Management Console login fails

[tiagokos]

Hello, I deployed your helm chart on our kubernetes cluster, added ingress on the top of that in order to access http://activemq-artemis.devel.fdp.eit.zone/console/login The only problem is that the username / password specified does not log in correct, after filling in the login fields on the login page, the management console opens for a second and goes back to the first page in a second. On network tab I can see some forbidden calls to http://activemq-artemis.devel.fdp.eit.zone/console/refresh

Do you have any ideas?

[tiagokos]

It seems the issue is related to jolokia which does not allow incoming requests from outside the cluster, I found that JOLOKIA_ALLOW_ORIGIN attribute can be sent when starting docker, can we use it through helm chart installation?

[vromero]

I actually never envisioned the console to be exposed publicly. I have been using it mostly through kubectl port-forward. But I'd love to hear about your use case, to implement it might be a low hanging fruit (up to an extent because public names and k8s is not yet a completely solved problem)

edit:

I am indeed interested because I've been thinking about a network policy for a while, and the console was the first thing I was meaning to restrict.

[DanSalt]

Hi @tiagokos - not sure if this is still an issue for you, but.. in our ActiveMQ deployment we have this working, without changes to Jolokia. The problem we found was the fact that the connection to the cluster is being load-balanced (round robin), so that the connection never 'sticks' to a particular console instance.

The current charts add a 'ClientIP' affinity which should fix this. (https://github.com/vromero/activemq-artemis-helm/blob/master/activemq-artemis/templates/service.yaml#L28)

[erlisb]

Hi @vromero , @DanSalt ,

is there any progress on this topics, how can we access the activemq console using an ingress ?

Thank you very much.

e.b

[vromero]

@erlisb I'm revisiting some core decisions around this chart with #50. As soon as I make up my mind I'll fix most of these issues.

[erlisb]

@vromero , thank you very much.