Bug 1734128
Summary: | Kibana 500 error, trying to resolve back to the client that is requesting the kibana UI | ||||||
---|---|---|---|---|---|---|---|
Product: | OpenShift Container Platform | Reporter: | Dirk Porter <dporter> | ||||
Component: | Logging | Assignee: | Jeff Cantrill <jcantril> | ||||
Status: | CLOSED WORKSFORME | QA Contact: | Anping Li <anli> | ||||
Severity: | unspecified | Docs Contact: | |||||
Priority: | unspecified | ||||||
Version: | 3.11.0 | CC: | aos-bugs, jcantril, jcrumple, jupittma, maupadhy, mrogers, openshift-bugs-escalate, rmeggins, rsandu, rushil | ||||
Target Milestone: | --- | ||||||
Target Release: | 3.11.z | ||||||
Hardware: | Unspecified | ||||||
OS: | Unspecified | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | If docs needed, set a value | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2019-10-24 12:47:14 UTC | Type: | Bug | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Attachments: |
|
Description
Dirk Porter
2019-07-29 16:57:15 UTC
I did not see any in the logs that I uploaded. Would you like me to try to get more verbose logs? Hello, Did you need any further information? Regards, Dirk Porter Please check to see if the secrets are still in sync: test "$(oc get secret logging-kibana-proxy -o jsonpath={.data.oauth-secret} | base64 -d)" = "$(oc get oauthclient kibana-proxy -o jsonpath={.secret})";echo $? One additional thing I thought of was did you also edit the oauthclient to modify the redirect-url? Example of mine: # oc get oauthclient kibana-proxy -o yaml accessTokenMaxAgeSeconds: 604800 apiVersion: oauth.openshift.io/v1 kind: OAuthClient metadata: labels: logging-infra: support name: kibana-proxy redirectURIs: - https://kibana.192.168.100.212.nip.io scopeRestrictions: - literals: - user:info - user:check-access - user:list-projects secret: zNhb9FbtXFPPlnAR9ccshPF41tBKBUFjXxF4VIXFA9uyVJnX6ODEFHIakOGsmMy2 Upon further investigation, we don't set any of those options for the proxy container [1] so how it may behave is untested. Additionally note this change will be reverted by ansible upon any upgrade. [1] https://github.com/openshift/openshift-ansible/blob/release-3.11/roles/openshift_logging_kibana/templates/kibana.j2#L99-L110 Closing since the customer case was closed. The needinfo request[s] on this closed bug have been removed as they have been unresolved for 1000 days |