Che: On AWS Che fails to connect to Keycloak at startup
Summary
Che pod failed to start with health check fail issue
Relevant information
โ Verify Kubernetes API...OK
โ ๐ Looking for an already existing Eclipse Che instance
โ Verify if Eclipse Che is deployed into namespace "che"...it is not
โ โ๏ธ Kubernetes preflight checklist
โ Verify if kubectl is installed
โ Verify remote kubernetes status...done.
โ Check Kubernetes version: Found v1.13.12-eks-eb1860.
โ Verify domain is set...set to aws.glu-ide.cloud.
โ Check if cluster accessible [skipped]
Eclipse Che logs will be available in '/var/folders/b_/knc25xx9159_h693ljnwb_mdd__nh8/T/chectl-logs/1590069382835'
โ Start following logs
โ Start following Operator logs...done
โ Start following Eclipse Che logs...done
โ Start following Postgres logs...done
โ Start following Keycloak logs...done
โ Start following Plugin registry logs...done
โ Start following Devfile registry logs...done
โ Start following events
โ Start following namespace events...done
โฏ ๐โ Running the Eclipse Che operator
โ Copying operator resources...done.
โ ๐โ Running the Eclipse Che operator
โ Copying operator resources...done.
โ Create Namespace (che)...It already exists.
โ Checking for pre-created TLS secret... "che-tls" secret found
โ Checking certificate
โ Create ServiceAccount che-operator in namespace che...done.
โ Create Role che-operator in namespace che...done.
โ Create ClusterRole che-operator...done.
โ Create RoleBinding che-operator in namespace che...done.
โ Create ClusterRoleBinding che-operator...done.
โ Create CRD checlusters.org.eclipse.che...done.
โ Waiting 5 seconds for the new Kubernetes resources to get flushed...done.
โ Create deployment che-operator in namespace che...done.
โ Create Eclipse Che cluster eclipse-che in namespace che...done.
โฏ โ
Post installation checklist
โ PostgreSQL pod bootstrap
โ scheduling...done.
โ downloading images...done.
โ starting...done.
โ Keycloak pod bootstrap
โ scheduling...done.
โ downloading images...done.
โ starting...done.
โ Devfile registry pod bootstrap
โ scheduling...done.
โ downloading images...done.
โ starting...done.
โ Plugin registry pod bootstrap
โ scheduling...done.
โ downloading images...done.
โ starting...done.
โฏ Eclipse Che pod bootstrap
โ scheduling...done.
โ downloading images...done.
โ starting
โ Error: connect ETIMEDOUT 3.213.183.138:443
Retrieving Eclipse Che server URL
Eclipse Che status check
โบ Error: Error: Error: connect ETIMEDOUT 3.213.183.138:443
โบ Installation failed, check logs in '/var/folders/b_/knc25xx9159_h693ljnwb_mdd__nh8/T/chectl-logs/1590069382835'
che.log
che-operator.log
che-devfile-registry.log
keycloak.log
che-plugin-registry.log
postgres.log
I see error: 37) Error injecting constructor, java.lang.RuntimeException: Exception while retrieving OpenId configuration from endpoint: https://keycloak-che.aws.my-ide.cloud/auth/realms/che/.well-known/openid-configuration
sushant08
All 10 comments
Is https://keycloak-che.aws.glu-ide.cloud/auth/realms/che/.well-known/openid-configuration available from the browser
tolusha
on 22 May 2020
kubectl get ingress -n che
tolusha
on 22 May 2020
Is
https://keycloak-che.aws.glu-ide.cloud/auth/realms/che/.well-known/openid-configurationavailable from the browser
Not this link is not accessible.
sushant08
on 22 May 2020
kubectl get ingress -n che
NAMESPACE NAME HOSTS ADDRESS PORTS AGE
che che che-che.aws.glu-ide.cloud ae4a1479b9c1f11eab9ad0a1732cc3dc-0236d7fffaea8bc8.elb.us-east-1.amazonaws.com 80, 443 84s
che devfile-registry devfile-registry-che.aws.glu-ide.cloud ae4a1479b9c1f11eab9ad0a1732cc3dc-0236d7fffaea8bc8.elb.us-east-1.amazonaws.com 80, 443 29s
che keycloak keycloak-che.aws.glu-ide.cloud ae4a1479b9c1f11eab9ad0a1732cc3dc-0236d7fffaea8bc8.elb.us-east-1.amazonaws.com 80, 443 84s
che plugin-registry plugin-registry-che.aws.glu-ide.cloud ae4a1479b9c1f11eab9ad0a1732cc3dc-0236d7fffaea8bc8.elb.us-east-1.amazonaws.com 80, 443 15s
sushant08
on 22 May 2020
I have the same issue when starting the Eclipse Che pod
> Eclipse Che pod bootstrap
โ scheduling...done.
โ downloading images...done.
ร starting
โ ERR_TIMEOUT: Timeout set to pod ready timeout 130000
Retrieving Eclipse Che server URL
Eclipse Che status check
Retrieving Keycloak admin credentials
Retrieving Che self-signed CA certificate
Show important messages
ยป Error: Error: ERR_TIMEOUT: Timeout set to pod ready timeout 130000
ยป Installation failed, check logs in
imo it started happening after i updated my chectl from 7.12.0 to 7.13.1. Before that i could start and stop the che server without any issues
how could i fix it?
erlansan
on 25 May 2020
@erlansan
pls, create a dedicated issue.
@sushant08
Have you used this doc?
https://www.eclipse.org/che/docs/che-7/deploying-che-on-kubernetes-on-aws/
tolusha
on 25 May 2020
@erlansan
pls, create a dedicated issue.@sushant08
Have you used this doc?
https://www.eclipse.org/che/docs/che-7/deploying-che-on-kubernetes-on-aws/
Mine issue has been resolved. Issue was was with ingress controller and domain. Thanks
sushant08
on 26 May 2020
Hi @sushant08
Thank you for reporting this issue. Can you please elaborate a little on the adjustment that was needed to make things work?
Thanks
RickJWagner
on 26 May 2020
Hi @sushant08
Thank you for reporting this issue. Can you please elaborate a little on the adjustment that was needed to make things work?
Thanks
All nodes in my ingress controller LB were unhealthy for that i had to change _externalTrafficPolicy_ to Cluster and i was trying with random domain name initially but to make it working i had to switch to domain i own.
sushant08
on 27 May 2020
Thank you, @sushant08.
RickJWagner
on 27 May 2020
Related issues
amisevsk
ยท
3Comments
sleshchenko
ยท
3Comments
luckymore0520
ยท
3Comments
l0rd
ยท
3Comments
skabashnyuk
ยท
3Comments
Most helpful comment
All nodes in my ingress controller LB were unhealthy for that i had to change _externalTrafficPolicy_ to Cluster and i was trying with random domain name initially but to make it working i had to switch to domain i own.