This message was deleted.

Can you give an example of a Rancher API CRUD operation that doesn't result in a Kubernetes custom resource being created/retrieved/modified?

I'm looking specifically at this API call:

/v3/keyCloakOIDCConfigs/keycloakoidc

note that I'm not sure that there is no CRD behind that, I just didn't find any obvious candidate

The fact that

/v3

is prepended there means, to me, there is a keycloakoidcconfig.management.cattle.io` CRD being CRUD-ed there. Here is the type in Rancher's code: https://github.com/rancher/rancher/blob/release/v2.7/pkg/apis/management.cattle.io/v3/authn_types.go#L438

@big-hydrogen-97240 hmm, I can't find no such CRD registered (

kubectl get crds | grep ...

) what component would define that CRD ?

Rancher would. I'm not sure what configuration would need to be enabled to start that controller.

hmm, ok, thanks for the information on what I should expect! I'll keep digging to find out what CRD is behind that ...

I'm pretty sure I have the correct CRD kind above. Do you get any GVK information from navigating to

https://<RANCHER_SERVER_URL>/v3/keyCloakOIDCConfigs

in your browser?

at this URL, what I get is this:

{
  "baseType": "error",
  "code": "MethodNotAllow",
  "message": "Method GET not supported",
  "status": 405,
  "type": "error"
}

So your current cluster is not able to CRUD to that URL at all. This means that there is some configuration not set. Like Keycloak is not turned on. Once this is turned on, then you should see something at that URL and see the CRD.

well, this URL works with a call that does a PUT on

$RANCHER_URL/v3/keyCloakOIDCConfigs/keycloakoidc?action=testAndApply

but indeed, it's possible that I need to toggle something to get this to be possible