Skip to content
Cofide Cofide

Federated Services

Cofide Federated Services are created using Kubernetes Custom Resources (CRs). The Custom Resource Definition (CRD) is included in the Cofide Agent Helm chart.

The following example Federated Service exposes a ping-pong server running in the demo namespace to two remote trust domains, other1.domain and other2.domain.

---
apiVersion: registry.cofide.io/v1alpha1
kind: FederatedService
metadata:
  name: ping-pong
  namespace: demo
spec:
  name: server
  namespace: demo
  exportedTrustDomains:
    - other1.domain
    - other2.domain
  workloadLabels:
    app: ping-pong-server
  port: 8443

This manifest should be applied to the Kubernetes cluster in which the server is running. This will result in the orchestration of resources in both the server and client (exported) clusters. The above configuration exposes the service on one or more gateways found through auto-discovery.

In cases where more control is required over the gateway setup, it is possible to manually specify the gateway addresses using the spec.gateways field:

---
apiVersion: registry.cofide.io/v1alpha1
kind: FederatedService
metadata:
  name: ping-pong
  namespace: demo
spec:
  name: server
  namespace: demo
  exportedTrustDomains:
    - other1.domain
    - other2.domain
  workloadLabels:
    app: ping-pong-server
  port: 8443
  gateways:
    - type: istio-ingressgateway
      hostname: gw.example.com
      port: 5432
    - type: istio-eastwestgateway
      ip: 1.2.3.4
      port: 4321

© 2026 Cofide Limited. All rights reserved.