Home > Software engineering >  Grafana pod crashloopbackoff after updating domain and port
Grafana pod crashloopbackoff after updating domain and port

Time:01-04

Im integrating keycloak OAuth login to Grafana in Openshift.

Keycloak Image Version - quay.io/keycloak/keycloak:15.0.2
Grafana Image Version - grafana/grafana:7.1.5
Kubernetes Version -  v1.21
Openshift Version - 4.8

The keyclaok is exposed at Route: http://keycloak-keycloak.router.default.svc.cluster.local.167.254.203.104.nip.io The Grafana is exposed at Route: https://grafana.router.default.svc.cluster.local.167.254.203.104.nip.io The keycloak is created with Realm - devops and client - grafana and these values are added to Grafana deployment as Environmental variable as follows

GF_AUTH_GENERIC_OAUTH_NAME=OAuth
GF_AUTH_GENERIC_OAUTH_ENABLED=true
GF_AUTH_GENERIC_OAUTH_ALLOW_SIGN_UP=true
GF_AUTH_GENERIC_OAUTH_CLIENT_ID=grafana
GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET=33341c00-daf2-4170-a66f-c2c7c23ad151 
GF_AUTH_GENERIC_OAUTH_AUTH_URL=http://keycloak-keycloak.router.default.svc.cluster.local.167.254.203.104.nip.io/auth/realms/devops/protocol/openid-connect/auth
GF_AUTH_GENERIC_OAUTH_TOKEN_URL=http://keycloak-keycloak.router.default.svc.cluster.local.167.254.203.104.nip.io/auth/realms/devops/protocol/openid-connect/token
GF_AUTH_GENERIC_OAUTH_API_URL=http://keycloak-keycloak.router.default.svc.cluster.local.167.254.203.104.nip.io/auth/realms/devops/protocol/openid-connect/userinfo
GF_AUTH_GENERIC_OAUTH_TLS_SKIP_VERIFY_INSECURE=true

With this when I browse the Grafana route and click on Sign in with OAuth I get error in screen - Inavalid Prameter Redirect URI. In the keycloak logs i see error - error=invalid_redirect_uri, redirect_uri=http://localhost:3000/login/generic_oauth. Its taking localhost:3000 as Redirect URI, but i have specified the right redirect URI in client section of keycloak web i.e, : https://grafana.router.default.svc.cluster.local.167.254.203.104.nip.io/*.

While debugging this issue came across a similar issue : https://github.com/cetic/helm-fadi/issues/39. Hence I have added these two environmental variables to Grafana:

GF_SERVER_DOMAIN=grafana.router.default.svc.cluster.local.167.254.203.104.nip.io
GF_SERVER_HTTP_PORT=80

This has resulted in pod crashloopbackoff with following error in logs:

t=2021-12-31T11:29:26 0000 lvl=info msg="HTTP Server Listen" logger=http.server address=[::]:80 protocol=https subUrl=//grafana.router.default.svc.cluster.local.167.254.203.104.nip.io:80 socket=
t=2021-12-31T11:32:53 0000 lvl=info msg="Shutdown started" logger=server reason="System signal: terminated"
t=2021-12-31T11:32:53 0000 lvl=info msg="Stopped Stream Manager"

Please help me to proceed.

CodePudding user response:

It is in the Grafana documentation:

You may have to set the root_url option of [server] for the callback URL to be correct.

So remove GF_SERVER_DOMAIN,GF_SERVER_HTTP_PORT and configure GF_SERVER_ROOT_URL properly (I guess correct value for your setup is https://grafana.router.default.svc.cluster.local.167.254.203.104.nip.io)

Grafana will be able to generate correct redirect URL with this setup.

Page link:https//www.codepudding.com/Softwareengineering/249660.html

Prev:How do I configure external-dns to create A Record, not CNAME
Next:error with dry-run on the server in kubernetes
  •  Tags:  
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding