Skip to main content
Solved

kasten k10 nodeport mode environment using keycloak authorization resetting login error

L
  • lidw
  • Comes here often
  • 5 comments
helm upgrade k10 k10-5.5.4.tgz --namespace=kasten-io -f k10_val.yaml \
  --set auth.oidcAuth.enabled=true \
  --set auth.oidcAuth.providerURL="http://192.168.40.10:8080/realms/kasten" \
  --set auth.oidcAuth.redirectURL="http://192.168.40.11" \
  --set auth.oidcAuth.scopes="groups profile email" \
  --set auth.oidcAuth.usernameClaim="email" \
  --set auth.oidcAuth.groupClaim="groups" \
  --set auth.oidcAuth.prompt="login" \
  --set auth.oidcAuth.clientID="kasten" \
  --set auth.oidcAuth.clientSecret="RbyRI3FgBrmuqNM2NhEQ7lMNzWp1663L" 
[root@k8s01 ~]#  kubectl get svc -n  kasten-io gateway-nodeport
NAME               TYPE       CLUSTER-IP     EXTERNAL-IP   PORT(S)          AGE
gateway-nodeport   NodePort   10.43.28.158   <none>        8000:32051/TCP   9d

The access mode is nodeport: 

http://192.168.40.11:32051/k10/#

Log in error:

 

Best answer by jaiganeshjk

@lidw Thanks for posting your question.

The redirect URL should be the URL pointing to gateway svc which should have your NodePort in it.

Would you please update your redirectURL value to include the nodePort as well.

 

Your command should look like this.

helm upgrade k10 k10-5.5.4.tgz --namespace=kasten-io -f k10_val.yaml \

  --set auth.oidcAuth.enabled=true \

  --set auth.oidcAuth.providerURL="http://192.168.40.10:8080/realms/kasten" \

  --set auth.oidcAuth.redirectURL="http://192.168.40.11:32051" \

  --set auth.oidcAuth.scopes="groups profile email" \

  --set auth.oidcAuth.usernameClaim="email" \

  --set auth.oidcAuth.groupClaim="groups" \

  --set auth.oidcAuth.prompt="login" \

  --set auth.oidcAuth.clientID="kasten" \

  --set auth.oidcAuth.clientSecret="RbyRI3FgBrmuqNM2NhEQ7lMNzWp1663L"

 

View original
Did this topic help you find an answer to your question?

3 comments

jaiganeshjk
Forum|alt.badge.img+2
  • jaiganeshjk
  • Experienced User
  • 275 comments
  • Answer
  • February 8, 2023

@lidw Thanks for posting your question.

The redirect URL should be the URL pointing to gateway svc which should have your NodePort in it.

Would you please update your redirectURL value to include the nodePort as well.

 

Your command should look like this.

helm upgrade k10 k10-5.5.4.tgz --namespace=kasten-io -f k10_val.yaml \

  --set auth.oidcAuth.enabled=true \

  --set auth.oidcAuth.providerURL="http://192.168.40.10:8080/realms/kasten" \

  --set auth.oidcAuth.redirectURL="http://192.168.40.11:32051" \

  --set auth.oidcAuth.scopes="groups profile email" \

  --set auth.oidcAuth.usernameClaim="email" \

  --set auth.oidcAuth.groupClaim="groups" \

  --set auth.oidcAuth.prompt="login" \

  --set auth.oidcAuth.clientID="kasten" \

  --set auth.oidcAuth.clientSecret="RbyRI3FgBrmuqNM2NhEQ7lMNzWp1663L"

 

Jaiganesh
Chris.Childerhose
Geoff Burke
Hagag
3 people like this
  • Chris.Childerhose
    Chris.Childerhose
  • Geoff Burke
    Geoff Burke
  • Hagag
    Hagag
L
  • lidw
  • Author
  • Comes here often
  • 5 comments
  • February 16, 2023

@jaiganeshjk  According to this method, has been solved, thank you

jaiganeshjk
Forum|alt.badge.img+2
  • jaiganeshjk
  • Experienced User
  • 275 comments
  • February 21, 2023

 @lidw Thanks for confirming that it worked.

Would you be able to mark the comment as answer ?

Jaiganesh

Comment


Terms & Conditions