Kubernetes FastX Configuration


The FastX Kubernetes cluster virtualizes the FastX 4 Configuration and creates a set of ConfigMaps and Secrets so that the configuration can easily be distributed throughout the cluster.

Note: The entire FastX Cluster is in the fastx namespace

Updating Configuration

We suggest you use the kubernetes kustomize and patching to overwrite the default ConfigMaps and Secrets as needed. Each ConfigMap and Secret typically maps to one or more files seen in the FastX Configuration. The simple solution is to migrate your installation using kubectl.

Creating patches

You can usually use the –dry-run option to iteratively create patches based on your currently existing files

Example 1:

kubectl create configmap -n fastx error-403 --dry-run='client' -o yaml --from-file=error-403.html=./error-403.html > patches/patch-error-403.yaml

Example 2:


kubectl create secret generic -n fastx auth-saml --dry-run='client' -o yaml --from-file=auth-saml.ini=./auth-saml.ini > patches/patch-auth-saml.yaml

Applying patches to the kustomization

After you create a patch, you need to update your ~/fastx-cluster/kustomization.yaml file to make the patch permanent.

Edit ~/fastx-cluster/kustomization.yaml
Under patches, add a new array element:

- target:
      kind: ConfigMap
      name: launcher # the configmap name
      namespace: fastx
    path: patches/patch-launcher-configmap.yaml # path to the patch you created

ConfigMaps

See ~/fastx-cluster/base/config for the implementation of the default ConfigMaps

  • announcements: announcements files
  • apps: files that hold the FastX apps
  • error-403: custom 403 error page
  • error-404: custom 404 error page
  • error-500: custom 500 error page
  • fastx-env: FastX environment variable overrides
  • forms: files for custom app forms
  • http-headers: http headers file
  • icons: custom icons
  • launcher: environment variables for launching sessions
  • launcher-command: files used to generate the session-pod and launch the session
  • launcher-templates-custom: admin defined kustomization files for the session-pod
  • license: license.lic file
  • load-balance-script: load balancer file
  • motd: message of the day files
  • session-performance: session performance defaults files
  • smtp: smtp file
  • theme: theme customizations
  • theme-logo: theme logo
  • user-groups: user groups script
  • user-permissions: user permissions.ini file
  • user-preferences-script: user preferences script

Secrets

See ~/fastx-cluster/base/secrets for the implementation of the default Secrets

  • admin-secret: file that contains the admin username/password
  • admin-oidc-google: secret for the google oidc.json configuration
  • auth-oidc: auth-oidc.ini secret
  • auth-saml: auth-saml.ini secret
  • auth-saml-cert: auth-saml certificate
  • token-secret: proxy token for connecting the session to the FastX server
  • transporter: secret for NATS server configuration and token