https://www.ory.sh/ logo
Join Slack
Powered by
Hi @ <#C012RJ2MQ1H|kratos> I am facing the follow...
# talk-kratos
s
Hi @ #kratos I am facing the following issues when trying to trigger any flow after getting the flow ID Using SelfService UI Node installed it via Helm Chart
Copy code
{
  "message": "read ECONNRESET",
  "name": "Error",
  "stack": "Error: read ECONNRESET\n    at TCP.onStreamRead (node:internal/stream_base_commons:211:20)",
  "config": {
    "url": "<http://kratos-public.orydemo.svc.cluster.local:4433/self-service/login/flows?id=45788f28-d2c9-425d-94e0-141e2e699ad6>",
    "method": "get",
    "headers": {
      "Accept": "application/json, text/plain, */*",
      "User-Agent": "axios/0.21.4"
    },
    "transformRequest": [
      null
    ],
    "transformResponse": [
      null
    ],
    "timeout": 0,
    "xsrfCookieName": "XSRF-TOKEN",
    "xsrfHeaderName": "X-XSRF-TOKEN",
    "maxContentLength": -1,
    "maxBodyLength": -1,
    "transitional": {
      "silentJSONParsing": true,
      "forcedJSONParsing": true,
      "clarifyTimeoutError": false
    }
  },
  "code": "ECONNRESET"
}
Accessed the Uinode’s shell and tried wget to the kratos-public service with flow id Which throws the following error 
error getting response: Connection reset by peer
Some times facing 403 Forbidden While the same call to public API is succeeding i.e 
<https://kratos-api-public-dev.abcgoogle.com/self-service/login/flows?id=49d265f4-795f-48e0-bb1e-5296e4da57a1>
Has anyone faced the same issue?
d
Hello. It looks like kratos is inaccessible from ui node
s
Hi thanks for the response nslookup through the container is not failing
It’s actually able to connect
d
It actually depends on how do you make requests to kratos. It looks like 
<https://kratos-api-public-dev.abc>….
URL works fine because everything is configured property to access from the internet while you can have issues with internal network configuration
ECONNRESET
errors usually comes after network misconfiguration of your ingress load balancers and internal configuration inside your cluster
What ingress load balancer do you use with your k8s cluster?
s
Hmm, as mentioned earlier the Pods are able to connect to each other And tested it via Accessing the UI Container to make a call internally to the Service (not the Publicly accessible URL)
I am using ALB
Also Exposed the kratos-public service as NodePort
d
Do I understand correctly that you use AWS/ALB ?
s
Yep
d
Do you have any public demo avaiable to reproduce the issue?
We can continue in DM if you want
s
Sure, Thanks
2 Views
Open in Slack
PreviousNext
Powered by