Open davesheldon opened 3 months ago
Hello, MSSQL Scaler doesn't support managed identities authentication. This can be a nice feature to implement if you're willing to do it.
This issue has been automatically marked as stale because it has not had recent activity. It will be closed in 7 days if no further activity occurs. Thank you for your contributions.
This issue has been automatically closed due to inactivity.
Hi Team, We are also trying to use MSSQL trigger for scaling application and we are trying to authenticate the SQL DB using Azure Service Principle. But no luck. We are keeping connection string in Kubernet Secret and trying to use this. but no luck. Getting login failed error like "ERROR mssql_scaler Found error pinging mssql: mssql: login error: Login failed for user xxxxxxxxx". Any solution or work around for this? But every thing is working fine when we are using SQL Authentication instead of service principal. Below is the connection string format we are using - kubectl create secret generic my-mssql-secrets --from-literal mssql-connection-string="server=azuse2sqlmixxxxx.xxxxxxx.database.windows.net;Authentication=ActiveDirectoryServicePrincipal;Initial Catalog=yyyyyy;User Id=99775ec3-xxxxxx-xxxx-xxx;Password=xxxxxxxx;Persist Security Info=False;Encrypt=True;TrustServerCertificate=True;" Please help here if you have any solution or work around.
Hi Team, We are also trying to use MSSQL trigger for scaling application and we are trying to authenticate the SQL DB using Azure Service Principle. But no luck. We are keeping connection string in Kubernet Secret and trying to use this. but no luck. Getting login failed error like "ERROR mssql_scaler Found error pinging mssql: mssql: login error: Login failed for user xxxxxxxxx". Any solution or work around for this? But every thing is working fine when we are using SQL Authentication instead of service principal. Below is the connection string format we are using - kubectl create secret generic my-mssql-secrets --from-literal mssql-connection-string="server=azuse2sqlmixxxxx.xxxxxxx.database.windows.net;Authentication=ActiveDirectoryServicePrincipal;Initial Catalog=yyyyyy;User Id=99775ec3-xxxxxx-xxxx-xxx;Password=xxxxxxxx;Persist Security Info=False;Encrypt=True;TrustServerCertificate=True;" Please help here if you have any solution or work around.
Is this related with workload identity?
Report
We have a managed identity
keda-dev
that we use successfully via theazure-workload
provider to auth against ServiceBus. However, when attempting to use the same managed identity via TriggerAuthentication with themssql
trigger type against an Azure-hosted database (and after adding the appropriate DB permissions), the SQL login is failing.Expected Behavior
I didn't see anything in the documentation that says whether this is expected to work or not work, but I would generally expect the
mssql
trigger type to support theazure-workload
auth provider, especially when the database being targeted is hosted on Azure.Actual Behavior
We are receiving an error from KEDA:
error establishing mssql connection: mssql: login error: Login failed for user ''.
Steps to Reproduce the Problem
mssql
and anazure-workload
auth provider, using the managed identity's client id as theidentityId
Logs from KEDA operator
KEDA Version
2.14.1
Kubernetes Version
1.29
Platform
Microsoft Azure
Scaler Details
MSSQL
Anything else?
Here are the manifests I'm using, with some information redacted...