Open danielsatanik opened 1 year ago
+1
+1 Put exec.enabled: true, used admin account and also tried SSO with the correct RBAC rights. Argo is behind GCP ingress, and we also use Istio service mesh. Running insecure flag for server.
WebSocket connection to 'wss://URL/terminal?pod=test-64469d7d7f-k4kv5&container=app&appName=client&appNamespace=argocd&projectName=dev&namespace=client' failed:
Running Argo v2.9.0
Any updates for this issue?
+1 this problem occurs with Traefik periodically, other times there is an 101 Upgrade response followed by an outgoing message {"operation":"resize","cols":95,"rows":47}
, and ultimately resulting in Connection Closed: 1006
+1 for {"operation":"resize","cols":121,"rows":43}
when opening terminal
here's my nginx config:
location / {
proxy_pass http://10.108.252.116:80/; <--- ClusterIP of ArgoCD Service
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header Host $host;
}
I recently upgraded and now the Web Terminal is available, but I cannot get it to work with our nginx ingress. My original configuration looked as follows:
Important to know is everything works fine and the kubernetes cluster sits behind another external facing proxy that forwards all traffic on /sub to the cluster.
After granting exec rights, enabling it in the argo-cm.yaml and configuring the role I could access the UI elements for the webterminal but as soon as I click on the tab in the details section, the following is shown:
I have then added a server-snippet in the nginx ingress annotations according to some of the forums I have browsed to set the upgrade headers, that looked like this:
That led to:
Which makes a lot of sense because now it won't be forwarded to the argo-server anymore, so I extended it by:
Which led to:
Which still makes sense because I had my rewrite in the ingress which I have to add as well, which I did:
Which returned the same error. So I looked into the nginx.conf of the ingress and added a bunch of other stuff:
Now it goes through to the argo-server but still throws a 400.
And I'm back at the beginning. The error message is exactly the same. I looked closer into the auto-generated part of the nginx.conf and it even allows websockets so the problem must be somewhere else. Here is a small excerpt from the location block ingress generates:
So where exactly can I make changes to make the setting work?
Issues that haven't helped: