kong admin-api not enabled but "kong manager" tries to access "/services" by using 8444

Question

I have EKS 1.27 and trying to install Kong via Helm Chart 2.31.0. I need to gateway and manager, no need to anything else. External Postgres enabled. Manager ingress and proxy ingress is enabled. SSL offloading ALB level; so "certificates:" are not enabled.

helm upgrade --install kong -n kong . \
  --set env.database="postgres" \
  --set env.pg_host="****" \
  --set env.pg_port="5432" \
  --set env.pg_user="****" \
  --set env.pg_password="****" \
  --set env.pg_database="****" \
  --set env.pg_ssl="on" \
  --set env.pg_ssl_verify="off"

After the installation I see that kong pod is running and migrations had been completed successfully.

Only default page (overview) can be accessible on Manager UI; the problem is that /services /routes /consumers etc. cannot be accessed.

When I inspect the page, I see that Manager is trying to access /services by using 8444.

My values.yaml file is here:

The problem is not the existence of admin-api; the problem is that an element in Kong Manager redirects browser connection to a backend by non-existing port .

The relevant ingress something like below:

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
meta.helm.sh/release-name: kong
meta.helm.sh/release-namespace: kong
generation: 1
labels:
app.kubernetes.io/instance: kong
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: kong
app.kubernetes.io/version: "3.4"
helm.sh/chart: kong-2.31.0
name: kong-kong-manager
namespace: kong
spec:
ingressClassName: nginx
rules:
- host: kong.myawesomedomain.com
  http:
  paths:
  - backend:
    service:
    name: kong-kong-manager
    port:
    number: 8002
    path: /
    pathType: ImplementationSpecific
    status:
    loadBalancer:
    ingress:
  - ip: 172.54.54.54

admin-api is a different api and it has its own ingress in the the case of needed.

I expect "Kong Manager Dashboard" access to only existing backend services (not non-existing services) only ports defined in its ingress configuration.

Could you please advise me where does 8444 come from although admin api is not enabled? Why does Kong Manager try to access "/services" by using 8444? Please advise a workaround and indicate what I am missing...

Thanks & Regards

Answer 1

The solution is that admin api has to be exposed via ingress; here. Manager uses admin api ingress address.

If admin api is not exposed via ingress, manager tries to access admin api by using 8444 which is not make sense.