Closed forszpanen closed 11 months ago
aabouzaid
commented
1 year ago @forszpanen that values file is not correct. It mixes the combined and separated ingress together.
Please take a look at the this guide (you need to enable one of them not both): https://docs.camunda.io/docs/next/self-managed/platform-deployment/helm-kubernetes/guides/ingress-setup/
forszpanen
commented
1 year ago @forszpanen that values file is not correct. It mixes the combined and separated ingress together.
Please take a look at the this guide (you need to enable one of them not both): https://docs.camunda.io/docs/next/self-managed/platform-deployment/helm-kubernetes/guides/ingress-setup/
@aabouzaid True - I've mixed it a bit but when I've introduced those changes I still have a problem. Could you tell sth more?
# Chart values for the Camunda Platform 8 Helm chart in combined Ingress setup.
# This file deliberately contains only the values that differ from the defaults.
# For changes and documentation, use your favorite diff tool to compare it with:
# https://github.com/camunda/camunda-platform-helm/blob/main/charts/camunda-platform
# IMPORTANT: Make sure to change "camunda.example.com" to your domain.
global:
identity:
auth:
publicIssuerUrl: "https://keycloak-camunda.example.com/auth/realms/camunda-platform"
operate:
redirectUrl: "https://operate-camunda.example.com"
tasklist:
redirectUrl: "https://tasklist-camunda.example.com"
optimize:
redirectUrl: "https://optimize-camunda.example.com"
webModeler:
redirectUrl: "https://modeler-camunda.example.com"
identity:
ingress:
enabled: true
className: nginx
host: "identity-camunda.example.com"
fullURL: "https://identity-camunda.example.com"
keycloak:
ingress:
enabled: true
production: true
ingressClassName: nginx
hostname: "keycloak-camunda.example.com"
production: true
proxy: edge
extraEnvVars:
- name: PROXY_ADDRESS_FORWARDING
value: "true"
- name: KEYCLOAK_FRONTEND_URL
value: "https://keycloak-camunda.example.com/auth"
- name: KC_HOSTNAME_ADMIN_URL
value: "https://keycloak-camunda.example.com/auth"
operate:
ingress:
enabled: true
className: nginx
host: "operate-camunda.example.com"
optimize:
ingress:
enabled: true
className: nginx
host: "optimize-camunda.example.com"
tasklist:
ingress:
enabled: true
className: nginx
host: "tasklist-camunda.example.com"
zeebe-gateway:
security:
authMode: none
ingress:
enabled: true
className: nginx
host: "zeebe-camunda.example.com"
webModeler:
ingress:
enabled: true
className: nginx
webapp:
host: "modeler-camunda.example.com"
websockets:
host: "modeler-ws-camunda.example.com"@forszpanen Could you please show what exact issue do you have after the change?
In general, as I see, your value has no TLS config, yet you are using https URL.
Please check the chart parameters to setup the TLS.
aabouzaid
commented
11 months ago I'm closing this issue since there have been no updates so far. Feel free to open it again if needed.
Describe the issue:
Camunda Self-Hosted on EKS cluster in AWS. Configuration is done as below but it's used a proposed one by Camunda.
Actual behavior: I open https://optimize-camunda.example.com (configured in Route53) and gives { "errorCode" : "serverError", "errorMessage" : "An internal server error occurred.", "detailedMessage" : "request failed with status code '400' and body '{\"error\":\"invalid_grant\",\"error_description\":\"Incorrect redirect_uri\"}'", "reportDefinition" : null }
Other components works: Operate, TaskList
Expected behavior:
See Optimize UI without problem with redirection.
How to reproduce:
helm install camunda-platform $HELM_REPO_PATH/camunda-platform --namespace=$APP_PAR -f subdomain_values.yaml
Environment:
Please note: Without the following info, it's hard to resolve the issue and probably it will be closed.
This file deliberately contains only the values that differ from the defaults.
For changes and documentation, use your favorite diff tool to compare it with:
https://github.com/camunda/camunda-platform-helm/blob/main/charts/camunda-platform
IMPORTANT: Make sure to change "camunda.example.com" to your domain.
global:
env:
- name: LOGGING_LEVEL_ROOT
value: DEBUG
ingress: enabled: true identity: auth: publicIssuerUrl: "https://keycloak-camunda.example.com/auth/realms/camunda-platform" operate: redirectUrl: "https://operate-camunda.example.com" tasklist: redirectUrl: "https://tasklist-camunda.example.com" optimize: redirectUrl: "https://optimize-camunda.example.com" webModeler: redirectUrl: "https://modeler-camunda.example.com"
identity: auth: publicIssuerUrl: "https://keycloak-camunda.example.com/auth/realms/camunda-platform" operate: redirectUrl: "https://operate-camunda.example.com" tasklist: redirectUrl: "https://tasklist-camunda.example.com" optimize: redirectUrl: "https://optimize-camunda.example.com" webModeler: redirectUrl: "https://modeler-camunda.example.com"
env:
- name: LOGGING_LEVEL_ROOT
value: DEBUG
ingress: enabled: true className: nginx host: "identity-camunda.example.com" fullURL: "https://identity-camunda.example.com" keycloak: ingress: enabled: true production: true ingressClassName: nginx hostname: "keycloak-camunda.example.com" production: true proxy: edge extraEnvVars:
operate: ingress: enabled: true className: nginx host: "operate-camunda.example.com"
optimize: ingress: enabled: true className: nginx host: "optimize-camunda.example.com"
tasklist: ingress: enabled: true className: nginx host: "tasklist-camunda.example.com"
zeebe-gateway: security: authMode: none ingress: enabled: true className: nginx host: "zeebe-camunda.example.com"
webModeler: ingress: enabled: true className: nginx webapp: host: "modeler-camunda.example.com" websockets: host: "modeler-ws-camunda.example.com"