Problems with Certificates on Minikube Eclipse Che

[wbondarchuk]

Summary

I installed Eclipse Che using Minikube
chectl server:deploy --platform minikube --installer operator
Everything seemed to be good but when I click on the link I get error 503.
I received the certificate and added it to the browser using the command
chectl cacert:export —destination=/home/vladimir/Downloads
Eclipse Che self-signed CA certificate is exported to /home/vladimir/Downloads/cheCA.crt
What could be the problem and how to solve it?

Relevant information

No response

[dmytro-ndp]

Issue has been reproduced in https://github.com/eclipse-che/che-plugin-registry/actions/runs/1800124531:

• minikube v1.21.0 on rhel/alpine
• chectl 0.0.20220204-next.c1ecf46
• chectl 7.43.0
• Eclipse Che logs (rhel).zip
• Happy path test report (rhel).zip

chectl server:deploy command logs:

› Installer type is set to: 'operator'
[17:56:52] Verify Kubernetes API [started]
› Current Kubernetes context: 'minikube'
[17:56:52] Verify Kubernetes API...OK [title changed]
[17:56:52] Verify Kubernetes API...OK [completed]
[17:56:52] 👀  Looking for an already existing Eclipse Che instance [started]
[17:56:52] Verify if Eclipse Che is deployed into namespace "eclipse-che" [started]
[17:56:52] Verify if Eclipse Che is deployed into namespace "eclipse-che"...it is not [title changed]
[17:56:52] Verify if Eclipse Che is deployed into namespace "eclipse-che"...it is not [completed]
[17:56:52] 👀  Looking for an already existing Eclipse Che instance [completed]
[17:56:52] Check if OIDC Provider installed [started]
[17:56:52] Check if OIDC Provider installed [skipped]
[17:56:52] → Dex will be automatically installed as OIDC Identity Provider
[17:56:52] 🧪  DevWorkspace engine [started]
[17:56:52] Verify cert-manager installation [started]
[17:56:52] Check Cert Manager deployment [started]
[17:56:52] Check Cert Manager deployment...not deployed [title changed]
[17:56:52] Check Cert Manager deployment...not deployed [completed]
[17:56:52] Deploy Cert Manager [started]
[17:56:56] Deploy Cert Manager...done [title changed]
[17:56:56] Deploy Cert Manager...done [completed]
[17:56:56] Wait for Cert Manager [started]
[17:57:08] Wait for Cert Manager...ready [title changed]
[17:57:08] Wait for Cert Manager...ready [completed]
[17:57:08] Verify cert-manager installation [completed]
[17:57:08] 🧪  DevWorkspace engine [completed]
[17:57:08] ✈️  Minikube preflight checklist [started]
[17:57:08] Verify if kubectl is installed [started]
[17:57:08] Verify if kubectl is installed [completed]
[17:57:08] Verify if minikube is installed [started]
[17:57:08] Verify if minikube is installed [completed]
[17:57:08] Verify if minikube is running [started]
[17:57:09] Verify if minikube is running [completed]
[17:57:09] Start minikube [started]
[17:57:09] Start minikube [skipped]
[17:57:09] → Minikube is already running.
[17:57:09] Check Kubernetes version [started]
[17:57:09] Check Kubernetes version: Found v1.[20](https://github.com/eclipse-che/che-plugin-registry/runs/5079116473?check_suite_focus=true#step:11:20).7. [title changed]
[17:57:09] Check Kubernetes version: Found v1.20.7. [completed]
[17:57:09] Verify if minikube ingress addon is enabled [started]
[17:57:09] Verify if minikube ingress addon is enabled [completed]
[17:57:09] Enable minikube ingress addon [started]
[17:57:09] Enable minikube ingress addon [skipped]
[17:57:09] → Ingress addon is already enabled.
[17:57:09] Retrieving minikube IP and domain for ingress URLs [started]
[17:57:09] Retrieving minikube IP and domain for ingress URLs...192.168.49.2.nip.io. [title changed]
[17:57:09] Retrieving minikube IP and domain for ingress URLs...192.168.49.2.nip.io. [completed]
[17:57:09] Checking minikube version [started]
[17:57:09] Checking minikube version... 1.[21](https://github.com/eclipse-che/che-plugin-registry/runs/5079116473?check_suite_focus=true#step:11:21).0 [title changed]
[17:57:09] Checking minikube version... 1.21.0 [completed]
[17:57:09] Check if cluster accessible [started]
[17:57:09] Check if cluster accessible [skipped]
[17:57:09] ✈️  Minikube preflight checklist [completed]
[17:57:09] Following Eclipse Che logs [started]
[17:57:09] Start following Operator logs [started]
[17:57:09] Start following Operator logs...done [title changed]
[17:57:09] Start following Operator logs...done [completed]
[17:57:09] Start following Eclipse Che Server logs [started]
[17:57:09] Start following Eclipse Che Server logs...done [title changed]
[17:57:09] Start following Eclipse Che Server logs...done [completed]
[17:57:09] Start following PostgreSQL logs [started]
[17:57:09] Start following PostgreSQL logs...done [title changed]
[17:57:09] Start following PostgreSQL logs...done [completed]
[17:57:09] Start following Keycloak logs [started]
[17:57:09] Start following Keycloak logs...done [title changed]
[17:57:09] Start following Keycloak logs...done [completed]
[17:57:09] Start following Plug-in Registry logs [started]
[17:57:09] Start following Plug-in Registry logs...done [title changed]
[17:57:09] Start following Plug-in Registry logs...done [completed]
[17:57:09] Start following Devfile Registry logs [started]
[17:57:09] Start following Devfile Registry logs...done [title changed]
[17:57:09] Start following Devfile Registry logs...done [completed]
[17:57:09] Start following Eclipse Che Dashboard logs [started]
[17:57:09] Start following Eclipse Che Dashboard logs...done [title changed]
[17:57:09] Start following Eclipse Che Dashboard logs...done [completed]
[17:57:09] Start following namespace events [started]
[17:57:09] Start following namespace events...done [title changed]
[17:57:09] Start following namespace events...done [completed]
[17:57:09] Following Eclipse Che logs [completed]
[17:57:09] Create Namespace eclipse-che [started]
[17:57:09] Create Namespace eclipse-che...[OK] [title changed]
[17:57:09] Create Namespace eclipse-che...[OK] [completed]
[17:57:09] Deploy Dex [started]
[17:57:09] Create namespace: dex [started]
[17:57:09] Create namespace: dex...[OK] [title changed]
[17:57:09] Create namespace: dex...[OK] [completed]
[17:57:09] Provide Dex certificate [started]
[17:57:09] Check Cert Manager deployment [started]
[17:57:09] Check Cert Manager deployment...already deployed [title changed]
[17:57:09] Check Cert Manager deployment...already deployed [completed]
[17:57:09] Wait for Cert Manager [started]
[17:57:09] Wait for Cert Manager...ready [title changed]
[17:57:09] Wait for Cert Manager...ready [completed]
[17:57:09] Check Cert Manager CA certificate [started]
[17:57:09] Check Cert Manager CA certificate...generating new one [title changed]
[17:57:13] Check Cert Manager CA certificate...generating new one [completed]
[17:57:13] Set up Eclipse Che certificates issuer [started]
[17:57:13] Set up Eclipse Che certificates issuer...done [title changed]
[17:57:13] Set up Eclipse Che certificates issuer...done [completed]
[17:57:13] Request certificate for dnsNames: [dex.192.168.49.2.nip.io,*.dex.192.168.49.2.nip.io] [started]
[17:57:13] Request self-signed certificate [title changed]
[17:57:13] Request self-signed certificate...done [title changed]
[17:57:13] Request self-signed certificate...done [completed]
[17:57:13] Wait for certificate [started]
[17:57:13] Wait for self-signed certificate [title changed]
[17:57:14] Wait for self-signed certificate...ready [title changed]
[17:57:14] Wait for self-signed certificate...ready [completed]
[17:57:14] Read Dex certificate [started]
[17:57:14] Read Dex certificate...[OK] [title changed]
[17:57:14] Read Dex certificate...[OK] [completed]
[17:57:14] Save Dex certificate [started]
[17:57:14] Save Dex certificate...[OK: /tmp/dex-ca.crt] [title changed]
[17:57:14] Save Dex certificate...[OK: /tmp/dex-ca.crt] [completed]
[17:57:14] Add Dex certificate to Eclipse Che certificates bundle [started]
[17:57:14] Add Dex certificate to Eclipse Che certificates bundle...[OK] [title changed]
[17:57:14] Add Dex certificate to Eclipse Che certificates bundle...[OK] [completed]
[17:57:14] Provide Dex certificate [completed]
[17:57:14] Create Dex service account [started]
[17:57:14] Create Dex service account...[OK] [title changed]
[17:57:14] Create Dex service account...[OK] [completed]
[17:57:14] Create Dex cluster role [started]
[17:57:14] Create Dex cluster role...[OK] [title changed]
[17:57:14] Create Dex cluster role...[OK] [completed]
[17:57:14] Create Dex cluster role binding [started]
[17:57:14] Create Dex cluster role binding...[OK] [title changed]
[17:57:14] Create Dex cluster role binding...[OK] [completed]
[17:57:14] Create Dex service [started]
[17:57:14] Create Dex service...[OK] [title changed]
[17:57:14] Create Dex service...[OK] [completed]
[17:57:14] Create Dex ingress [started]
[17:57:14] Create Dex ingress...[OK] [title changed]
[17:57:14] Create Dex ingress...[OK] [completed]
[17:57:14] Generate Dex username and password [started]
[17:57:14] Generate Dex username and password...[OK: admin:admin] [title changed]
[17:57:14] Generate Dex username and password...[OK: admin:admin] [completed]
[17:57:14] Create Dex configmap [started]
[17:57:14] Create Dex configmap...[OK] [title changed]
[17:57:14] Create Dex configmap...[OK] [completed]
[17:57:14] Create Dex deployment [started]
[17:57:14] Create Dex deployment...[OK] [title changed]
[17:57:14] Create Dex deployment...[OK] [completed]
[17:57:14] Wait for Dex is ready [started]
[17:57:20] Wait for Dex is ready...[OK] [title changed]
[17:57:20] Wait for Dex is ready...[OK] [completed]
[17:57:20] Configure API server [started]
[17:57:20] Create /etc/ca-certificates directory [started]
[17:57:20] Create /etc/ca-certificates directory...[OK] [title changed]
[17:57:20] Create /etc/ca-certificates directory...[OK] [completed]
[17:57:20] Copy Dex certificate into Minikube [started]
[17:57:21] Copy Dex certificate into Minikube...[OK] [title changed]
[17:57:21] Copy Dex certificate into Minikube...[OK] [completed]
[17:57:21] Configure Minikube API server [started]
[17:57:47] Configure Minikube API server...[OK] [title changed]
[17:57:47] Configure Minikube API server...[OK] [completed]
[17:57:47] Wait for Minikube API server [started]
[17:58:17] Wait for Minikube API server...[OK] [title changed]
[17:58:17] Wait for Minikube API server...[OK] [completed]
[17:58:17] Configure API server [completed]
[17:58:17] Deploy Dex [completed]
[17:58:17] 🏃‍  Running the Eclipse Che operator [started]
[17:58:17] Create ServiceAccount che-operator in namespace eclipse-che [started]
[17:58:17] Create ServiceAccount che-operator in namespace eclipse-che...done. [title changed]
[17:58:17] Create ServiceAccount che-operator in namespace eclipse-che...done. [completed]
[17:58:17] Read Roles and Bindings [started]
[17:58:18] Read Roles and Bindings...done. [title changed]
[17:58:18] Read Roles and Bindings...done. [completed]
[17:58:18] Creating Roles and Bindings [started]
[17:58:18] Creating Roles and Bindings...done. [title changed]
[17:58:18] Creating Roles and Bindings...done. [completed]
[17:58:18] Create CRD checlusters.org.eclipse.che [started]
[17:58:18] Create CRD checlusters.org.eclipse.che...done. [title changed]
[17:58:18] Create CRD checlusters.org.eclipse.che...done. [completed]
[17:58:18] Waiting 5 seconds for the new Kubernetes resources to get flushed [started]
[17:58:[23](https://github.com/eclipse-che/che-plugin-registry/runs/5079116473?check_suite_focus=true#step:11:23)] Waiting 5 seconds for the new Kubernetes resources to get flushed...done. [title changed]
[17:58:23] Waiting 5 seconds for the new Kubernetes resources to get flushed...done. [completed]
[17:58:23] Create deployment che-operator in namespace eclipse-che [started]
[17:58:23] Create deployment che-operator in namespace eclipse-che...done. [title changed]
[17:58:23] Create deployment che-operator in namespace eclipse-che...done. [completed]
[17:58:23] Operator pod bootstrap [started]
[17:58:23] Scheduling [started]
[17:58:23] Scheduling...done [title changed]
[17:58:23] Scheduling...done [completed]
[17:58:23] Downloading images [started]
[17:58:[29](https://github.com/eclipse-che/che-plugin-registry/runs/5079116473?check_suite_focus=true#step:11:29)] Downloading images...done [title changed]
[17:58:29] Downloading images...done [completed]
[17:58:29] Starting [started]
[17:58:41] Starting...done [title changed]
[17:58:41] Starting...done [completed]
[17:58:41] Operator pod bootstrap [completed]
[17:58:41] Prepare Eclipse Che cluster CR [started]
[17:58:41] Prepare Eclipse Che cluster CR...Done. [title changed]
[17:58:41] Prepare Eclipse Che cluster CR...Done. [completed]
[17:58:41] Create the Custom Resource of type checlusters.org.eclipse.che [started]
[17:58:41] Create the Custom Resource of type checlusters.org.eclipse.che in the namespace eclipse-che [title changed]
[17:58:41] Create the Custom Resource of type checlusters.org.eclipse.che in the namespace eclipse-che...done. [title changed]
[17:58:41] Create the Custom Resource of type checlusters.org.eclipse.che in the namespace eclipse-che...done. [completed]
[17:58:41] 🏃‍  Running the Eclipse Che operator [completed]
[17:58:41] ✅  Post installation checklist [started]
[17:58:41] PostgreSQL pod bootstrap [started]
[17:58:41] Scheduling [started]
[17:59:47] Scheduling...done [title changed]
[17:59:47] Scheduling...done [completed]
[17:59:47] Downloading images [started]
[18:00:01] Downloading images...done [title changed]
[18:00:01] Downloading images...done [completed]
[18:00:01] Starting [started]
[18:00:19] Starting...done [title changed]
[18:00:19] Starting...done [completed]
[18:00:19] PostgreSQL pod bootstrap [completed]
[18:00:19] Keycloak pod bootstrap [started]
[18:00:19] Keycloak pod bootstrap...skipped [title changed]
[18:00:19] Keycloak pod bootstrap...skipped [completed]
[18:00:19] Devfile Registry pod bootstrap [started]
[18:00:19] Scheduling [started]
[18:00:23] Scheduling...done [title changed]
[18:00:23] Scheduling...done [completed]
[18:00:23] Downloading images [started]
[18:00:29] Downloading images...done [title changed]
[18:00:29] Downloading images...done [completed]
[18:00:29] Starting [started]
[18:00:[39](https://github.com/eclipse-che/che-plugin-registry/runs/5079116473?check_suite_focus=true#step:11:39)] Starting...done [title changed]
[18:00:39] Starting...done [completed]
[18:00:39] Devfile Registry pod bootstrap [completed]
[18:00:39] Plug-in Registry pod bootstrap [started]
[18:00:39] Scheduling [started]
[18:00:39] Scheduling...done [title changed]
[18:00:39] Scheduling...done [completed]
[18:00:39] Downloading images [started]
[18:00:[41](https://github.com/eclipse-che/che-plugin-registry/runs/5079116473?check_suite_focus=true#step:11:41)] Downloading images...done [title changed]
[18:00:41] Downloading images...done [completed]
[18:00:41] Starting [started]
[18:00:[44](https://github.com/eclipse-che/che-plugin-registry/runs/5079116473?check_suite_focus=true#step:11:44)] Starting...done [title changed]
[18:00:44] Starting...done [completed]
[18:00:44] Plug-in Registry pod bootstrap [completed]
[18:00:44] Eclipse Che Dashboard pod bootstrap [started]
[18:00:44] Scheduling [started]
[18:00:[49](https://github.com/eclipse-che/che-plugin-registry/runs/5079116473?check_suite_focus=true#step:11:49)] Scheduling...done [title changed]
[18:00:49] Scheduling...done [completed]
[18:00:49] Downloading images [started]
[18:00:[56](https://github.com/eclipse-che/che-plugin-registry/runs/5079116473?check_suite_focus=true#step:11:56)] Downloading images...done [title changed]
[18:00:56] Downloading images...done [completed]
[18:00:56] Starting [started]
[18:01:03] Starting...done [title changed]
[18:01:03] Starting...done [completed]
[18:01:03] Eclipse Che Dashboard pod bootstrap [completed]
[18:01:03] Eclipse Che Server pod bootstrap [started]
[18:01:03] Scheduling [started]
[18:01:08] Scheduling...done [title changed]
[18:01:08] Scheduling...done [completed]
[18:01:08] Downloading images [started]
[18:01:18] Downloading images...done [title changed]
[18:01:18] Downloading images...done [completed]
[18:01:18] Starting [started]
[18:02:02] Starting...done [title changed]
[18:02:02] Starting...done [completed]
[18:02:02] Eclipse Che Server pod bootstrap [completed]
[18:02:02] Eclipse Che status check [started]
[18:02:02] Eclipse Che status check...done [title changed]
[18:02:02] Eclipse Che status check...done [completed]
[18:02:02] ✅  Post installation checklist [completed]
[18:02:02] Retrieving Che self-signed CA certificate [started]
[18:02:02] Retrieving Che self-signed CA certificate...OK [title changed]
[18:02:02] Retrieving Che self-signed CA certificate...OK [completed]
[18:02:02] Prepare post installation output [started]
[18:02:07] Prepare post installation output...done [title changed]
[18:02:07] Prepare post installation output...done [completed]
[18:02:07] Show important messages [started]
[18:02:07] Eclipse Che 'next' has been successfully deployed. [started]
[18:02:07] Eclipse Che 'next' has been successfully deployed. [completed]
[18:02:07] Documentation             : https://www.eclipse.org/che/docs/ [started]
[18:02:07] Documentation             : https://www.eclipse.org/che/docs/ [completed]
[18:02:07] ------------------------------------------------------------------------------- [started]
[18:02:07] ------------------------------------------------------------------------------- [completed]
[18:02:07] Users Dashboard           : https://192.1[68](https://github.com/eclipse-che/che-plugin-registry/runs/5079116473?check_suite_focus=true#step:11:68).49.2.nip.io/dashboard/ [started]
[18:02:07] Users Dashboard           : https://1[92](https://github.com/eclipse-che/che-plugin-registry/runs/5079116473?check_suite_focus=true#step:11:92).[168](https://github.com/eclipse-che/che-plugin-registry/runs/5079116473?check_suite_focus=true#step:11:168).49.2.nip.io/dashboard/ [completed]
[18:02:07] ------------------------------------------------------------------------------- [started]
[18:02:07] ------------------------------------------------------------------------------- [completed]
[18:02:07] Plug-in Registry          : https://[192](https://github.com/eclipse-che/che-plugin-registry/runs/5079116473?check_suite_focus=true#step:11:192).168.49.2.nip.io/plugin-registry/v3/ [started]
[18:02:07] Plug-in Registry          : https://192.168.49.2.nip.io/plugin-registry/v3/ [completed]
[18:02:07] Devfile Registry          : https://192.168.49.2.nip.io/devfile-registry/ [started]
[18:02:07] Devfile Registry          : https://192.168.49.2.nip.io/devfile-registry/ [completed]
[18:02:07] ------------------------------------------------------------------------------- [started]
[18:02:07] ------------------------------------------------------------------------------- [completed]
[18:02:07] Dex user credentials      : che@eclipse.org:admin [started]
[18:02:07] Dex user credentials      : che@eclipse.org:admin [completed]
[18:02:07] Dex user credentials      : user1@che:password [started]
[18:02:07] Dex user credentials      : user1@che:password [completed]
[18:02:07] Dex user credentials      : user2@che:password [started]
[18:02:07] Dex user credentials      : user2@che:password [completed]
[18:02:07] Dex user credentials      : user3@che:password [started]
[18:02:07] Dex user credentials      : user3@che:password [completed]
[18:02:07] Dex user credentials      : user4@che:password [started]
[18:02:07] Dex user credentials      : user4@che:password [completed]
[18:02:07] Dex user credentials      : user5@che:password [started]
[18:02:07] Dex user credentials      : user5@che:password [completed]
[18:02:07] ------------------------------------------------------------------------------- [started]
[18:02:07] ------------------------------------------------------------------------------- [completed]
[18:02:07] Show important messages [completed]
Command server:deploy has completed successfully in 05:15.

output.mp4

Page console logs:

"SEVERE" "" "https://192.168.49.2.nip.io/ - Failed to load resource: the server responded with a status of 503 ()"
"SEVERE" "" "https://192.168.49.2.nip.io/favicon.ico - Failed to load resource: the server responded with a status of 503 ()"
"SEVERE" "" "https://192.168.49.2.nip.io/favicon.ico - Failed to load resource: the server responded with a status of 503 ()"

Update: an error has been reproduced on minikube v1.24.0.

[tolusha]

@dmytro-ndp
I haven't tried minikube v1.21.1 but I am prety sure it should work with v.23.2 and 1.24.0

[wbondarchuk]

@dmytro-ndp I was able to solve my problem using Minikube v1.24.0 and allocating more memory:
minikube start --memory=10240 --cpus=4

[debovema]

@dmytro-ndp I was able to solve my problem using Minikube v1.24.0 and allocating more memory:
minikube start --memory=10240 --cpus=4

After increasing the allocated memory I succeeded to reach the dex UI and I'm able to log in. However the dashboard does not load:

[tolusha]

@debovema
What minikube version do you use?

[tolusha]

@debovema
Pls. check server logs kubectl logs deploy/che -n eclipse-che

[debovema]

@tolusha sorry for late answer. It turns out that, apart from the issues identifed with Minikube >=1.25.0, WSL2 was the reason of other issues.
I created this gist to sum up the steps to perform when installing Eclipse Che on Minikube (Docker driver) in WSL.

[amol-m-deshpande]

@debovema @tolusha I followed the above steps, I can see the dex login.
I used a couple of creds from the output

16:10:27] Dex user credentials      : che@eclipse.org:admin [started]
[16:10:27] Dex user credentials      : che@eclipse.org:admin [completed]
[16:10:27] Dex user credentials      : user1@che:password [started]
[16:10:27] Dex user credentials      : user1@che:password [completed]

username: che@eclipse.org
password: admin
or
username: user1@che
password: password
I get 500 internal server.
Did I miss any step?

[karatkep]

I got the same 500 error issue as @amol-m-deshpande
Is there any update on this topic?

~  minikube version
minikube version: v1.25.2
commit: 362d5fdc0a3dbee389b3d3f1034e8023e72bd3a7

~  kubectl version
Client Version: version.Info{Major:"1", Minor:"23", GitVersion:"v1.23.5", GitCommit:"c285e781331a3785a7f436042c65c5641ce8a9e9", GitTreeState:"clean", BuildDate:"2022-03-16T15:51:05Z", GoVersion:"go1.17.8", Compiler:"gc", Platform:"darwin/amd64"}
Server Version: version.Info{Major:"1", Minor:"23", GitVersion:"v1.23.3", GitCommit:"816c97ab8cff8a1c72eccca1026f7820e93e0d25", GitTreeState:"clean", BuildDate:"2022-01-25T21:19:12Z", GoVersion:"go1.17.6", Compiler:"gc", Platform:"linux/amd64"}

~  chectl version
chectl/7.46.0 darwin-x64 node-v16.13.2

Error from oauth-proxy container in che-gateway pod

[2022/04/19 22:05:17] [oauthproxy.go:723] Error redeeming code during OAuth2 callback: token exchange failed: Post "https://dex.192.168.64.3.nip.io/token": dial tcp: lookup dex.192.168.64.3.nip.io on 10.96.0.10:53: server misbehaving
172.17.0.2:39426 - ffc09ce19b8a56f478cdce6df8306f50 - - [2022/04/19 22:05:17] 192.168.64.3.nip.io GET - "/oauth/callback?code=bztv4rmg3y6bjmkmzj47bnb2q&state=z7u7U_pK6Jb4r0l63jpvFnklII4qZ-ULdDBYlojvV-I%3A%2Fdashboard" HTTP/1.1 "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36" 500 2830 0.008

Looks like the issue with nslookup for dex host (dex.192.168.64.3.nip.io in my particular case).

[tolusha]

It works locally on my minikube v1.25.2

minikube start --cpus 4 --memory 10240 --disk-size=50GB --vm-driver=virtualbox
minikube addons enable ingress
minikube addons enable dashboar

[prasanthmvp]

@karatkep did u resolved 500 error on Oauth callback

[debovema]

@prasanthmvp @amol-m-deshpande : I used to have an error 500, so I fixed this gist. It is now working on WSL2 + Docker Desktop (Minikube 1.26.0, k8s 1.24.1, chectl 7.49.0).
What are your host system and minikube driver ?
Also check that you have no problem of DNS rebinding protection to use *.nip.io hostnames (see https://nip.io/ and https://en.wikipedia.org/wiki/DNS_rebinding).

[prasanthmvp]

@debovema We had seen the script and kindly guide how to use it in the following environment.

Minikube Version: v1.26.0
Docker version 20.10.17, build 100c701
OS : AlmaLinux release 9.0 (Emerald Puma)

minikube start --addons=ingress,dashboard --driver=docker --memory=12288 --cpus=6

Due to the *.nip.io restricted in our Network, We modified the /etc/hosts file as follows.,
192.168.49.2 192.168.49.2.nip.io dex.192.168.49.2.nip.io *.192.168.49.2.nip.io

** oauth-proxy.log **
[2022/06/30 16:07:14] [options.go:72] Performing OIDC Discovery...
[2022/06/30 16:07:14] [proxy.go:89] mapping path "/" => upstream "http://127.0.0.1:8081/"
[2022/06/30 16:07:14] [oauthproxy.go:148] OAuthProxy configured for OpenID Connect Client ID: eclipse-che
[2022/06/30 16:07:14] [oauthproxy.go:154] Cookie settings: name:_oauth2_proxy secure(https):true httponly:false expiry:24h0m0s domains: path:/ samesite: refresh:disabled
[2022/06/30 16:07:14] [oauthproxy.go:455] Skipping auth - Method: | Path: ^/plugin-registry|^/devfile-registry|^/$|/healthz$|^/dashboard/static/preload
172.17.0.6:51068 - f928d65d4d2635ce31886feb44d796af - - [2022/07/01 13:44:18] 192.168.49.2.nip.io GET / "/" HTTP/1.1 "Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0" 502 11 0.004
[2022/07/01 13:44:27] [oauthproxy.go:862] No valid authentication in request. Initiating login.
172.17.0.6:51068 - 4f5f734feaa93b4911bc07f6f9a22aa7 - - [2022/07/01 13:44:27] 192.168.49.2.nip.io GET - "/dashboard/" HTTP/1.1 "Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0" 302 303 0.000
[2022/07/01 13:44:43] [oauthproxy.go:723] Error redeeming code during OAuth2 callback: token exchange failed: oauth2: cannot fetch token: 403 Forbidden
Response: <script type="text/javascript">location.replace("https://malware.opendns.com/?url=dex.192.168.49.2.nip.io%2Ftoken&server=nrt16&prefs=&tagging=&nref");</script>

172.17.0.6:51068 - 1f7605d2ddfbc2ebbabccf36acfd1a4d - - [2022/07/01 13:44:40] 192.168.49.2.nip.io GET - "/oauth/callback?code=izaxgkuxhijtwon3rz3uu75g6&state=uLNVwmNlSmSD3TPrc9leYpUlDPqKSaVUj66SDmEd1C0%3A%2Fdashboard%2F" HTTP/1.1 "Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0" 500 2830 2.475

[che-bot]

Issues go stale after 180 days of inactivity. lifecycle/stale issues rot after an additional 7 days of inactivity and eventually close.

Mark the issue as fresh with /remove-lifecycle stale in a new comment.

If this issue is safe to close now please do so.

Moderators: Add lifecycle/frozen label to avoid stale mode.