[英]IBM Cloud: Kubernetes add-on ALB Oauth2 Proxy for App ID integration fails to start
I deployed a containerized app to my IBM Cloud Kube.netes service in a VPC.我将容器化应用程序部署到 VPC 中的 IBM Cloud Kube.netes 服务。 The app uses App ID for authentication.
该应用程序使用 App ID 进行身份验证。 The deployment pipeline ran successfully.
部署管道成功运行。 The app seems ready, but when accessing its URL it gives an internal server error (500 status code).
该应用程序似乎已准备就绪,但在访问其 URL 时会出现内部服务器错误(500 状态代码)。
From the Kube.netes dashboard I found that the ALB Oauth Proxy add-on is failing.从 Kube.netes 仪表板,我发现 ALB Oauth 代理加载项失败。 It is deployed, but does not start.
它已部署,但未启动。
The deployment seems to fail in the health checks (ping not successful).部署似乎在健康检查中失败(ping 不成功)。 From the POD logs I found the following as last (and only) entry:
从 POD 日志中,我发现以下是最后(也是唯一)条目:
[provider.go:55] Performing OIDC Discovery...
[provider.go:55] 执行 OIDC 发现...
Else, there is not much.否则,没有多少。 Any advise?
有什么建议吗?
Guessing from the missing logs and the failing pings, it seemed related to some.network setup.从丢失的日志和失败的 ping 猜测,它似乎与 some.network 设置有关。 Checking the VPC itself, I found that there was no Public Gateway attached to the su.net.
检查 VPC 本身,我发现没有连接到 su.net 的公共网关。 Enabling it allowed outbound traffic.
启用它允许出站流量。 The oauth proxy could contact the App ID instance.
oauth 代理可以联系 App ID 实例。 The app is working as expected now.
该应用程序现在按预期工作。
Make sure that the VPC su.nets allow outbound traffic and have a Public Gateway enabled.确保 VPC su.net 允许出站流量并启用公共网关。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.