$CODER_ACCESS_URL for working health check and auth-provider in k8s

Hi! So i am hosting coder in a k8s at coder.mydomain.com and gitlab is at gitlab.someotherdomain.com. If I assign coder_access_url to coder.ns.svc.cluster.local healthz check works but the redirect url is incorrect (as it expects coder.mydomain.com) Conversely I can configure it the other way around but health check will keep returning error (and websocket health check fails as well). Any ideas how I could resolve it ? We have tls-termination implemented at the LB level and using ngingx as the controller
Solution:
I figured out a solution in my case. The issue was that the chosen load balancer (NLB) had preserve client ip on (by choice for a legacy service we upgraded so probably no need anymore). long story short Toggling this makes sure that the ingress url works to address from within the pod with that specific url: https://www.reddit.com/r/kubernetes/comments/tk659b/comment/i1zv5pa/?utm_source=share&utm_medium=web3x&utm_name=web3xcss&utm_term=1&utm_content=share_button...
Reddit
zeralls's comment on "Empty Reply from server when the client and s...
Explore this conversation and more from the kubernetes community
Jump to solution
5 Replies
Codercord
Codercord4w ago
<#1313488125074346084>
Category
Help needed
Product
Coder OSS (v2)
Platform
Linux
Logs
Please post any relevant logs/error messages.
Solution
spaceocelote
spaceocelote4w ago
I figured out a solution in my case. The issue was that the chosen load balancer (NLB) had preserve client ip on (by choice for a legacy service we upgraded so probably no need anymore). long story short Toggling this makes sure that the ingress url works to address from within the pod with that specific url: https://www.reddit.com/r/kubernetes/comments/tk659b/comment/i1zv5pa/?utm_source=share&utm_medium=web3x&utm_name=web3xcss&utm_term=1&utm_content=share_button
Reddit
zeralls's comment on "Empty Reply from server when the client and s...
Explore this conversation and more from the kubernetes community
spaceocelote
spaceoceloteOP4w ago
for more information see the comment above having the ability to set the "internal access url" (ie coder.coder.svc.cluster.local) would be an other solution to the issue
Phorcys
Phorcys3w ago
hey @spaceocelote thanks for sharing!
Codercord
Codercord3w ago
@Phorcys closed the thread.

Did you find this page helpful?