It's very hard to figure out which env setting is HTTPS or HTTP. I have double-checked the template many times, but it does not work.
Any wrong setting will cause show "Not secure Page" and the log exception: 443 refused.
Does anyone have a workable sample run in k8s with abp.io v5.2.1?
k8 deploy, only follow the abp.io suite template (v5.2.1), and change some necessary Env settings. Add the TLS secret follow this document : https://github.com/abpframework/eShopOnAbp/tree/main/etc
Error Info:
[03:43:53 INF] Executing endpoint 'MOS.Blazor.Controllers.AccountController.Login (MOS.Blazor)'
[03:43:53 INF] Route matched with {action = "Login", controller = "Account", area = "", page = ""}. Executing controller action with signature Microsoft.AspNetCore.Mvc.ActionResult Login(System.String, System.String) on controller MOS.Blazor.Controllers.AccountController (MOS.Blazor).
[03:43:53 INF] Executing ChallengeResult with authentication schemes (["oidc"]).
[03:43:58 INF] Executed action MOS.Blazor.Controllers.AccountController.Login (MOS.Blazor) in 5219.8724ms
[03:43:58 INF] Executed endpoint 'MOS.Blazor.Controllers.AccountController.Login (MOS.Blazor)'
[03:43:58 ERR] An unhandled exception has occurred while executing the request.
System.InvalidOperationException: IDX20803: Unable to obtain configuration from: 'System.String'.
---> System.IO.IOException: IDX20804: Unable to retrieve document from: 'System.String'.
---> System.Net.Http.HttpRequestException: Connection refused (mos-st-authserver:443)
---> System.Net.Sockets.SocketException (111): Connection refused
Here is my Values.yaml
# auth-server sub-chart override
authserver:
config:
selfUrl: https://mos-st-authserver
corsOrigins: https://mos-st-gateway-web,https://mos-st-gateway-web-public,https://mos-st-identity,https://mos-st-administration,https://mos-st-saas,https://mos-st-product
allowedRedirectUrls: https://mos-st-angular
identityService:
connString: "Server=mos-st-sqldb,1433;Database=MOS_Identity;User Id=sa;password=myPassw@rd"
administrationService:
connString: "Server=mos-st-sqldb,1433;Database=MOS_Administration;User Id=sa;password=myPassw@rd"
saasService:
connString: "Server=mos-st-sqldb,1433;Database=MOS_Saas;User Id=sa;password=myPassw@rd"
authServer:
authority: http://mos-st-authserver
requireHttpsMetadata: "false"
dotnetEnv: Staging
redisHost: mos-st-redis
rabbitmqHost: mos-st-rabbitmq
elasticsearchUrl: http://mos-st-elasticsearch
ingress:
host: mos-st-authserver
image:
imagePullSecretName: regcred
repository: 123123123.dkr.ecr.ap-east-1.amazonaws.com/mos-app-authserver
tag: latest
# identity-service sub-chart override
identity:
config:
selfUrl: https://mos-st-identity
corsOrigins: https://mos-st-gateway-web, https://mos-st-gateway-web-public
connectionStrings:
identityService: "Server=mos-st-sqldb,1433;Database=MOS_Identity;User Id=sa;password=myPassw@rd"
administrationService: "Server=mos-st-sqldb,1433;Database=MOS_Administration;User Id=sa;password=myPassw@rd"
saasService: "Server=mos-st-sqldb,1433;Database=MOS_Saas;User Id=sa;password=myPassw@rd"
authServer:
authority: http://mos-st-authserver
requireHttpsMetadata: "false"
dotnetEnv: Staging
redisHost: mos-st-redis
rabbitmqHost: mos-st-rabbitmq
elasticsearchUrl: http://mos-st-elasticsearch
identityServerClients:
blazorServerRootUrl: https://mos-st-web/
publicWebRootUrl: https://mos-st-publicweb/
webGatewayRootUrl: https://mos-st-gateway-web/
publicWebGatewayRootUrl: https://mos-st-gateway-web-public/
identityServerResources:
accountServiceRootUrl: https://mos-st-authserver/
identityServiceRootUrl: https://mos-st-identity/
administrationServiceRootUrl: https://mos-st-administration/
saasServiceRootUrl: https://mos-st-saas/
productServiceRootUrl: https://mos-st-product/
clientServiceRootUrl: https://mos-st-client/
notificationServiceRootUrl: https://mos-st-notification/
ingress:
host: mos-st-identity
image:
imagePullSecretName: regcred
repository: 123123123.dkr.ecr.ap-east-1.amazonaws.com/mos-service-identity
tag: latest
# administration-service sub-chart override
administration:
config:
selfUrl: https://mos-st-administration
gatewayUrl: http://mos-st-gateway-web
corsOrigins: https://mos-st-gateway-web,https://mos-st-gateway-web-public
connectionStrings:
administrationService: "Server=mos-st-sqldb,1433;Database=MOS_Administration;User Id=sa;password=myPassw@rd"
saasService: "Server=mos-st-sqldb,1433;Database=MOS_Saas;User Id=sa;password=myPassw@rd"
authServer:
authority: http://mos-st-authserver
requireHttpsMetadata: "false"
dotnetEnv: Staging
redisHost: mos-st-redis
rabbitmqHost: mos-st-rabbitmq
elasticsearchUrl: http://mos-st-elasticsearch
synchedCommunication: # Used for server-to-server (client-credentials) communication with identityService for user permissions
authority: https://mos-st-authserver
ingress:
host: mos-st-administration
image:
imagePullSecretName: regcred
repository: 123123123.dkr.ecr.ap-east-1.amazonaws.com/mos-service-administration
tag: latest
# saas-service sub-chart override
saas:
config:
selfUrl: https://mos-st-saas
corsOrigins: https://mos-st-gateway-web
connectionStrings:
administrationService: "Server=mos-st-sqldb,1433;Database=MOS_Administration;User Id=sa;password=myPassw@rd"
saasService: "Server=mos-st-sqldb,1433;Database=MOS_Saas;User Id=sa;password=myPassw@rd"
authServer:
authority: http://mos-st-authserver
requireHttpsMetadata: "false"
dotnetEnv: Staging
redisHost: mos-st-redis
rabbitmqHost: mos-st-rabbitmq
elasticsearchUrl: http://mos-st-elasticsearch
ingress:
host: mos-st-saas
image:
imagePullSecretName: regcred
repository: 123123123.dkr.ecr.ap-east-1.amazonaws.com/mos-service-saas
tag: latest
# product-service sub-chart override
product:
config:
selfUrl: https://mos-st-product
corsOrigins: https://mos-st-gateway-web,https://mos-st-gateway-web-public
connectionStrings:
productService: "Server=mos-st-sqldb,1433;Database=MOS_ProductService;User Id=sa;password=myPassw@rd"
administrationService: "Server=mos-st-sqldb,1433;Database=MOS_Administration;User Id=sa;password=myPassw@rd"
saasService: "Server=mos-st-sqldb,1433;Database=MOS_Saas;User Id=sa;password=myPassw@rd"
authServer:
authority: http://mos-st-authserver
requireHttpsMetadata: "false"
dotnetEnv: Staging
redisHost: mos-st-redis
rabbitmqHost: mos-st-rabbitmq
elasticsearchUrl: http://mos-st-elasticsearch
ingress:
host: mos-st-product
image:
imagePullSecretName: regcred
repository: 123123123.dkr.ecr.ap-east-1.amazonaws.com/mos-service-product
tag: latest
# notification-service sub-chart override
notification:
config:
selfUrl: https://mos-st-notification
corsOrigins: https://mos-st-gateway-web,https://mos-st-gateway-web-public
connectionStrings:
notificationService: "Server=mos-st-sqldb,1433;Database=MOS_NotificationService;User Id=sa;password=myPassw@rd"
administrationService: "Server=mos-st-sqldb,1433;Database=MOS_Administration;User Id=sa;password=myPassw@rd"
saasService: "Server=mos-st-sqldb,1433;Database=MOS_Saas;User Id=sa;password=myPassw@rd"
authServer:
authority: http://mos-st-authserver
requireHttpsMetadata: "false"
dotnetEnv: Staging
redisHost: mos-st-redis
rabbitmqHost: mos-st-rabbitmq
elasticsearchUrl: http://mos-st-elasticsearch
ingress:
host: mos-st-notification
image:
imagePullSecretName: regcred
repository: 123123123.dkr.ecr.ap-east-1.amazonaws.com/mos-service-notification
tag: latest
# client-service sub-chart override
client:
config:
selfUrl: https://mos-st-client
corsOrigins: https://mos-st-gateway-web,https://mos-st-gateway-web-public
connectionStrings:
clientService: "Server=mos-st-sqldb,1433;Database=MOS_ClientService;User Id=sa;password=myPassw@rd"
administrationService: "Server=mos-st-sqldb,1433;Database=MOS_Administration;User Id=sa;password=myPassw@rd"
saasService: "Server=mos-st-sqldb,1433;Database=MOS_Saas;User Id=sa;password=myPassw@rd"
authServer:
authority: http://mos-st-authserver
requireHttpsMetadata: "false"
dotnetEnv: Staging
redisHost: mos-st-redis
rabbitmqHost: mos-st-rabbitmq
elasticsearchUrl: http://mos-st-elasticsearch
ingress:
host: mos-st-client
image:
imagePullSecretName: regcred
repository: 123123123.dkr.ecr.ap-east-1.amazonaws.com/mos-service-client
tag: latest
# gateway-web sub-chart override
gateway-web:
config:
selfUrl: https://mos-st-gateway-web
corsOrigins: https://mos-st-web
globalConfigurationBaseUrl: http://mos-st-gateway-web
authServer:
authority: http://mos-st-authserver
requireHttpsMetadata: "false"
dotnetEnv: Staging
redisHost: mos-st-redis
rabbitmqHost: mos-st-rabbitmq
elasticsearchUrl: http://mos-st-elasticsearch
reRoutes:
authserver:
schema: http
host: mos-st-authserver
port: 80
identityService:
schema: # http
host: mos-st-identity
port: 80
administrationService:
schema: http
host: mos-st-administration
port: 80
saasService:
schema: # http
host: mos-st-saas
port: 80
productService:
schema: http
host: mos-st-saas
port: 80
ingress:
host: mos-st-gateway-web
image:
imagePullSecretName: regcred
repository: 123123123.dkr.ecr.ap-east-1.amazonaws.com/mos-gateway-web
tag: latest
pullPolicy: IfNotPresent
# gateway-web-public sub-chart override
gateway-web-public:
config:
selfUrl: https://mos-st-gateway-web-public
globalConfigurationBaseUrl: http://mos-st-gateway-web-public
corsOrigins: https://mos-st-publicweb
authServer:
authority: http://mos-st-authserver
requireHttpsMetadata: "false"
dotnetEnv: Staging
redisHost: mos-st-redis
rabbitmqHost: mos-st-rabbitmq
elasticsearchUrl: http://mos-st-elasticsearch
reRoutes:
identityService:
schema: http
host: mos-st-identity
port: 80
administrationService:
schema: http
host: mos-st-administration
port: 80
productService:
schema: http
host: mos-st-product
port: 80
ingress:
host: mos-st-gateway-web-public
tlsSecret: mos-tls
image:
imagePullSecretName: regcred
repository: 123123123.dkr.ecr.ap-east-1.amazonaws.com/mos-gateway-web-public
tag: latest
pullPolicy: IfNotPresent
kibana:
config:
elasticsearchUrl: http://mos-st-elasticsearch:9200
# dbmigrator sub-chart override
dbmigrator:
config:
connectionStrings:
identityService: "Server=mos-st-sqldb,1433;Database=MOS_Identity;User Id=sa;password=myPassw@rd"
administrationService: "Server=mos-st-sqldb,1433;Database=MOS_Administration;User Id=sa;password=myPassw@rd"
saasService: "Server=mos-st-sqldb,1433;Database=MOS_Saas;User Id=sa;password=myPassw@rd"
productService: "Server=mos-st-sqldb,1433;Database=MOS_ProductService;User Id=sa;password=myPassw@rd"
clientService: "Server=mos-st-sqldb,1433;Database=MOS_ClientService;User Id=sa;password=myPassw@rd"
notificationService: "Server=mos-st-sqldb,1433;Database=MOS_NotificationService;User Id=sa;password=myPassw@rd"
dotnetEnv: Staging
identityServerClients:
blazorServerRootUrl: https://mos-st-web/
publicWebRootUrl: https://mos-st-publicweb/
webGatewayRootUrl: https://mos-st-gateway-web/
publicWebGatewayRootUrl: https://mos-st-gateway-web-public/
identityServerResources:
accountServiceRootUrl: https://mos-st-authserver/
identityServiceRootUrl: https://mos-st-identity/
administrationServiceRootUrl: https://mos-st-administration/
saasServiceRootUrl: https://mos-st-saas/
productServiceRootUrl: https://mos-st-product/
clientServiceRootUrl: https://mos-st-client/
notificationServiceRootUrl: https://mos-st-notification/
image:
imagePullSecretName: regcred
repository: 123123123.dkr.ecr.ap-east-1.amazonaws.com/mos-db-migrator
tag: latest
pullPolicy: IfNotPresent
# Public Web application sub-chart override
publicweb:
config:
selfUrl: https://mos-st-publicweb
gatewayUrl: http://mos-st-gateway-web-public
authServer:
authority: http://mos-st-authserver
requireHttpsMetadata: "false"
dotnetEnv: Staging
redisHost: mos-st-redis
rabbitmqHost: mos-st-rabbitmq
elasticsearchUrl: http://mos-st-elasticsearch
ingress:
host: mos-st-publicweb
tlsSecret: mos-tls
image:
imagePullSecretName: regcred
repository: 123123123.dkr.ecr.ap-east-1.amazonaws.com/mos-app-publicweb
tag: latest
pullPolicy: IfNotPresent
# Web(Blazor-Server) backoffice application sub-chart override
web:
config:
selfUrl: https://mos-st-web
gatewayUrl: http://mos-st-gateway-web
authServer:
authority: http://mos-st-authserver
requireHttpsMetadata: "false"
dotnetEnv: Staging
redisHost: mos-st-redis
rabbitmqHost: mos-st-rabbitmq
elasticsearchUrl: http://mos-st-elasticsearch
ingress:
host: mos-st-web
tlsSecret: mos-tls
image:
imagePullSecretName: regcred
repository: 123123123.dkr.ecr.ap-east-1.amazonaws.com/mos-app-blazor-server
tag: latest
pullPolicy: IfNotPresent
# Default values for MOS.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
replicaCount: 1
image:
repository: nginx
pullPolicy: IfNotPresent
# Overrides the image tag whose default is the chart appVersion.
tag: ""
imagePullSecrets: []
nameOverride: ""
fullnameOverride: ""
serviceAccount:
# Specifies whether a service account should be created
create: true
# Annotations to add to the service account
annotations: {}
# The name of the service account to use.
# If not set and create is true, a name is generated using the fullname template
name: ""
podAnnotations: {}
podSecurityContext: {}
# fsGroup: 2000
securityContext: {}
# capabilities:
# drop:
# - ALL
# readOnlyRootFilesystem: true
# runAsNonRoot: true
# runAsUser: 1000
service:
type: ClusterIP
port: 80
ingress:
enabled: false
className: ""
annotations: {}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
hosts:
- host: chart-example.local
paths:
- path: /
pathType: ImplementationSpecific
tls: []
# - secretName: chart-example-tls
# hosts:
# - chart-example.local
resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
autoscaling:
enabled: false
minReplicas: 1
maxReplicas: 100
targetCPUUtilizationPercentage: 80
# targetMemoryUtilizationPercentage: 80
nodeSelector: {}
tolerations: []
affinity: {}