Hi,
I am trying to access K8 Pod based Keycloak service through Kong Ingress controller:
Keycloak runs on port 8443 and 8080 and I want to access keycloak on 8443 only behind Kong.
But its not accessible
what changes I need to do on kong level or keycloak level?
Version of Kong I am using:
Kong: 2.0
Kong-ingress-controller- 0.9.1
Version of keycloak : keycloak:6.0.1
Kong Deployment YAML: kubernetes-ingress-controller/deploy/single/all-in-one-postgres.yaml at main · Kong/kubernetes-ingress-controller · GitHub
Keycloak Deployment YAML:
apiVersion: v1
kind: Service
metadata:
annotations:
labels:
io.kompose.service: keycloak
name: keycloak
spec:
ports:
- port: 8443
selector:
io.kompose.service: keycloak
type: NodePort
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
annotations:
creationTimestamp: null
labels:
io.kompose.service: keycloak
name: keycloak
spec:
replicas: 1
strategy: {}
template:
metadata:
creationTimestamp: null
labels:
io.kompose.service: keycloak
spec:
containers:
- name: keycloak
env:
- name: DB_ADDR
value: postgres-keycloak
- name: DB_DATABASE
value: “keycloak”
- name: DB_PASSWORD
value: password
- name: DB_USER
value: keycloak
- name: DB_VENDOR
value: POSTGRES
- name: KEYCLOAK_PASSWORD
value: Pa55w0rd
- name: KEYCLOAK_USER
value: admin
- name: PROXY_ADDRESS_FORWARDING
value: “false”
image: **************.dkr.ecr.us-west-2.amazonaws.com/breeze/keycloak:latest
ports:
- containerPort: 8443
resources: {}
initContainers:
- name: init-postgres-keycloak-service
image: busybox
command: [‘sh’, ‘-c’, ‘until nslookup postgres-keycloak; do echo waiting for postgres-keycloak; sleep 2; done;’]
restartPolicy: Always
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
ingress.kubernetes.io/force-ssl-redirect: “true”
name: keycloak-ing
namespace: breeze
spec:
rules:
- host:
http:
paths:- backend:
serviceName: keycloak
servicePort: 8443
path: /auth - backend:
serviceName: keycloak
servicePort: 8443
path: /
- backend:
apiVersion: configuration.konghq.com/v1
kind: KongIngress
metadata:
name: keycloak-ing
namespace: breeze
proxy:
protocol: https
connect_timeout: 10000
retries: 10
read_timeout: 10000
write_timeout: 10000
route:
methods:
- POST
- GET
- PUT
- DELETE
regex_priority: 0
strip_path: false
preserve_host: true
protocols: - http
- https
Thanks and regards,
Rahul Salunke