For the Beijing release of ONAP on OOM, accessing the ONAP portal from the user's own environment (laptop etc.) was a frequently requested feature.
So to achieve that, what we've decided on doing is to expose the portal application's port 8989 through a K8s LoadBalancer object.
This has some non-obvious implications in a clustered Kubernetes environment specifically where the K8s cluster nodes communicate with each other via a private network that isn't publicly accessible (i.e. Openstack VMs with private internal network).
Typically, to be able to access the K8s nodes publicly a public address is assigned. In Openstack this is a floating IP address.
What happens when the portal-app chart is deployed is that a K8s service is created that instantiates a load balancer. The LB chooses the private interface of one of the nodes as in the example below (10.0.0.4 is private to the K8s cluster only). Then to be able to access the portal on port 8989 from outside theK K8s & Openstack environment, the user needs to assign/get the floating IP address that corresponds to the private IP.
kubectl -n onap get services|grep "portal-app" portal-app LoadBalancer 10.43.142.201 10.0.0.4 8989:30215/TCP,8006:30213/TCP,8010:30214/TCP 1d app=portal-app,release=dev
In this example, that public floating IP is 10.12.5.155 which can be obtained through the horizon GUI or the Openstack CLI for your tenant (openstack server list) . That IP is then used in your /etc/hosts to map the fixed DNS aliases required by the ONAP Portal as shown below.
10.12.6.155 portal.api.simpledemo.onap.org 10.12.6.155 vid.api.simpledemo.onap.org 10.12.6.155 sdc.api.fe.simpledemo.onap.org 10.12.6.155 portal-sdk.simpledemo.onap.org 10.12.6.155 policy.api.simpledemo.onap.org 10.12.6.155 aai.api.sparky.simpledemo.onap.org 10.12.6.155 cli.api.simpledemo.onap.org 10.12.6.155 msb.api.discovery.simpledemo.onap.org
Ensure you've disabled any proxy settings the browser you are using to access the portal and then simply access the familiar URL:
http://portal.api.simpledemo.onap.org:8989/ONAPPORTAL/login.htm
Other things we tried:
We went through using Kubernetes port forwarding but thought it a little clunky for the end user to have to use a script to open up port forwarding tunnels to each K8s pod that provides a portal application widget
We considered bringing back the VNC chart with a different image but there were many issues with resolution, lack of volume mount, /etc/hosts dynamic update, file upload that were a tall order to solve in time for the Beijing release.