Shift Network Endpoints
The KOBIL Shift services are routed through the ISTIO/ServiceMesh services. During KOBIL Shift deployment the routing info for the ServiceMesh is created by kubernetes objects of type "virtualservices". This below listing is extracted from KOBIL Shift Charts release 0.73.1
External URL endpoints - public access
| Name | Host | Usage | Exposing | Notes |
|---|---|---|---|---|
| Shift AST Services | asts.sub.domain.net | Access to AST services | public access | AST protocol external endpoint via HTTPS 443 |
| Shift IDP Services | idp.sub.domain.net | Access to IDP services | public access | IDP protocol external endpoint via HTTPS 443 |
| Shift SCP Services | scp.sub.domain.net | Access to SCP services | public access | SCP protocol external endpoint via HTTPS 443 |
| Shift Portal Services | smartdashboard.sub.domain.net | Access to GUI services | internal access | GUI protocol endpoint via HTTPS 443 |
VirtualService Host / Path configuration
| HOST | URL/Match | Service (internal) | Note(s) |
|---|---|---|---|
| asts.sub.domain.net | ^/v1/tenants/\w+/sdkconfig$ | astca | |
| asts.sub.domain.net | ^/v1/tenants/\w+/clients/[0-9A-Za-z]{26}/kex/ec$ ^/v1/tenants/\w+/clients/[0-9A-HJKMNP-TV-Z]{26}/kex/ec$ | astlogin | old / new expression |
| asts.sub.domain.net | ^/v1/tenants/\w+/astclients$ ^/v1/tenants/\w+/astclients/details$ ^/v1/tenants/\w+/users$ ^/v1/tenants/\w+/lock$ ^/v1/ tenants/\w+/unlock/[0-9A-HJKMNP-TV-Z]{26}$ ^/v1/tenants/\w+/unlink$ ^/v1/tenants/\w+/delete/[0-9A-HJKMNP-TV-Z]{26}$ ^/v1/tenants/\w+/ client/[0-9A-HJKMNP-TV-Z]{26}$ ^/v1/tenants/\w+/astclients/locales$ | astclientmanagement | |
| asts.sub.domain.net | ^/v1/tenants/\w+/properties$ ^/v1/tenants/\w+/properties/.* ^/v1/tenants/\w+/portal/.* | ast-client-properties | |
| asts.sub.domain.net | ^/v1/tenants/\w+/sse/.* | ast-stream | |
| asts.sub.domain.net | ^/v1/tenants/\w+/platforms$ ^/v1/tenants/\w+/platforms/.* ^/v1/tenants/\w+/versions$ ^/v1/tenants/\w+/ versions/hierarchy$ ^/v1/tenants/\w+/versions/filter$ ^/v1/tenants/\w+/versions/[0-9A-Za-z]{26}$ ^/v1/tenants/\w+/versions/[0-9A-Za-z]{26}/lock$ ^/v1/tenants/\w+/versions/[0-9A-Za-z]{26}/register$ ^/v1/tenants/\w+/apps$ regex: ^/v1/tenants/\w+/apps/.+$ | ast-version | |
| asts.sub.domain.net | ^/v1/tenants/\w+/tms$ ^/v1/tenants/\w+/tms/[0-9A-Za-z]{26}$ ^/v1/tenants/\w+/tms/[0-9A-Za-z]{26}/status$ ^/v1/tenants/\w+/tms/[0-9A-Za-z]{26}/result$ ^/v1/tenants/\w+/display-message$ ^/v1/tenants/\w+/display-message/[0-9A-Za-z]{26}$ | ast-tms | |
| asts.sub.domain.net | ^/v1/tenants/\w+/keystoreprotection$ ^/v1/tenants/\w+/keystoreprotection/[0-9A-Za-z]{26}$ | ast-key-protection | |
| asts.sub.domain.net | ^/v1/tenants/\w+/templates$ ^/v1/tenants/\w+/templates/[a-zA-Z]+[\w-].[a-zA-Z]+[\w-]$ ^/v1/tenants/\w+/templates/[a-zA-Z]+[\w-].[a-zA-Z]+[\w-] | ast-localization | |
| asts.sub.domain.net | ^/v1/tenants/\w+/login/nonce$ ^/v1/tenants/\w+/tms/nonce$ ^/v1/tenants/\w+/events/nonce$ ^/v1/tenants/\w+/certificates/request$ ^/v1/tenants/\w+/certificates/[0-9A-Za-z]{26}$ ^/v1/tenants/\w+/certificates/[0-9A-Za-z]{26}/retrieve$ ^/v1/chain/[0-9A-Za-z]{26}$ ^/v1/tenants/\w+/public-keys$ | ast-webhooks | |
| idp.sub.domain.net | ^/auth/realms/\w+/kobil.+$ ^/auth/realms/\w+/protocol/openid-connect/.+$ ^/auth/realms/\w+/.well-known/openid-configuration$ ^/auth/realms/\w+/login-actions/.+$ prefix: /auth/resources prefix: /auth/js | idp-core | |
| ipd.sub.domain.net | ^/v1/mpower/tenants/\w+/media/([a-zA-Z0-9=/_+-])+/download$ | idp-scp-connector | |
| profile-backend.sub.domain.net... | prefix: /api/v1/profile-picture | profile-backend | |
| smartdashboard.sub.domain.net | / | kong-proxy | |
| scp.sub.domain.net | /addressbook | scp-addressbook | |
| scp.sub.domain.net | /messenger | scp-messenger | |
| scp.sub.domain.net | /notifier | scp-notifier | |
| scp.sub.domain.net | /gateway | scp-gateway |