Nokia/kong-oidc plugin make a lot of unusual request against keycloak

samsja · December 11, 2019, 2:32pm

Hey,

I am using kong community edition and I wanted to uses open id connect. I decided to use the nokia/kong-oidc plugin.

I am using keycloak as the open id provider in a gce cluster with k8s ( v1.1.2) and kong (1.3) with ingress controller (0.6.0)

However, with this plugin enable I am seeing a constant 1 request per seconds activity on my keycloak service. I thought that this plugin would make some request only when it needed to do some authentification when someone try to use a protected service .

the period where there are’nt any request is when I stoped the plugin.

My plugin conf:

apiVersion: configuration.konghq.com/v1 
kind: KongPlugin 
metadata:
 name: oid
config:
 client_id: CLIENT_NAME
 client_secret: CLIENT_SECRET 
 discovery: https://path_to_my_keycloak.com/auth/realms/my_realm/.well/known/openid-configuration 
plugin: oidc

Thanks in advance !

hbagdi · December 12, 2019, 7:15pm

You might want to open an issue on the plugin’s Github repository.

You could also use tcpdump to trace the source of the request, if that’s originating from Kong itself or a third party.

samsja · December 13, 2019, 10:00am

Thanks for you answer, any advice for using tcpdump in kong on a k8s cluster ?

hbagdi · December 13, 2019, 5:30pm

Simply run in on your proxy port inside the container. You might want to use centos image for this.

Topic		Replies	Views
X509 Authentication Nokia/Oidc Plugin Kubernetes	0	540	July 26, 2021
Nokia Kong-OIDC + Auth0	0	476	May 18, 2020
Keycloak Openid Connect with kong-oidc plugin Installation/Setup	7	5879	November 26, 2020
Kong and KeyCloak with multiple Realms	2	913	December 1, 2021
How to use the openid-connect plugin with upstream APIs? Installation/Setup	4	1269	March 11, 2021

Nokia/kong-oidc plugin make a lot of unusual request against keycloak

Related Topics