https://datahubproject.io logo
Join Slack
Powered by
Just a (simple?) question: What's the recommodatio...
# all-things-deployment
b
Just a (simple?) question: What's the recommodation to protect the GUI via https/SSL? Just put a proxy in front of the datahub-frontend-react container and terminate the HTTPS there or are there other options/recommodations?
e
That is the recommendation as of now. Unfortunately, we don’t have SSL setup in frontend directly as of now.
b
Correct - however, we'd be very interested in a contribution in this space! I think it's a matter of exposing the correct configurations in the 
datahub-frontend
server
b
Hi, thanks for the answers. Concering contributions: I'm affraied I'm not to familiar with Java in general and the DataHub codebase in particular to make any meaingful contributions in this area. But I can perhaps provide some documentation how to setup datahub with a proxy server to get https access to the frontend.
One additional question: Does the Rest interface (which is used to push metadata to the datahub backend) also not support TLS? All the example files for metadata ingestions use config: server: http://localhost:8080" as their sink. I've found no example showing https or other targets then localhost.
m
Hi @brave-businessperson-3969, Ingestion does support "https". You need to setup the endpoint through ingress and then modify the recipe file. cc: @early-lamp-41924 if I missed anything.
b
So you'd need to terminate SSL at a proxy in front of gms. I believe this can be achieved on K8s using ingress!
q
Hi everyone! Just wanted to follow up on whether there were any updates on the recommendation for SSL for the frontend? To my research it seems like all components of Datahub can talk to each other via SSL so this would be the last piece. Is that true? Thanks!
What we’ve done is to setup a AWS ELB that takes incoming traffic from outside via HTTPS, and routes that traffic into internal Datahub components via HTTP.
3 Views
Open in Slack
PreviousNext
Powered by