My team is using Camunda version 7.13.0 with spring boot application using embedded tomcat server. It works in local when we just hit the root application context
Local
URL used in browser - http://localhost:8080/{app-context}/
Redirected URL - http://localhost:8080/{app-context}/camunda/app/welcome/default/#!/login
But when we deployed to AWS ECS, I am facing few issues(This site can’t be reached. Refused to connect) when we try to access it. Verified Gateway and Loadbalancer and it works perfect. We are also able to deploy BPMN using /engine-rest but not able to access web apps:
URL used in browser - http://{domain name}/{app-context}/
Redirected URL - http://{domain name}:8080/{app-context}/camunda/app/
When we use below url, we are getting a spinner
URL used in browser - http://{domain name}/{app-context}/camunda/app/welcome/default/#!/login/
I am pretty sure that we are missing something… Please help.
Hi @Praveen_Kumar_Gandhi Were you able to resolve this issue? I am having somewhat similar issue Webapp login page loads but with valid username and password also it fails to login. And I could access rest api with no issue…
Hi,
This suggests that the process engine is running and reachable. The REST API is unauthenticated by default, hence thats probably why you can reach the REST APIs. The web apps indicate you are using the wrong credentials. Hence have a look at how ou have configured identity…
regards
Rob
@Webcyberrob We just mentioned the initial user in appication.yaml and the default database identity we use
camunda.bpm.admin-user:
id: demo
password: demo
everything works fine locally ( in http mode) . But I see this problem when I take this application to AWS ECR and run in https mode.
Hi,
Are you deploying a springboot app? (different profiles)
Are you using AWS elastic compute or elastic beanstalk? (different profile or environment variables)
Are you deploying manually or via a CI/CD pipeline? - (different profile)
regards
Rob
Hi @Webcyberrob,
Yes, We are using the spring boot application, then we use Bamboo to build this project as a docker image and push to AWS ECR. Then we use Kubernetes to do all the other stuff.
We don’t have different profiles as of now ( Just setting up environment ready ). We will add profiles in the future.
Thing is that when starting an application it creates user and authorization data in the database that I can query using REST api’s
Hi,
If its a springboot app, you could use AWS elastic beanstalk and terminate https an an application loadbalancer. Otherwise, do you need to add a key store to your deployment? - see more here
regards
Rob
1 Like
Hi @Webcyberrob , I tried the same disabled container running in https mode. Made it running on http mode but I see the same error. You can see in-network call for welcome request I am getting 404 response code.
We are able to access the application by using the direct url. But noticed couple of issues with Load Balancer and Gateway url:
- Looks like we need to ensure sticky session is enabled in load balancer as camunda webapp seems to have session. We did that in ALB and issue got resolved.
- Gateway is not passing ‘set-cookie’ header parameters as it was configured for just APIs. So, we are working on configuring the gateway to pass headers to the application
1 Like
Thanks Rob! We are able to resolve it by enabling sticky session in Load Balancer and passing ‘set-cookie’ header values via gateway
1 Like
Thanks Praveen. We are just using a single pod instance as of now and ambassador gateway. Let me try out a sticky session in the gateway.
