kasten k10 nodeport mode environment using keycloak authorization resetting login error

Question

helm upgrade k10 k10-5.5.4.tgz --namespace=kasten-io -f k10_val.yaml \
  --set auth.oidcAuth.enabled=true \
  --set auth.oidcAuth.providerURL="http://192.168.40.10:8080/realms/kasten" \
  --set auth.oidcAuth.redirectURL="http://192.168.40.11" \
  --set auth.oidcAuth.scopes="groups profile email" \
  --set auth.oidcAuth.usernameClaim="email" \
  --set auth.oidcAuth.groupClaim="groups" \
  --set auth.oidcAuth.prompt="login" \
  --set auth.oidcAuth.clientID="kasten" \
  --set auth.oidcAuth.clientSecret="RbyRI3FgBrmuqNM2NhEQ7lMNzWp1663L"

[root@k8s01 ~]#  kubectl get svc -n  kasten-io gateway-nodeport
NAME               TYPE       CLUSTER-IP     EXTERNAL-IP   PORT(S)          AGE
gateway-nodeport   NodePort   10.43.28.158   <none>        8000:32051/TCP   9d

The access mode is nodeport:

http://192.168.40.11:32051/k10/#

Log in error：

jaiganeshjk · Accepted Answer

@lidwThanks for posting your question.The redirect URL should be the URL pointing to gateway svc which should have your NodePort in it.Would you please update your redirectURL value to include the nodePort as well.Your command should look like this.helm upgrade k10 k10-5.5.4.tgz --namespace=kasten-io -f k10_val.yaml \ --set auth.oidcAuth.enabled=true \ --set auth.oidcAuth.providerURL="http://192.168.40.10:8080/realms/kasten" \ --set auth.oidcAuth.redirectURL="http://192.168.40.11:32051" \ --set auth.oidcAuth.scopes="groups profile email" \ --set auth.oidcAuth.usernameClaim="email" \ --set auth.oidcAuth.groupClaim="groups" \ --set auth.oidcAuth.prompt="login" \ --set auth.oidcAuth.clientID="kasten" \ --set auth.oidcAuth.clientSecret="RbyRI3FgBrmuqNM2NhEQ7lMNzWp1663L"

lidw · Answer

@jaiganeshjkAccording to this method, has been solved, thank you

Sign up

Login to the community

Scanning file for viruses.

This file cannot be downloaded