StarlightIbuki
commented
3 months ago @randmonkey Could you take a look?
Closed vinaykumar-git6 closed 2 months ago
StarlightIbuki
commented
3 months ago @randmonkey Could you take a look?
randmonkey
commented
2 months ago @vinaykumar-git6 Looks like there are some errors happened in the applying of configurations. Could you please provide your KIC version and the configuration of related Ingress resources that use the service as backend?
github-actions[bot]
commented
2 months ago This issue is marked as stale because it has been open for 14 days with no activity.
github-actions[bot]
commented
2 months ago Dear contributor,
We are automatically closing this issue because it has not seen any activity for three weeks. We're sorry that your issue could not be resolved. If any new information comes up that could help resolving it, please feel free to reopen it.
Your contribution is greatly appreciated!
Please have a look our pledge to the community for more information.
Sincerely, Your Kong Gateway team
Is there an existing issue for this?
Kong version (
$ kong version)3.4.3.4
Current Behavior
We are trying to make communication from kong ingress to upstream services as mtls.
here is my service file :
apiVersion: v1 kind: Service metadata: annotations: konghq.com/client-cert: tls-ingress konghq.com/protocol: https name: account-information-clusterip namespace: core spec: ports:
tls secret is alredy created: [ec2-user@ip-10-74-191-55 ~]$ k get secret -n core NAME TYPE DATA AGE cvv-client-ssl-store Opaque 1 40h nexus-docker-secret kubernetes.io/dockerconfigjson 1 17d oauth-token-client-ssl-store Opaque 1 40h ssl-store Opaque 1 40h tls kubernetes.io/tls 2 40h tls-ingress kubernetes.io/tls 2 5d22h
after applying configuration kong ingress controller gives error
time="2024-06-09T04:21:21Z" level=debug msg="no configuration change, skipping sync to Kong" url="https://127.0.0.1:8444/" time="2024-06-09T04:21:21Z" level=debug msg="due to errors in the current config, the last valid config has been pushed to Gateways" time="2024-06-09T04:21:21Z" level=error msg="could not update kong admin" error="performing update for https://127.0.0.1:8444/ failed: failed posting new config to /config: got status code 400" subsystem=dataplane-synchronizer time="2024-06-09T04:21:21Z" level=debug msg="successfully applied Kong configuration to https://127.0.0.1:8444/" logger=events object="{\"kind\":\"Pod\",\"namespace\":\"kong-app\",\"name\":\"ingress-kong-796548b7cc-tqp58\",\"apiVersion\":\"v1\"}" reason=KongConfigurationSucceeded type=Normal
Expected Behavior
upstream mtls communication over https should work after defining these annotations
konghq.com/client-cert: tls-ingress konghq.com/protocol: https
Steps To Reproduce
No response
Anything else?
No response