Hmmm, I saw this: -
CWOAU0062E: The OAuth service provider could not redirect the request because the redirect URI was not valid. Contact your system administrator to resolve the problem.
whilst trying to log into my IBM Cloud Private (ICP) 3.1.1 cluster, using it's host/service name: -
https://dmhayicp-boot.fyre.ibm.com:8443
whereas it works OK using the IP address: -
https://9.20.194.53:8443
Using this: -
Accessing your IBM® Cloud Private cluster by using the management console
Reading up, I *wonder* whether I had neglected to set this: -
cluster_access_ip
in the config.yaml when I first built the cluster.
However, that appears to have "gone away" with 3.1.1, in that it's not mentioned in the KC here: -
Customizing the cluster with the config.yaml file
CWOAU0062E: The OAuth service provider could not redirect the request because the redirect URI was not valid. Contact your system administrator to resolve the problem.
whilst trying to log into my IBM Cloud Private (ICP) 3.1.1 cluster, using it's host/service name: -
https://dmhayicp-boot.fyre.ibm.com:8443
whereas it works OK using the IP address: -
https://9.20.194.53:8443
Using this: -
Accessing your IBM® Cloud Private cluster by using the management console
as reference, the suggestion is that one always use the IP address ( of the boot/management node ), but I wondered if/whether I can use the host/service name.
Reading up, I *wonder* whether I had neglected to set this: -
cluster_access_ip
in the config.yaml when I first built the cluster.
However, that appears to have "gone away" with 3.1.1, in that it's not mentioned in the KC here: -
Customizing the cluster with the config.yaml file
although it may have been replaced by: -
cluster_lb_address
...
In an environment that has multiple network interfaces (NICs), use cluster_lb_address to set a public or external IP address for the management services in your cluster. You can specify a fully-qualified domain name instead of the IP address.
This public address is assigned to the master node, used to access the console, and also used to configure kubectl.
In an HA environment, cluster_lb_address masks the cluster_vip as the leading master IP.
...
Ah well, some more digging .....
*UPDATE*
Darn, I'm good ....
I updated my config.yaml file, adding: -
cluster_lb_address: dmhayicp-boot.fyre.ibm.com
*UPDATE*
Darn, I'm good ....
I updated my config.yaml file, adding: -
cluster_lb_address: dmhayicp-boot.fyre.ibm.com
and dropped the cluster: -
docker run --net=host -t -e LICENSE=accept -v "$(pwd)":/installer/cluster ibmcom/icp-inception-amd64:3.1.1-ee uninstall
and rebuilt the same: -
docker run --net=host -t -e LICENSE=accept -v "$(pwd)":/installer/cluster ibmcom/icp-inception-amd64:3.1.1-ee install
and now we are in like the veritable Flynn.
I can access my cluster via this URL: -
https://dmhayicp-boot.fyre.ibm.com:8443/console/
as well as via the IP address: -
https://9.20.194.53:8443/console/
Obviously this is somewhat disruptive AND destructive.
Therefore, please please please use caution before trying this in YOUR environment.
Remember, folks, YMMV and Caveat Emptor :-)