Problem Installing Gluu on Kubernetes via Helm

By: Rui Engana Account Admin 17 Nov 2020 at 12:57 p.m. CST

4 Responses
Rui Engana gravatar
Hi, we are install a Gluu on Kubernetes via `pygluu-kubernetes-linux.pyz helm-install` with settings as below. ``` { "ACCEPT_GLUU_LICENSE": "Y", "GLUU_VERSION": "4.2", "TEST_ENVIRONMENT": "Y", "GLUU_UPGRADE_TARGET_VERSION": "", "GLUU_HELM_RELEASE_NAME": "gluu", "NGINX_INGRESS_RELEASE_NAME": "ningress", "NGINX_INGRESS_NAMESPACE": "ingress-nginx", "INSTALL_GLUU_GATEWAY": "N", "POSTGRES_NAMESPACE": "", "KONG_NAMESPACE": "", "GLUU_GATEWAY_UI_NAMESPACE": "", "KONG_PG_USER": "", "KONG_PG_PASSWORD": "", "GLUU_GATEWAY_UI_PG_USER": "", "GLUU_GATEWAY_UI_PG_PASSWORD": "", "KONG_DATABASE": "", "GLUU_GATEWAY_UI_DATABASE": "", "POSTGRES_REPLICAS": "", "POSTGRES_URL": "", "KONG_HELM_RELEASE_NAME": "", "GLUU_GATEWAY_UI_HELM_RELEASE_NAME": "", "USE_ISTIO": "N", "USE_ISTIO_INGRESS": "N", "ISTIO_SYSTEM_NAMESPACE": "", "NODES_IPS": [], "NODES_ZONES": [ "redacted" ], "NODES_NAMES": [ "redacted" ], "NODE_SSH_KEY": "~/.ssh/id_rsa", "HOST_EXT_IP": "22.22.22.22", "VERIFY_EXT_IP": "", "AWS_LB_TYPE": "clb", "USE_ARN": "N", "VPC_CIDR": "", "ARN_AWS_IAM": "", "LB_ADD": "redacted", "REDIS_URL": "", "REDIS_TYPE": "", "REDIS_PW": "", "REDIS_USE_SSL": "false", "REDIS_SSL_TRUSTSTORE": "", "REDIS_SENTINEL_GROUP": "", "REDIS_MASTER_NODES": "", "REDIS_NODES_PER_MASTER": "", "REDIS_NAMESPACE": "", "INSTALL_REDIS": "", "INSTALL_JACKRABBIT": "Y", "JACKRABBIT_STORAGE_SIZE": "4Gi", "JACKRABBIT_URL": "http://jackrabbit:8080", "JACKRABBIT_ADMIN_ID": "redacted", "JACKRABBIT_ADMIN_PASSWORD": "redacted", "JACKRABBIT_CLUSTER": "N", "JACKRABBIT_PG_USER": "", "JACKRABBIT_PG_PASSWORD": "", "JACKRABBIT_DATABASE": "", "DEPLOYMENT_ARCH": "eks", "PERSISTENCE_BACKEND": "ldap", "INSTALL_COUCHBASE": "", "COUCHBASE_NAMESPACE": "", "COUCHBASE_VOLUME_TYPE": "", "COUCHBASE_CLUSTER_NAME": "", "COUCHBASE_URL": "", "COUCHBASE_USER": "", "COUCHBASE_SUPERUSER": "", "COUCHBASE_PASSWORD": "", "COUCHBASE_SUPERUSER_PASSWORD": "", "COUCHBASE_CRT": "", "COUCHBASE_CN": "", "COUCHBASE_INDEX_NUM_REPLICA": "", "COUCHBASE_SUBJECT_ALT_NAME": "", "COUCHBASE_CLUSTER_FILE_OVERRIDE": "", "COUCHBASE_USE_LOW_RESOURCES": "", "COUCHBASE_DATA_NODES": "", "COUCHBASE_QUERY_NODES": "", "COUCHBASE_INDEX_NODES": "", "COUCHBASE_SEARCH_EVENTING_ANALYTICS_NODES": "", "COUCHBASE_GENERAL_STORAGE": "", "COUCHBASE_DATA_STORAGE": "", "COUCHBASE_INDEX_STORAGE": "", "COUCHBASE_QUERY_STORAGE": "", "COUCHBASE_ANALYTICS_STORAGE": "", "COUCHBASE_INCR_BACKUP_SCHEDULE": "", "COUCHBASE_FULL_BACKUP_SCHEDULE": "", "COUCHBASE_BACKUP_RETENTION_TIME": "", "COUCHBASE_BACKUP_STORAGE_SIZE": "", "LDAP_BACKUP_SCHEDULE": "*/30 * * * *", "NUMBER_OF_EXPECTED_USERS": "", "EXPECTED_TRANSACTIONS_PER_SEC": "", "USING_CODE_FLOW": "", "USING_SCIM_FLOW": "", "USING_RESOURCE_OWNER_PASSWORD_CRED_GRANT_FLOW": "", "DEPLOY_MULTI_CLUSTER": "", "HYBRID_LDAP_HELD_DATA": "", "LDAP_JACKRABBIT_VOLUME": "io1", "APP_VOLUME_TYPE": 7, "LDAP_STATIC_VOLUME_ID": "", "LDAP_STATIC_DISK_URI": "", "GLUU_CACHE_TYPE": "NATIVE_PERSISTENCE", "GLUU_NAMESPACE": "gluu", "GLUU_FQDN": "demoexample.gluu.org", "COUNTRY_CODE": "US", "STATE": "TX", "EMAIL": "support@gluu.org", "CITY": "Austin", "ORG_NAME": "Gluu", "GMAIL_ACCOUNT": "", "GOOGLE_NODE_HOME_DIR": "", "IS_GLUU_FQDN_REGISTERED": "N", "LDAP_PW": "redacted", "ADMIN_PW": "redacted", "OXD_APPLICATION_KEYSTORE_CN": "oxd-server", "OXD_ADMIN_KEYSTORE_CN": "oxd-server", "LDAP_STORAGE_SIZE": "4Gi", "OXAUTH_REPLICAS": 1, "OXTRUST_REPLICAS": 1, "LDAP_REPLICAS": 1, "OXSHIBBOLETH_REPLICAS": "", "OXPASSPORT_REPLICAS": "", "OXD_SERVER_REPLICAS": 1, "CASA_REPLICAS": "", "RADIUS_REPLICAS": "", "FIDO2_REPLICAS": "", "SCIM_REPLICAS": "", "ENABLE_OXTRUST_API": "Y", "ENABLE_OXTRUST_TEST_MODE": "N", "ENABLE_CACHE_REFRESH": "N", "ENABLE_OXD": "Y", "ENABLE_FIDO2": "N", "ENABLE_SCIM": "N", "ENABLE_RADIUS": "N", "ENABLE_OXPASSPORT": "N", "ENABLE_OXSHIBBOLETH": "N", "ENABLE_CASA": "N", "ENABLE_OXAUTH_KEY_ROTATE": "N", "ENABLE_OXTRUST_API_BOOLEAN": "true", "ENABLE_OXTRUST_TEST_MODE_BOOLEAN": "false", "ENABLE_RADIUS_BOOLEAN": "false", "ENABLE_OXPASSPORT_BOOLEAN": "false", "ENABLE_CASA_BOOLEAN": "false", "ENABLE_SAML_BOOLEAN": "false", "ENABLED_SERVICES_LIST": [ "ldap", "persistence", "config", "update-lb-ip", "jackrabbit", "oxd-server", "oxauth", "oxtrust" ], "OXAUTH_KEYS_LIFE": "", "EDIT_IMAGE_NAMES_TAGS": "N", "CASA_IMAGE_NAME": "gluufederation/casa", "CASA_IMAGE_TAG": "4.2.1_02", "CONFIG_IMAGE_NAME": "gluufederation/config-init", "CONFIG_IMAGE_TAG": "4.2.1_02", "CACHE_REFRESH_ROTATE_IMAGE_NAME": "gluufederation/cr-rotate", "CACHE_REFRESH_ROTATE_IMAGE_TAG": "4.2.1_02", "CERT_MANAGER_IMAGE_NAME": "gluufederation/certmanager", "CERT_MANAGER_IMAGE_TAG": "4.2.1_02", "LDAP_IMAGE_NAME": "gluufederation/opendj", "LDAP_IMAGE_TAG": "4.2.1_02", "JACKRABBIT_IMAGE_NAME": "gluufederation/jackrabbit", "JACKRABBIT_IMAGE_TAG": "4.2.1_02", "OXAUTH_IMAGE_NAME": "gluufederation/oxauth", "OXAUTH_IMAGE_TAG": "4.2.1_02", "FIDO2_IMAGE_NAME": "gluufederation/fido2", "FIDO2_IMAGE_TAG": "4.2.1_02", "SCIM_IMAGE_NAME": "gluufederation/scim", "SCIM_IMAGE_TAG": "4.2.1_04", "OXD_IMAGE_NAME": "gluufederation/oxd-server", "OXD_IMAGE_TAG": "4.2.1_02", "OXPASSPORT_IMAGE_NAME": "gluufederation/oxpassport", "OXPASSPORT_IMAGE_TAG": "4.2.1_03", "OXSHIBBOLETH_IMAGE_NAME": "gluufederation/oxshibboleth", "OXSHIBBOLETH_IMAGE_TAG": "4.2.1_02", "OXTRUST_IMAGE_NAME": "gluufederation/oxtrust", "OXTRUST_IMAGE_TAG": "4.2.1_02", "PERSISTENCE_IMAGE_NAME": "gluufederation/persistence", "PERSISTENCE_IMAGE_TAG": "4.2.1_02", "RADIUS_IMAGE_NAME": "gluufederation/radius", "RADIUS_IMAGE_TAG": "4.2.1_02", "GLUU_GATEWAY_IMAGE_NAME": "gluufederation/gluu-gateway", "GLUU_GATEWAY_IMAGE_TAG": "4.2.1_03", "GLUU_GATEWAY_UI_IMAGE_NAME": "gluufederation/gluu-gateway-ui", "GLUU_GATEWAY_UI_IMAGE_TAG": "4.2.1_02", "UPGRADE_IMAGE_NAME": "gluufederation/upgrade", "UPGRADE_IMAGE_TAG": "4.2.1_04", "CONFIRM_PARAMS": "Y" } ``` System starts all containers OK, but when I open my https://demoexample.gluu.org I get a 404 like ``` HTTP ERROR 404 Not Found URI: / STATUS: 404 MESSAGE: Not Found SERVLET: - ``` Also, if I go directly https://demoexample.gluu.org/identity I get redirected to https://demoexample.gluu.org/oxauth/restv1/authorize?client_id=1001.5a9ec33d-d57a-48fe-b739-c4f70a085afe&redirect_uri=https%3A%2F%2Fdemoexample.gluu.org%2Fidentity%2Fauthcode.htm&response_type=code&scope=openid+profile+email+user_name&nonce=942679ac-53dd-4921-a97f-cbd551265214&state=b96b6480-9d71-4a6b-9728-aa03f59ca5f3&acr_values=simple_password_auth and then I get another 404 like ``` HTTP ERROR 404 Not Found URI: /oxauth/restv1/authorize STATUS: 404 MESSAGE: Not Found SERVLET: - ``` Can you help? Thank you. Rui
Rhel 8.0
closed

Answers

By Mohammad Abudayyeh staff 17 Nov 2020 at 1:46 p.m. CST

Copy
Mohammad Abudayyeh gravatar
Hey Rui, Cloud native setup assistance and inquires require a support contract. Please check that you mapped your ip or loadbalancer ip to your domain at `/etc/hosts` file. Thanks. Mohammad

By Rui Engana Account Admin 17 Nov 2020 at 1:54 p.m. CST

Copy
Rui Engana gravatar
Hi Mohammad, we are a Gluu partner. Our LB is mapped in hosts file and if we go directly to /identity we do get a redirect from Gluu server, I think that proves mapping is correct. We are really struggling with the Cloud Native installers - Helm.

By Mohammad Abudayyeh staff 17 Nov 2020 at 2:02 p.m. CST

Copy
Mohammad Abudayyeh gravatar
Hey Rui, This seems like its not related to our container setup but your network. Can you show : ``` kubectl get pod -n <gluu-namespace> ``` What kind of kubernetes cluster setup are you using, EKS, AKS, GKE...etc

By Rui Engana Account Admin 17 Nov 2020 at 2:05 p.m. CST

Copy
Rui Engana gravatar
Hi Mohammad, we are using AWS EKS. Here is extract of gluu pods. ``` kubectl get pod -n gluu NAME READY STATUS RESTARTS AGE gluu-config-vdld4 0/1 Completed 0 92m gluu-jackrabbit-0 1/1 Running 0 92m gluu-ldap-backup-1605641400-kqk4j 0/1 Completed 0 33m gluu-ldap-backup-1605642000-7pv6b 0/1 Completed 0 23m gluu-ldap-backup-1605642600-r7452 0/1 Completed 0 13m gluu-ldap-backup-1605643200-99r5x 1/1 Running 0 3m18s gluu-opendj-0 1/1 Running 0 92m gluu-oxauth-6fc58d8fd9-6wdld 1/1 Running 1 92m gluu-oxd-server-5fc79958fb-b4zvg 1/1 Running 1 92m gluu-oxtrust-0 1/1 Running 1 92m gluu-persistence-9mskf 0/1 Completed 0 92m ```

Post an answer