Configuring private Services

    Knative provides two ways to enable private services which are only available inside the cluster:

    1. To make all Knative Services private, change the default domain to by editing the config-domain ConfigMap. This changes all Services deployed through Knative to only be published to the cluster.

    To configure a Knative Service so that it is only available on the cluster-local network, and not on the public internet, you can apply the label to a Knative Service, a route or a Kubernetes Service object.

    • By labeling the Kubernetes Service you can restrict visibility in a more fine-grained way. See for information about tagged routes.

    You can deploy the Hello World sample and then convert it to be an cluster-local Service by labelling the Service:

    You can then verify that the change has been made by verifying the URL for the Service: