Hi There,
I am adding a consumer + jwt plugin + credential:
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: user-gunicorn
spec:
replicas: 3
selector:
matchLabels:
app: user-gunicorn
template:
metadata:
labels:
app: user-gunicorn
spec:
containers:
- name: user-gunicorn
image: docker.weightrack.io/user-gunicorn
env:
- name: GUNICORN_WORKERS
value: "5"
---
apiVersion: v1
kind: Service
metadata:
name: user-gunicorn
labels:
app: user-gunicorn
spec:
ports:
- port: 80
targetPort: 80
protocol: TCP
name: user-gunicorn-http
selector:
app: user-gunicorn
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: api.weightrack.io-user-gunicorn
annotations:
plugins.konghq.com: user-kong-cors
plugins.konghq.com: user-kong-jwt
spec:
rules:
- host: api.weightrack.io
http:
paths:
- path: /user
backend:
serviceName: user-gunicorn
servicePort: 80
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: api.weightrack.io-user-gunicorn-register
annotations:
plugins.konghq.com: user-kong-cors
spec:
rules:
- host: api.weightrack.io
http:
paths:
- path: /user/register
backend:
serviceName: user-gunicorn
servicePort: 80
---
apiVersion: configuration.konghq.com/v1
kind: KongPlugin
metadata:
name: user-kong-cors
namespace: default
plugin: cors
config:
origins: "*"
methods:
- GET
- HEAD
- PUT
- PATCH
- POST
headers:
- "Origin"
- "Access-Control-Request-Headers"
- "Access-Control-Allow-Origin"
exposed_headers:
- "Origin"
- "Access-Control-Request-Headers"
- "Access-Control-Allow-Origin"
preflight_continue: "true"
credentials: "true"
---
apiVersion: configuration.konghq.com/v1
kind: KongConsumer
metadata:
name: user-kong-consumer
namespace: default
username: jwt_consumer
custom_id: jwt_consumer
---
apiVersion: configuration.konghq.com/v1
kind: KongPlugin
metadata:
name: user-kong-jwt
namespace: default
plugin: jwt
config:
claims_to_verify: "exp"
---
apiVersion: configuration.konghq.com/v1
kind: KongCredential
metadata:
name: jwt-credential
consumerRef: user-kong-consumer
type: jwt
When I apply this, it does not create a jwt credential and actually causes my kong ingress pod to stop working to the point where I have to redeploy it.
When I status kubelet, I get a message saying there was an error syncing the pod.
Is my JWT Plugin configuration correct? What else might explain this behavior?
Thanks for your help!