search

TeamPiped / Piped-Kubernetes

GNU Affero General Public License v3.0
7 stars 6 forks source link

[piped] Default database results in non working piped, database config isn't read correctly #2

Closed aleksasiriski closed 1 year ago

aleksasiriski commented 1 year ago

Helm chart name

piped

Helm chart version

2.0.0

Container name

piped-backend

Container tag

default

Description

Default database results in non working piped deployment. Frontend and ytproxy seem to work fine but backend doesn't return anything to front for it to display any content, so it's just stuck there.

Also, when trying to use external postgresql backend errors out with this:

ThrottlingCache: 0 entries
SLF4J: No SLF4J providers were found.
SLF4J: Defaulting to no-operation (NOP) logger implementation
SLF4J: See https://www.slf4j.org/codes.html#noProviders for further details.
Apr 17, 2023 4:57:39 PM org.hibernate.Version logVersion
INFO: HHH000412: Hibernate ORM core version [WORKING]
Apr 17, 2023 4:57:40 PM org.hibernate.engine.jdbc.connections.internal.ConnectionProviderInitiator initiateService
INFO: HHH000130: Instantiating explicit connection provider: org.hibernate.hikaricp.internal.HikariCPConnectionProvider
Apr 17, 2023 4:57:41 PM org.hibernate.service.internal.AbstractServiceRegistryImpl stopService
INFO: HHH000369: Error stopping service [class org.hibernate.hikaricp.internal.HikariCPConnectionProvider]
java.lang.NullPointerException: Cannot invoke "com.zaxxer.hikari.HikariDataSource.close()" because "this.hds" is null
    at org.hibernate.hikaricp.internal.HikariCPConnectionProvider.stop(HikariCPConnectionProvider.java:120)
    at org.hibernate.service.internal.AbstractServiceRegistryImpl.stopService(AbstractServiceRegistryImpl.java:374)
    at org.hibernate.service.internal.AbstractServiceRegistryImpl.destroy(AbstractServiceRegistryImpl.java:357)
    at org.hibernate.boot.registry.internal.StandardServiceRegistryImpl.destroy(StandardServiceRegistryImpl.java:131)
    at org.hibernate.service.spi.ServiceRegistryImplementor.close(ServiceRegistryImplementor.java:30)
    at org.hibernate.cfg.Configuration.buildSessionFactory(Configuration.java:776)
    at me.kavin.piped.utils.DatabaseSessionFactory.<clinit>(DatabaseSessionFactory.java:23)
    at me.kavin.piped.Main.main(Main.java:70)

Exception in thread "main" java.lang.ExceptionInInitializerError
    at me.kavin.piped.Main.main(Main.java:70)
Caused by: java.lang.RuntimeException: org.hibernate.service.spi.ServiceException: Unable to create requested service [org.hibernate.engine.jdbc.env.spi.JdbcEnvironment]
    at me.kavin.piped.utils.DatabaseSessionFactory.<clinit>(DatabaseSessionFactory.java:25)
    ... 1 more
Caused by: org.hibernate.service.spi.ServiceException: Unable to create requested service [org.hibernate.engine.jdbc.env.spi.JdbcEnvironment]
    at org.hibernate.service.internal.AbstractServiceRegistryImpl.createService(AbstractServiceRegistryImpl.java:267)
    at org.hibernate.service.internal.AbstractServiceRegistryImpl.initializeService(AbstractServiceRegistryImpl.java:230)
    at org.hibernate.service.internal.AbstractServiceRegistryImpl.getService(AbstractServiceRegistryImpl.java:207)
    at org.hibernate.boot.model.relational.Database.<init>(Database.java:44)
    at org.hibernate.boot.internal.InFlightMetadataCollectorImpl.getDatabase(InFlightMetadataCollectorImpl.java:218)
    at org.hibernate.boot.internal.InFlightMetadataCollectorImpl.<init>(InFlightMetadataCollectorImpl.java:191)
    at org.hibernate.boot.model.process.spi.MetadataBuildingProcess.complete(MetadataBuildingProcess.java:138)
    at org.hibernate.boot.model.process.spi.MetadataBuildingProcess.build(MetadataBuildingProcess.java:97)
    at org.hibernate.boot.internal.MetadataBuilderImpl.build(MetadataBuilderImpl.java:402)
    at org.hibernate.boot.internal.MetadataBuilderImpl.build(MetadataBuilderImpl.java:90)
    at org.hibernate.cfg.Configuration.buildSessionFactory(Configuration.java:735)
    at org.hibernate.cfg.Configuration.buildSessionFactory(Configuration.java:773)
    at me.kavin.piped.utils.DatabaseSessionFactory.<clinit>(DatabaseSessionFactory.java:23)
    ... 1 more
Caused by: org.hibernate.HibernateException: com.zaxxer.hikari.pool.HikariPool$PoolInitializationException: Failed to initialize pool: The server requested SCRAM-based authentication, but no password was provided.
    at org.hibernate.hikaricp.internal.HikariCPConnectionProvider.configure(HikariCPConnectionProvider.java:62)
    at org.hibernate.boot.registry.internal.StandardServiceRegistryImpl.configureService(StandardServiceRegistryImpl.java:125)
    at org.hibernate.service.internal.AbstractServiceRegistryImpl.initializeService(AbstractServiceRegistryImpl.java:239)
    at org.hibernate.service.internal.AbstractServiceRegistryImpl.getService(AbstractServiceRegistryImpl.java:207)
    at org.hibernate.engine.jdbc.env.internal.JdbcEnvironmentInitiator.buildJdbcConnectionAccess(JdbcEnvironmentInitiator.java:249)
    at org.hibernate.engine.jdbc.env.internal.JdbcEnvironmentInitiator.initiateService(JdbcEnvironmentInitiator.java:175)
    at org.hibernate.engine.jdbc.env.internal.JdbcEnvironmentInitiator.initiateService(JdbcEnvironmentInitiator.java:36)
    at org.hibernate.boot.registry.internal.StandardServiceRegistryImpl.initiateService(StandardServiceRegistryImpl.java:119)
    at org.hibernate.service.internal.AbstractServiceRegistryImpl.createService(AbstractServiceRegistryImpl.java:255)
    ... 13 more
Caused by: com.zaxxer.hikari.pool.HikariPool$PoolInitializationException: Failed to initialize pool: The server requested SCRAM-based authentication, but no password was provided.
    at com.zaxxer.hikari.pool.HikariPool.throwPoolInitializationException(HikariPool.java:596)
    at com.zaxxer.hikari.pool.HikariPool.checkFailFast(HikariPool.java:582)
    at com.zaxxer.hikari.pool.HikariPool.<init>(HikariPool.java:100)
    at com.zaxxer.hikari.HikariDataSource.<init>(HikariDataSource.java:81)
    at org.hibernate.hikaricp.internal.HikariCPConnectionProvider.configure(HikariCPConnectionProvider.java:58)
    ... 21 more
Caused by: org.postgresql.util.PSQLException: The server requested SCRAM-based authentication, but no password was provided.
    at org.postgresql.core.v3.ConnectionFactoryImpl.lambda$doAuthentication$4(ConnectionFactoryImpl.java:838)
    at org.postgresql.core.v3.AuthenticationPluginManager.withPassword(AuthenticationPluginManager.java:81)
    at org.postgresql.core.v3.ConnectionFactoryImpl.doAuthentication(ConnectionFactoryImpl.java:835)
    at org.postgresql.core.v3.ConnectionFactoryImpl.tryConnect(ConnectionFactoryImpl.java:203)
    at org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:258)
    at org.postgresql.core.ConnectionFactory.openConnection(ConnectionFactory.java:54)
    at org.postgresql.jdbc.PgConnection.<init>(PgConnection.java:263)
    at org.postgresql.Driver.makeConnection(Driver.java:443)
    at org.postgresql.Driver.connect(Driver.java:297)
    at com.zaxxer.hikari.util.DriverDataSource.getConnection(DriverDataSource.java:121)
    at com.zaxxer.hikari.pool.PoolBase.newConnection(PoolBase.java:359)
    at com.zaxxer.hikari.pool.PoolBase.newPoolEntry(PoolBase.java:201)
    at com.zaxxer.hikari.pool.HikariPool.createPoolEntry(HikariPool.java:470)
    at com.zaxxer.hikari.pool.HikariPool.checkFailFast(HikariPool.java:561)
    ... 24 more
java.net.SocketTimeoutException: timeout
    at okhttp3.internal.http2.Http2Stream$StreamTimeout.newTimeoutException(Http2Stream.kt:675)
    at okhttp3.internal.http2.Http2Stream$StreamTimeout.exitAndThrowIfTimedOut(Http2Stream.kt:684)
    at okhttp3.internal.http2.Http2Stream.takeHeaders(Http2Stream.kt:143)
    at okhttp3.internal.http2.Http2ExchangeCodec.readResponseHeaders(Http2ExchangeCodec.kt:96)
    at okhttp3.internal.connection.Exchange.readResponseHeaders(Exchange.kt:106)
    at okhttp3.internal.http.CallServerInterceptor.intercept(CallServerInterceptor.kt:79)
    at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)
    at okhttp3.internal.connection.ConnectInterceptor.intercept(ConnectInterceptor.kt:34)
    at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)
    at okhttp3.internal.cache.CacheInterceptor.intercept(CacheInterceptor.kt:95)
    at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)
    at okhttp3.internal.http.BridgeInterceptor.intercept(BridgeInterceptor.kt:83)
    at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)
    at okhttp3.internal.http.RetryAndFollowUpInterceptor.intercept(RetryAndFollowUpInterceptor.kt:76)
    at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)
    at okhttp3.brotli.BrotliInterceptor.intercept(BrotliInterceptor.kt:40)
    at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)
    at okhttp3.internal.connection.RealCall.getResponseWithInterceptorChain$okhttp(RealCall.kt:201)
    at okhttp3.internal.connection.RealCall.execute(RealCall.kt:154)
    at me.kavin.piped.utils.RequestUtils.getJsonNode(RequestUtils.java:36)
    at me.kavin.piped.utils.obj.MatrixHelper.<clinit>(MatrixHelper.java:33)
    at me.kavin.piped.Main.lambda$main$1(Main.java:48)
    at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
    at java.base/java.util.concurrent.FutureTask.run(Unknown Source)
    at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
    at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
    at java.base/java.lang.Thread.run(Unknown Source)

The server requested SCRAM-based authentication, but no password was provided.

So it seems that the password field in values.yaml isn't being properly used.

Expected result

Helm chart with PROXY_PART, API_URL and FRONTEND_URL to just work™ OOTB. For Postgres config to work as well as the default.

Helm values to reproduce

postgresql:
  enabled: false
ingress:
  main:
    enabled: false
  backend:
    enabled: false
  ytproxy:
    enabled: false
backend:
  config:
    PROXY_PART: https://ytproxy.piped.mydomain.com
    API_URL: https://pipedapi.piped.mydomain.com
    FRONTEND_URL: https://piped.mydomain.com
    COMPROMISED_PASSWORD_CHECK: true
    DISABLE_REGISTRATION: false
    database:
      connection_url: jdbc:postgresql://cloudnative-pg-rw.cnpg-system.svc.cluster.local:5432/piped
      driver_class: org.postgresql.Driver
      dialect: org.hibernate.dialect.PostgreSQLDialect
      username: piped
      password: mypipeddbpassword

Additional Information

No response

Repo link

No response

samip5 commented 1 year ago

Hi,

Thank you for reporting. I haven't tried cloudnative, but that error does indeed suggest that password at least is not getting to the backend config right.

I will look into it.

aleksasiriski commented 1 year ago

I've also tried with DigitalOcean Managed Postgres (ver 15, 14 and 11)

samip5 commented 1 year ago

I have located that the backend configmap is indeed missing username and password fields completely so the error makes perfect sense.

samip5 commented 1 year ago

Then again, my own deployment with the default database does work.

    frontend:
      image:
        # Pull-though cache
        repository: registry.samipsolutions.fi/docker/1337kavin/piped-frontend
        tag: latest
        pullPolicy: Always

      env:
        BACKEND_HOSTNAME: pipedapi.skylab.fi

    backend:
      image:
        # Pull-though cache
        repository: registry.samipsolutions.fi/docker/1337kavin/piped
        tag: latest
        pullPolicy: Always

      config:
        PORT: 8080
        NUM_WORKERS: 2
        PROXY_PART: https://ytproxy.skylab.fi
        DISABLE_REGISTRATION: true

    ytproxy:
      image:
        # Pull-though cache
        repository: registry.samipsolutions.fi/docker/1337kavin/piped-proxy
        tag: latest
        pullPolicy: Always

    ingress:
      main:
        enabled: true
        ingressClassName: nginx
        annotations:
          external-dns-cf/is-public: "true"
          external-dns-cf/is-dns-public: "true"
          external-dns.target/enabled: "true"
          external-dns.alpha.kubernetes.io/cloudflare-proxied: "true"
        hosts:
          - host: &host piped.skylab.fi
            paths:
              - path: "/"
        tls:
          - hosts:
              - *host

      backend:
        enabled: true
        ingressClassName: nginx
        annotations:
          external-dns-cf/is-public: "true"
          external-dns-cf/is-dns-public: "true"
          external-dns.target/enabled: "true"
          external-dns.alpha.kubernetes.io/cloudflare-proxied: "true"
        hosts:
          - host: &api_host pipedapi.skylab.fi
            paths:
              - path: "/"
        tls:
          - hosts:
             - *api_host

      ytproxy:
        enabled: true
        ingressClassName: nginx
        annotations:
          external-dns-cf/is-public: "true"
          external-dns-cf/is-dns-public: "true"
          external-dns.target/enabled: "true"
          external-dns.alpha.kubernetes.io/cloudflare-proxied: "true"
        hosts:
          - host: &proxy ytproxy.skylab.fi
            paths:
              - path: "/"
        tls:
          - hosts:
              - *proxy
samip5 commented 1 year ago

Should be fixed in chart 2.0.1, to be available shortly.

aleksasiriski commented 1 year ago

Yep, username and password now work -> cloudnative-pg works!