-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Eclipse Che installation on aks with DevWorkspace #21023
Comments
pls, do |
just added. Thank you. |
@martinelli-francesco
and don't contain any stracktraces. |
Reinstalled and re-uploaded the zip file containing the logs. |
logs dont contains any stracktraces. |
Sorry, I tried three times and the stacktraces were never present. |
So, then it stuck on retrieving
|
Also note that from the Azure dashboard you can see that the oauth-proxy container (pod che-gateway) is in CrashLoopBackOff. Its logs are:
I tried the above command with both http and https.
HTTPS:
|
That's might be a cause
If DevWorkspace is enabled then OIDC provider must be configured on the cluster (mandatory since 7.42.0). |
Do you mean I need to configure an external identity provider? Should't be the keycloak? Btw I am installing 7.41.2. I have a parallel installation in Minikube without an additional configuration for OIDC provider. |
It can be keycloak but |
So you mean that if I want to use the devworkspace I must have an external identity provider, correct? |
I tried to apply a custom OIDC (auth0) by the following command:
Now, the oauth-proxy container shows another error:
Looking at the configMap che-gateway-config-oauth-proxy we see that the oidc_issuer_url field has now the correct value but client_id is empty even if we set the identityProviderClientId configuration. |
cc @sparkoo, do we have any docs to point out? To configure Eclipse Che, you need to set the following fields:
|
In the documentation (https://www.eclipse.org/che/docs/che-7/installation-guide/configuring-the-che-installation/) these fields refer to the "OpenShift OAuthClient resource used to set up identity federation on the OpenShift side". I am deploying the custer in Azure (kubernetes) and not Openshift and I need to use an external OIDC provider (auth0: https://auth0.com/). Should I still configure oAuthClientName and oAuthSecret fields? |
Hi. |
Unfortunately aks does not support custom OIDC other than Active Directory for native kubernetes users. |
Issues go stale after Mark the issue as fresh with If this issue is safe to close now please do so. Moderators: Add |
There is a blog post with instructions to do that now: |
Describe the bug
Installation failed in aks with DevWorkspace.
Che version
7.41@latest
Steps to reproduce
Follow the instructions in https://www.eclipse.org/che/docs/che-7/installation-guide/installing-che-on-microsoft-azure/
Install the devWorkspace variant:
chectl server:deploy --che-operator-cr-patch-yaml=patch.yaml --platform=k8s
--domain=<my_domain_name>`patch.yaml must contain the following:
Expected behavior
Installation completes fine.
Runtime
Kubernetes (vanilla)
Screenshots
No response
Installation method
chectl/latest
Environment
Azure
Eclipse Che Logs
eclipse-che-logs.zip
Logs of %LocalAppData%\chectl\error.log.
Additional context
The text was updated successfully, but these errors were encountered: