Feature request: custom domains (CNAME support)

[brandonkal]

It would be neat if users could provide a CNAME file a la GitHub Pages and the ingress would respond on that domain.

Or perhaps it would be provided as part of each function's yaml config file.

While there are arguably better tools for managing static websites, something like this would allow status pages and little projects to be created and managed in the same way that function endpoints are created.

[burtonr]

Thanks for the suggestion @brandonkal!

While not quite the same, there is a possibility to have a custom domain (with TLS) per function using the Ingress Operator. You can read more about it in the blog: Grab free TLS & Custom Domains for your Functions with FunctionIngress

Curious how you would expect the CNAME or yaml config to work though.

• Perhaps a function developer could set the custom domain in the yaml?
• Or maybe only an OpenFaaS cluster admin to configure it possibly in the gateway?

[brandonkal]

Thanks for pointing me to the Ingress Operator. It looks like that covers a lot of this functionality. It would be nice to see this integrated into OpenFaaS cloud eventually. Ideally the user would not have have to write a FunctionIngress yaml file.

To expand with some ideas:

The stack.yaml spec could look like this:

functions:
  website:
     domains: 
       - www.domain.com
       - domain.com
     # use_staging_cert: false

The user would be responsible configuring their DNS records for those names to point to owner.openfaas-cluser-domain.io

OpenFaaS Cloud would then automate the provisioning of the TLS certificates by default (the user would have the option to specify that Let'sEncrypt should use the staging environment for debugging.

It would be best to allow the function developer to set the domains. They point their domains to their owner subdomain so that OpenFaaS Cloud can be sure that the developer owns that domain in a multi-tenant environment.

By setting domains per function, this is very flexible:

• The user can build a "serverless API" on their own subdomain
• Functions can respond on a custom domain root or on an endpoint: my-static-site.com or my-api/functionOne

[alexellis]

Hi @brandonkal this is the vision for the IngressOperator, for it or some other component to create FunctionIngress CRD entries according to the annotations found on different functions in the cluster.

Just FYI I do not think this would not be enabled on the Community Cluster. Are you wanting to manage this on your own installation?

Alex

[brandonkal]

Yes, this would be for my own installation. Having the domains list as an annotation is a good option, but making it its own key feels a bit more intuitive.

[mrsimpson]

The clue of OFC imho is the complete non-need for k8s knowledge. Thus, even if the FunctionIngress is the resource describing the domain to the IngressOperator, I'd wish for a more compact declarations which defaults most of the properties of the FunctionIngress CRD. :+1: for the values definition in stack.yml