Thanks for providing the ingress controller configuration. The Helm chart works without problems.
Then, I tried to add other components, Keycloak, Identity, and Optimize.
When using version 8.3.0, no problem to run all pods. I used the following command.
helm install camunda-platform camunda/camunda-platform -f yaml/camunda-values.yaml --version 8.3.0
NAME READY STATUS RESTARTS AGE
camunda-pf-connectors-5b864ffc88-kwvxn 1/1 Running 1 (65m ago) 67m
camunda-pf-elasticsearch-master-0 1/1 Running 0 67m
camunda-pf-elasticsearch-master-1 1/1 Running 0 67m
camunda-pf-identity-69b46b5b7f-ps9nr 1/1 Running 0 56m
camunda-pf-keycloak-0 1/1 Running 0 67m
camunda-pf-operate-648b8d98c-25wb8 1/1 Running 1 (64m ago) 67m
camunda-pf-optimize-7cd888746-2g79t 1/1 Running 0 67m
camunda-pf-postgresql-0 1/1 Running 0 67m
camunda-pf-tasklist-85b86bbdd7-tl4bh 1/1 Running 0 67m
camunda-pf-zeebe-0 1/1 Running 0 67m
camunda-pf-zeebe-gateway-5444cbf778-4cdcn 1/1 Running 0 67m
However, there is one problem. Identity does not work. It’s console shows,
Failed to load resource: the server responded with a status of 404 ()
main.3583aa1b.js:1
Failed to load resource: the server responded with a status of 404 ()
identity/:1 Uncaught (in promise) DOMException: Failed to register a ServiceWorker for scope ('https://camunda.local/identity/') with script ('https://camunda.local/identity/serviceWorker.js?basePath=%2Fidentity'): An SSL certificate error occurred when fetching the script.
main.67df43a4.css:1
Failed to load resource: the server responded with a status of 404 ()
manifest.json:1
Failed to load resource: the server responded with a status of 404 ()
Then, I tried the latest version. This time some pods cannot become up and running.
helm install camunda-pf camunda/camunda-platform -f yaml/values-ingress-all.yaml -n camunda
k get po -n camunda
NAME READY STATUS RESTARTS AGE
camunda-pf-connectors-7d7cdd4f56-twfxf 0/1 Running 0 20m
camunda-pf-elasticsearch-master-0 1/1 Running 0 55m
camunda-pf-elasticsearch-master-1 1/1 Running 0 55m
camunda-pf-identity-86648f688b-cmskd 1/1 Running 0 55m
camunda-pf-keycloak-0 1/1 Running 0 55m
camunda-pf-operate-85fc6448df-frgsd 0/1 Running 2 (85s ago) 22m
camunda-pf-optimize-77659b5b74-mmb2p 0/1 Init:CrashLoopBackOff 7 (92s ago) 12m
camunda-pf-postgresql-0 1/1 Running 0 55m
camunda-pf-tasklist-55c49fb8f8-klj7t 0/1 Running 2 (42s ago) 21m
camunda-pf-zeebe-0 1/1 Running 0 55m
camunda-pf-zeebe-gateway-6b6b96d8d7-5sxfv 1/1 Running 0 55m
The following is the values.yaml file that I used. Could you please advise me the possible cause of the problem?
global:
ingress:
enabled: true
className: nginx
host: "camunda.local"
tls:
enabled: true
secretName: "tls-secret"
identity:
auth:
publicIssuerUrl: "https://camunda.local/auth/realms/camunda-platform"
operate:
redirectUrl: "https://camunda.local/operate"
tasklist:
redirectUrl: "https://camunda.local/tasklist"
optimize:
redirectUrl: "https://camunda.local/optimize"
identity:
contextPath: "/identity"
fullURL: "https://camunda.local/identity"
env:
- name: LOGGING_LEVEL_ROOT
value: "DEBUG"
keycloak:
logging:
level: "TRACE"
optimize:
contextPath: "/optimize"
resources:
limits:
cpu: 1
memory: 1Gi
requests:
cpu: 200m
memory: 256Mi
operate:
contextPath: "/operate"
resources:
limits:
cpu: 1
memory: 1Gi
requests:
cpu: 200m
memory: 256Mi
tasklist:
contextPath: "/tasklist"
resources:
limits:
cpu: 1
memory: 1Gi
requests:
cpu: 200m
memory: 256Mi
# Reduce resource usage for Zeebe and Zeebe-Gateway
zeebe:
clusterSize: 1
partitionCount: 1
replicationFactor: 1
pvcSize: 10Gi
resources: {}
initResources: {}
zeebe-gateway:
replicas: 1
ingress:
enabled: true
className: nginx
host: "zeebe.camunda.local"
tls:
enabled: true
secretName: "tls-secret-zeebe"
connectors:
enabled: true
resources:
limits:
cpu: 1
memory: 1Gi
requests:
cpu: 200m
memory: 256Mi
# Configure Elasticsearch to make it running for local development
elasticsearch:
resources: {}
initResources: {}
replicas: 1
minimumMasterNodes: 1
# Allow no backup for single node setups
clusterHealthCheckParams: "wait_for_status=yellow&timeout=1s"
# Request smaller persistent volumes.
volumeClaimTemplate:
accessModes: [ "ReadWriteOnce" ]
storageClassName: "standard"
resources:
requests:
storage: 15Gi
Hi @T-san - I don’t see anything obviously incorrect in your values file. The first set of errors is related to the certificate: perhaps your browser was blocking the resources because it didn’t trust the certificate. This happens with self-signed certificates sometimes.
For the issue with Optimize not starting, can you share what you see in the logs and in the events for that pod?
Nathan, all problems are solved. This time I used version 10.0.2. Then, no 404. I do know whether 10.0.2 solves this error or not.
As to the optimize error, I think it is caused by the storage shortage. I increased the size of the storage. F.Y.I., the following is my updated my values.yaml.
helm install camunda-pf camunda/camunda-platform -f yaml/values-ingress-all.yaml -n camunda --version 10.0.2
global:
ingress:
enabled: true
className: nginx
host: "camunda.local"
tls:
enabled: true
secretName: "tls-secret"
identity:
auth:
publicIssuerUrl: "https://camunda.local/auth/realms/camunda-platform"
operate:
redirectUrl: "https://camunda.local/operate"
tasklist:
redirectUrl: "https://camunda.local/tasklist"
optimize:
redirectUrl: "https://camunda.local/optimize"
identity:
contextPath: "/identity"
fullURL: "https://camunda.local/identity"
optimize:
contextPath: "/optimize"
resources:
limits:
cpu: 1
memory: 1Gi
requests:
cpu: 200m
memory: 256Mi
operate:
contextPath: "/operate"
resources:
limits:
cpu: 1
memory: 1Gi
requests:
cpu: 200m
memory: 256Mi
tasklist:
contextPath: "/tasklist"
resources:
limits:
cpu: 1
memory: 1Gi
requests:
cpu: 200m
memory: 256Mi
# Reduce resource usage for Zeebe and Zeebe-Gateway
zeebe:
clusterSize: 1
partitionCount: 1
replicationFactor: 1
pvcSize: 10Gi
zeebe-gateway:
replicas: 1
ingress:
enabled: true
className: nginx
host: "zeebe.camunda.local"
tls:
enabled: true
secretName: "tls-secret-zeebe"
connectors:
enabled: true
resources:
limits:
cpu: 1
memory: 1Gi
requests:
cpu: 200m
memory: 256Mi
# Configure Elasticsearch to make it running for local development
elasticsearch:
master:
replicaCount: 1
# Request smaller persistent volumes.
persistence:
size: 15Gi
Hello,
Will there be a part 3 with all the “What’s next”-aspects ?
I have some problems with my kubernetes setup with combined ingress.
Part 1 and 2 are pretty helpful, it would be great to have further instructions 
Hi @LexEgg - glad you found the first two helpful! I would love to write a part 3 in the near future. Do you have any suggestions for the topic?
Are you ingress issues related to your Rancher installation?
Good to hear that @nathan.loding !
I would love to see the cloud version of the combined ingress setup. Especially how to write and what needs to be mentioned in the values.yaml.
An Example for the settings (like Root URL, Valid Redirect URL and Home URL in the clients settings) you need to set in Keycloak would be also very helpful.
The Rancher installation and ingress controller are managed by the company I work for. So I wrote the values.yaml and updated it to my camunda helm chart. The specified url for Keycloak is working and I can connect to Keycloak. But operate and tasklist still get forwarded to a localhost:18080 and I get the errror that the connection is failed.
(Earlier I used port-forward and everything worked fine. I was able to connect to operate and tasklist)
@LexEgg - I’ll keep that idea in mind for a future blog! I will also make some time to take a look at your other forum topic regarding the ingress redirect.