I am trying to deploy keycloak on google kubernetes engine and got it working using the ingress.class type nginx as follows
kubernetes.io/ingress.class: nginx
Full manifest can be found here https://github.com/vsomasvr/keycloak-gke/blob/master/keycloak-gke-ingress/ingress.yaml
But, my intent is to use ingress.class type "gce". For that I had changed the ingress annotations from the following
annotations:
ingress.kubernetes.io/ssl-redirect: "true"
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
to the following
kubernetes.io/ingress.allow-http: "false"
annotations: kubernetes.io/ingress.class: gce
After the above change, I consistently get a message indicating that the ingress has unhealthy backend (0/3). I wonder what other changes would "gce" require when "nginx" could run without any issues.
I ensured that its not a firewall issue as the ports that the app is using are allowed for all, I also have livenessProbe and readinessProbe setting in place.
Is there anything else that this configuration is missing?
I placed all the manifest files here https://github.com/vsomasvr/keycloak-gke/tree/master/keycloak-gke-ingress
Any help is appreciated
I had added the annotation
kubernetes.io/ingress.allow-http: "false"
to the nginx ingress, tested & ensured that it would not cause any conflict. The app worked without issues.
On the other end, the gce ingress has the same behavior even when I remove the above mentioned annotation
Your service seems to be configured to use HTTP traffic, which means the health checks for the Load Balancer will also use HTTP traffic (port 80) yet you are using an annotation that disables HTTP