davideserio
commented
3 months ago Hi,
It’s likely the same problem related to authentication as described in this issue. I am trying to replicate the issue to identify possible causes.
Closed speedkup closed 3 months ago
davideserio
commented
3 months ago Hi,
It’s likely the same problem related to authentication as described in this issue. I am trying to replicate the issue to identify possible causes.
davideserio
commented
3 months ago Can you try to authorize in swagger? You can find the swagger user interface at https://velero.proxmox.lan/api/docs
speedkup
commented
3 months ago Yes, I can log in here. I found the curl commands from this.
davideserio
commented
3 months ago Can you also confirm that you can properly run endpoints under authorization from here?
e.g.
/v1/backup/getor
/v1/setup/get-configapi logs
api-server INFO: 10.52.3.96:60660 - "GET /api/online HTTP/1.1" 200 OK │
│ api-server INFO: 2024-08-05 12:57:36.965 ['service.info'] [/api/info/get-ui-comp] ui_compatibility version :0.1.16 │
│ api-server INFO: 2024-08-05 12:57:36.965 ['service.info'] [/api/info/get-ui-comp] __retrieve_data_from_md_file │
│ api-server INFO: 2024-08-05 12:57:37.000 ['service.info'] [/api/info/get-ui-comp] __version_content │
│ api-server INFO: 2024-08-05 12:57:37.000 ['service.info'] [/api/info/get-ui-comp] __get_compatibility │
│ api-server INFO: 2024-08-05 12:57:37.000 ['service.info'] [/api/info/get-ui-comp] __get_compatibility.ui=0.1.16-api=0.1.18 │
│ api-server INFO: 2024-08-05 12:57:37.000 ['service.info'] [/api/info/get-ui-comp] __get_compatibility.json={'version': '0.1.14', 'appVersion': '0.1.14', 'api': '0.1.18', 'ui': '0.1.16', 'watchdog': '0.1.6'} │
│ api-server INFO: 2024-08-05 12:57:37.001 ['service.info'] [/api/info/get-repo-tags] minutes elapsed 26.3 - threshold 30 │
│ api-server INFO: 2024-08-05 12:57:37.001 ['service.info'] [/api/info/get-repo-tags] Dict is not empty and use memory True │
│ api-server INFO: 2024-08-05 12:57:37.001 ['service.info'] [/api/info/get-repo-tags] get in-memory data (no scrapy is done). last scan: 05/08/2024 12:31:19- cycle time min 30 │
│ api-server INFO: 10.52.3.96:60660 - "GET /api/info/get HTTP/1.1" 200 OK │
│ api-server INFO: 10.52.3.96:60698 - "GET /api/v1/stats/get HTTP/1.1" 401 Unauthorized │
│ api-server INFO: 10.52.3.96:60656 - "GET /api/v1/setup/version HTTP/1.1" 401 Unauthorized │
│ api-server INFO: 10.52.3.96:60682 - "GET /api/v1/stats/in-progress HTTP/1.1" 401 Unauthorized │
│ api-server INFO: 10.52.3.96:60642 - "GET /api/info/health-k8s HTTP/1.1" 200 OK │
│ api-server INFO: 10.52.3.96:60648 - "GET /api/info/origins HTTP/1.1" 200 OK │
│ api-server INFO: 10.52.3.96:60680 - "GET /api/info/arch HTTP/1.1" 200 OK │
│ api-server INFO: 10.52.3.96:60678 - "GET /api/info/watchdog HTTP/1.1" 200 OK │
│ api-server INFO: 10.52.3.96:60632 - "GET /api/info/get-ui-comp?version=0.1.16 HTTP/1.1" 200 OK │
│ api-server INFO: 10.52.3.96:60612 - "GET /api/info/get-repo-tags HTTP/1.1" 200 OK │
│ api-server INFO: 10.52.3.96:60612 - "GET /api/info/get HTTP/1.1" 200 OK │
│ api-server DEBUG: < CLOSE 1005 (no status received [internal]) [0 bytes] │
│ api-server DEBUG: = connection is CLOSING │
│ api-server DEBUG: > CLOSE 1005 (no status received [internal]) [0 bytes] │
│ api-server DEBUG: < CLOSE 1005 (no status received [internal]) [0 bytes] │
│ api-server DEBUG: = connection is CLOSING │
│ api-server DEBUG: > CLOSE 1005 (no status received [internal]) [0 bytes]I think there is a problem with the socket connection. I use the application with Nginx. I have not run tests with Traefik, but I think there should be no problem. I am trying to investigate further.
speedkup
commented
3 months ago I set up an NGINX Ingress alongside Traefik, which is assigned to a different IP. However, the error is the same: the window flashes briefly and then asks for authentication credentials again.
uiIngress: # Ingress
enabled: true
ingressClassName: nginx #traefik
host: velero.proxmox.lan
tls:
enabled: true
metadata:
annotations:
cert-manager.io/cluster-issuer: "home-intca-issuer"
kubernetes.io/ingress.class: nginx
spec:
tls:
- hosts:
- velero.proxmox.lan
secretName: veleroui-web-tls-secretIn your config file manually add the securityTokenKey under apiConfig section:
apiConfig:
securityTokenKey: <your-token-key>
... other config ...To generate a fixed secure random secret key use the command:
openssl rand -hex 32Let me know if this solves the problem
speedkup
commented
3 months ago Thank You!
I can log in now, but I get this error with nginx ingress:
davideserio
commented
3 months ago Can you check the API and UI pod logs if they report new errors?
speedkup
commented
3 months ago I deleted the api and ui pods. Now it works with nginx and traefik ingress. Thank you very much for your help!
I have one more question. For some of the namespaces, I would like to use volumePolicies during backup. I have prepared
ConfigMaps for these:
apiVersion: v1
kind: ConfigMap
metadata:
name: nfs-policies-exclude-cm
namespace: velero
data:
nfs-policies.yaml: |
version: v1
volumePolicies:
- conditions:
nfs:
server: 192.168.1.10
path: /srv/volume1
action:
type: skip
- conditions:
nfs:
server: 192.168.1.40
path: /srv/volume2
action:
type: skipIs there a way to set this in the GUI when creating a backup? Resource policies: https://velero.io/docs/main/resource-filtering/
Hi,
I'd like to ask for help regarding the project. I installed the Velero UI using ArgoCD, but I can't get past the login screen. After entering the username and password, the window briefly flashes and then returns to the login screen.
Diagnostics indicate that everything is fine:
curl -X 'GET' \ 'https://velero.proxmox.lan/api/' \ -H 'accept: application/json'
{"data":{"payload":{"status":"alive","type":"agent"}}}%
curl -X 'GET' \ 'https://velero.proxmox.lan/api/info/get' \ -H 'accept: application/json'
{"data":{"payload":{"app_name":"velero-api","app_description":"","admin_email":"not set","api_release_version":"0.1.18","api_release_date":"2024-08-01T14:01:18Z","helm_version":"0.1.14","helm_app_version":"0.1.14","helm_api":"0.1.18","helm_ui":"0.1.16","helm_watchdog":"0.1.6","watchdog_release_version":"0.1.6","watchdog_release_date":"2024-05-29T06:30:29Z"},"metadata":{}},"notifications":[],"messages":[]}%
curl -X 'GET' \ 'https://velero.proxmox.lan/api/v1/setup/get-config' \ -H 'accept: application/json'
{"detail":"Not authenticated"}%
This is the content of my values file:
Do you have any idea what I might have done wrong?