search

concourse / concourse-chart

Helm chart to install Concourse
Apache License 2.0
145 stars 177 forks source link

How to use external postgresql? #192

Closed ktjys closed 3 years ago

ktjys commented 3 years ago

I want use external postgres. So I set value.yml like this..

concourse:
  web:
    externalUrl: https://concourse.test.com

    localAuth:
      enabled: false

    postgres:
      host: post-postgresql.ap-northeast-2.svc.cluster.local
      port: 5432
      sslmode: disable
      connectTimeout: 5m
      database: concourse

    auth:
      mainTeam:
        ## Authentication (Main Team) (OIDC)
        oidc:
          user: test,admin
          group: admin,test

      ## Authentication (OIDC)
      oidc:
        enabled: true
        displayName: Keycloak
        issuer: https://keycloak.test.com/auth/realms/realm1
        groupsKey: groups
        userNameKey: preferred_username

web:
  ingress:
    enabled: true
    annotations: {
      kubernetes.io/ingress.class: alb,
      alb.ingress.kubernetes.io/group.name: dodt-tools,
      alb.ingress.kubernetes.io/scheme: internet-facing,
      alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS": 443}]',
      alb.ingress.kubernetes.io/certificate-arn: <arn>
    }
    hosts: 
      - concourse.test.com

  service:
    api:
      type: NodePort
      NodePort: None

secrets:
  create: false

postgresql:
  enabled: false

and create secrets key in concourse_web

......
  postgresql-ca-cert: ""
  postgresql-client-cert: ""
  postgresql-client-key: ""
  postgresql-password: Y29uY291cnNlCg==   <= concourse
  postgresql-user: Y29uY291cnNlCg==
  session-signing-key: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLR ......

But error occurs in the concourse-web pod. this is log of pod...

{"timestamp":"2020-12-23T02:13:21.092248412Z","level":"info","source":"atc","message":"atc.cmd.start","data":{"session":"1"}}
{"timestamp":"2020-12-23T02:13:21.117638688Z","level":"info","source":"atc","message":"atc.cmd.finish","data":{"duration":70342,"session":"1"}}
error: failed to migrate database: pq: password authentication failed for user "concourse
"

Am I setting it wrong?

this is environment var of pod

......
      CONCOURSE_POSTGRES_HOST:                            post-postgresql.ap-northeast-2.svc.cluster.local
      CONCOURSE_POSTGRES_PORT:                            5432
      CONCOURSE_POSTGRES_USER:                            <set to the key 'postgresql-user' in secret 'concourse-web'>      Optional: false
      CONCOURSE_POSTGRES_PASSWORD:                        <set to the key 'postgresql-password' in secret 'concourse-web'>  Optional: false
      CONCOURSE_POSTGRES_SSLMODE:                         disable
      CONCOURSE_POSTGRES_CONNECT_TIMEOUT:                 5m
      CONCOURSE_POSTGRES_DATABASE:                        concourse
      CONCOURSE_KUBERNETES_IN_CLUSTER:                    true
......
ktjys commented 3 years ago

because my secrets include newline ...