Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fresh 7.42.0 install gets 500 error accessing dashboard #21073

Closed
jlhawkins-stuff opened this issue Jan 26, 2022 · 4 comments
Closed

Fresh 7.42.0 install gets 500 error accessing dashboard #21073

jlhawkins-stuff opened this issue Jan 26, 2022 · 4 comments
Labels
area/che-server area/dashboard kind/bug Outline of a bug - must adhere to the bug report template. severity/P1 Has a major impact to usage or development of the system.

Comments

@jlhawkins-stuff
Copy link

Describe the bug

After a fresh install of Che 7.42.0 on Kubernetes using gitlab as OIDC.

Che version

7.42@latest

Steps to reproduce

chectl server:deploy \
--version=7.42.0 \
--installer=operator \
--domain=che.example.com \
--debug \
--platform=k8s \
--telemetry=off \
--skip-oidc-provider-check

configure application on gitlab (cloud SASS version)
image

Navigate to https://che.example.com

image

Chrome console output:

vendor.4d6676860c4e32431af3.js:81 GET https://che.example.com/api/keycloak/settings 500
(anonymous) @ vendor.4d6676860c4e32431af3.js:81
e.exports @ vendor.4d6676860c4e32431af3.js:81
e.exports @ vendor.4d6676860c4e32431af3.js:129
p.request @ vendor.4d6676860c4e32431af3.js:129
r.forEach.p.<computed> @ vendor.4d6676860c4e32431af3.js:129
(anonymous) @ vendor.4d6676860c4e32431af3.js:81
fetchSettings @ client.0980100cbb7f90880afd.js:1
doInitialization @ client.0980100cbb7f90880afd.js:1
start @ client.0980100cbb7f90880afd.js:1
(anonymous) @ client.0980100cbb7f90880afd.js:1
3732 @ client.0980100cbb7f90880afd.js:1
o @ client.0980100cbb7f90880afd.js:1
a @ client.0980100cbb7f90880afd.js:1
(anonymous) @ client.0980100cbb7f90880afd.js:1
(anonymous) @ client.0980100cbb7f90880afd.js:1
client.0980100cbb7f90880afd.js:1 Keycloak initialization failed. Error: Cannot get Keycloak settings: "500 " returned by "/api/keycloak/settings".
    at fetchSettings (client.0980100cbb7f90880afd.js:1:5177)
    at async f.doInitialization (client.0980100cbb7f90880afd.js:1:4187)
    at async f.start (client.0980100cbb7f90880afd.js:1:3842)
    at async client.0980100cbb7f90880afd.js:1:113161
doInitialization @ client.0980100cbb7f90880afd.js:1
await in doInitialization (async)
start @ client.0980100cbb7f90880afd.js:1
(anonymous) @ client.0980100cbb7f90880afd.js:1
3732 @ client.0980100cbb7f90880afd.js:1
o @ client.0980100cbb7f90880afd.js:1
a @ client.0980100cbb7f90880afd.js:1
(anonymous) @ client.0980100cbb7f90880afd.js:1
(anonymous) @ client.0980100cbb7f90880afd.js:1
vendor.4d6676860c4e32431af3.js:81 GET https://che.example.com/api/user 500
(anonymous) @ vendor.4d6676860c4e32431af3.js:81
e.exports @ vendor.4d6676860c4e32431af3.js:81
e.exports @ vendor.4d6676860c4e32431af3.js:129
p.request @ vendor.4d6676860c4e32431af3.js:129
r.forEach.p.<computed> @ vendor.4d6676860c4e32431af3.js:129
(anonymous) @ vendor.4d6676860c4e32431af3.js:81
testApiAttainability @ client.0980100cbb7f90880afd.js:1
start @ client.0980100cbb7f90880afd.js:1
await in start (async)
(anonymous) @ client.0980100cbb7f90880afd.js:1
3732 @ client.0980100cbb7f90880afd.js:1
o @ client.0980100cbb7f90880afd.js:1
a @ client.0980100cbb7f90880afd.js:1
(anonymous) @ client.0980100cbb7f90880afd.js:1
(anonymous) @ client.0980100cbb7f90880afd.js:1
client.0980100cbb7f90880afd.js:1 Keycloak initialization failed.  Error: Failed to get response to API endpoint: 
Error: Request to "/api/user" failed:Error: Request failed with status code 500
    at f.start (client.0980100cbb7f90880afd.js:1:4048)
    at async client.0980100cbb7f90880afd.js:1:113161
(anonymous) @ client.0980100cbb7f90880afd.js:1
await in (anonymous) (async)
3732 @ client.0980100cbb7f90880afd.js:1
o @ client.0980100cbb7f90880afd.js:1
a @ client.0980100cbb7f90880afd.js:1
(anonymous) @ client.0980100cbb7f90880afd.js:1
(anonymous) @ client.0980100cbb7f90880afd.js:1
vendor.4d6676860c4e32431af3.js:55 OPTIONS https://che.example.com/api/ 500
(anonymous) @ vendor.4d6676860c4e32431af3.js:55
e.exports @ vendor.4d6676860c4e32431af3.js:55
e.exports @ vendor.4d6676860c4e32431af3.js:66
Promise.then (async)
s.request @ vendor.4d6676860c4e32431af3.js:66
(anonymous) @ vendor.4d6676860c4e32431af3.js:55
e.getApiInfo @ vendor.4d6676860c4e32431af3.js:66
(anonymous) @ vendor.4d6676860c4e32431af3.js:55
e.getApiInfo @ vendor.4d6676860c4e32431af3.js:55
(anonymous) @ client.0980100cbb7f90880afd.js:1
(anonymous) @ client.0980100cbb7f90880afd.js:1
await in (anonymous) (async)
fetchBranding @ client.0980100cbb7f90880afd.js:1
init @ client.0980100cbb7f90880afd.js:1
(anonymous) @ client.0980100cbb7f90880afd.js:1
await in (anonymous) (async)
3732 @ client.0980100cbb7f90880afd.js:1
o @ client.0980100cbb7f90880afd.js:1
a @ client.0980100cbb7f90880afd.js:1
(anonymous) @ client.0980100cbb7f90880afd.js:1
(anonymous) @ client.0980100cbb7f90880afd.js:1
vendor.4d6676860c4e32431af3.js:66 WebSocket connection to 'wss://che.example.com/api/websocket?token=' failed: 
e.exports.w3cwebsocket @ vendor.4d6676860c4e32431af3.js:66
e.connect @ vendor.4d6676860c4e32431af3.js:66
e.connect @ vendor.4d6676860c4e32431af3.js:66
(anonymous) @ vendor.4d6676860c4e32431af3.js:55
client.0980100cbb7f90880afd.js:1 UD: preload data failed. undefined
(anonymous) @ client.0980100cbb7f90880afd.js:1
await in (anonymous) (async)
3732 @ client.0980100cbb7f90880afd.js:1
o @ client.0980100cbb7f90880afd.js:1
a @ client.0980100cbb7f90880afd.js:1
(anonymous) @ client.0980100cbb7f90880afd.js:1
(anonymous) @ client.0980100cbb7f90880afd.js:1
vendor.4d6676860c4e32431af3.js:55 WebSocket connection is closed.
e.onConnectionClose @ vendor.4d6676860c4e32431af3.js:55
(anonymous) @ vendor.4d6676860c4e32431af3.js:55
(anonymous) @ vendor.4d6676860c4e32431af3.js:66
websocketStream.onclose @ vendor.4d6676860c4e32431af3.js:66

Expected behavior

Access to che dashboard

Runtime

Kubernetes (vanilla)

Screenshots

No response

Installation method

chectl/latest

Environment

other (please specify in additional context)

Eclipse Che Logs

checluster CR

apiVersion: v1
items:
- apiVersion: org.eclipse.che/v1
  kind: CheCluster
  metadata:
    annotations:
      che.eclipse.org/cheClusterV2alpha1Spec: |
        enabled: true
        gateway:
          enabled: true
          image: quay.io/eclipse/che--traefik:v2.5.0-eb30f9f09a65cee1fab5ef9c64cb4ec91b800dc3fdd738d62a9d4334f0114683
        k8s: {}
        workspaceDomainEndpoints:
          baseDomain: che.example.com
          tlsSecretName: che-tls
    creationTimestamp: "2022-01-25T22:15:41Z"
    finalizers:
    - checluster.che.eclipse.org
    - cheGateway.clusterpermissions.finalizers.che.eclipse.org
    - cheWorkspaces.clusterpermissions.finalizers.che.eclipse.org
    - namespaces-editor.permissions.finalizers.che.eclipse.org
    - devWorkspace.permissions.finalizers.che.eclipse.org
    - dashboard.clusterpermissions.finalizers.che.eclipse.org
    generation: 25
    name: eclipse-che
    namespace: eclipse-che
    resourceVersion: "27647677"
    uid: 16b6485e-c6e2-4910-b49f-452e85a6e3ba
  spec:
    auth:
      externalIdentityProvider: true
      identityProviderContainerResources:
        limits: {}
        request: {}
      identityProviderIngress: {}
      identityProviderPostgresSecret: che-identity-postgres-secret
      identityProviderRoute: {}
      identityProviderSecret: che-identity-secret
      identityProviderURL: https://gitlab.com
      nativeUserMode: true
      oAuthClientName: a75ef8317f5d00d64350b25f6d8915a47a05830efb474dee21957ce25aa717ed
      oAuthSecret: somekeyvalue
      updateAdminPassword: true
    database:
      chePostgresContainerResources:
        limits: {}
        request: {}
      chePostgresDb: dbche
      chePostgresHostName: postgres
      chePostgresPort: "5432"
      chePostgresSecret: che-postgres-secret
      externalDb: false
      postgresVersion: "13.3"
    devWorkspace:
      enable: true
    imagePuller:
      enable: false
      spec: {}
    k8s:
      ingressDomain: che.example.com
      tlsSecretName: che-example-tls
    metrics:
      enable: true
    server:
      allowUserDefinedWorkspaceNamespaces: false
      cheDebug: "true"
      cheFlavor: che
      cheHost: che.example.com
      cheHostTLSSecret: che-example-tls
      cheLogLevel: INFO
      cheServerIngress: {}
      cheServerRoute: {}
      customCheProperties:
        CHE_CORS_ALLOW__CREDENTIALS: "true"
        CHE_LIMITS_USER_WORKSPACES_RUN_COUNT: "-1"
        CHE_LIMITS_WORKSPACE_IDLE_TIMEOUT: "-1"
        CHE_WORKSPACE_DEFAULT__CPU__LIMIT__CORES: "-1"
        CHE_WORKSPACE_DEFAULT__CPU__REQUEST__CORES: "-1"
        CHE_WORKSPACE_DEFAULT__MEMORY__LIMIT__MB: "-1"
        CHE_WORKSPACE_DEFAULT__MEMORY__REQUEST__MB: "-1"
        CHE_WORKSPACE_PROJECTS_STORAGE_DEFAULT_SIZE: 5Gi
        CHE_WORKSPACE_SIDECAR_DEFAULT__CPU__LIMIT__CORES: "-1"
        CHE_WORKSPACE_SIDECAR_DEFAULT__CPU__REQUEST__CORES: "-1"
        CHE_WORKSPACE_SIDECAR_DEFAULT__MEMORY__LIMIT__MB: "-1"
        CHE_WORKSPACE_SIDECAR_DEFAULT__MEMORY__REQUEST__MB: "-1"
      dashboardIngress: {}
      dashboardRoute: {}
      devfileRegistryIngress: {}
      devfileRegistryRoute: {}
      externalDevfileRegistry: false
      externalPluginRegistry: false
      gitSelfSignedCert: false
      pluginRegistryIngress: {}
      pluginRegistryRoute: {}
      selfSignedCert: true
      serverExposureStrategy: single-host
      singleHostGatewayImage: quay.io/eclipse/che--traefik:v2.5.0-eb30f9f09a65cee1fab5ef9c64cb4ec91b800dc3fdd738d62a9d4334f0114683
      tlsSupport: true
      useInternalClusterSVCNames: false
      workspaceNamespaceDefault: <username>-che
    storage:
      preCreateSubPaths: true
      pvcClaimSize: 10Gi
      pvcStrategy: common
  status:
    cheClusterRunning: Available
    cheURL: https://che.example.com
    cheVersion: 7.42.0
    dbProvisioned: true
    devfileRegistryURL: https://che.example.com/devfile-registry
    devworkspaceStatus:
      gatewayHost: che.example.com
      gatewayPhase: Established
      phase: Active
      workspaceBaseDomain: che.example.com
    gitHubOAuthProvisioned: false
    keycloakProvisioned: false
    keycloakURL: https://gitlab.com
    openShiftoAuthProvisioned: false
    pluginRegistryURL: https://che.example.com/plugin-registry/v3
kind: List
metadata:
  resourceVersion: ""
  selfLink: ""

Additional context

Environment is a combination of Windows 10 for gui and browser. Ubuntu running kubectl and chectl to manage kubernetes.
@jlhawkins-stuff jlhawkins-stuff added the kind/bug Outline of a bug - must adhere to the bug report template. label Jan 26, 2022
@che-bot che-bot added the status/need-triage An issue that needs to be prioritized by the curator responsible for the triage. See https://github. label Jan 26, 2022
@l0rd
Copy link
Contributor

l0rd commented Jan 26, 2022

@skabashnyuk do we support Gitlab SAAS or only on prem?

@l0rd l0rd added area/che-server area/dashboard severity/P1 Has a major impact to usage or development of the system. and removed status/need-triage An issue that needs to be prioritized by the curator responsible for the triage. See https://github. labels Jan 26, 2022
@skabashnyuk
Copy link
Contributor

only on-prem for sure. We didn't test SAAS.

@jlhawkins-stuff
Copy link
Author

Setup an app with auth0.com as a single page app and instead of 500 error. I just get a blank white webpage.
https://che.example.com/dashboard/#/create-workspace?tab=quick-add

Probably a different issue so closing.

@nils-mosbach
Copy link

Have you checked if oidc claim is the same on kube-api-proxy and che-server? That's what caused the issue in our case.
Kubernetes uses sub, Che server uses name by default. Please note that Che persists user information in the Database. That's what tricked me.

See here: #21049 (comment)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/che-server area/dashboard kind/bug Outline of a bug - must adhere to the bug report template. severity/P1 Has a major impact to usage or development of the system.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@l0rd @skabashnyuk @nils-mosbach @jlhawkins-stuff @che-bot