I got Kong up and running fine using the Kong Helm chart (Kong version: 2.1) and the oauth2 plugin. However, I get a runtime error when I try to create a secret and associate it with my KongConsumer.
The error message:
kristoph_matthews@cloudshell:~/nxauthdemo/gateway$ kubectl logs -f kong-1604980559-kong-6b7dc96594-gc846 -c ingress-controller
-------------------------------------------------------------------------------
Kong Ingress controller
Release: 1.0.0
Build: a34ce92
Repository: git@github.com:Kong/kubernetes-ingress-controller.git
Go: go1.15.2
-------------------------------------------------------------------------------
W1110 17:26:45.138134 1 client_config.go:608] Neither --kubeconfig nor --master was specified. Using the inClusterConfig. This might not work.
time="2020-11-10T17:26:45Z" level=info msg="version of kubernetes api-server: 1.16+" api-server-host="https://10.116.0.1:443" git_commit=eb94c181eea5290e9da1238db02cfef263542f5f git_tree_state=clean git_vers
ion=v1.16.13-gke.401 major=1 minor=16+ platform=linux/amd64
time="2020-11-10T17:26:45Z" level=info msg="kong version: 2.1.4" kong_version=2.1.4
time="2020-11-10T17:26:45Z" level=info msg="datastore strategy for kong: postgres"
time="2020-11-10T17:26:45Z" level=info msg="chosen Ingress API version: networking.k8s.io/v1beta1"
time="2020-11-10T17:26:45Z" level=info msg="starting leader election" component=elector retry-count=1
I1110 17:26:45.436106 1 leaderelection.go:243] attempting to acquire leader lease default/kong-ingress-controller-leader-kong-kong...
I1110 17:26:45.446289 1 leaderelection.go:253] successfully acquired lease default/kong-ingress-controller-leader-kong-kong
time="2020-11-10T17:26:45Z" level=info msg="started leading" component=status-syncer
time="2020-11-10T17:26:45Z" level=info msg="leadership changed" component=status-syncer leader=kong-1604980559-kong-6b7dc96594-gc846
time="2020-11-10T17:26:48Z" level=info msg="syncing configuration" component=controller
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0x14ea60e]
goroutine 342 [running]:
github.com/kong/deck/state.(*Oauth2Credential).Console(0xc000177730, 0x19bac66, 0x6)
/go/pkg/mod/github.com/kong/deck@v1.2.1/state/types.go:883 +0x4e
github.com/kong/deck/solver.Solve.func2(0x19bac66, 0x6, 0x19c1c1e, 0xb, 0x18e8000, 0xc000177730, 0x0, 0x0, 0x6b4e7946545a4970, 0xc0007fce80, ...)
/go/pkg/mod/github.com/kong/deck@v1.2.1/solver/solver.go:43 +0x6b6
github.com/kong/deck/diff.(*Syncer).handleEvent(0xc000ded680, 0xc000e09220, 0x19bac66, 0x6, 0x19c1c1e, 0xb, 0x18e8000, 0xc000177730, 0x0, 0x0, ...)
/go/pkg/mod/github.com/kong/deck@v1.2.1/diff/diff.go:373 +0x62
github.com/kong/deck/diff.(*Syncer).eventLoop(0xc000ded680, 0xc000e09220, 0x5457494a56537251, 0xc0008c7440)
/go/pkg/mod/github.com/kong/deck@v1.2.1/diff/diff.go:363 +0x139
github.com/kong/deck/diff.(*Syncer).Run.func1(0xc000ded680, 0xc000e09220, 0xc000e16244)
/go/pkg/mod/github.com/kong/deck@v1.2.1/diff/diff.go:307 +0x35
created by github.com/kong/deck/diff.(*Syncer).Run
/go/pkg/mod/github.com/kong/deck@v1.2.1/diff/diff.go:306 +0x185
Here is the kongconsumer.yaml:
apiVersion: configuration.konghq.com/v1
kind: KongConsumer
metadata:
name: nx-default-kong-consumer
annotations:
kubernetes.io/ingress.class: kong
konghq.com/plugins: request-termination
username: nx-default-kong-consumer
# custom_id: nxdefaultkongconsumer0
credentials:
- kong-oauth2-secret-flasky
oauth2plugin.yaml
apiVersion: configuration.konghq.com/v1
kind: KongPlugin
metadata:
name: oauth2
config:
scopes:
- default
enable_client_credentials: true
anonymous: "nx-default-kong-consumer"
# anonymous: "184324f9-25f7-4d6f-a7ee-6c49ff64f54c"
# provision_key: "abc"
plugin: oauth2
How I created the secret:
kubectl create secret generic kong-oauth2-secret-flasky \
--from-literal=kongCredType=oauth2 \
--from-literal=client_id=abc \
--from-literal=client_secret=xyz