503 Service Temporarily Unavailable nginx: External Oauth Authentication with Github

[anishagoyal0504]

I have followed the exact tutorial for kubernetes dashboard with Github and Oauth2-proxy, all the pods, service and ingress are working fine.

When I try to open the webpage (http://foo.bar.com) I', getting this error "503 Service Temporarily Unavailable nginx"

I have deployed all resources in kubernetes-dashboard namespace.

my yaml configs are:

apiVersion: apps/v1
kind: Deployment
metadata:
labels:
k8s-app: oauth2-proxy
name: oauth2-proxy
namespace: kubernetes-dashboard
spec:
replicas: 1
selector:
matchLabels:
k8s-app: oauth2-proxy
template:
metadata:
labels:
k8s-app: oauth2-proxy
spec:
containers:
- args:
- --provider=github
- --email-domain=*
- --upstream=file:///dev/null
- --http-address=0.0.0.0:4180
# Register a new application
# https://github.com/settings/applications/new
env:
- name: OAUTH2_PROXY_CLIENT_ID
value: "<github_client_id>"
- name: OAUTH2_PROXY_CLIENT_SECRET
value: "<github_client_secret>"
# docker run -ti --rm python:3-alpine python -c 'import secrets,base64; print(base64.b64encode(base64.b64encode(secrets.token_bytes(16))));'
- name: OAUTH2_PROXY_COOKIE_SECRET
value: "<base 64 secret>"
image: quay.io/oauth2-proxy/oauth2-proxy:latest
imagePullPolicy: Always
name: oauth2-proxy
ports:
- containerPort: 4180
protocol: TCP

---

apiVersion: v1
kind: Service
metadata:
labels:
k8s-app: oauth2-proxy
name: oauth2-proxy
namespace: kubernetes-dashboard
spec:
ports:

• name: http
  port: 4180
  protocol: TCP
  targetPort: 4180
  selector:
  k8s-app: oauth2-proxy

---

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: oauth2-proxy
namespace: kubernetes-dashboard
spec:
ingressClassName: nginx
rules:

• host: INGRESS_HOST
  http:
  paths:
  • path: /oauth2
    pathType: Prefix
    backend:
    service:
    name: oauth2-proxy
    port:
    number: 4180

---

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
nginx.ingress.kubernetes.io/auth-url: "https://$host/oauth2/auth"
nginx.ingress.kubernetes.io/auth-signin: "https://$host/oauth2/start?rd=$escaped_request_uri"
name: external-auth-oauth2
namespace: kubernetes-dashboard
spec:
ingressClassName: nginx
rules:

• host: INGRESS_HOST
  http:
  paths:
  • path: /
    pathType: Prefix
    backend:
    service:
    name: kubernetes-dashboard
    port:
    number: 80

Am I missing something here? or something has changed since this blog was created

Please advice

further to above:
I have used the given deployment (kubectl create -f https://raw.githubusercontent.com/kubernetes/kops/master/addons/kubernetes-dashboard/v1.10.1.yaml)

I believe it creates kubernetes-dashboard service on port 443 not port 80, however, in the given oauth2-proxy yaml file, it says port 80 in the ingress section.

[k8s-ci-robot]

This issue is currently awaiting triage.

If Ingress contributors determines this is a relevant issue, they will accept it by applying the triage/accepted label and provide further guidance.

The triage/accepted label can be added by org members by writing /triage accepted in a comment.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[longwuyuan]

The information you have provided can not be analyzed.

There are questions asked in a new bug report template so read them and answer them so that readers here get data that can be analyzed.

/remove-kind bug
/kind support
/triage needs-information

[github-actions]

This is stale, but we won't close it automatically, just bare in mind the maintainers may be busy with other tasks and will reach your issue ASAP. If you have any question or request to prioritize this, please reach #ingress-nginx-dev on Kubernetes Slack.