I’m upgrading our Kong from 1.1.2 to 2.1.1 but while I can still make calls to Kong’s admin service successully, calls to our services are all providing no response with this in error.log
[error] 10541#0: *845772 broken header: "POST /admin/api/oauth2/token HTTP/1.1
Host: localhost:8080
Connection: keep-alive
Content-Length: 29
Authorization: Basic YWRtaW46d3Q1bnBrcXl3amRpSkVJWEV5REZ1SkYxYVpRd3pWMEQ=
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36
Postman-Token: 330a961a-c48b-bab1-a3b9-ac4bdda5e8c8
Accept: /
Origin: chrome-extension://fhbjgbiflinjbdggehcddcbncdddomop
Sec-Fetch-Site: none
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
grant_type=client_credentials" while reading PROXY protocol, client: 127.0.0.1, server: 0.0.0.0:8080
We are using the oauth2 plugin.
Looking into this proxy protocol error I found that the nginx-kong.conf file being generated now shows
server {
server_name kong;
listen 0.0.0.0:8080 proxy_protocol;
listen 0.0.0.0:8443 ssl proxy_protocol;
Where it did not have the proxy_protocol marker on those lines before.
Our config file has not changed and is:
trusted_ips = 0.0.0.0/0
admin_listen = 0.0.0.0:8001
proxy_listen = 0.0.0.0:8080, 0.0.0.0:8443 ssl
database = postgres
pg_host = 127.0.0.1
pg_port = 5432
pg_user = kong
pg_password = kong
pg_database = kong
plugins = bundled,session