How to configure a private service in TAP (Tanzu Application Platform)
search cancel

How to configure a private service in TAP (Tanzu Application Platform)

book

Article ID: 380759

calendar_today

Updated On:

Products

VMware Tanzu Application Platform

Issue/Introduction

Users may have the needs to configure private services in TAP (Tanzu Application Platform).

There is method in https://knative.dev/docs/serving/services/private-services/  to label the KSVC.

$ kubectl label kservice ${KSVC_NAME} networking.knative.dev/visibility=cluster-local

However, this change is not persistent and will be reverted back immediately. And users might observe below error message when describing the KSVC.

Events:
  Type     Reason         Age                From                Message
  ----     ------         ----               ----                -------
  Warning  InternalError  21s (x2 over 60s)  service-controller  failed to reconcile Route: Operation cannot be fulfilled on routes.serving.knative.dev "test-app": the object has been modified; please apply your changes to the latest version and try again

Resolution

To make a permanent change, users can manually add networking.knative.dev/visibility: cluster-local label to the workload.yaml file and apply it.

Here is a part of the sample configuration:

apiVersion: carto.run/v1alpha1
kind: Workload
metadata:
  name: tanzu-java-web-app-cluster-local
  labels:
    apps.tanzu.vmware.com/workload-type: web
    app.kubernetes.io/part-of: tanzu-java-web-app-cluster-local
    apps.tanzu.vmware.com/has-tests: true
    ## will expose Knative Services as `cluster.local`` domain instead of ingress based domain.
    ### tanzu-java-web-app-cluster-local   Ready   http://tanzu-java-web-app-cluster-local.my-space.svc.cluster.local
    networking.knative.dev/visibility: cluster-local