Preparing the application
PhariaOS relies on Kubernetes to deploy applications as Kubernetes resources (a deployment with pods).
To trigger a deployment with PhariaOS, you need to provide your containerised application in a registry that is accessible by the credentials provided to PhariaOS during installation.
Application image requirements
As a minimum, the application image must meet the following requirements:
-
Run as non-root user. This is required by the pod security context.
-
Expose port
8080. This is used for the readiness and liveness probes.
Security context
PhariaOS allows the customisation of the security context for application pods and containers. By default, the following configurations are used to deploy applications in Kubernetes. Customise these values for your environment by modifying your PhariaAI Helm chart values:
phariaos-manager:
usecase:
# -- Annotations for the Deployment resource.
annotations: {}
# -- Security context for the application container.
container:
securityContext:
readOnlyRootFilesystem: false
# -- Custom volume mounts for application container
volumeMounts: []
# -- Security context for the application pod.
pod:
securityContext:
# -- Run as user with provided uid
runAsUser: 2024
# -- Run as group with provided gid
runAsGroup: 2024
# -- Custom volumes for application pods
volumes: []|
CORS
The PhariaOS application proxy server handles Cross-origin Resource Sharing (CORS) requests. Applications must not implement CORS policies when the proxy is enabled! Otherwise, you can encounter duplicated CORS headers and other CORS errors.
|