Use omsGateway to manage replica counts, worker pool size, cors
(Cross-Origin Resource Sharing) settings and more, for OMS Gateway service.
The following YAML snippet is a sample schema of
omsGateway:
omsGateway:
# issuerSecret: ""
# skipAuthentication: false
# workerPoolSize: 100
# sslEnabled: true
# identitySecretName: <TLS_certificate_name>
# logLevel: INFO
# replicas: ""
# resources:
# limits:
# cpu: '2'
# memory:500Mi
# requests:
# cpu: '1'
# memory: 3000Mi
# webClient:
# connectTimeout: 30000
# keepAlive: true
# keepAliveTimeout: 60
# logActivity: false
# maxPoolSize: 10
# requestTimeout: 60000
# trustAll: false
# verifyHost: true
# cors:
# enabled: true
# allowedOrigins: '*'
# deltaHeaders: ''
# deltaMethods: ''
# exposedHeaders: ''
# allowCredentials: true
# affinityAndTolerations: ""
# horizontalPodAutoscaler: ""
The following table explains the properties applicable for
omsGateway.
| Property |
Default value |
Value type |
Required |
Description |
affinityAndTolerations |
|
string |
No |
Use the name of the affinityAndTolerations that is defined in the SIPEnvironment. |
horizontalPodAutoscaler |
|
string |
No |
Specify the name of the pre-defined Horizontal Pod Autoscaler that is to be used. For more
information, see Configuring horizontalPodAutoscalers parameter. |
issuerSecret |
|
string |
No |
Specify the name of the JWT issuer secret. For more information, see Creating a JWT issuer secret by using a public key. |
skipAuthentication |
false |
boolean |
No |
Specify skipAuthentication to skip authentication on incoming requests in
the OMS Gateway. You are expected to send a pre-authenticated request. If
skipAuthentication is set to true, configuring
issuerSecret is not required.
When you change the value of
skipAuthentication, ensure that you restart the deployment for the changes to take
effect.
The routing rules (API definitions) are handled the same way regardless of the value of
skipAuthentication. The OMS Gateway API semantics for handling request and response
remains unaffected. |
identitySecretName |
|
string |
No |
Specify the name of the secret that holds the custom TLS certificate. If it is not specified
and sslEnabled is true, the Operator generates a self-signed certificate. For more
information, see Custom TLS certificate configuration in OMS Gateway. |
sslEnabled |
true |
boolean |
No |
Specify sslEnabled to enable or disable SSL in
omsGateway. |
workerPoolSize |
100 |
string |
No |
Specify the number of worker threads for JWT verifier service. |
logLevel |
INFO |
string |
No |
Specify the logging level for JWT verifier service. Available options are OFF, FATAL,
ERROR, WARN, INFO, DEBUG,TRACE, ALL. |
replicas |
1 |
integer |
No |
Specify the number of replicas for JWT verifier service. |
resources |
|
object |
No |
Specify the CPU and memory resource requests and limits. For more information, see Resource management for pods and containers. |
webClient |
|
object |
No |
Specify the web client properties as explained in webClient parameter. |
cors |
|
object |
No |
Specify the Cross Origin Resource Sharing (CORS) customization properties as explained in
cors parameter. |
webClient parameter
| Property |
Default value |
Value type |
Required |
Description |
connectTimeout |
30000 |
integer |
No |
Specify the connect timeout in milliseconds. |
keepAlive |
true |
boolean |
No |
Set the connection keep alive value. |
keepAliveTimeout |
60 |
integer |
No |
Specify the keep alive timeout in seconds. |
logActivity |
false |
boolean |
No |
Specify whether to log web client activity. |
maxPoolSize
|
10 |
integer |
No |
Specify the maximum pool size for web client connections. |
requestTimeout |
60000 |
integer |
No |
Specify the request timeout for web client requests. |
trustAll |
false |
boolean |
No |
Specify whether to trust all web client connections. |
verifyHost |
true |
boolean |
No |
Specify if web client should verify connections. |
cors parameter
| Property |
Default value |
Value type |
Required |
Description |
enabled |
true |
boolean |
No |
Specify whether CORS feature is enabled. |
allowedOrigins |
‘*’ |
string |
No |
Specify the list of comma separated allowed origins for CORS. |
deltaHeaders |
|
string |
No |
Specify the list of additional HTTP headers to be allowed by CORS. |
deltaMethods |
|
string |
No |
Specify the list of additional HTTP methods to be allowed by CORS. |
exposedHeaders
|
|
string |
No |
Specify the comma separated list of headers to be exposed by CORS. |
allowCredentials |
true |
boolean |
No |
Specify whether the credentials are allowed by CORS. |