New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Scripts not loading (404) on openid_error when Kiali is hosted in a subfolder (web_root: /kiali) #4215
Comments
Just to confirm - in your step 2 - that is a snippet from your Kiali CR correct? You set |
Yes, that is absolutly correct. It's a part of my Kilai CR, that is processed by the kiali operator. |
I updated step 2, and included the complete Kiali CR. Openid has been setup with Azure AD following the steps in https://kiali.io/documentation/latest/configuration/authentication/openid/#_using_with_azure_aks_and_aad. Maybe it's also important to known, that I am using an Istio gateway as ingress: apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: monitoring-gateway
namespace: monitoring-system
spec:
selector:
istio: ingressgateway-monitoring
servers:
- port:
number: 80
name: http
protocol: HTTP
hosts:
- "mykialihost.****azure.com"
tls:
httpsRedirect: true
- port:
number: 443
name: https-443
protocol: https
tls:
mode: SIMPLE
credentialName: ingress-cert-monitoring
hosts:
- mykialihost.****azure.com
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: kiali
namespace: monitoring-system
spec:
hosts:
- "mykialihost.****azure.com"
gateways:
- monitoring-gateway
http:
- headers:
request:
set:
X-Forwarded-Port: "443"
match:
- uri:
prefix: "/kiali"
route:
- destination:
host: kiali.monitoring-system.svc.cluster.local
port:
number: 20001
timeout: 30s |
Yes, that would be important to know. I suspect you need to set web_fqdn. See:
@israel-hdez might have more insights - he's more familiar with the openid integration. |
I gave it a short try and added web_fqdn, web_port and web_schema and got the same results. Must be something else... |
Post the kiali pod's logs - look for messages of any kind related to the authentication stuff. |
Hi @jmazzitelli , don't get me wrong, authentication is not the problem, it works. It's only that the error message coming from the openid provider are not display correctly (as web page), since the static files cannot be found. |
Oh. OK. I missed the forest through the trees. I'll wait for @israel-hdez to chime in before I make things worse :) |
I saw this issue last week on minikube, but I thought it was only I. Looks like the If I remember correctly, this can be replicated easily by adding |
This can be replicated with |
that sounds easy to fix then ;) This would be very good to fix by Friday so it gets into the next release. |
BTW: it looks like it is only a problem with a non- If I set If I set it to I can see this using the |
@jmazzitelli I think that's implied in the title of the issue. |
Fix non '/' root url failing to load if there are URL parameters (i.e. there is a ? symbol in the URL) Fixes kiali#4215
Fix non '/' root url failing to load if there are URL parameters (i.e. there is a ? symbol in the URL) Fixes #4215
Fix non '/' root url failing to load if there are URL parameters (i.e. there is a ? symbol in the URL) Fixes kiali#4215
Fix non '/' root url failing to load if there are URL parameters (i.e. there is a ? symbol in the URL) Fixes #4215
Fix non '/' root url failing to load if there are URL parameters (i.e. there is a ? symbol in the URL) Fixes kiali#4215
* Fix graph with spurious cluster boxes and a crash (#4231) * Fix graph with spurious cluster boxes and a crash * Provide better defaults when ClusterID cannot be found. * Avoid a crash if the configured sidecar injector configmap does not exist. * Update appender tests to use DefaultClusterID Related to #4221 Co-authored-by: jshaughn <jshaughn@redhat.com> * Fix root URL not loading with URL parameters (#4235) Fix non '/' root url failing to load if there are URL parameters (i.e. there is a ? symbol in the URL) Related to #4215 Co-authored-by: jshaughn <jshaughn@redhat.com>
Describe the bug
When using a sub-directory to host kiali (e.g. web_root: /kiali), some statics files are still referenced using the root "/" path, and cannot be loaded (404).
Versions used
Kiali: v1.37.0
Istio: 1.10.3
Kubernetes flavour and version: (AKS V. 1.19.11)
To Reproduce
Steps to reproduce the behavior:
Static resources and env.js are loaded from root "/" and returning with an 404 (not found).
It might be that this behavior is not only related to open_id configurations, but I didn't check that.
Expected behavior
The resources are referenced using the configured sub-directory (web_root) and loading correctly.
The text was updated successfully, but these errors were encountered: