Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

K8s Service.type: ClusterIP Does Not Redirect Correctly #576

Open
chr0n1x opened this issue Jul 16, 2024 · 0 comments
Open

K8s Service.type: ClusterIP Does Not Redirect Correctly #576

chr0n1x opened this issue Jul 16, 2024 · 0 comments
Labels
kind/bug status/triage

Comments

@chr0n1x
Copy link

chr0n1x commented Jul 16, 2024

Describe the bug

Hello, Im trying out keyclock on my local cluster via these docs: https://www.keycloak.org/getting-started/getting-started-kube

What Im Doing

I use kustomize to change the keycloak Service into a ClusterIP type.

# kustomization.yaml
resources:
- https://raw.githubusercontent.com/keycloak/keycloak-quickstarts/latest/kubernetes/keycloak.yaml
- ingress.yaml

patches:
- path: ./patch-svc.yaml
  target:
    kind: Service
    name: keycloak

patch-svc.yaml

---
kind: Service
metadata:
  name: keycloak
  namespace: keycloak
  labels:
    app: keycloak
spec:
  selector:
    app: keycloak
  # I kinda just...did things until the end `kustomization build` works
  $patch: replace
  ports:
  - name: http
    port: 80
    protocol: TCP
    targetPort: http
  type: ClusterIP

Im then using this ingress w/ the nginx ingress k8s controller

---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: keycloak-ingress
  namespace: keycloak
  labels:
    app.kubernetes.io/name: keycloak
  annotations:
    nginx.ingress.kubernetes.io/backend-protocol: "HTTP"
    nginx.ingress.kubernetes.io/force-ssl-redirect: "false"
    nginx.ingress.kubernetes.io/ssl-passthrough: "true"
spec:
  ingressClassName: nginx
  rules:
    - host: keycloak.home.k8s
      http:
        paths:
          - path: "/"
            pathType: ImplementationSpecific
            backend:
              service:
                name: keycloak
                port:
                  name: http

I then have a simple local dns (pihole) pointing at my cluster.

Version

25.0.1 rev cb84415

Expected behavior

The ingress above is what I use for all of my services. I expect the page to load, but the only way that I can load anything at all is by proxying the svc

kubectl -n keycloak port-forward svc/keycloak 8080:80

Actual behavior

When using the ingress above and going to https://keycloak.home.k8s:<nginx https port> the application hangs for a few seconds. but then redirects to https://keycloak.home.k8s/admin. NOTE that the port was stripped.

How to Reproduce?

install the nginx-ingress controller https://github.com/kubernetes/ingress-nginx
apply the configs above

Anything else?

No response
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/bug status/triage
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@chr0n1x