Getting error after deploying camunda Identity component in kubernetes cluster using helm chart and configured identity with existing keycloak which is running in same k8s cluster.
The logs for the identity pod shows as
root@k8s helm]# kubectl logs camunda-platform-identity-6fc8bbcd66-nq52s
Standard Commons Logging discovery in action with spring-jcl: please remove commons-logging.jar from classpath in order to avoid potential conflicts
SLF4J(W): Class path contains multiple SLF4J providers.
SLF4J(W): Found provider [ch.qos.logback.classic.spi.LogbackServiceProvider@7d9d1a19]
SLF4J(W): Found provider [org.apache.logging.slf4j.SLF4JServiceProvider@39c0f4a]
SLF4J(W): See https://www.slf4j.org/codes.html#multiple_bindings for an explanation.
SLF4J(I): Actual provider is of type [ch.qos.logback.classic.spi.LogbackServiceProvider@7d9d1a19]
. ____ _ __ _ _
/\\ / ___'_ __ _ _(_)_ __ __ _ \ \ \ \
( ( )\___ | '_ | '_| | '_ \/ _` | \ \ \ \
\\/ ___)| |_)| | | | | || (_| | ) ) ) )
' |____| .__|_| |_|_| |_\__, | / / / /
=========|_|==============|___/=/_/_/_/
:: Spring Boot :: (v3.1.9)
2024-04-10T10:00:02.437Z INFO 1 --- [ main] io.camunda.identity.Application : Starting Application using Java 17.0.10 with PID 1 (/app/identity.jar started by camunda in /app)
2024-04-10T10:00:02.500Z INFO 1 --- [ main] io.camunda.identity.Application : The following 1 profile is active: "keycloak"
2024-04-10T10:00:26.850Z INFO 1 --- [ main] trationDelegate$BeanPostProcessorChecker : Bean 'globalMethodSecurityConfig' of type [io.camunda.identity.security.config.GlobalMethodSecurityConfig$$SpringCGLIB$$0] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
2024-04-10T10:00:31.015Z INFO 1 --- [ main] o.s.b.w.embedded.tomcat.TomcatWebServer : Tomcat initialized with port(s): 8080 (http)
2024-04-10T10:00:31.098Z INFO 1 --- [ main] o.apache.catalina.core.StandardService : Starting service [Tomcat]
2024-04-10T10:00:31.098Z INFO 1 --- [ main] o.apache.catalina.core.StandardEngine : Starting Servlet engine: [Apache Tomcat/10.1.19]
2024-04-10T10:00:32.224Z INFO 1 --- [ main] o.a.c.c.C.[Tomcat].[localhost].[/] : Initializing Spring embedded WebApplicationContext
2024-04-10T10:00:32.231Z INFO 1 --- [ main] w.s.c.ServletWebServerApplicationContext : Root WebApplicationContext: initialization completed in 28886 ms
Standard Commons Logging discovery in action with spring-jcl: please remove commons-logging.jar from classpath in order to avoid potential conflicts
2024-04-10T10:00:33.934Z WARN 1 --- [ main] ocalVariableTableParameterNameDiscoverer : Using deprecated '-debug' fallback for parameter name resolution. Compile the affected code with '-parameters' instead or avoid its introspection: io.camunda.identity.config.IdentityCommon
2024-04-10T10:00:35.499Z WARN 1 --- [ main] ocalVariableTableParameterNameDiscoverer : Using deprecated '-debug' fallback for parameter name resolution. Compile the affected code with '-parameters' instead or avoid its introspection: io.camunda.identity.security.spring.filter.FilterExceptionHandler
2024-04-10T10:00:41.326Z WARN 1 --- [ main] ocalVariableTableParameterNameDiscoverer : Using deprecated '-debug' fallback for parameter name resolution. Compile the affected code with '-parameters' instead or avoid its introspection: io.camunda.identity.impl.keycloak.config.record.KeycloakClient
2024-04-10T10:00:49.803Z INFO 1 --- [ main] o.s.b.a.w.s.WelcomePageHandlerMapping : Adding welcome page: class path resource [static/index.html]
2024-04-10T10:00:52.744Z INFO 1 --- [ main] o.s.s.web.DefaultSecurityFilterChain : Will secure any request with [org.springframework.security.web.session.DisableEncodeUrlFilter@18371d89, org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter@4f3faa70, org.springframework.security.web.context.SecurityContextHolderFilter@330c1f61, org.springframework.security.web.header.HeaderWriterFilter@61bcbcce, org.springframework.web.filter.CorsFilter@4832f03b, io.camunda.identity.security.spring.filter.FilterExceptionHandler@76ddd61a, org.springframework.security.web.authentication.logout.LogoutFilter@49f40c00, io.camunda.identity.impl.sm.security.spring.filter.SmJwtFilter@270b6b5e, org.springframework.security.web.savedrequest.RequestCacheAwareFilter@15efda6c, org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@6056232d, org.springframework.security.web.authentication.AnonymousAuthenticationFilter@7af3874e, org.springframework.security.web.access.ExceptionTranslationFilter@4d68b571, org.springframework.security.web.access.intercept.AuthorizationFilter@5b275811]
2024-04-10T10:00:59.121Z INFO 1 --- [ main] o.s.b.w.embedded.tomcat.TomcatWebServer : Tomcat started on port(s): 8080 (http) with context path ''
2024-04-10T10:01:00.338Z INFO 1 --- [ main] o.s.b.w.embedded.tomcat.TomcatWebServer : Tomcat initialized with port(s): 8082 (http)
2024-04-10T10:01:00.343Z INFO 1 --- [ main] o.apache.catalina.core.StandardService : Starting service [Tomcat]
2024-04-10T10:01:00.343Z INFO 1 --- [ main] o.apache.catalina.core.StandardEngine : Starting Servlet engine: [Apache Tomcat/10.1.19]
2024-04-10T10:01:00.420Z INFO 1 --- [ main] o.a.c.c.C.[Tomcat-1].[localhost].[/] : Initializing Spring embedded WebApplicationContext
2024-04-10T10:01:00.421Z INFO 1 --- [ main] w.s.c.ServletWebServerApplicationContext : Root WebApplicationContext: initialization completed in 1191 ms
Standard Commons Logging discovery in action with spring-jcl: please remove commons-logging.jar from classpath in order to avoid potential conflicts
2024-04-10T10:01:01.007Z INFO 1 --- [ main] o.s.b.a.e.web.EndpointLinksResolver : Exposing 2 endpoint(s) beneath base path '/actuator'
2024-04-10T10:01:01.501Z INFO 1 --- [ main] o.s.b.w.embedded.tomcat.TomcatWebServer : Tomcat started on port(s): 8082 (http) with context path ''
2024-04-10T10:01:01.621Z INFO 1 --- [ main] io.camunda.identity.Application : Started Application in 66.8 seconds (process running for 75.652)
2024-04-10T10:01:05.404Z INFO 1 --- [nio-8082-exec-1] o.a.c.c.C.[Tomcat-1].[localhost].[/] : Initializing Spring DispatcherServlet 'dispatcherServletRegistration'
2024-04-10T10:01:05.418Z INFO 1 --- [nio-8082-exec-1] o.s.web.servlet.DispatcherServlet : Initializing Servlet 'dispatcherServletRegistration'
2024-04-10T10:01:05.420Z INFO 1 --- [nio-8082-exec-1] o.s.web.servlet.DispatcherServlet : Completed initialization in 2 ms
2024-04-10T10:01:13.018Z ERROR 1 --- [ main] .c.i.i.k.i.s.ClientInitializationService : Please supply a valid root url for Identity
2024-04-10T10:01:13.048Z INFO 1 --- [ main] o.apache.catalina.core.StandardService : Stopping service [Tomcat]
2024-04-10T10:01:13.096Z INFO 1 --- [ main] o.a.c.c.C.[Tomcat-1].[localhost].[/] : Destroying Spring FrameworkServlet 'dispatcherServletRegistration'
2024-04-10T10:01:13.296Z INFO 1 --- [ main] o.apache.catalina.core.StandardService : Stopping service [Tomcat]
[root@k8s helm]#
identity configuration with existing keycloak in value.yaml file:
global:
identity:
keycloak:
## @param global.identity.keycloak.url can be used incorporate with "identityKeycloak.enabled:
false" to use your own Keycloak instead of the one comes with Camunda Helm chart.
url:
protocol: "http"
host: "keycloak.default.svc.cluster.local"
port: "8081"
contextPath: "/"
auth:
adminUser: "admin"
existingSecret: "helm-keycloak-admin"
existingSecretKey: "admin-password"
## @extra global.identity.auth configuration, to configure identity authentication setup
auth:
enabled: true
issuer: ""
issuerBackendUrl: "http://192.168.102.150:30001/realms/camunda-platform"
tokenUrl: ""
jwksUrl: ""
type: "KEYCLOAK"
publicIssuerUrl: "http://192.168.102.150:30001/realms/camunda-platform"
identityKeycloak:
## @param identityKeycloak.enabled Enable Identity Keycloak Helm chart. It is used incorporate with
" global.identity.keycloak" to use your own Keycloak instead of the one comes with Camunda Helm
chart
enabled: false
kindly help me to overcome this issue