentry profile image
Dmitriy Vatsuro

You can protect your services with a oauth2_proxy. Take a look at this article.

And I don't know anything about messaging bus in these frameworks.

Thread Thread
 
mikeyglitz profile image
mikeyGlitz

Probably not the ideal way to protect openfaas, but I managed to set up the gateway using oauth2_proxy as recommended.

Using the helm chart, I had to disable basic authentication and the generation of the authentication password.

I used annotations to configure the ingress routing rules to pass through oauth2_proxy before reaching the openfaas gateway

This setup is demonstrated in the Ansible role I've created within my cluster initialization playbook:
github.com/mikeyGlitz/k3s-home-clu...