Closed vyom-soft closed 1 year ago
Hello,
I am using cert-manager and keycloak. keycloak-chart version: 18.4.1 appVersion: 17.0.1-legacy.
When accessed over metallb LB -> nginx ingress I see that fake certificate.
Used helm install to install the keycloak
here is my nginx-ingress Please can you give some hint what else I should look for.
apiVersion: networking.k8s.io/v1 kind: Ingress metadata: annotations: cert-manager.io/cluster-issuer: vyomsoft-prod-ca-issuer nginx.ingress.kubernetes.io/backend-protocol: HTTPS nginx.ingress.kubernetes.io/client-max-body-size: "4" nginx.ingress.kubernetes.io/forwarded-for-header: X-Forwarded-For nginx.ingress.kubernetes.io/proxy-body-size: 25m nginx.ingress.kubernetes.io/proxy-buffer-size: 128k nginx.ingress.kubernetes.io/proxy-buffering: "on" nginx.ingress.kubernetes.io/proxy-connect-timeout: "30" nginx.ingress.kubernetes.io/proxy-max-temp-file-size: 1024m nginx.ingress.kubernetes.io/proxy-read-timeout: "20" nginx.ingress.kubernetes.io/use-forwarded-headers: "true" creationTimestamp: "2023-02-13T19:44:56Z" generation: 1 name: keycloak namespace: kvib resourceVersion: "56101995" uid: 33ad5227-0f6a-4513-af01-29a410830499 spec: ingressClassName: nginx rules: - host: keycloak.vyomsoft.devlab.tech http: paths: - backend: service: name: keycloak-http port: name: https path: / pathType: Prefix tls: - hosts: - keycloak.vyomsoft.devlab.tech secretName: vyomsoft-prod-ca-tech status: loadBalancer: ingress: - ip: 10.10.45.211
# Additional environment variables for Keycloak extraEnv: | - name: KEYCLOAK_LOGLEVEL value: INFO # - name: WILDFLY_LOGLEVEL # value: DEBUG - name: CACHE_OWNERS_COUNT value: "2" - name: CACHE_OWNERS_AUTH_SESSIONS_COUNT value: "2" - name: KEYCLOAK_STATISTICS value: all - name: CACHE_OWNERS value: "3" - name: DB_QUERY_TIMEOUT value: "60" - name: DB_VENDOR value: postgres - name: DB_ADDR value: postgresdb-postgresql - name: DB_PORT value: "5432" - name: DB_DATABASE value: keycloak - name: DB_USER value: postgres - name: DB_PASSWORD_FILE value: /secrets/db-creds/postgres-password - name: KEYCLOAK_USER value: admin - name: KEYCLOAK_PASSWORD value: mypassword - name: PROXY_ADDRESS_FORWARDING value: 'true'
nginx ingress information
➜ ~ kubectl describe ingressclasses Name: nginx Labels: app.kubernetes.io/component=controller app.kubernetes.io/instance=ingress-nginx app.kubernetes.io/managed-by=Helm app.kubernetes.io/name=ingress-nginx app.kubernetes.io/part-of=ingress-nginx app.kubernetes.io/version=1.5.1 helm.sh/chart=ingress-nginx-4.4.0 helm.toolkit.fluxcd.io/name=ingress-nginx helm.toolkit.fluxcd.io/namespace=ingress-nginx Annotations: meta.helm.sh/release-name: ingress-nginx meta.helm.sh/release-namespace: ingress-nginx Controller: k8s.io/ingress-nginx Events:
This issue has been marked as stale because it has been open for 30 days with no activity. It will be automatically closed in 10 days if no further activity occurs.
Hello,
I am using cert-manager and keycloak. keycloak-chart version: 18.4.1 appVersion: 17.0.1-legacy.
When accessed over metallb LB -> nginx ingress I see that fake certificate.
Used helm install to install the keycloak
here is my nginx-ingress Please can you give some hint what else I should look for.
nginx ingress information
➜ ~ kubectl describe ingressclasses Name: nginx Labels: app.kubernetes.io/component=controller app.kubernetes.io/instance=ingress-nginx app.kubernetes.io/managed-by=Helm app.kubernetes.io/name=ingress-nginx app.kubernetes.io/part-of=ingress-nginx app.kubernetes.io/version=1.5.1 helm.sh/chart=ingress-nginx-4.4.0 helm.toolkit.fluxcd.io/name=ingress-nginx helm.toolkit.fluxcd.io/namespace=ingress-nginx Annotations: meta.helm.sh/release-name: ingress-nginx meta.helm.sh/release-namespace: ingress-nginx Controller: k8s.io/ingress-nginx Events: