Configure OpenServerless

• 1: DNS and SSL
• 2: Services

1 - DNS and SSL

Configuring DNS and SSL

You can use OpenServerless as just as a serverless engine, and use the default IP or DNS provided when provisioned your server or cluster. If you do so, only http is avaialble, and it is not secure.

If you want your server or cluster is available with a well-known internet name, you can associate the IP address or the “ugly” default DNS name of serveres or clusters to a DNS name of your choice, to use it also to publish the static front-end of your server.

Furthermore, once you decided for a DNS name for your server, you can enable the provisioning of an SSL certificate so you server will be accessible with https.

In order to configure the DNS and the SSL the steps are:

1. retrieve the IP address or the the DNS name of your server or cluster

2. register a DNS name of your choice with your registration name provider

3. configure OpenServerless so he knows of the DNS and SSL and can use it

Retrieving the IP address or the DNS name

If OpenServerless is installed in your local machine with Docker, cannot configure any DNS nor SSL, so you can proceed configuring the services.

If OpenServerless is installed in a single server, after you satisfied the server prerequisites you will know the IP address or DNS name of you server.

If OpenServerless is installed in a Kubernetes cluster, after you satisfied the server cluster prerequisites you know either the IP address or the DNS name of the load balancer.

Register a DNS name or wildcard

Using the address of your server or cluster, you need either to configure a DNS name your already own or contact a domain name registrar to register a new DNS name dedicated to your server or cluster.

You need at least one DNS name in a domain you control, for example nuvolaris.example.com that points to you IP or address.

Note that:

• If you have an IP address to your load balancer you need to configure an A record mapping nuvolaris.example.com to the IP address of your server.

• If you have a DNS name to your load balancer, you need to configure a CNAME record mapping nuvolaris.example.com to the DNS name of your server.

💡 NOTE

If you are registering a dedicated domain name for your cluster, you are advised to register wildcard name (*) for every domain name in example.com will resolve to your server.

Registering a wildcard is required to get a different website for for multiple users.

Configure OpenServerless to use your DNS and and enable SSL

Once you registrered a single DNS (for example openserverless.example.com) or a wildcard DNS name (for example *.example.com) you can communicate to the installer what is the main DNS name of your cluster or server, as it is not able to detect it automatically. We call this the <apihost>

💡 NOTE

If you have registered a single DNS name, like openserverless.example.com use this name as <apihost>.

If you have registered a wildcard DNS name, you have to choose a DNS name to be used as <apihost>.

We recommended you use a name starting with api since to avoid clashes, user and domain names starting with api are reserved. So if you have a *.example.com wildcard DNS available, use api.example.com as your <apihost>

Once you decided what is your API host, you can configure this as follows:

ops config apihost <apihost>

This configuration will assign a well know DNS name as access point of your OpenServerless cluster. However note it does NOT enable SSL. Accessing to your cluster will happen using HTTP.

Since requests contain sensitive information like security keys, this is highly insecure. You hence do this only for development or testing but never for production.

Once you have a DNS name, enabling https is pretty easy, since we can do it automatically using the free service Let's Encrypt. We have however to provide a valid email address <email>.

Once you know your <apihost> and the <email> to receive communications from Let’s Encrypt (mostly, when a domain name is invalidated and needs to be renewed), you can configure your apihost and enable SSL as follows:

ops config apihost <apihost> --tls=<email>

Of course, replace the <apihost> with the actual DNS name you registered, and <email> with your email address

2 - Services

Configuring OpenServerless services

After you satisfied the prerequisites and before you actually install OpenServerless, you have to select which services you want to install:

• Static, publishing of static assets

• Redis, a storage service

• MinIO an object storage service

• Postgres a relational SQL database

• FerretDB A MongoDB-compatible adapter for Postgres

You can enable all the services with:

ops config enable --all

or disable all of them with:

ops config disable --all

Or select the services you want, as follows.

Static Asset Publishing

The static service allows you to publish static asset.

💡 NOTE

you need to setup a a wildcard DNS name to be able to access them from Internet.

You can enable the Static service with:

ops config enable --static

and disable it with:

ops config disable --static

Redis

Redis, is a fast, in-memory key-value store, usually used as cache, but also in some cases as a (non-relational) database.

Enable REDIS:

ops config enable --redis

Disable REDIS:

ops config disable --redis

MinIO

MinIO is an object storage service

Enable minio:

ops config enable --minio

Disable minio:

ops config disable --minio

Postgres

Postgres is an SQL (relational) database.

Enable postgres:

ops config enable --postgres

Disable postgres:

ops config disable --postgres

FerretDB

FerretDB is a MongoDB-compatible adapter for Postgres. It created a document-oriented database service on top of Postgres.

💡 NOTE

Since FerretDB uses Postgres as its storage, if you enable it, also the service Postgresql will be enabled as it is required.

Enable MongoDB api with FerretDB:

ops config enable --mongodb

Disable MongoDB api with FerretDB:

ops config disable --mongodb