Closed RafSchandevyl closed 2 months ago
cakoolen
commented
1 year ago I've now manually configured the ha proxy of the openbalena compose to include the services of the admin. After all that is working I now get cannot Get / from my browser with little hints on what's going wrong
Did you manage to get it working in the end?
brynmathias
commented
1 year ago @cakoolen do you have a snippet of your ha proxy? I'm trying to do the same now
dcaputo-harmoni
commented
1 year ago All - open-blaena-admin should install its own haproxy instance to handle its reverse proxying needs. If you want to use your own, you can find the config for the built in one described in the helm file (which is used for the k8s install):
haproxy:
controller:
ingressClass: openbalena-admin-haproxy
ingressClassResource:
enabled: true
tcp:
10000: openbalena-admin/openbalena-admin-remote:10000:PROXY-V2::openbalena-admin/openbalena-admin-tls
10001: openbalena-admin/openbalena-admin-remote:10001:PROXY-V2::openbalena-admin/openbalena-admin-tls
10002: openbalena-admin/openbalena-admin-remote:10002:PROXY-V2::openbalena-admin/openbalena-admin-tls
10003: openbalena-admin/openbalena-admin-remote:10003:PROXY-V2::openbalena-admin/openbalena-admin-tls
10004: openbalena-admin/openbalena-admin-remote:10004:PROXY-V2::openbalena-admin/openbalena-admin-tls
10005: openbalena-admin/openbalena-admin-remote:10005:PROXY-V2::openbalena-admin/openbalena-admin-tls
10006: openbalena-admin/openbalena-admin-remote:10006:PROXY-V2::openbalena-admin/openbalena-admin-tls
10007: openbalena-admin/openbalena-admin-remote:10007:PROXY-V2::openbalena-admin/openbalena-admin-tls
10008: openbalena-admin/openbalena-admin-remote:10008:PROXY-V2::openbalena-admin/openbalena-admin-tls
10009: openbalena-admin/openbalena-admin-remote:10009:PROXY-V2::openbalena-admin/openbalena-admin-tls
nodeSelector:
kubernetes.io/arch: amd64As well as the ingress:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ include "openbalena-admin.fullname" . }}
namespace: {{ .Release.Namespace }}
labels:
{{- include "openbalena-admin.labels" . | nindent 4 }}
annotations:
{{- with .Values.ingress.annotations }}
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with .Values.ingress.http.annotations }}
{{- toYaml . | nindent 4 }}
{{- end }}
cert-manager.io/issuer: openbalena-admin-certificate-issuer
spec:
tls:
- hosts:
- admin.{{ .Values.global.hostname }}
- postgrest.{{ .Values.global.hostname }}
- remote.{{ .Values.global.hostname }}
secretName: {{ include "openbalena-admin.fullname" . }}-tls
ingressClassName: openbalena-admin-haproxy
rules:
- host: admin.{{ .Values.global.hostname }}
http:
paths:
- pathType: Prefix
path: "/"
backend:
service:
name: {{ include "openbalena-admin.fullname" . }}-ui
port:
number: 80
- host: postgrest.{{ .Values.global.hostname }}
http:
paths:
- pathType: Prefix
path: "/"
backend:
service:
name: {{ include "openbalena-admin.fullname" . }}-postgrest
port:
number: 80
- host: remote.{{ .Values.global.hostname }}
http:
paths:
- pathType: Prefix
path: "/"
backend:
service:
name: {{ include "openbalena-admin.fullname" . }}-remote
port:
number: 80I just merged the config necessary for open-balena-admin with the haproxy present in the openbalena config. The drawback of that is that there are now hard dependencies between the two compose files. It would be a lot cleaner to merge the two all-together or as suggested above to deploy them separately. Adding the services to the openbalena haproxy ment that I had to tweak the compose file of the open-balena-admin repo as well.
Hi, I'm trying to run openbalena-admin on the same host as openbalena itself. it seems to start, but when i go to the url i get 503 service not available error. could this be that de haproxy needs to be changed to be able to connect ?
i also get the certificate off the api.