Document URL: https://docs.openshift.com/container-platform/4.7/serverless/networking/serverless-configuring-routes.html Describe the issue: In the documentation the below statement is present. ~~~ If you want to configure a Knative service to use your TLS certificate on OpenShift Container Platform, you must disable the automatic creation of a route for the service by the OpenShift Serverless Operator, and instead manually create a Route resource for the service. ~~~ --> In Serverless, the knative route gets created as well as the normal OpenShift route for application. It would be great to clearly mention that the normal OpenShift route doesn't get created when the above documentation is followed inside the "knative-serving-ingress" namespace while the knative route still remains there in the acutal application project Add a section in the documentation about "Disabling external access to a Knative service", explaining the use of "networking.knative.dev/visibility: cluster-local" annotation. When this annotation is used while creating the knative service, it will be accessible from the cluster network only as it gets created with format of "<app-name>.<project>.svc.cluster.local" Suggestions for improvement: --> Making clear about Knative route and OpenShift route. --> Add a section for disabling external access to a Knative service using networking.knative.dev/visibility: cluster-local" annotation.
Hello Team, Any update on this?
We are working on this for our 1.16.0 release (Jira tracking: https://issues.redhat.com/browse/SRVKS-711) You may find the upstream Knative documentation on configuring private services useful in the meantime: https://knative.dev/development/serving/services/private-services/
Documentation has been updated: https://docs.openshift.com/container-platform/4.7/serverless/knative_serving/serverless-configuring-routes.html