* Added documentation for the offline server and moved to how to guide.

* Fixing the issue with integration test. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com>
feast-dev · dmartinol · Nov 8, 2024 · Nov 6, 2024 · Nov 7, 2024 · Nov 7, 2024
commit f92d26bbb439a2e77068b97e9dedbbed3bb9e832
@@ -64,6 +64,7 @@
   * [Adding a new online store](how-to-guides/customizing-feast/adding-support-for-a-new-online-store.md)
   * [Adding a custom provider](how-to-guides/customizing-feast/creating-a-custom-provider.md)
 * [Adding or reusing tests](how-to-guides/adding-or-reusing-tests.md)
+* [Starting Feast servers in TLS(SSL) Mode](how-to-guides/starting-feast-servers-tls-mode.md)
 
 ## Reference
 

@@ -1,7 +1,9 @@
 # Starting feast servers in TLS (SSL) mode.
 TLS (Transport Layer Security) and SSL (Secure Sockets Layer) are both protocols encrypts communications between a client and server to provide enhanced security.TLS or SSL words used interchangeably. 
 This article is going to show the sample code to start all the feast servers such as online server, offline server, registry server and UI server in TLS mode. 
-Also show examples related to feast clients to communicate with the feast servers started in TLS mode.
+Also show examples related to feast clients to communicate with the feast servers started in TLS mode. 
+
+We assume you have basic understanding of feast terminology before going through this tutorial, if you are new to feast then we would recommend to go through existing [starter tutorials](./../../examples) of feast.
 
 ## Obtaining a self-signed TLS certificate and key
 In development mode we can generate a self-signed certificate for testing. In an actual production environment it is always recommended to get it from a trusted TLS certificate provider.
@@ -17,15 +19,32 @@ The above command will generate two files
 You can use the public or private keys generated from above command in the rest of the sections in this tutorial.
 
 ## Create the feast demo repo for the rest of the sections.
-create a feast repo using `feast init` command and use this repo as a demo for subsequent sections.
+Create a feast repo and initialize using `feast init` and `feast apply` command and use this repo as a demo for subsequent sections.
 
 ```shell
 feast init feast_repo_ssl_demo
-```
 
-Output is
-```
+#output will be something similar as below
 Creating a new Feast repository in /Documents/Src/feast/feast_repo_ssl_demo.
+
+cd feast_repo_ssl_demo/feature_repo
+feast apply
+
+#output will be something similar as below
+Applying changes for project feast_repo_ssl_demo
+
+Created project feast_repo_ssl_demo
+Created entity driver
+Created feature view driver_hourly_stats
+Created feature view driver_hourly_stats_fresh
+Created on demand feature view transformed_conv_rate
+Created on demand feature view transformed_conv_rate_fresh
+Created feature service driver_activity_v1
+Created feature service driver_activity_v3
+Created feature service driver_activity_v2
+
+Created sqlite table feast_repo_ssl_demo_driver_hourly_stats_fresh
+Created sqlite table feast_repo_ssl_demo_driver_hourly_stats
 ```
 
 You need to execute the feast cli commands from  `feast_repo_ssl_demo/feature_repo` directory created from the above `feast init` command.
@@ -68,7 +87,7 @@ entity_key_serialization_version: 2
 auth:
   type: no_auth
 ```
-{% endcode %}
+
 
 `cert` is an optional configuration to the public certificate path when the online server starts in TLS(SSL) mode. Typically, this file ends with `*.crt`, `*.cer`, or `*.pem`.
 
@@ -106,14 +125,55 @@ entity_key_serialization_version: 2
 auth:
   type: no_auth
 ```
-{% endcode %}
 
 `cert` is an optional configuration to the public certificate path when the registry server starts in TLS(SSL) mode. Typically, this file ends with `*.crt`, `*.cer`, or `*.pem`.
 
 ## Starting feast offline server in TLS mode
 
-TBD
+To start the offline server in TLS mode, you need to provide the private and public keys using the `--key` and `--cert` arguments with the `feast serve_offline` command.
+
+```shell
+feast serve_offline --key /path/to/key.pem --cert /path/to/cert.pem
+```
+You will see the output something similar to as below. Note the server url starts in the `https` mode.
+
+```shell
+11/07/2024 11:10:01 AM feast.offline_server INFO: Found SSL certificates in the args so going to start offline server in TLS(SSL) mode.
+11/07/2024 11:10:01 AM feast.offline_server INFO: Offline store server serving at: grpc+tls://127.0.0.1:8815
+11/07/2024 11:10:01 AM feast.offline_server INFO: offline server starting with pid: [11606]
+```
+
+### Feast client connecting to remote registry sever started in TLS mode.
+
+Sometimes you may need to pass the self-signed public key to connect to the remote registry server started in SSL mode if you have not added the public key to the certificate store.
+You have to add `scheme` to `https`.
+
+feast client example:
+
+```yaml
+project: feast-project
+registry:
+  registry_type: remote
+  path: https://localhost:6570
+  cert: /path/to/cert.pem
+provider: local
+online_store:
+  path: http://localhost:6566
+  type: remote
+  cert: /path/to/cert.pem
+entity_key_serialization_version: 2
+offline_store:
+  type: remote
+  host: localhost
+  port: 8815
+  scheme: https
+  cert: /path/to/cert.pem
+auth:
+  type: no_auth
+```
 
+`cert` is an optional configuration to the public certificate path when the registry server starts in TLS(SSL) mode. Typically, this file ends with `*.crt`, `*.cer`, or `*.pem`.
+`scheme` should be `https`. By default, it will be `http` so you have to explicitly configure to `https` if you are planning to connect to remote offline server which is started in TLS mode.
 
 ## Starting feast UI server (react app) in TLS mode
 To start the feast UI server in TLS mode, you need to provide the private and public keys using the `--key` and `--cert` arguments with the `feast ui` command.

@@ -589,7 +589,6 @@ def start_server(
         store,
         location=location,
         host=host,
-        port=port,
         tls_certificates=tls_certificates,
         verify_client=True,
     )