{
"headers": {
"normalizedNames": {},
"lazyUpdate": null
},
"status": 401,
"statusText": "OK",
"url": "https://{webGateway-URL}/api/identity/users/lookup/roles",
"ok": false,
"name": "HttpErrorResponse",
"message": "Http failure response for https://{webGateway-URL}/api/identity/users/lookup/roles: 401 OK",
"error": null
}
We have deployed a newly generated microservices solution using .NET and Angular as our frontend. All microservices under infrastructure (WebGateway, Saas, Language, AuthServer, Administration, etc) are deployed on an AKS cluster, each one with their own deployment, service and configmap. The only ingress created are for WebGateway and AuthServer. WebGateway communicates with all services using internal communication between services and don't use Ingresses, since all other microservices don't have an Ingress. We are doing this to avoid unneccesary exposure of our microservices. The issue is that as seen above, we can't correctly authenticate with each endpoint through WebGateway. We found that the call https://{webGateway-URL}/api/abp/application-configuration returns {"isAuthenticated":false,"id":null,"tenantId":null,"impersonatorUserId":null,"impersonatorTenantId":null,"impersonatorUserName":null,"impersonatorTenantName":null,"userName":null,"name":null,"surName":null,"email":null,"emailVerified":false,"phoneNumber":null,"phoneNumberVerified":false,"roles":[],"sessionId":null}. If we make our Web Gateway endpoint use the external Ingress URL we can authenticate successfully, but we want to avoid exposing microservice if it's not strictly necessary. We can guess that there are some information being lost when communicating internally, maybe some headers, as we are still debugging the issue. Communication between services is done using HTTP and not HTTPS.
My questions are: what is the best practice for communication between microservices in a Kubernetes cluster? should be strictly done through external URLs with Ingress or this can be done using services? How should we configure services for this to work correctly?
Thank you in advance. Best regards, Gaston Gallo
Thank you for replying!
The error we are getting is the following:
[ 2024-11-05T13:09:22.067626962Z ]: For more information, contact to license@abp.io.
[ 2024-11-05T13:09:22.067620655Z ]: You need to log in using the command `abp login <username>`.
[ 2024-11-05T13:09:22.067592920Z ]: [13:09:22 ERR] ABP-LIC-ERROR - License check failed for 'Volo.Saas.Host.HttpApi-v7.4.0.0'.
Is there any way we can keep the Development environment name when running on Kubernetes? or we must use a licensed ABP Commercial account dedicated for running applications on Development?
Thank you! Best regards.
We are trying to run our ABP Commercial application on Development environment on a Kubernetes cluster so we can test new code but we are getting an error that says that we need to login in order to run the application. We could use another environment name (like Dev, DevRemote, etc) but isn't really practical for us because we use monitoring tools and would like to keep environment naming consistent with other applications. Is there any way we can keep the Development name? or we must use a licensed ABP Commercial account dedicated for running applications? Sorry about my bad english, if there is something that is hard to understand please let me know and I can elaborate it more.
Thank you in advance, Best regards.
