Endpoint FAQs

Frequently asked questions about the Orka service endpoint, also known as the API URL.

General

What's the Orka service endpoint?

The default Orka service endpoint is http://10.221.188.100 OR http://10.10.10.100. If configured, you might have a custom domain endpoint as well.

📘

What's your Orka endpoint?

You can get the IP for your Orka endpoint from your IP Plan. It's the .100 address for your Private-1 network. Usually, 10.221.188.100 or 10.10.10.100. You need to use http with the IP.

To get the custom domain for your Orka cluster, if enabled:

  1. Log into your MacStadium account.
  2. Go to Subscriptions (from the top right corner) and select your Orka cluster.
  3. In the Subscription & Plan details, find your custom domain at the bottom. If you don't see a custom domain field, it's not enabled for your environment yet.
    You need to use https with your custom domain.

Note that you can use both http://<orka-IP> and https://<orka-custom-domain> in your workflows.

This endpoint is also known as the API URLAPI URL - The Orka API service runs at a specific URL and port. Orka CLI commands and Orka API calls are executed against the Orka API URL. The MacStadium team will provide the API URL. that you need to configure in the Orka CLI.

You can run CLI commands and API calls to the Orka service endpoint only after you have connected via VPN to your Orka environment.

How do I test the Orka service endpoint?

  1. Verify that you are connected via VPN to your Orka environmentenvironment - A MacStadium cloud environment with an enabled Orka service..
  2. In a command-line tool, ping one of your Orka nodes.
curl <node-IP>

If your Orka endpoint is http://10.221.188.100, send a ping to 10.221.188.4.

If your Orka endpoint is http://10.10.10.100, send a ping to 10.10.10.4.

Endpoint security

Are the Orka endpoints secure?

Yes.

Kubernetes requires and uses PKI certificates for authentication over TLS to encrypt traffic between resources in the cluster. All Orka users use unique tokens for authentication that are validated against the certificate. This ensures secure instructions and traffic.

Additionally, the recommended VPN connection provides secure in-flight encryption, as do other communication methods. So, while the endpoint is an HTTP, it adheres to all MacStadium security standards.

For added security, you can use a custom Orka domain. Custom domains are TLS-enabled and require access via HTTPS.

Can I use HTTPS to access my Orka service endpoint?

Yes. To be able to use HTTPS, you need to have a custom Orka domain. Contact the MacStadium team to request that HTTPS access is enabled.

Custom domains

Can I have a custom domain as my Orka service endpoint?

Yes. Contact the MacStadium team to request a custom domain endpoint for your cluster.

📘

Which VPN client are you using?

If you're using OpenConnect to access your Orka cluster via VPN, you need to add a DNS server to your network configuration.

If you're using Cisco AnyConnect on macOS or Linux, you're already set and you don't need to make any changes. If you're using Cisco AnyConnect on Windows, you need to add a DNS server.

What's my custom domain?

To get the custom domain endpoint for your Orka cluster, if enabled:

  1. Log into your MacStadium account.
  2. Go to Subscriptions (from the top right corner) and select your Orka cluster.
  3. In the Subscription & Plan details, find your custom domain at the bottom. If you don't see a custom domain field, it's not enabled for your environment yet.
    You need to use https with your custom domain.

How do I access my environment via custom domain?

After MacStadium configures the custom domain for your environment, you need to switch to using it manually.

  • In the Orka CLI, run orka config and change the API URL to https://<orka-custom-domain>.
  • In your Orka API calls, target https://<orka-custom-domain>.

📘

Which VPN client are you using?

If you're using OpenConnect to access your Orka cluster via VPN, you need to add a DNS server to your network configuration.

If you're using Cisco AnyConnect on macOS or Linux, you're already set and you don't need to make any changes. If you're using Cisco AnyConnect on Windows, you need to add a DNS server.

Can I use the custom domain and the service endpoint IP interchangeably?

Yes. Based on your preference, you can use https://<orka-custom-domain> (https://company.orka.app) or http://<orka-service-endpoint (http://10.10.10.100 or http://10.221.188.100) to access and interact with your environment.

Does my custom domain change how I access my Orka VMs via VNC/SSH/Screen Sharing?

No. You still need to access the VM through it's IP and the respective port, as listed by orka vm status or GET /resources/vm/status/<vm-name>.

Updated 10 months ago


Endpoint FAQs


Frequently asked questions about the Orka service endpoint, also known as the API URL.

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.


© 2019-2020 Copyright MacStadium, Inc. – Documentation built with readme.io. Orka is a registered trademark of MacStadium, Inc.