KeyCloak服务可以使用K8S中的入口重写目标规则来使用?
我的任务是在K8中的某些服务之间创建入学规则,其中之一是KeyCloak。我尝试为此写规则:
my-service.my-url.com/keycloak
my intress.yaml:
kind: Ingress
metadata:
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /$2
name: my-ing
namespace: my-ns
spec:
rules:
- host: my-service.my-url.com
http:
paths:
#to keycloak
- path: /keycloak(/|$)(.*)
pathType: Prefix
backend:
service:
name: keycloak
port:
number: 8090
# all other url
- path: /
pathType: Prefix
backend:
service:
name: my-main-service
port:
number: 8080
但是KeyCloak Service用/auth 将我的URL重写为
my-service.my-url.com/auth
...之后,我的入口规则将URL发送到主服务返回错误的主服务!
如果使用 /auth的更改规则为...
#to keycloak
- path: /auth(/|$)(.*)
pathType: Prefix
backend:
service:
name: keycloak
port:
number: 8090
# all other url
- path: /
pathType: Prefix
backend:
service:
name: my-main-service
port:
number: 8080
我将采取反复错误:Ingress删除“ /auth”,keyCloak再次添加它,intress删除等等...
是否可以解决此任务的任何方法? 我检查了此规则:
rules:
- host: my-service.my-url.com
http:
******
- host: my-keycloak.my-url.com
http:
******
...这是工作,但不是为了我的情况。
另外,我尝试更改KeyCloak领域中的前URL设置: 更改keycloak设置,
但它创建了其他问题:
现在我对这个问题不了解...!
有人可以帮我吗?
谢谢。
My task is to create ingress rules between some services in k8s, one of this - keycloak. I try to write rule for it as:
my-service.my-url.com/keycloak
My ingress.yaml:
kind: Ingress
metadata:
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /$2
name: my-ing
namespace: my-ns
spec:
rules:
- host: my-service.my-url.com
http:
paths:
#to keycloak
- path: /keycloak(/|$)(.*)
pathType: Prefix
backend:
service:
name: keycloak
port:
number: 8090
# all other url
- path: /
pathType: Prefix
backend:
service:
name: my-main-service
port:
number: 8080
But keycloak service rewrite my url with /auth as
my-service.my-url.com/auth
... and after this my ingress rules send url to main service that return error!
If change rules with /auth as...
#to keycloak
- path: /auth(/|$)(.*)
pathType: Prefix
backend:
service:
name: keycloak
port:
number: 8090
# all other url
- path: /
pathType: Prefix
backend:
service:
name: my-main-service
port:
number: 8080
i will take recurse error: ingress remove "/auth", keycloak add it again, ingress remove and etc...
Is the any way to resolve this task?
I check this rule:
rules:
- host: my-service.my-url.com
http:
******
- host: my-keycloak.my-url.com
http:
******
... it's work, but not for my situation.
Also i try to change Front url setup in keycloak realm:
change keycloak setup
but it create other problem:
And now i have no idea about this problem...!
Can someone help me with this?
Thanks.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论