Closed wilkerd1 closed 2 years ago
This has not been tested with Keycloak 15.0.1 with our current setup. If you are allowed to share your screen it may be good to do that and get on a Webex to troubleshoot. We could go through emails and GH back and forth eternally. The NGINX stuff should be a config map for the apis.js in a K8s setup, along with the NGINX ingress mappings for the ingress. There should not be any /html/api type paths in NGINX for the unprivileged container built with the web interface. The NGINX ingress in things like https://github.com/Cingulara/openrmf-docs/blob/master/deployments/chart/openrmf/templates/read.yaml#L96 should map the /api/xxxx to the proper path. And those are relative to the NGINX ingress controller.
It is probably easier to show you on my AWS EKS as an example honestly. There is no bug that I know if in the helm template as I use that to deploy demo.openrmf.io and have multiple times over and over. I am guessing something like the ingress was missed. If this is still RKE2 I am not sure what ingress they use or how it is to be mapped. And realize, my help chart template was only setup for minikube and AWS EKS so far. The ingress and volume stuff may not match.
Thank you for the fast reply! I sincerely appreciate it. A WebeEx would be very helpful. This is a dev environment that only I control so there should be no sharing issues. There's no sensitive data on the environment or my machine. It very well could be a config detail I missed during initial stand-up.
How do we go about setting up a screen share? I have a Teams environment or we can use WebEx if you have it available.
I have Webex I can send it out. Email me dale.bingham@cingulara.com and we can set it up.
@wilkerd1 did this ever get fixed? We have a chart to make the openrmf-web and its APIs work in K8s. I use it in EKS. And the APIs have a section like this that uses the NGINX ingress. Maybe that setup did not use the NGINX ingress controller and that has to be cleaned up? Let me know. This is an older one and I am working to go through them to make sure no-one is left hanging.
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: openrmf-read-ingress
namespace: {{.Values.namespace}}
labels:
app.kubernetes.io/name: openrmf
helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version }}
app.kubernetes.io/component: read-api-ingress
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/revision: "{{ .Release.Revision }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
app.kubernetes.io/managed-by: helm
annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/ssl-redirect: "false"
nginx.ingress.kubernetes.io/rewrite-target: /$2
nginx.ingress.kubernetes.io/cors-allow-methods: "GET, OPTIONS"
nginx.ingress.kubernetes.io/proxy-body-size: 5m
spec:
rules:
- host: {{.Values.dnsName}}
http:
paths:
- path: /api/read(/|$)(.*)
pathType: Prefix
backend:
service:
name: openrmf-read
port:
number: 8080
This is a Kubernetes ingress issue on configuration...waiting for reply.
Nothing heard so closing this.
I finally have OpenRMF from the master branch running on Rancher RKE2, including Keycloak config, and am able to pull up the app and login. I did have to resort to upgrading the Keycloak image to a newer verison. 12.0.3 as configured suffered from a show stopping bug preventing getting the app to auth. Moving to 15.0.1 seemed to resolve the issues.
After logging in I notice the browser keeps refreshing every second or so and doesn't allow for entering data: as soon as you start typing the screen blinks and presto its gone.
Jumped on the cluster, looked around, then followed the NGINX log file and see it repeatedly logging error messages from the open() function complaining of missing files/directories in the form: /usr/share/nginx/html/api/xxxxx/xxxx/xxxx. It seems as this open() call is failing on everything really.
Opened a shell on the NGINX pod and looked in the doc root /usr/share/nginx/html and sure enough the file/dirs it's complaining about are not there. The other files for the site are, but these are missing.
Is this a bug in the install/config/setup of OpenRMF or did a step get missed when deploying and configuring? The app surfaces but is mostly unusable at this point until I can resolve?