Comments (4)
from k8s.
Please provider your config, it‘s not possible to help otherwise.
…
On 1. Jan 2020, at 09:44, YeLuoYiFanChen @.> wrote: hello,I start a oathkeeper in kubernate with helm ,but a pod named oathkeeper-maester start failed,this is a pod log abuout oathkeeper-maester, what it is reason for this? 2020-01-01T08:18:44.365Z INFO setup using default values for authenticatorsAvailable 2020-01-01T08:18:44.365Z INFO setup using default values for authorizersAvailable 2020-01-01T08:18:44.365Z INFO setup using default values for mutatorsAvailable 2020-01-01T08:18:44.366Z INFO controller-runtime.controller Starting EventSource {"controller": "rule", "source": "kind source: /, Kind="} 2020-01-01T08:18:44.366Z ERROR controller-runtime.source if kind is a CRD, it should be installed before calling Start {"kind": "Rule.oathkeeper.ory.sh", "error": "no matches for kind "Rule" in version "oathkeeper.ory.sh/v1alpha1""} github.com/go-logr/zapr.(zapLogger).Error @./zapr.go:128 sigs.k8s.io/controller-runtime/pkg/source.(Kind).Start @./pkg/source/source.go:88 sigs.k8s.io/controller-runtime/pkg/internal/controller.(Controller).Watch @./pkg/internal/controller/controller.go:122 sigs.k8s.io/controller-runtime/pkg/builder.(Builder).doWatch @./pkg/builder/build.go:191 sigs.k8s.io/controller-runtime/pkg/builder.(Builder).Build @./pkg/builder/build.go:180 sigs.k8s.io/controller-runtime/pkg/builder.(Builder).Complete @./pkg/builder/build.go:147 github.com/ory/oathkeeper-maester/controllers.(RuleReconciler).SetupWithManager /go/src/github.com/ory/oathkeeper-maester/controllers/rule_controller.go:120 main.main /go/src/github.com/ory/oathkeeper-maester/main.go:100 runtime.main /usr/local/go/src/runtime/proc.go:200 2020-01-01T08:18:44.366Z ERROR setup unable to create controller {"controller": "Rule", "error": "no matches for kind "Rule" in version "oathkeeper.ory.sh/v1alpha1""} github.com/go-logr/zapr.(zapLogger).Error @./zapr.go:128 main.main /go/src/github.com/ory/oathkeeper-maester/main.go:102 runtime.main /usr/local/go/src/runtime/proc.go:200 — You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub, or unsubscribe.
hi,this is my config :
oathkeeper:
ingress:
proxy:
enabled: true
hosts:
- host: console.gds.cloud
paths: ["/api"]
fullnameOverride: infra-oathkeeper
image:
tag: v0.32.1-beta.1
oathkeeper:
config:
authenticators:
oauth2_introspection:
enabled: true
config:
introspection_url: http://infra-hydra-admin:4445/oauth2/introspect
authorizers:
allow:
enabled: true
mutators:
noop:
enabled: true
accessRules: |-
[
{
"id": "backend",
"upstream": {
"strip_path": "/api/backend",
"preserve_host": true,
"url": "http://app-console-backend:3000/api"
},
"match": {
"url": "http://console.gds.cloud/api/backend/<.*>",
"methods": [
"GET",
"POST",
"PUT",
"DELETE",
"PATCH"
]
},
"authenticators": [
{
"handler": "oauth2_introspection",
"config": {
"introspection_url": "http://infra-hydra-admin:4445/oauth2/introspect",
"scope_strategy": "exact"
}
}
],
"authorizer": {
"handler": "allow"
},
"mutators": [
{
"handler": "noop"
}
]
}, {
"id": "cmdb",
"upstream": {
"strip_path": "/api/cmdb",
"preserve_host": true,
"url": "http://app-cmdb-server:3000"
},
"match": {
"url": "http://console.gds.cloud/api/cmdb/<.*>",
"methods": [
"GET",
"POST",
"PUT",
"DELETE",
"PATCH"
]
},
"authenticators": [
{
"handler": "oauth2_introspection",
"config": {
"introspection_url": "http://infra-hydra-admin:4445/oauth2/introspect",
"scope_strategy": "exact"
}
}
],
"authorizer": {
"handler": "allow"
},
"mutators": [
{
"handler": "noop"
}
]
}, {
"id": "id_provider",
"upstream": {
"strip_path": "/api/id_provider",
"preserve_host": true,
"url": "http://app-user-management:3000/secure/api"
},
"match": {
"url": "http://console.gds.cloud/api/id_provider/<.*>",
"methods": [
"GET",
"POST",
"PUT",
"DELETE",
"PATCH"
]
},
"authenticators": [
{
"handler": "oauth2_introspection",
"config": {
"introspection_url": "http://infra-hydra-admin:4445/oauth2/introspect",
"scope_strategy": "exact"
}
}
],
"authorizer": {
"handler": "allow"
},
"mutators": [
{
"handler": "noop"
}
]
}, {
"id": "git",
"upstream": {
"strip_path": "/api/git",
"preserve_host": true,
"url": "http://git.x.gds.internal"
},
"match": {
"url": "http://console.gds.cloud/api/git/<.*>",
"methods": [
"GET",
"POST",
"PUT",
"DELETE"
]
},
"authenticators": [
{
"handler": "oauth2_introspection",
"config": {
"introspection_url": "http://infra-hydra-admin:4445/oauth2/introspect",
"scope_strategy": "exact"
}
}
],
"authorizer": {
"handler": "allow"
},
"mutators": [
{
"handler": "noop"
}
]
},
{
"id": "provider",
"upstream": {
"strip_path": "/api/provider",
"preserve_host": true,
"url": "http://app-terraform-provider-collector:3000"
},
"match": {
"url": "http://console.gds.cloud/api/provider/<.*>",
"methods": [
"GET",
"POST",
"PUT",
"DELETE"
]
},
"authenticators": [
{
"handler": "oauth2_introspection",
"config": {
"introspection_url": "http://infra-hydra-admin:4445/oauth2/introspect",
"scope_strategy": "exact"
}
}
],
"authorizer": {
"handler": "allow"
},
"mutators": [
{
"handler": "noop"
}
]
}
]
and oathkeeper version is 0.0.47
from k8s.
Can you try helm chart version 0.0.48 and set:
maester:
enabled: false
from k8s.
Can you try helm chart version 0.0.48 and set:
maester: enabled: false
thank you ,I resolved the problem by upgrade chart version to 0.0.48,but I don't understand what dose cause it? thanks for support again
from k8s.
Related Issues (20)
- Oathkeeper fails to start if secret is disabled HOT 2
- Docs: Kratos Helm chart doc is not rendered correctly on k8s.ory.sh HOT 5
- kartos helm chart values should be evaluated by tpl function HOT 1
- helm chart kratos does not implement loading environment variable from file for courier HOT 1
- hydra helm image update to 2.1? HOT 1
- Inconsistency with service account annotations on maester charts
- OathKeeper Default Helm Chart Issue | Pod throwing 503. HOT 11
- Extend Test Helm Charts for Hydra, Keto and Oathkeeper to allow user defined labels for test pod HOT 1
- Warning when setting a namespaces location in keto HOT 3
- deploy image of oathkeeper-maester to arm64 HOT 4
- Helm Chart Missing Keto Link
- failed to download "https://k8s.ory.sh/helm/charts/kratos-0.36.0.tgz" at version "0.36.0" HOT 1
- Unable to rotate secretsCookie in k8s helm chart HOT 1
- 0.37 release is wrongly numbered HOT 1
- Hydra helm chart values miss hydra.config examples. HOT 2
- Hydra Maester chart does not allow env variables, but maester v0.0.31 requires it
- Kratos selfservice UI incorrectly supports `BASE_PATH`
- Ory hydra dsn configuration through existing secret causes env var to not be defined
- DSN environmental variable is not set optionally HOT 1
- Unable to use NodePort while deploying kratos and kratos-selfservice-ui-node helm charts
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from k8s.