Skip to content

onos-gui Architecture

The GUI is architected as a Cloud Native application to be run on Kubernetes accessing the back end modules through gRPC (and in the case of the Config GUI mostly through gNMI).

onos-gui deployment

The main front end technology is Angular and is supplemented by gRPC Web to access the back through a gRPC proxy.

Nginx acts as a web server and web Proxy, while Envoy proxy server acts as a grpc-web proxy and all are deployed on Kubernetes.

While 2 proxies seem to be an overhead, it is unavoidable at present because:

  • nginx cannot do the grpc-web proxying (while there was a module written for nginx in the grpc-web project, this does not work with anything beyond nginx v1.14.2)

  • Envoy cannot load static web pages, and so nginx is required to perform this role

Alternatives to grpc-web

There are some alternatives to using grpc-web to allow web browsers to access gRPC directly, but grpc-web is the recommended solution as per the gRPC website.

See also this article on hacker noon.

Access to Kubernetes API

An instance of kubectl proxy runs inside the onos-gui pod alongside nginx. This exposes the Kubernetes REST API on port 8001.

The nginx server then proxies that to http://localhost:80/kubernetes-api

The application can then access the API like:

HTTP GET http://localhost:80/kubernetes-api/api/v1/namespaces/onos/services

The onos-gui pod needs to be given RBAC permission of list and get to be able to read these services. This is granted in the Helm Chart.