Nokia/kong-oidc plugin make a lot of unusual request against keycloak

Hey,

I am using kong community edition and I wanted to uses open id connect. I decided to use the nokia/kong-oidc plugin.

I am using keycloak as the open id provider in a gce cluster with k8s ( v1.1.2) and kong (1.3) with ingress controller (0.6.0)

However, with this plugin enable I am seeing a constant 1 request per seconds activity on my keycloak service. I thought that this plugin would make some request only when it needed to do some authentification when someone try to use a protected service .


the period where there are’nt any request is when I stoped the plugin.

My plugin conf:

apiVersion: configuration.konghq.com/v1 
kind: KongPlugin 
metadata:
 name: oid
config:
 client_id: CLIENT_NAME
 client_secret: CLIENT_SECRET 
 discovery: https://path_to_my_keycloak.com/auth/realms/my_realm/.well/known/openid-configuration 
plugin: oidc

Thanks in advance !

You might want to open an issue on the plugin’s Github repository.

You could also use tcpdump to trace the source of the request, if that’s originating from Kong itself or a third party.

Thanks for you answer, any advice for using tcpdump in kong on a k8s cluster ?

Simply run in on your proxy port inside the container. You might want to use centos image for this.


© 2019 Kong Inc.    Terms  •  Privacy  •  FAQ