fabric8
fabric8 copied to clipboard
fabric8io
Can't access to fabric8 console with minishift
Hi,
When i try opening fabric8 console with minishift:
[aboucham@aboucham minishift]$ ./minishift service fabric8
Opening kubernetes service default/fabric8 in default browser...
[aboucham@aboucham minishift]$ ./minishift service fabric8 --url
http://192.168.42.89:30287
The url change to this one:
https://192.168.42.89:8443/oauth/authorize?client_id=fabric8&response_type=token&state=http%3A%2F%2F192.168.42.89%3A30287%2F&redirect_uri=http%3A%2F%2F192.168.42.89%3A30287%2F
and I got the following error in the browser:
{"error":"invalid_request","error_description":"The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed.","state":"http://192.168.42.89:30287/"}
which browser are you using? Last time I tried it the OAuth redirect worked fine - it should show you the openshift login page.
What does this look like
oc get oauthclient
I have tried to open it in firefox and chrome but i got always the same error.
Below the output of oc get oauthclient:
[aboucham@aboucham pipeline]$ oc get oauthclient
NAME SECRET WWW-CHALLENGE REDIRECT URIS
fabric8 FALSE http://localhost:9090,http://localhost:2772,http://localhost:9000,http://fabric8.192.168.42.89.xip.io,https://fabric8.192.168.42.89.xip.io
gogs FALSE http://localhost:3000,http://gogs.192.168.42.89.xip.io,https://gogs.192.168.42.89.xip.io
openshift-browser-client 96ff538d-dee0-48b5-8946-03cda1ccc005 FALSE https://192.168.122.100:8443/oauth/token/display
openshift-challenging-client 01999743-65f4-4269-9a63-139320f1ebbd TRUE https://192.168.122.100:8443/oauth/token/implicit
openshift-web-console cf322175-19fa-4406-944c-2d0e85346830 FALSE https://192.168.122.100:8443/console/,http://localhost:9000,https://localhost:9000
http://fabric8.192.168.42.89.xip.io correspond to the hostname of the route of fabric8 service. 192.168.42.89 correspond to the minishift ip:
[aboucham@aboucham minishift]$ ./minishift ip
192.168.42.89
@abouchama what does the browser show after you open http://192.168.42.89:30287 - is it an empty page?
@jstrachan here's the output:
[aboucham@aboucham minishift]$ ./minishift version
minishift version: 0.3.2
Are you trying to open the console after previously creating the cluster another day or location? Just a wild guess; I wonder if it has something to do with changing locations and the machine network change? I'm clutching at straws but even so it might be worth recreating the cluster.
minishift delete
minishift start
I'm recreating the cluster and i'm waiting for all images to be downloaded linked to cd-pipeline, I will keep you informed: @rawlingsj & @jstrachan thanks
@jstrachan , @rawlingsj , Sorry, i got exactly the same error after recreating the cluster:
minishift delete
minishift start
@rawlingsj , @jstrachan , Good news :-) the problem is fixed:
[aboucham@aboucham minishift]$ ./minishift service fabric8 --url
http://192.168.42.49:31339
The url generated by minishift service fabric8 --url is not referenced in oauthclient:
[aboucham@aboucham pipeline]$ oc get oauthclient
NAME SECRET WWW-CHALLENGE REDIRECT URIS
fabric8 FALSE http://localhost:9090,http://localhost:2772,http://localhost:9000,http://fabric8.192.168.42.49.xip.io,https://fabric8.192.168.42.49.xip.io
gogs FALSE http://localhost:3000,http://gogs.192.168.42.49.xip.io,https://gogs.192.168.42.49.xip.io
i have edited fabric8 oauthclient to add this url, like following:
[aboucham@aboucham pipeline]$ oc edit oauthclient/fabric8
Now, if we run oc get oauthclient, we can see the url (http://192.168.42.49:31339) in the redirect uri's of fabric8 and the console works as expected:
[aboucham@aboucham pipeline]$ oc get oauthclient
NAME SECRET WWW-CHALLENGE REDIRECT URIS
fabric8 FALSE http://localhost:9090,http://localhost:2772,http://localhost:9000,http://fabric8.192.168.42.49.xip.io,https://fabric8.192.168.42.49.xip.io,http://192.168.42.49:31339
gogs FALSE http://localhost:3000,http://gogs.192.168.42.49.xip.io,https://gogs.192.168.42.49.xip.io
@abouchama yay!! ok cool - lets keep this open until we figure out why the correct URL isn't added to the oauthclient
Ah - we're assuming the domain is the URL for the fabric8 console and add that to the OAuthClient. We probably need some way to add the fabric8 service URL in too...
Seems the issue still exists or came up again. On a fresh minishift (beta!) install I tried installing fabric8, but the redirect problem is still there. Seems to redirect to a https secured page which actually is not available.
Here's my information (full output attached 2017-03-04_minishift_beta_gofabric8_console_redirect.txt ). Shall I open a new ticket or stick in here?
$>rm -Rf ~/.minishift
$>minishift status
Does Not Exist
$>minishift start --cpus 2 --memory=8192
$>minishift version
Minishift version: 1.0.0-beta.4
$>oc login -u system:admin
$>oc project default
$>oc adm policy add-cluster-role-to-user cluster-admin developer
$>oc adm policy add-cluster-role-to-user cluster-admin admin
$>gofabric8 deploy -y
Opening URL http://192.168.64.4:31135
# did not work
# Redirect-Url in Browser: https://192.168.64.4:8443/login?then=%2Foauth%2Fauthorize%3Fclient_id%3Dfabric8%26response_type%3Dtoken%26state%3Dhttp%253A%252F%252F192.168.64.4%253A31135%252F%253Fscope%253Duser%25253Afull%2526state%253Dhttp%25253A%25252F%25252F192.168.64.4%25253A31135%25252F%26redirect_uri%3Dhttp%253A%252F%252F192.168.64.4%253A31135%252F%253Fscope%253Duser%25253Afull%2526state%253Dhttp%25253A%25252F%25252F192.168.64.4%25253A31135%25252F
$>oc get oauthclient
NAME SECRET WWW-CHALLENGE REDIRECT URIS
fabric8 FALSE http://localhost:9000,http://localhost:9090,http://localhost:2772,http://192.168.64.4:0,http://192.168.64.4:31135
gogs FALSE http://localhost:3000,http://192.168.64.4:0,http://192.168.64.4:32203
openshift-browser-client e34a2615-685f-464b-948d-d9cd1e9a7ebc FALSE https://192.168.64.4:8443/oauth/token/display
openshift-challenging-client TRUE https://192.168.64.4:8443/oauth/token/implicit
openshift-web-console FALSE https://192.168.64.4:8443/console/,https://localhost:9000
$> minishift ip
192.168.64.4
$>minishift service fabric8 --url
http://192.168.64.4:31135
Tested w/ Safari + Chrome on latest macOSX Sierra.
Editing oauthclient/fabric8 doesn't seem to make sense to me as the redirect URL is already there.
Any idea what to do?
Cheers,
Karsten
@karstengresch unfortunately there are lots of regressions with the combination of minishift and fabric8 since the 1.x branch. I highly recommend to use minikube for now if you want to use fabric8 on your laptop.
I've added some hints & links to the various issues here: http://fabric8.io/guide/getStarted/minishift.html
Your immediate issue is caused by 1.x of minishift not supporting CORS: https://github.com/minishift/minishift/issues/257
You could try this:
minishift openshift config set --patch '{"corsAllowedOrigins": [".*"]}'
@jstrachan +1 I confirm I can now log into the console on a fresh install over an existing minishift setup. Thanks
