Hello I am trying to run Keto in my Kubernetes cluster using Ory Community #talk-keto

Hello, I am trying to run Keto in my Kubernetes cl...

victorious-eye-56567

04/13/2023, 4:08 PM

Hello, I am trying to run Keto in my Kubernetes cluster using the official helm chart. It is deploying without error, and I can access it using the official OpenAPI collection of HTTP endpoints. The issue though is that even I can access the Keto read API (I see the requests in the keto-read service logs) I always get 404 on all endpoints. I see that a parameter

appProtocol

has been added in the helm chart recently but even if I configure it with http it still does not work. What could be going wrong ? I post my config in a thread. Thanks!

victorious-eye-56567

04/13/2023, 4:09 PM

Here is my keto-values.yaml file:

Copy code

keto:
    config:
        dsn: <postgres://postgres:postgres@host.minikube.internal:5432/aube?sslmode=disable&max_conns=20&max_idle_conns=4> # To set for prod
        serve:
            read:
                port: 4466
            write:
                port: 4467
            metrics:
                port: 4468
        namespaces: base64://{my opl code encoded in base64}

service:
    # -- Read service
    read:
        enabled: true
        name: http-read
        port: 80
        appProtocol: http
    # -- Write service
    write:
        enabled: true
        name: http-write
        port: 80
        appProtocol: http
    # -- Metrics service
    metrics:
        enabled: false
        name: http-metrics
        port: 80
        annotations: {}

victorious-eye-56567

04/13/2023, 4:38 PM

I see that in the

service-read

template from the official keto helm chart that there is this:

Copy code

ports:
20
    - port: {{ 
.Values.service.read.port
 }}
21
      targetPort: {{ 
.Values.service.read.name
 }}
22
      protocol: TCP
23
      name: {{ 
.Values.service.read.name
 }}
24
      appProtocol: {{ 
.Values.service.read.appProtocol
 }}

It seems like the targetPort uses the name ? Is it normal ? Shouldn't it be configurable to 4466 in case of using the TCP protocol ? Edit: My bad, using strings is just a way of giving human readable names to port. As long as the same value is used in the deployment template there is no issue. It has nothing to do with the protocol.

6 Views

Open in Slack

Previous Next