Overview
The status page needs some components additional to the API server to be usable by operators and customers. As the API server does not implement any kind of authorization or authentication some components need to be deployed to protect the write operations of the API from unauthorized access.
Components
These components are picked as examples and can be exchanged with any technology that is fitting the use case.
The used components are Oathkeeper and Dex to implement AuthN1 and AuthZ2. Oathkeeper is a proxy that handles incoming requests and authorization, while Dex is used as an identity broker, used for authentication, to be used in conjunction with Oathkeeper to secure the API server.
Furthermore the API server needs a running database, for this PostgreSQL is used.
Last but not least the the status page is completed by a web front. For this the reference implementation from the status-page-web
repository.
Some deployments use reverse proxies, ingress controllers or can even use the gateway API. These are deployment specific and can be used as the use case requires.
Component overview
Deployment repository
The deployment repository contains a local development environment using KinD
, templates for other deployments, in example using k3s and the skeleton of the deployment for the public SCS cluster.