This document is an attempt to summarize configuration choices to make when deploying OpenWhisk on a Kubernetes cluster you have built yourself (ie, not on a public cloud managed Kubernetes service).
First, make sure your cluster is compatible with the technical requirements.
The simplest type of ingress to configure for OpenWhisk is a NodePort ingress.
Add the following to your mycluster.yaml, substituting a real IP address for YOUR_WORKERS_PUBLIC_IP_ADDR:
whisk: ingress: type: NodePort apiHostName: YOUR_WORKERS_PUBLIC_IP_ADDR apiHostPort: 31001 nginx: httpsNodePort: 31001
Properly configuring TLS can be challenging, but if you know how to get TLS to work with your ingress controller for other services on your cluster, you can probably get it to work for OpenWhisk as well. You will need something like the following in your mycluster.yaml.
whisk: ingress: apiHostName: <domain> apiHostPort: 443 apiHostProto: https type: Standard domain: <domain> tls: enabled: true <YOU WILL NEED SOME MORE KEY VALUE PAIRS HERE> annotations: <LIST ANNOTATIONS YOU NEED FOR YOUR INGRESS>
You can see how these values are used and what other values you might need by inspecting frontdoor-ingress.yaml and frontdoor-secrets.yaml.