Skip to Main Content

Containers, Cloud Native & Kubernetes

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Interested in getting your voice heard by members of the Developer Marketing team at Oracle? Check out this post for AppDev or this post for AI focus group information.

Not able to hit HTTPS url from OKE Container - domain is hosted on cluster itself

Pallav LadekarNov 28 2024

Hi Everyone,

We are currently experiencing an issue with our Oracle OKE 1.29 cluster related to inter-service communication within the cluster.

Issue Description

Our application, deployed on the OKE cluster, has services that need to communicate with each other using their public URLs over HTTPS from within the cluster containers. However, when a service tries to hit its domain/URL from a container using HTTPS, the request fails.

Observations

  • Communication with external domains hosted outside the cluster works without issues, confirming there is no ACL blocking HTTP or HTTPS traffic for outgoing requests.
  • We are using NGINX ingress controller for traffic routing within the cluster.

Request for Assistance

We would like your help in identifying and resolving the issue. Specifically:

  1. Could there be any specific configurations or limitations in OKE 1.29 that block HTTPS traffic for internal domains from within the cluster?
  2. Are there adjustments required in the NGINX ingress controller or other network settings to enable HTTPS traffic for inter-service communication?

We appreciate your support in resolving this matter and look forward to your guidance.

Comments

MartinBach-Oracle Jan 8 2025

Hi Salomon,

please have a look at this blog post written by @ulrike-schwinn-oracle :

https://blogs.oracle.com/coretec/post/easy-sql-statement-tracking-in23c

I hope this answers your question, if not, please shout!

- Martin

Solomon Yakobson Jan 8 2025

@martinbach-oracle - No, it doesn't answer my question. Article you pointed to shows uses:

SQL> alter system set sql_history_enabled=true scope=both;

And in my post I said “Works fine when enabled on system level”. My question was about

SQL> ALTER SESSION SET SQL_HISTORY_ENABLED = TRUE;

where I showed SQL history was NOT captured even though it should be based on SQL_HISTORY_ENABLED:

Modifiable **ALTER SESSION**, ALTER SYSTEM

SY.

MartinBach-Oracle Jan 8 2025

As per the article I shared the situation is as follows at the moment

  • You must enable SQL history PDB-wide (only a DBA can do that) so there's a certain level of control over the feature
  • Your session has access to the SQL history
  • If you don't want to record anything, set sql_history_enabled to false.

I'm currently assessing if that's intended behaviour (in which case the documentation should be amended) or a feature not working as it should (in which case it needs fixing). The parameter is indeed session-modifyable, but not in the sense you expected.

We'll keep you posted.

- Martin

Solomon Yakobson Jan 8 2025

Do you mean it must be enabled on system level and not on session level and all session can do is disabe it for the session?

SY.

MartinBach-Oracle Jan 14 2025

Yes,

that's correct as of Oracle Database Free 23.6.

- Martin

Solomon Yakobson Jan 14 2025

Thanks Martin, I hope this will be added to 23AI docs soon.

SY.

1 - 6

Post Details

Added on Nov 28 2024
0 comments
68 views