I finally found my quirks. I needed to set the contextPath of Operate to /operate if that’s what I use for the combined ingress path.
operate:
contextPath: "/operate"
resources:
requests:
cpu: "300m" # Reduce CPU requests for Integration environment by 50 %
service:
annotations:
cloud.google.com/neg: '{"ingress": true}' # Creates a NEG after an Ingress is created
beta.cloud.google.com/backend-config: '{"default": "camunda-operate-backendconfig"}' # Attach the backend config to the service
readinessGates:
- conditionType: "cloud.google.com/load-balancer-neg-ready" # GKE native ingress needs this gate for LB
I somehow thought Operate (or the other webapps) would ignore the first ignress /operate route - that’s because I had to use /operate/operate to actually get to the login which led me to the impression that this is somehow how it works.
In hindsight, it’s obvious … but it’s kind of confusing sometimes to get off the beaten path with Camunda’s default ingress as I have to use GCP ingress that’s configured quite differently.
Well, for anyone that might come after me: if you set contexPath, be aware that this path will then also be applied to the 9600 health check endpoint, so you have to update your GCP health checks to /[yourContextPath]/actuator/health/… so they won’t stop working.