I am trying to allow Access Control Origin due to the following error in an Android Cordova app:
http://localhost:8080/#/: Line 0 : Access to XMLHttpRequest at 'https://api.v2.domain.com/api/v1/users/me/favorites?lat=42.5467&lng=-83.2113&radius=10.0&limit=5&search=' from origin 'http://localhost:8080' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
I am trying to figure out where in Kubernetes to add it - I assume it's somewhere in the Service or the Deployment.
Here's both:
apiVersion: v1
kind: Service
metadata:
name: domain-server
annotations:
dns.alpha.kubernetes.io/external: "api.v2.domain.com"
service.beta.kubernetes.io/aws-load-balancer-ssl-cert: arn:aws:acm:us-east-2:152660121739:certificate/8efe41c4-9a53-4cf6-b056-5279df82bc5e
service.beta.kubernetes.io/aws-load-balancer-backend-protocol: http
spec:
type: LoadBalancer
selector:
app: domain-server
ports:
- port: 443
targetPort: 8080
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: domain-server
spec:
replicas: 2
strategy:
type: RollingUpdate
rollingUpdate:
maxSurge: 3
revisionHistoryLimit: 10
template:
metadata:
labels:
app: domain-server
spec:
containers:
- name: domain-server
image: "152660121739.dkr.ecr.us-east-2.amazonaws.com/domain-server"
imagePullPolicy: Always
resources:
limits:
memory: "1200Mi"
requests:
memory: "900Mi"
cpu: "200m"
ports:
- name: http
containerPort: 8080
...
Is this the correct place to put the header? If so, how would one add CORS to Kubernetes here? I am noticing some suggestions like Nginx ingresses, but the application I am using does not use Nginx.
This problem is not about Kubernetes. Browsers enforce CORS, check reference here: https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS . You can also use curl or postman and see content without CORS error.
Normally nginx servers can fix that and kubernetes-nginx is not really different. It basically uses reverse proxy to control services. Check this reference to get started to fix CORS error by ingress: https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/annotations/#enable-cors
It would be much more easier if you use Nginx, that you will have to add just these annotations in service configuration file:
nginx.ingress.kubernetes.io/enable-cors: "true"
nginx.ingress.kubernetes.io/cors-allow-methods: "PUT, GET, POST, OPTIONS"
nginx.ingress.kubernetes.io/cors-allow-credentials: "true"
nginx.ingress.kubernetes.io/configuration-snippet: |
more_set_headers "Access-Control-Allow-Origin: $http_origin";
But in your case it seems that problem is connected more with CORS that straight with Kubernetes cors-article. You have to enable CORS.
You can edit kubernetes API server yaml file, to get CORS working.
Add line --cors-allowed-origins=["http://*"\] argument to /etc/default/kube-apiserver or /etc/kubernetes/manifests/kube-apiserver.yaml file, it depends where your kube-apiserver configuration file is located.
spec:
containers:
- command:
- kube-apiserver
- --cors-allowed-origins=["http://*"]
Then restart to kube-apiserver.
Then change annotation dns.alpha.kubernetes.io/external: "api.v2.domain.com"
to dns.alpha.kubernetes.io/external: "http://api.v2.domain.com"
in your service configuration file and apply changes.