Hey,
we currently try to deploy a dummy model with the Modeler on a Camunda Platform 8.2.6, secured by Camunda Identity. The Zeebe Gateway is available on localhost:26500
with a Port Forward from Kubernetes (port 26500). Keycloak is available via an Ingress on https://camunda-keycloak-<redacted>
We can also receive the realm information on https://camunda-keycloak-<redacted>/realms/camunda-platform
successfully.
Unfortunately, we keep getting “Unknown error. Please check Zeebe cluster status”.
In the logs of the Modeler we found the following:
ERROR app:zeebe-api Failed to connect with config (secrets omitted): {
endpoint: {
type: 'oauth',
url: 'http://localhost:26500',
clientId: 'localmodellerconnection',
oauthURL: 'https://camunda-keycloak-<redacted>/realms/camunda-platform'
}
} HTTPError: Response code 405 (Method Not Allowed)
at Request.<anonymous> (<redacted>\camunda_modeler\resources\app.asar\node_modules\got\dist\source\as-promise\index.js:118:42)
at process.processTicksAndRejections (node:internal/process/task_queues:96:5) {
code: 'ERR_NON_2XX_3XX_RESPONSE',
timings: {
start: 1686302149447,
socket: 1686302149448,
lookup: 1686302149488,
connect: 1686302149509,
secureConnect: 1686302149557,
upload: 1686302149557,
response: 1686302149579,
end: 1686302149579,
error: undefined,
abort: undefined,
phases: {
wait: 1,
dns: 40,
tcp: 21,
tls: 48,
request: 0,
firstByte: 22,
download: 0,
total: 132
}
}
}
Error in Modeler UI:
Application API access:
Application:
It seems like the error 405 (Method not allowed) comes from Keycloak. Do you have any idea how to fix this?
Kind regards, Florian
I enabled the debugging flags in the lastest modeler version 5.12.0:
2023-06-14T14:42:31.900Z oauth Requesting token from token endpoint...
ERROR app:zeebe-api Failed to connect with config (secrets omitted): {
endpoint: {
type: 'oauth',
url: 'http://localhost:26500',
clientId: 'localmodellerconnection',
oauthURL: '<redacted>/realms/camunda-platform'
}
} HTTPError: Response code 405 (Method Not Allowed)
at Request.<anonymous> (<redacted>\camunda_modeler\resources\app.asar\node_modules\got\dist\source\as-pr`
omise\index.js:118:42)
at process.processTicksAndRejections (node:internal/process/task_queues:96:5) {
code: 'ERR_NON_2XX_3XX_RESPONSE',
timings: {
start: 1686753751906,
socket: 1686753751906,
lookup: 1686753751907,
connect: 1686753751918,
secureConnect: 1686753751930,
upload: 1686753751930,
response: 1686753751944,
end: 1686753751944,
error: undefined,
abort: undefined,
phases: {
wait: 0,
dns: 1,
tcp: 11,
tls: 12,
request: 0,
firstByte: 14,
download: 0,
total: 38
}
}
}
It seems like a call to Keycloak is failing with the 405. The connection to Zeebe itself seems to be working:
D 2023-06-14T14:42:02.704Z | subchannel_refcount | (11) 127.0.0.1:26500 refcount 0 -> 1
D 2023-06-14T14:42:02.704Z | subchannel_refcount | (10) ::1:26500 refcount 1 -> 2
D 2023-06-14T14:42:02.704Z | subchannel_refcount | (11) 127.0.0.1:26500 refcount 1 -> 2
D 2023-06-14T14:42:02.704Z | pick_first | Start connecting to subchannel with address ::1:26500
D 2023-06-14T14:42:02.704Z | pick_first | IDLE -> CONNECTING
D 2023-06-14T14:42:02.704Z | resolving_load_balancer | dns:localhost:26500 CONNECTING -> CONNECTING
D 2023-06-14T14:42:02.704Z | connectivity_state | (9) dns:localhost:26500 CONNECTING -> CONNECTING
D 2023-06-14T14:42:02.705Z | subchannel | (10) ::1:26500 IDLE -> CONNECTING
D 2023-06-14T14:42:02.705Z | pick_first | CONNECTING -> CONNECTING
D 2023-06-14T14:42:02.705Z | resolving_load_balancer | dns:localhost:26500 CONNECTING -> CONNECTING
D 2023-06-14T14:42:02.705Z | connectivity_state | (9) dns:localhost:26500 CONNECTING -> CONNECTING
D 2023-06-14T14:42:02.706Z | subchannel | (10) ::1:26500 CONNECTING -> READY
D 2023-06-14T14:42:02.706Z | pick_first | Pick subchannel with address ::1:26500
D 2023-06-14T14:42:02.706Z | pick_first | CONNECTING -> READY
D 2023-06-14T14:42:02.706Z | resolving_load_balancer | dns:localhost:26500 CONNECTING -> READY
D 2023-06-14T14:42:02.706Z | connectivity_state | (9) dns:localhost:26500 CONNECTING -> READY
D 2023-06-14T14:42:02.706Z | subchannel_refcount | (10) ::1:26500 refcount 2 -> 3
D 2023-06-14T14:42:02.706Z | subchannel_refcount | (10) ::1:26500 refcount 3 -> 2
D 2023-06-14T14:42:02.706Z | subchannel_refcount | (11) 127.0.0.1:26500 refcount 2 -> 1
Hello @floricdev ,
please try appending the actual token endpoint to the oauthurl:
realms/camunda-platform/protocol/openid-connect/token
I hope this helps
Jonathan
Thanks a lot. This worked perfectly.
I think it would really help to add this to your documentation .
Thanks a lot.
Kind regards, Florian
Thanks Jonatha,
to be honest, I completely missed this part with the interceptor. But this value should help.
1 Like
system
Closed
July 4, 2023, 11:50am
7
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.