Kubernetes FastX Configuration
The FastX Kubernetes cluster virtualizes the FastX 4 Configuration and creates a set of ConfigMaps and Secrets so that the configuration can easily be distributed throughout the cluster.
Note: The entire FastX Cluster is in the fastx namespace
Updating Configuration
We suggest you use the kubernetes kustomize and patching to overwrite the default ConfigMaps and Secrets as needed. Each ConfigMap and Secret typically maps to one or more files seen in the FastX Configuration. The simple solution is to migrate your installation using kubectl.
Creating patches
You can usually use the –dry-run option to iteratively create patches based on your currently existing files
Example 1:
kubectl create configmap -n fastx error-403 --dry-run='client' -o yaml --from-file=error-403.html=./error-403.html > patches/patch-error-403.yaml
Example 2:
kubectl create secret generic -n fastx auth-saml --dry-run='client' -o yaml --from-file=auth-saml.ini=./auth-saml.ini > patches/patch-auth-saml.yaml
Applying patches to the kustomization
After you create a patch, you need to update your ~/fastx-cluster/kustomization.yaml file to make the patch permanent.
Edit ~/fastx-cluster/kustomization.yaml
Under patches, add a new array element:
- target:
kind: ConfigMap
name: launcher # the configmap name
namespace: fastx
path: patches/patch-launcher-configmap.yaml # path to the patch you created
ConfigMaps
See ~/fastx-cluster/base/config for the implementation of the default ConfigMaps
- announcements: announcements files
- apps: files that hold the FastX apps
- error-403: custom 403 error page
- error-404: custom 404 error page
- error-500: custom 500 error page
- fastx-env: FastX environment variable overrides
- forms: files for custom app forms
- http-headers: http headers file
- icons: custom icons
- launcher: environment variables for launching sessions
- launcher-command: files used to generate the session-pod and launch the session
- launcher-templates-custom: admin defined kustomization files for the session-pod
- license: license.lic file
- load-balance-script: load balancer file
- motd: message of the day files
- session-performance: session performance defaults files
- smtp: smtp file
- theme: theme customizations
- theme-logo: theme logo
- user-groups: user groups script
- user-permissions: user permissions.ini file
- user-preferences-script: user preferences script
Secrets
See ~/fastx-cluster/base/secrets for the implementation of the default Secrets
- admin-secret: file that contains the admin username/password
- admin-oidc-google: secret for the google oidc.json configuration
- auth-oidc: auth-oidc.ini secret
- auth-saml: auth-saml.ini secret
- auth-saml-cert: auth-saml certificate
- token-secret: proxy token for connecting the session to the FastX server
- transporter: secret for NATS server configuration and token