By default, the resources of your OAS cluster will be exposed to the whole
internet (although they are password protected by the single-sign-on system).
If you like to limit who can access your cluster resources you can configure
the OAS ingress (ingress-nginx)
to only accept connections from a certain IP address or range.
Add a file in the
CLUSTER_DIR/group_vars/all/ directory, i.e. named
ingress.yml with the following content:
ingress_extra_values: controller: config: # https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/annotations/#whitelist-source-range # comma separated list of CIDRs, e.g. 10.0.0.0/24,126.96.36.199. whitelist-source-range: 188.8.131.52/24
After this, run the Openappstack installation procedure again.