K
Q

Keycloak gatekeeper HTTP 502 / timeout after 10 seconds

12/19/2019

I am using keycloak gatekeeper as a proxy connected to a keycloak instance to secure kibana. All tools run in a private kubernetes cluster. The keycloak gatekeeper was installed with the following helm chart https://github.com/mvitale1989/helm-keycloak-gatekeeper.

I noticed that by long running kibana queries (> 10 seconds) I get after exactly 10 seconds HTTP 502 bad gateway. I connected directly to kibana with "kubectl port-forward ...." and tested some long running queries and get timeouts after 30 seconds. That's why I think that the keycloak gatekeeper is responsible for the HTTP 502 code. I couldn't find anything in the logs from the keycloak gatekeeper instance.

Question: Is there a default timeout in keycloak gatekeeper for requests to upstream that last longer than 10 seconds? If yes, how can I change it to for example 30 seconds?

Thank you very much in advance!

-- Bate Stancho
keycloak-gatekeeper
kibana
kubernetes

Similar Questions

Failed to establish a new connection: [Errno 111] Connection refused'))
Deploying Istio Envoy filter gives 503 service unavailable
failed kubelet misconfiguration error for cgroup driver
Kubernetes clusters merge to minimize the clusters
Schedule docker image to execution on the cluster

2 Answers

1/9/2020

We had the same problem. The two variables that are important are:

server-write-timeout: 30s
upstream-response-header-timeout: 30s

The first one is the timeout for the complete response. The second one is the timeout for receiving the first response headers.

-- Keugels
Source: StackOverflow
1/6/2020

In the config of Keycloak gatekeeper, the default value for ServerReadTimeout is set to 10 secs, see:

You should be able to change this by setting server-read-timeout in your configuration file:

server-read-timeout: 30

-- Arnold Obdeijn
Source: StackOverflow