search

drogue-iot / drogue-cloud

Cloud Native IoT
https://drogue.io
Apache License 2.0
113 stars 30 forks source link

error deploying console backend compenent #378

Open lucamaf opened 1 year ago

lucamaf commented 1 year ago

I tried to deploy version 0.11 using the following command: env CLUSTER=openshift ./scripts/drgadm deploy -e most of the components deployed correctly but console-backend doesn't and it terminates with the following error:

[2023-06-07T09:09:28.924Z INFO drogue_bazaar::core::tls] Adding Service CA certificate ("/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt")
[2023-06-07T09:09:28.924Z INFO drogue_bazaar::reqwest] Adding root certificate: "/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt"
[2023-06-07T09:09:28.929Z INFO drogue_bazaar::reqwest] Found 1 certificates
[2023-06-07T09:09:28.929Z INFO drogue_bazaar::reqwest] Adding root certificate: Certificate
Error: Creating UI client
Caused by:
0: Discovering endpoint
1: error decoding response body: expected value at line 1 column 1
2: expected value at line 1 column 1
lucamaf commented 1 year ago

the issue is caused by console backend component not being able to reach keycloak service correctly. the predefined route configured to reach keycloak is https://sso-drogue-iot.apps.ocp4.emea-ssa.com but Ingress definition exposes sso-tls service on http and not on https as per the definition following in my case the workaround was to delete Ingress definition and creating manually a route with https to sso-tls service with re-encrypt

kind: Ingress
apiVersion: networking.k8s.io/v1
metadata:
  annotations:
    meta.helm.sh/release-name: drogue-iot
    meta.helm.sh/release-namespace: drogue-iot
    nginx.ingress.kubernetes.io/proxy-buffer-size: 16k
  resourceVersion: '30041706'
  name: sso
  uid: 7ad6faeb-5d26-4eda-ba4d-24f7fb96e94a
  creationTimestamp: '2023-06-07T08:59:04Z'
  generation: 1
  managedFields:
    - manager: helm
      operation: Update
      apiVersion: networking.k8s.io/v1
      time: '2023-06-07T08:59:04Z'
      fieldsType: FieldsV1
      fieldsV1:
        'f:metadata':
          'f:annotations':
            .: {}
            'f:meta.helm.sh/release-name': {}
            'f:meta.helm.sh/release-namespace': {}
            'f:nginx.ingress.kubernetes.io/proxy-buffer-size': {}
          'f:labels':
            .: {}
            'f:app.kubernetes.io/component': {}
            'f:app.kubernetes.io/instance': {}
            'f:app.kubernetes.io/managed-by': {}
            'f:app.kubernetes.io/name': {}
            'f:app.kubernetes.io/part-of': {}
            'f:app.kubernetes.io/version': {}
        'f:spec':
          'f:rules': {}
    - manager: route-controller-manager
      operation: Update
      apiVersion: networking.k8s.io/v1
      time: '2023-06-07T08:59:04Z'
      fieldsType: FieldsV1
      fieldsV1:
        'f:status':
          'f:loadBalancer':
            'f:ingress': {}
      subresource: status
  namespace: drogue-iot
  labels:
    app.kubernetes.io/component: sso
    app.kubernetes.io/instance: drogue-iot
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/name: sso-ingress
    app.kubernetes.io/part-of: drogue-iot
    app.kubernetes.io/version: 0.11.0
spec:
  rules:
    - host: sso-drogue-iot.apps.ocp4.emea-ssa.com
      http:
        paths:
          - path: /
            pathType: ImplementationSpecific
            backend:
              service:
                name: sso-tls
                port:
                  number: 8443
status:
  loadBalancer:
    ingress:
      - hostname: router-default.apps.ocp4.emea-ssa.com