mirror of
https://github.com/Unleash/unleash.git
synced 2025-01-20 00:08:02 +01:00
docs: troubleshooting unleash over https (#6250)
This commit is contained in:
parent
cb53df6176
commit
2c5cd13160
41
website/docs/using-unleash/troubleshooting/https.md
Normal file
41
website/docs/using-unleash/troubleshooting/https.md
Normal file
@ -0,0 +1,41 @@
|
|||||||
|
---
|
||||||
|
title: Configuring Unleash to run over HTTPS
|
||||||
|
---
|
||||||
|
|
||||||
|
Preferred methods for setting up HTTPS in self-hosted instances, from highly recommended to those requiring more caution:
|
||||||
|
|
||||||
|
## Load Balancer
|
||||||
|
|
||||||
|
The best choice is to use a load balancer.
|
||||||
|
A load balancer from a cloud provider renews the HTTPS certificates for you and keeps the data safe when it moves between the internet and your server.
|
||||||
|
Also, your cloud provider's private network between your load balancer and the application is already encrypted.
|
||||||
|
|
||||||
|
## Sidecar
|
||||||
|
|
||||||
|
If you're using something like Kubernetes and need HTTPS to be handled right next to your Unleash app, use a sidecar pattern.
|
||||||
|
This method keeps the HTTPS handling separate from the Unleash application logic.
|
||||||
|
Tools like [Istio](https://istio.io/), [Envoy](https://www.envoyproxy.io/), [HAProxy](https://www.haproxy.org/), or [Nginx](https://www.nginx.com/) can help by automatically updating certificates.
|
||||||
|
|
||||||
|
## Manual SSL termination in Unleash
|
||||||
|
|
||||||
|
Approach manual SSL termination within Unleash with caution.
|
||||||
|
This direct control method over the SSL setup adds complexity and a maintenance burden that can be challenging to manage.
|
||||||
|
|
||||||
|
If you insist on having Unleash do HTTPS termination for you, you'll need to set that up yourself using:
|
||||||
|
* http://expressjs.com/en/5x/api.html#app.listen
|
||||||
|
* https://nodejs.org/api/https.html#httpscreateserveroptions-requestlistener
|
||||||
|
|
||||||
|
Example:
|
||||||
|
```javascript
|
||||||
|
const https = require('node:https');
|
||||||
|
const fs = require('node:fs');
|
||||||
|
const options = {
|
||||||
|
key: fs.readFileSync('test/fixtures/keys/agent2-key.pem'),
|
||||||
|
cert: fs.readFileSync('test/fixtures/keys/agent2-cert.pem')
|
||||||
|
};
|
||||||
|
|
||||||
|
let app = unleash.create();
|
||||||
|
https.createServer(options, app).listen(443);
|
||||||
|
```
|
||||||
|
|
||||||
|
|
@ -701,6 +701,10 @@ module.exports = {
|
|||||||
from: '/how-to/how-to-troubleshoot-cors',
|
from: '/how-to/how-to-troubleshoot-cors',
|
||||||
to: '/using-unleash/troubleshooting/cors',
|
to: '/using-unleash/troubleshooting/cors',
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
from: '/how-to/how-to-troubleshoot-https',
|
||||||
|
to: '/using-unleash/troubleshooting/https',
|
||||||
|
},
|
||||||
{
|
{
|
||||||
from: '/how-to/how-to-troubleshoot-feature-not-available',
|
from: '/how-to/how-to-troubleshoot-feature-not-available',
|
||||||
to: '/using-unleash/troubleshooting/feature-not-available',
|
to: '/using-unleash/troubleshooting/feature-not-available',
|
||||||
|
@ -464,11 +464,12 @@ module.exports = {
|
|||||||
},
|
},
|
||||||
items: [
|
items: [
|
||||||
'using-unleash/troubleshooting/cors',
|
'using-unleash/troubleshooting/cors',
|
||||||
|
'using-unleash/troubleshooting/https',
|
||||||
'using-unleash/troubleshooting/email-service',
|
'using-unleash/troubleshooting/email-service',
|
||||||
'using-unleash/troubleshooting/feature-not-available',
|
'using-unleash/troubleshooting/feature-not-available',
|
||||||
'using-unleash/troubleshooting/flag-exposure',
|
'using-unleash/troubleshooting/flag-exposure',
|
||||||
'using-unleash/troubleshooting/flag-not-returned',
|
'using-unleash/troubleshooting/flag-not-returned',
|
||||||
'using-unleash/troubleshooting/flag-abn-test-unexpected-result'
|
'using-unleash/troubleshooting/flag-abn-test-unexpected-result',
|
||||||
],
|
],
|
||||||
},
|
},
|
||||||
'generated/unleash-edge',
|
'generated/unleash-edge',
|
||||||
|
@ -650,6 +650,11 @@
|
|||||||
"destination": "/using-unleash/troubleshooting/cors",
|
"destination": "/using-unleash/troubleshooting/cors",
|
||||||
"permanent": true
|
"permanent": true
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
"source": "/how-to/how-to-troubleshoot-https",
|
||||||
|
"destination": "/using-unleash/troubleshooting/https",
|
||||||
|
"permanent": true
|
||||||
|
},
|
||||||
{
|
{
|
||||||
"source": "/how-to/how-to-troubleshoot-feature-not-available",
|
"source": "/how-to/how-to-troubleshoot-feature-not-available",
|
||||||
"destination": "/using-unleash/troubleshooting/feature-not-available",
|
"destination": "/using-unleash/troubleshooting/feature-not-available",
|
||||||
@ -776,4 +781,4 @@
|
|||||||
"permanent": true
|
"permanent": true
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user