search

skoruba / Duende.IdentityServer.Admin

The administration for the Duende IdentityServer and Asp.Net Core Identity ⚡
Apache License 2.0
549 stars 194 forks source link

Kubernetes deployment #140

Open apetrut opened 1 year ago

apetrut commented 1 year ago

We've been trying to deploy Admin UI to Kubernetes.

Currently all three services (admin, admin-api and sts) are running in the same pod, The sts one is running and the other two are restarting every 6-7 seconds.

image

Do you have any recommendations about running all the services in the same pod or in different pods?

Also, is it possible to use the url format:

https://your-domain-name.com/admin

instead of

https://admin.your-domain-name.com?

skoruba commented 1 year ago

I do not know, I do not have experience with k8s.

albrookesplowman commented 1 year ago

I would probably deploy each part to a different k8s service (with 1 or many pod replicas) and you can then reference each element by the service name (assuming that it is all in the same cluster)

apetrut commented 1 year ago

@albrookesplowman thanks for your answer, we will try that approach.

Also, we are getting the error below:

image

It seems related to timeouts, but we haven't specified any.

albrookesplowman commented 1 year ago

@apetrut - have you tried looking at the logs of the pod or kubectl describe on the pod. There might be some clues in one of those. These type of back-off errors are a nightmare to find... Are you deploying via kubectl or via helm?

apetrut commented 1 year ago

@albrookesplowman yes, of course I've checked the logs but it's not a lot of info in there:

image

I am deploying using Azure DevOps with Kubernetes and using Lens Dekstop for inspecting the pods and logs.

albrookesplowman commented 1 year ago

@apetrut - not sure what is happening there... it will probably need log levels changing to debug to see how far through the start up process it is getting. Sorry I couldn't be more help...

apetrut commented 1 year ago

@albrookesplowman I created 3 different services and they are running correctly each in their own pod. I didn't get any errors so far and they are all green. The "back-off restarting" error must have been something related to running all the services in the same pod.

Now we have some DNS issues (internal and external) that will try to solve in the next couple of days. We are following the documentation provided by @bravecobra.

Thanks for your help.

apetrut commented 1 year ago

Now I am getting this error:

image

It seems it can't perform health check for identity server. I have checked the url and it was the correct one.