GuidesAPI Reference
GuidesDiscussions
GuidesAPI ReferenceJoin the Mailing List
Join the Mailing List

## General

### **What's the Orka service endpoint?**

The default Orka service endpoint is `http://10.221.188.100` OR `http://10.10.10.100`. If configured, you might have a custom domain endpoint as well.

What's your Orka endpoint?

You can get the IP for your Orka endpoint from your [IP Plan](🔗). It's the `.100` address for your `Private-1` network. Usually, `10.221.188.100` or `10.10.10.100`. **You need to use `http` with the IP.**

To get the custom domain for your Orka cluster, if enabled:

  1. Log into your [MacStadium account](🔗).

  2. Go to **Subscriptions** (from the top right corner) and select your Orka cluster.

  3. In the **Subscription & Plan** details, find your custom domain at the bottom. If you don't see a custom domain field, it's not enabled for your environment yet. **You need to use `https` with your custom domain.**

Note that you can use both `http://<orka-IP>` and `https://<orka-custom-domain>` in your workflows.

This endpoint is also known as the <<glossary:API URL>> that you need to configure in the [Orka CLI](🔗).

You can run CLI commands and API calls to the Orka service endpoint only after you have [connected via VPN](🔗) to your Orka environment.

### **How do I test the Orka service endpoint?**

  1. Verify that you are [connected via VPN](🔗) to your Orka <<glossary:environment>>.

  2. In a command-line tool, ping one of your Orka nodes.


If your Orka endpoint is `http://10.221.188.100`, send a ping to `10.221.188.4`.
If your Orka endpoint is `http://10.10.10.100`, send a ping to `10.10.10.4`.
## Endpoint security
### **Are the Orka endpoints secure?**
Yes.
Kubernetes requires and uses PKI certificates for authentication over TLS to encrypt traffic between resources in the cluster. All Orka users use unique tokens for authentication that are validated against the certificate. This ensures secure instructions and traffic. 
Additionally, the recommended VPN connection provides secure in-flight encryption, as do other communication methods. So, while the endpoint is an `HTTP`, it adheres to all MacStadium security standards.
For added security, you can use a custom Orka domain. Custom domains are TLS-enabled and require access via HTTPS.
### **Can I use HTTPS to access my Orka service endpoint?**
Yes. To be able to use HTTPS, you need to have a [custom Orka domain](🔗). Contact the [MacStadium team](🔗) to request that HTTPS access is enabled.
## Custom domains
### **Can I have a custom domain as my Orka service endpoint?**
Yes. Contact the [MacStadium team](🔗) to request a custom domain endpoint for your cluster.
Which VPN client are you using?
If you're using OpenConnect to access your Orka cluster via VPN, you need to [add a DNS server](🔗) to your network configuration. 
If you're using Cisco AnyConnect on macOS or Linux, you're already set and you don't need to make any changes. If you're using Cisco AnyConnect on Windows, you need to [add a DNS server](🔗).
### What's my custom domain?
To get the custom domain endpoint for your Orka cluster, if enabled:
  1. Log into your [MacStadium account](🔗).
  2. Go to **Subscriptions** (from the top right corner) and select your Orka cluster.
  3. In the **Subscription & Plan** details, find your custom domain at the bottom. If you don't see a custom domain field, it's not enabled for your environment yet.
**You need to use `https` with your custom domain.**
### How do I access my environment via custom domain?
After MacStadium configures the custom domain for your environment, you need to switch to using it manually.
  • In the Orka CLI, run `orka config` and change the API URL to `https://<orka-custom-domain>`.
  • In your Orka API calls, target `https://<orka-custom-domain>`.
Which VPN client are you using?
If you're using OpenConnect to access your Orka cluster via VPN, you need to [add a DNS server](🔗) to your network configuration. 
If you're using Cisco AnyConnect on macOS or Linux, you're already set and you don't need to make any changes. If you're using Cisco AnyConnect on Windows, you need to [add a DNS server](🔗).
### Can I use the custom domain and the service endpoint IP interchangeably?
Yes. Based on your preference, you can use `https://<orka-custom-domain>` (`https://company.orka.app`) or `http://<orka-service-endpoint` (`http://10.10.10.100` or `http://10.221.188.100`) to access and interact with your environment.
### Does my custom domain change how I access my Orka VMs via VNC/SSH/Screen Sharing?
No. You still need to access the VM through it's IP and the respective port, as listed by `orka vm status` or `GET /resources/vm/status/<vm-name>`.





















































        

        

            

                

                    

                        

                          

                          
© 2019-2023 Copyright MacStadium, Inc. – Documentation built with readme.com.  Orka is a registered trademark of MacStadium, Inc.