Gateway timeout or blank page error while you log in to the console
Cannot log in to your IBM Cloud Pak foundational services or IBM Cloud Pak® console.
Symptoms
You might see a 504 Gateway timeout
error or blank page when you log in to the console.
Cause
IBM WebSphere Liberty has a limitation in their federated user registry mechanism where a problem in one registry affects all other registries in the cluster.
The foundational services Identity Management (IM) service uses Liberty federated registry. Hence, if you have multiple LDAP (Lightweight Directory Access Protocol) registries in your cluster, if any registry server is down, it impacts all other registries. You can't log in to your cluster. The issue might happen even if you have only one LDAP connection in your cluster.
Resolving the problem
If you find that all the IM pods are up and running, then follow these steps as a workaround to the issue:
-
Verify whether your LDAP registries are healthy and that you are able to reach the servers.
-
If there is a problem in any LDAP registry, disconnect the LDAP registry from your cluster by using either of the following ways:
- If other identity providers are configured in your cluster, a user with admin access can log in to the console and delete the connection from the navigation menu > Identity and access > Identity providers page.
- If you have the foundational services default
cpadmin
token, you can use the Deleting an LDAP connection by using IdP V3 API to remove the connection.
-
Restart the
platform-auth-service
pod.oc get pod -n <your-foundational-services-namespace> | grep platform-auth oc delete pod $platform-auth-pod
If the problem still persists, contact IBM Support.