Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[ISSUE] Identity UI responds with HTTP Error 500 after some time #2481

Open
PSanetra opened this issue Oct 17, 2024 · 1 comment
Open

[ISSUE] Identity UI responds with HTTP Error 500 after some time #2481

PSanetra opened this issue Oct 17, 2024 · 1 comment
Labels
kind/issue Unidentified issue, it could be a bug, misconfig, or anything in between platform/local

Comments

@PSanetra
Copy link

Describe the issue:

I have deployed the camunda in a local kind environment and can successfully access all applications including the identity application, but after some time on that UI I get only HTTP 500 errors from the backend.

The error is resolved for some time when I delete the IDENTITY_REFRESH_JWT cookie in my browser, so I guess the backend can not successfully refreshing the token. The refresh token issuer url is not reachable from inside the cluster so probably the identity application is not considering the global.identity.auth.issuerBackendUrl.

Actual behavior:

  • The UI responds with HTTP status code 500 after some time
  • The backend prints an exception (see Logs section)

Expected behavior:

  • Refreshing the identity ui token should work when global.identity.auth.issuerBackendUrl is set

Logs:

ERROR 1 --- [nio-8080-exec-3] i.s.e.RestResponseEntityExceptionHandler : Unexpected error

io.camunda.identity.sdk.impl.rest.exception.RestException: request failed
	at io.camunda.identity.sdk.impl.rest.RestClient.send(RestClient.java:130) ~[identity-sdk-8.6.0-SNAPSHOT.jar!/:8.6.0-SNAPSHOT]
	at io.camunda.identity.sdk.impl.rest.RestClient.request(RestClient.java:106) ~[identity-sdk-8.6.0-SNAPSHOT.jar!/:8.6.0-SNAPSHOT]
	at io.camunda.identity.sdk.impl.keycloak.KeycloakAuthentication.renewToken(KeycloakAuthentication.java:105) ~[identity-sdk-8.6.0-SNAPSHOT.jar!/:8.6.0-SNAPSHOT]
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:na]
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) ~[na:na]
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) ~[na:na]
	at java.base/java.lang.reflect.Method.invoke(Unknown Source) ~[na:na]
	at io.camunda.identity.sdk.annotation.AnnotationProcessor.lambda$apply$0(AnnotationProcessor.java:33) ~[identity-sdk-8.6.0-SNAPSHOT.jar!/:8.6.0-SNAPSHOT]
	at jdk.proxy2/jdk.proxy2.$Proxy171.renewToken(Unknown Source) ~[na:na]
	at io.camunda.identity.impl.sm.security.spring.filter.SmJwtFilter.doFilterInternal(SmJwtFilter.java:78) ~[!/:na]
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-6.1.10.jar!/:6.1.10]
	at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240) ~[spring-security-web-6.3.0.jar!/:6.3.0]
	at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227) ~[spring-security-web-6.3.0.jar!/:6.3.0]
	at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137) ~[spring-security-web-6.3.0.jar!/:6.3.0]
	at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:107) ~[spring-security-web-6.3.0.jar!/:6.3.0]
	at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:93) ~[spring-security-web-6.3.0.jar!/:6.3.0]
	at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240) ~[spring-security-web-6.3.0.jar!/:6.3.0]
	at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227) ~[spring-security-web-6.3.0.jar!/:6.3.0]
	at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137) ~[spring-security-web-6.3.0.jar!/:6.3.0]
	at io.camunda.identity.security.spring.filter.FilterExceptionHandler.doFilterInternal(FilterExceptionHandler.java:31) ~[!/:na]
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-6.1.10.jar!/:6.1.10]
	at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240) ~[spring-security-web-6.3.0.jar!/:6.3.0]
	at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227) ~[spring-security-web-6.3.0.jar!/:6.3.0]
	at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137) ~[spring-security-web-6.3.0.jar!/:6.3.0]
	at org.springframework.web.filter.CorsFilter.doFilterInternal(CorsFilter.java:91) ~[spring-web-6.1.10.jar!/:6.1.10]
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-6.1.10.jar!/:6.1.10]
	at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240) ~[spring-security-web-6.3.0.jar!/:6.3.0]
	at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227) ~[spring-security-web-6.3.0.jar!/:6.3.0]
	at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137) ~[spring-security-web-6.3.0.jar!/:6.3.0]
	at org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:90) ~[spring-security-web-6.3.0.jar!/:6.3.0]
	at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:75) ~[spring-security-web-6.3.0.jar!/:6.3.0]
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-6.1.10.jar!/:6.1.10]
	at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240) ~[spring-security-web-6.3.0.jar!/:6.3.0]
	at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227) ~[spring-security-web-6.3.0.jar!/:6.3.0]
	at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137) ~[spring-security-web-6.3.0.jar!/:6.3.0]
	at org.springframework.security.web.context.SecurityContextHolderFilter.doFilter(SecurityContextHolderFilter.java:82) ~[spring-security-web-6.3.0.jar!/:6.3.0]
	at org.springframework.security.web.context.SecurityContextHolderFilter.doFilter(SecurityContextHolderFilter.java:69) ~[spring-security-web-6.3.0.jar!/:6.3.0]
	at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240) ~[spring-security-web-6.3.0.jar!/:6.3.0]
	at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227) ~[spring-security-web-6.3.0.jar!/:6.3.0]
	at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137) ~[spring-security-web-6.3.0.jar!/:6.3.0]
	at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:62) ~[spring-security-web-6.3.0.jar!/:6.3.0]
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-6.1.10.jar!/:6.1.10]
	at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240) ~[spring-security-web-6.3.0.jar!/:6.3.0]
	at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227) ~[spring-security-web-6.3.0.jar!/:6.3.0]
	at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137) ~[spring-security-web-6.3.0.jar!/:6.3.0]
	at org.springframework.security.web.session.DisableEncodeUrlFilter.doFilterInternal(DisableEncodeUrlFilter.java:42) ~[spring-security-web-6.3.0.jar!/:6.3.0]
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-6.1.10.jar!/:6.1.10]
	at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240) ~[spring-security-web-6.3.0.jar!/:6.3.0]
	at org.springframework.security.web.ObservationFilterChainDecorator$AroundFilterObservation$SimpleAroundFilterObservation.lambda$wrap$0(ObservationFilterChainDecorator.java:323) ~[spring-security-web-6.3.0.jar!/:6.3.0]
	at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:224) ~[spring-security-web-6.3.0.jar!/:6.3.0]
	at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137) ~[spring-security-web-6.3.0.jar!/:6.3.0]
	at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:233) ~[spring-security-web-6.3.0.jar!/:6.3.0]
	at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:191) ~[spring-security-web-6.3.0.jar!/:6.3.0]
	at org.springframework.web.filter.CompositeFilter$VirtualFilterChain.doFilter(CompositeFilter.java:113) ~[spring-web-6.1.10.jar!/:6.1.10]
	at org.springframework.web.servlet.handler.HandlerMappingIntrospector.lambda$createCacheFilter$3(HandlerMappingIntrospector.java:195) ~[spring-webmvc-6.1.10.jar!/:6.1.10]
	at org.springframework.web.filter.CompositeFilter$VirtualFilterChain.doFilter(CompositeFilter.java:113) ~[spring-web-6.1.10.jar!/:6.1.10]
	at org.springframework.web.filter.CompositeFilter.doFilter(CompositeFilter.java:74) ~[spring-web-6.1.10.jar!/:6.1.10]
	at org.springframework.security.config.annotation.web.configuration.WebMvcSecurityConfiguration$CompositeFilterChainProxy.doFilter(WebMvcSecurityConfiguration.java:230) ~[spring-security-config-6.2.5.jar!/:6.2.5]
	at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:352) ~[spring-web-6.1.10.jar!/:6.1.10]
	at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:268) ~[spring-web-6.1.10.jar!/:6.1.10]
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164) ~[tomcat-embed-core-10.1.25.jar!/:na]
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140) ~[tomcat-embed-core-10.1.25.jar!/:na]
	at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100) ~[spring-web-6.1.10.jar!/:6.1.10]
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-6.1.10.jar!/:6.1.10]
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164) ~[tomcat-embed-core-10.1.25.jar!/:na]
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140) ~[tomcat-embed-core-10.1.25.jar!/:na]
	at org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:93) ~[spring-web-6.1.10.jar!/:6.1.10]
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-6.1.10.jar!/:6.1.10]
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164) ~[tomcat-embed-core-10.1.25.jar!/:na]
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140) ~[tomcat-embed-core-10.1.25.jar!/:na]
	at org.springframework.web.filter.ServerHttpObservationFilter.doFilterInternal(ServerHttpObservationFilter.java:107) ~[spring-web-6.1.10.jar!/:6.1.10]
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-6.1.10.jar!/:6.1.10]
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164) ~[tomcat-embed-core-10.1.25.jar!/:na]
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140) ~[tomcat-embed-core-10.1.25.jar!/:na]
	at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201) ~[spring-web-6.1.10.jar!/:6.1.10]
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-6.1.10.jar!/:6.1.10]
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164) ~[tomcat-embed-core-10.1.25.jar!/:na]
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140) ~[tomcat-embed-core-10.1.25.jar!/:na]
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:167) ~[tomcat-embed-core-10.1.25.jar!/:na]
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:90) ~[tomcat-embed-core-10.1.25.jar!/:na]
	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:482) ~[tomcat-embed-core-10.1.25.jar!/:na]
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:115) ~[tomcat-embed-core-10.1.25.jar!/:na]
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:93) ~[tomcat-embed-core-10.1.25.jar!/:na]
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74) ~[tomcat-embed-core-10.1.25.jar!/:na]
	at org.apache.catalina.valves.RemoteIpValve.invoke(RemoteIpValve.java:731) ~[tomcat-embed-core-10.1.25.jar!/:na]
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:344) ~[tomcat-embed-core-10.1.25.jar!/:na]
	at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:389) ~[tomcat-embed-core-10.1.25.jar!/:na]
	at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:63) ~[tomcat-embed-core-10.1.25.jar!/:na]
	at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:904) ~[tomcat-embed-core-10.1.25.jar!/:na]
	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1741) ~[tomcat-embed-core-10.1.25.jar!/:na]
	at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:52) ~[tomcat-embed-core-10.1.25.jar!/:na]
	at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1190) ~[tomcat-embed-core-10.1.25.jar!/:na]
	at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659) ~[tomcat-embed-core-10.1.25.jar!/:na]
	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:63) ~[tomcat-embed-core-10.1.25.jar!/:na]
	at java.base/java.lang.Thread.run(Unknown Source) ~[na:na]
Caused by: java.net.ConnectException: null
	at java.net.http/jdk.internal.net.http.HttpClientImpl.send(Unknown Source) ~[java.net.http:na]
	at java.net.http/jdk.internal.net.http.HttpClientFacade.send(Unknown Source) ~[java.net.http:na]
	at io.camunda.identity.sdk.impl.rest.RestClient.send(RestClient.java:119) ~[identity-sdk-8.6.0-SNAPSHOT.jar!/:8.6.0-SNAPSHOT]
	... 94 common frames omitted
Caused by: java.net.ConnectException: null
	at java.net.http/jdk.internal.net.http.common.Utils.toConnectException(Unknown Source) ~[java.net.http:na]
	at java.net.http/jdk.internal.net.http.PlainHttpConnection.connectAsync(Unknown Source) ~[java.net.http:na]
	at java.net.http/jdk.internal.net.http.PlainHttpConnection.checkRetryConnect(Unknown Source) ~[java.net.http:na]
	at java.net.http/jdk.internal.net.http.PlainHttpConnection.lambda$connectAsync$1(Unknown Source) ~[java.net.http:na]
	at java.base/java.util.concurrent.CompletableFuture.uniHandle(Unknown Source) ~[na:na]
	at java.base/java.util.concurrent.CompletableFuture$UniHandle.tryFire(Unknown Source) ~[na:na]
	at java.base/java.util.concurrent.CompletableFuture.postComplete(Unknown Source) ~[na:na]
	at java.base/java.util.concurrent.CompletableFuture$AsyncSupply.run(Unknown Source) ~[na:na]
	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) ~[na:na]
	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) ~[na:na]
	... 1 common frames omitted
Caused by: java.nio.channels.ClosedChannelException: null
	at java.base/sun.nio.ch.SocketChannelImpl.ensureOpen(Unknown Source) ~[na:na]
	at java.base/sun.nio.ch.SocketChannelImpl.beginConnect(Unknown Source) ~[na:na]
	at java.base/sun.nio.ch.SocketChannelImpl.connect(Unknown Source) ~[na:na]
	at java.net.http/jdk.internal.net.http.PlainHttpConnection.lambda$connectAsync$0(Unknown Source) ~[java.net.http:na]
	at java.base/java.security.AccessController.doPrivileged(Unknown Source) ~[na:na]
	... 10 common frames omitted

Environment:

Please note: Without the following info, it's hard to resolve the issue and probably it will be closed.

  • Platform: Kind 0.24.0
  • Helm CLI version: version.BuildInfo{Version:"v3.16.1", GitCommit:"v3.16.1", GitTreeState:"", GoVersion:"go1.22.7"}
  • Chart version: 11.0.1
  • local entry in /etc/hosts: 127.0.0.2 kind-devspace.local
  • Ingress controller listens on 127.0.0.2 on the host
  • Values file:
global:
  secrets:
    autoGenerated: true
    name: "camunda-secrets"
  ingress:
    enabled: true
    annotations:
      cert-manager.io/cluster-issuer: devspace-ca
      external-dns.alpha.kubernetes.io/hostname: "{{ .Values.global.ingress.host }}"
      external-dns.alpha.kubernetes.io/ttl: "60"
    host: kind-devspace.local
    tls:
      enabled: true
      secretName: camunda-crt
  identity:
    auth:
      enabled: true
      publicIssuerUrl: "https://{{ .Values.global.ingress.host }}/auth/realms/camunda-platform"
      issuerBackendUrl: "http://keycloak/auth/realms/camunda-platform"
      type: "KEYCLOAK"
      admin:
        existingSecret:
          name: "camunda-secrets"
        existingSecretKey: "identity-admin-client-password"
      connectors:
        existingSecret:
          name: "camunda-secrets"
      console:
        redirectUrl: "https://{{ .Values.global.ingress.host }}/console"
        existingSecret:
          name: "camunda-secrets"
      identity:
        redirectUrl: "https://{{ .Values.global.ingress.host }}/identity"
      operate:
        redirectUrl: "https://{{ .Values.global.ingress.host }}/operate"
        existingSecret:
          name: "camunda-secrets"
      tasklist:
        redirectUrl: "https://{{ .Values.global.ingress.host }}/tasklist"
        existingSecret:
          name: "camunda-secrets"
      optimize:
        redirectUrl: "https://{{ .Values.global.ingress.host }}/optimize"
        existingSecret:
          name: "camunda-secrets"
      webModeler:
        redirectUrl: "https://{{ .Values.global.ingress.host }}/modeler"
      zeebe:
        existingSecret:
          name: "camunda-secrets"

console:
  enabled: true
  contextPath: /console
  startupProbe:
    enabled: true
    initialDelaySeconds: 0
    periodSeconds: 2
    failureThreshold: 600
  readinessProbe:
    initialDelaySeconds: 0
    periodSeconds: 5

operate:
  contextPath: /operate
  startupProbe:
    enabled: true
    initialDelaySeconds: 0
    periodSeconds: 2
    failureThreshold: 600
  readinessProbe:
    initialDelaySeconds: 0
    periodSeconds: 5

tasklist:
  contextPath: /tasklist
  startupProbe:
    enabled: true
    initialDelaySeconds: 0
    periodSeconds: 2
    failureThreshold: 600
  readinessProbe:
    initialDelaySeconds: 0
    periodSeconds: 5

# Disable identity as part of the Camunda core
identity:
  enabled: true
  contextPath: /identity
  env:
    - name: KEYCLOAK_CLIENTS_2_NAME
      value: "MyClient"
    - name: KEYCLOAK_CLIENTS_2_ID
      value: "my-client"
    - name: KEYCLOAK_CLIENTS_2_SECRET
      value: "my-client-s3cret"
    - name: KEYCLOAK_CLIENTS_2_TYPE
      value: M2M
    - name: KEYCLOAK_CLIENTS_2_PERMISSIONS_0_RESOURCE_SERVER_ID
      value: zeebe-api
    - name: KEYCLOAK_CLIENTS_2_PERMISSIONS_0_DEFINITION
      value: write:*
  keycloak:
    enabled: true
    contextPath: /auth
  firstUser:
    username: "demo"
    email: "[email protected]"
    existingSecret: "camunda-secrets"
  startupProbe:
    enabled: true
    initialDelaySeconds: 0
    periodSeconds: 2
    failureThreshold: 600
  readinessProbe:
    initialDelaySeconds: 0
    periodSeconds: 5

# Disable keycloak
identityKeycloak:
  enabled: true
  fullnameOverride: keycloak
  postgresql:
    auth:
      existingSecret: "camunda-secrets"
  auth:
    existingSecret: "camunda-secrets"
  startupProbe:
    enabled: true
    initialDelaySeconds: 0
    periodSeconds: 2
    failureThreshold: 600
  readinessProbe:
    initialDelaySeconds: 0
    periodSeconds: 5

identityPostgresql:
  auth:
    existingSecret: "camunda-secrets"
  primary:
    startupProbe:
      enabled: true
      initialDelaySeconds: 0
      periodSeconds: 2
      failureThreshold: 600
    readinessProbe:
      initialDelaySeconds: 0
      periodSeconds: 5
  readReplicas:
    startupProbe:
      enabled: true
      initialDelaySeconds: 0
      periodSeconds: 2
      failureThreshold: 600
    readinessProbe:
      initialDelaySeconds: 0
      periodSeconds: 5
  metrics:
    startupProbe:
      enabled: true
      initialDelaySeconds: 0
      periodSeconds: 2
      failureThreshold: 600
    readinessProbe:
      initialDelaySeconds: 0
      periodSeconds: 5

postgresql:
  primary:
    startupProbe:
      enabled: true
      initialDelaySeconds: 0
      periodSeconds: 2
      failureThreshold: 600
    readinessProbe:
      initialDelaySeconds: 0
      periodSeconds: 5
  readReplicas:
    startupProbe:
      enabled: true
      initialDelaySeconds: 0
      periodSeconds: 2
      failureThreshold: 600
    readinessProbe:
      initialDelaySeconds: 0
      periodSeconds: 5
  metrics:
    startupProbe:
      enabled: true
      initialDelaySeconds: 0
      periodSeconds: 2
      failureThreshold: 600
    readinessProbe:
      initialDelaySeconds: 0
      periodSeconds: 5

optimize:
  enabled: true
  contextPath: /optimize
  startupProbe:
    enabled: true
    initialDelaySeconds: 0
    periodSeconds: 2
    failureThreshold: 600
  readinessProbe:
    initialDelaySeconds: 0
    periodSeconds: 5

webModeler:
  contextPath: /modeler
  restapi:
    startupProbe:
      enabled: true
      initialDelaySeconds: 0
      periodSeconds: 2
      failureThreshold: 600
    readinessProbe:
      initialDelaySeconds: 0
      periodSeconds: 5
  webapp:
    startupProbe:
      enabled: true
      initialDelaySeconds: 0
      periodSeconds: 2
      failureThreshold: 600
    readinessProbe:
      initialDelaySeconds: 0
      periodSeconds: 5
  websockets:
    startupProbe:
      enabled: true
      initialDelaySeconds: 0
      periodSeconds: 2
      failureThreshold: 600
    readinessProbe:
      initialDelaySeconds: 0
      periodSeconds: 5

# Reduce for Zeebe and Gateway the configured replicas and with that the required resources
# to get it running locally
zeebe:
  clusterSize: 1
  partitionCount: 1
  replicationFactor: 1
  pvcSize: 10Gi
  startupProbe:
    enabled: true
    initialDelaySeconds: 0
    periodSeconds: 2
    failureThreshold: 600
  readinessProbe:
    initialDelaySeconds: 0
    periodSeconds: 5

zeebeGateway:
  replicas: 1
  contextPath: /zeebe
  startupProbe:
    enabled: true
    initialDelaySeconds: 0
    periodSeconds: 2
    failureThreshold: 600
  readinessProbe:
    initialDelaySeconds: 0
    periodSeconds: 5

connectors:
  enabled: true
  contextPath: /connectors
  inbound:
    mode: disabled
  startupProbe:
    enabled: true
    initialDelaySeconds: 0
    periodSeconds: 2
    failureThreshold: 600
  readinessProbe:
    initialDelaySeconds: 0
    periodSeconds: 5

elasticsearch:
  master:
    replicaCount: 1
    # Request smaller persistent volumes.
    persistence:
      size: 15Gi
    startupProbe:
      enabled: true
      initialDelaySeconds: 0
      periodSeconds: 2
      failureThreshold: 600
    readinessProbe:
      initialDelaySeconds: 0
      periodSeconds: 5
  data:
    startupProbe:
      enabled: true
      initialDelaySeconds: 0
      periodSeconds: 2
      failureThreshold: 600
    readinessProbe:
      initialDelaySeconds: 0
      periodSeconds: 5
  coordinating:
    startupProbe:
      enabled: true
      initialDelaySeconds: 0
      periodSeconds: 2
      failureThreshold: 600
    readinessProbe:
      initialDelaySeconds: 0
      periodSeconds: 5
  ingest:
    startupProbe:
      enabled: true
      initialDelaySeconds: 0
      periodSeconds: 2
      failureThreshold: 600
    readinessProbe:
      initialDelaySeconds: 0
      periodSeconds: 5
  metrics:
    startupProbe:
      enabled: true
      initialDelaySeconds: 0
      periodSeconds: 2
      failureThreshold: 600
    readinessProbe:
      initialDelaySeconds: 0
      periodSeconds: 5
@PSanetra PSanetra added the kind/issue Unidentified issue, it could be a bug, misconfig, or anything in between label Oct 17, 2024
@jessesimpson36
Copy link
Contributor

@jessesimpson36 link relevant issues to this

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/issue Unidentified issue, it could be a bug, misconfig, or anything in between platform/local
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@PSanetra @jessesimpson36