Too Many redirects
Summary
Installed gitlab via helm, all pods created, but when trying to access website getting "Too many redirects".
Steps to reproduce
Installed via helm using mostly default values, except we already have an nginx-ingress-controller running so using that instead as well as an external Postgres. hosts.externaIP is blank and maybe that's the issue. Since we are using our own ingress controller in EKS, perhaps this is where the problem lies.
Configuration used
# Default values for gitlab-chart.
# This is a YAML-formatted file.
global:
operator:
enabled: false
# gitlabVersion: master
application:
create: false
links: []
hosts:
domain: domain.com
https: false
externalIP:
ssh: ~
ingress:
configureCertmanager: false
annotations:
kubernetes.io/ingress.class: nginx-ingress-internal
hosts:
- gitlab.management-eks.us-east-1.assurantlabs.com
enabled: true
initialRootPassword: {}
psql:
host: postgres.domain.com
password:
secret: gitlab
key: postgres-password
port: 5432
database: gitlab
username: deploy
redis:
password: {}
gitaly:
authToken: {}
internal:
names: ['default']
external: []
minio:
enabled: true
credentials: {}
appConfig:
enableUsagePing: true
defaultCanCreateGroup: true
usernameChangingEnabled: true
issueClosingPattern:
defaultTheme:
defaultProjectsFeatures:
issues: true
mergeRequests: true
wiki: true
snippets: true
builds: true
webhookTimeout:
gravatar:
plainUrl:
sslUrl:
extra:
googleAnalyticsId:
piwikUrl:
piwikSiteId:
lfs:
bucket: git-lfs
connection: {}
artifacts:
bucket: gitlab-artifacts
connection: {}
uploads:
bucket: gitlab-uploads
connection: {}
backups:
bucket: gitlab-backups
tmpBucket: tmp
incomingEmail:
enabled: false
address: ""
host: "imap.gmail.com"
port: 993
ssl: true
startTls: false
user: ""
password:
secret: ""
key: password
mailbox: inbox
idleTimeout: 60
shell:
authToken: {}
hostKeys: {}
railsSecrets: {}
registry:
bucket: registry
certificate: {}
httpSecret: {}
runner:
registrationToken: {}
# Outgoing email server settings
smtp:
enabled: false
address: smtp.mailgun.org
port: 2525
user_name: ""
password:
secret: ""
key: password
# domain:
authentication: "plain"
starttls_auto: false
openssl_verify_mode: "peer"
# Email persona used in email sent by GitLab
email:
from: ''
display_name: GitLab
reply_to: ''
subject_suffix: ''
time_zone: UTC
service:
annotations: {}
antiAffinity: soft
workhorse: {}
# configuration of certificates container & custom CA injection
certificates:
image:
repository: registry.gitlab.com/gitlab-org/build/cng/alpine-certificates
tag: 20171114-r3
customCAs: []
# - secret: custom-CA
# - secret: more-custom-CAs
shared-secrets:
enabled: true
rbac:
create: true
gitlab-runner:
install: false
certmanager:
install: false
nginx-ingress:
enabled: false
prometheus:
install: false
redis-ha:
nameOverride: redis
enabled: false
postgresql:
install: false
registry:
enabled: false
# gitlab:
# migrations:
# enabled: false
# unicorn:
# enabled: false
# sidekiq:
# enabled: false
# gitaly:
# enabled: false
# gitlab-shell:
# enabled: false
# redis:
# enabled: falseCurrent behavior
Requesting "https://gitlab.domain.com" but get a 308 redirect loop to "https://gitlab.domain.com". If I port forward port 8181 to the unicorn pod, then I do get the gitlab login page, and I can login fine. So it does appear to be working.
Expected behavior
Was expecting to be able to pull up https://gitlab.domain.com
Versions
- Chart: latest version of chart.
- Platform:
- Cloud: EKS
- Kubernetes: (
kubectl version)- Client Version: version.Info{Major:"1", Minor:"11", GitVersion:"v1.11.2", GitCommit:"bb9ffb1654d4a729bb4cec18ff088eacc153c239", GitTreeState:"clean", BuildDate:"2018-08-08T16:31:10Z", GoVersion:"go1.10.3", Compiler:"gc", Platform:"darwin/amd64"}
- Server Version: version.Info{Major:"1", Minor:"10+", GitVersion:"v1.10.3-eks", GitCommit:"58c199a59046dbf0a13a387d3491a39213be53df", GitTreeState:"clean", BuildDate:"2018-09-21T21:00:04Z", GoVersion:"go1.9.3", Compiler:"gc", Platform:"linux/amd64"}
- Helm: (
helm version)- Client: &version.Version{SemVer:"v2.9.1", GitCommit:"20adb27c7c5868466912eebdf6664e7390ebe710", GitTreeState:"clean"}
- Server: &version.Version{SemVer:"v2.9.1", GitCommit:"20adb27c7c5868466912eebdf6664e7390ebe710", GitTreeState:"clean"}
Relevant logs
Looking at the logs of my nginx-ingress-controller it seems like it is sending to unicorn but unicorn is returning the 308
192.168.1.216 - [192.168.1.216] - - [16/Oct/2018:14:56:10 +0000] "GET / HTTP/1.1" 308 187 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 453 0.000 [gitlab-gitlab-unicorn-8181] - - - - d408f2c26cbd51393f41729d74a3086a
192.168.1.216 - [192.168.1.216] - - [16/Oct/2018:14:56:10 +0000] "GET / HTTP/1.1" 308 187 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 453 0.000 [gitlab-gitlab-unicorn-8181] - - - - 9c1403aabd385cb6801b4006df67b5f1Unicorn log isn't providing much
==> /var/log/gitlab/production_json.log <==
{"method":"GET","path":"/","format":"html","controller":"RootController","action":"index","status":302,"duration":10.01,"view":0.0,"db":0.0,"location":"http://example.org/users/sign_in","time":"2018-10-16T14:53:01.950Z","params":[],"remote_ip":null,"user_id":null,"username":null,"ua":null}
I, [2018-10-16T14:53:02.058522 #13] INFO -- : listening on addr=0.0.0.0:8080 fd=22
I, [2018-10-16T14:53:02.073904 #13] INFO -- : master process ready
I, [2018-10-16T14:53:02.181192 #50] INFO -- : worker=0 ready
I, [2018-10-16T14:53:02.194121 #53] INFO -- : worker=1 readyI do see this in the unicorn logs as well, not sure if relevant:
==> /var/log/gitlab/production.log <==
Started GET "/" for at 2018-10-16 14:52:59 +0000
Processing by RootController#index as HTML
Redirected to http://example.org/users/sign_in
Filter chain halted as :redirect_unlogged_user rendered or redirected
Completed 302 Found in 8ms (ActiveRecord: 0.0ms | Elasticsearch: 0.0ms)Edited by Rick Baker