Create and Update Alternate Endpoints

After adding the first custom endpoint (primary endpoint) to your instance, you need to use the command line in a shell when you want to update the instance to add more endpoints (alternate endpoints). The OCI Console provides a shell editor you can use to add and update alternate endpoints.

Additionally, when it comes time to update the SSL certificate in a secret, you need to use the command line to trigger an instance update after updating the secret in the associated vault. For details, see Update a Secret in a Vault.

Note:

If you have not been managing your instance yourself, meaning your instance was managed by Oracle, after you are migrated to your own tenancy you are responsible for managing your instance's alternate endpoints and associated vaults. This includes updating the SSL certificates for alternate endpoints.

To create and update alternate endpoints in a Visual Builder instance, you use the command line to send a JSON payload via thevb-instance update command. In the command, the payload is included as alternate-custom-endpoints parameters. For details on the vb-instance update command, see vb-instance update in the OCI CLI Command Reference, and UpdateCustomEndpointDetails Reference in the Visual Builder API.

WARNING:

When updating alternate endpoint details using the command line, your payload must include the details of every alternate endpoint in your instance, including the details for endpoints not being updated. For example, if your instance has two alternate endpoints, and you want to update the secret in the vault for one of the alternate endpoints, the payload must still contain the details for both alternate endpoints.

To create or update an alternate endpoint:

  1. On the Visual Builder Instances page, find the instance you want to work with and open its details page. If you need help finding the Instances page or the instance, see View and Manage the Visual Builder Instance.
  2. Select the Developer tools menu in the header, and then select Cloud Shell to open the Cloud Shell editor.

    Description of admin-console-developertools.png follows
    Description of the illustration admin-console-developertools.png

    The Cloud shell editor opens in the bottom of your browser window:


    Description of admin-console-cloudshell.png follows
    Description of the illustration admin-console-cloudshell.png

    It might take a minute for the editor to initialize.

  3. In the shell editor, check that the shell is working correctly.

    The shell editor is context-sensitive, so the command returns details about the instance open in the details page.

    Enter the following get command at the prompt: 

    oci visual-builder vb-instance get --id <OCID>

    For the id parameter, you need to provide the instance's OCID, which is listed in the Details tab. To copy the instance's <OCID>, click Copy next to the OCID.

    When you run the command, you should see details about the instance in the shell editor.

  4. Run the update command in the shell editor.

    You use the update command to update existing alternate endpoints and to create new alternate endpoints.

    Note:

    In the update command, you need to provide the instance's OCID for the id parameter, and include a JSON array containing the details of every alternate endpoint in the instance as the payload of the alternate-custom-endpoints parameter:

    • If you are using a vault to store a certificate for an alternate endpoint, you need to include in the payload the hostname and the certificate secret OCID of each endpoint:

      --alternate-custom-endpoints '[{"hostname":"hostname.com","certificateSecretId":"<SECRET_ID>"}]'

    • If you are using WAF for an alternate endpoint's certificate, you only need to include the hostname in the payload:

      --alternate-custom-endpoints '[{"hostname":"hostname.com"}]'

    • If you fail to include an endpoint in the payload when you run the update command, the endpoint is deleted.

    • To update the details of an alternate endpoint:

      Run the update command. When you run the command, confirm you have included the details of every alternate endpoint in the instance. For example, if you have two alternate endpoints in your instance, and you want to update one of them, the update command might look something like this: 

      oci visual-builder vb-instance update --id <VB_INSTANCE_OCID> 
--alternate-custom-endpoints '[{"hostname":"hostname.com","certificateSecretId":"<SECRET_ID>"},
{"hostname":"hostname1.com","certificateSecretId":"<SECRET_ID>"}]'

      Notice that although in this case you are only updating one endpoint, the alternate-custom-endpoints parameter payload contains the details for the two alternate endpoints (hostname.com and hostname1.com).

    • To create a new alternate endpoint:

      By default, you can create up to three alternate endpoints in your instance. If you need more than this, contact VB Dev Ops to increase the limit.

      1. Confirm you have configured the hostname for the new alternate endpoint using WAF or a vault and secret.

        For details, see Create a Load Balancer and Configure a Hostname and Configure a Vault for a Custom Endpoint.

      2. Run the update command. When you run the command, in addition to the details of the new endpoint, confirm you have included the details of every existing alternate endpoint in the instance, just as you would when updating alternate endpoint details. For example, if you have one alternate endpoints in your instance (hostname.com), and you want to create a new one (hostname1.com), the update command might look something like this:
        oci visual-builder vb-instance update --id <VB_INSTANCE_OCID> 
--alternate-custom-endpoints '[{"hostname":"hostname.com","certificateSecretId":"<SECRET_ID>"},
{"hostname":"hostname1.com","certificateSecretId":"<SECRET_ID>"}]'

        Notice that the details you need to provide in the update command when updating alternate endpoint details is the same as when creating a new alternate endpoint.

      3. Configure the DNS record for the new endpoint.

        After creating an alternate endpoint, to configure the DNS record for the new endpoint you need to provide either the CNAME (the hostname) or the IP address of the load balancer.

        Note:

        The load balancer for an alternate endpoint can be different from the load balancer for the instance. You'll need to file a ticket with VB Dev Ops to verify the details. Note that this is a one-time action, so once configured, the load balancer details will not change.