search

konstructio / gitops-template

upstream template for your open source gitops repository
MIT License
67 stars 56 forks source link

Kubefirst mongodb Username and Password not set for arm builds #576

Closed EamonKeane closed 1 year ago

EamonKeane commented 1 year ago

I think there might be a bug when using kubefirst for mongodb with arm on 2.2.17. As bitnami don't have an arm image, the gitops catalogue uses the official mongo one. However the official mongo image looks for different env vars for the username and password (MONGO_INITDB_ROOT_USERNAME for the official image but MONGO_ROOT_USER for bitnami as they appear to have some extra logic for primary vs secondary). Specifically, I think the env vars for k3d-arm need to be like so:

helm install mongo-test --version 13.18.1 oci://registry-1.docker.io/bitnamicharts/mongodb --namespace kubefirst --set image.repository=arm64v8/mongo --set image.tag=7.0.1 --set persistence.mountPath=/data/db --set "extraEnvVars[0].name=MONGO_INITDB_ROOT_USERNAME" --set "extraEnvVars[0].value=root" --set "extraEnvVars[1].name=MONGO_INITDB_ROOT_PASSWORD" --set "extraEnvVars[1].value=root"

The env vars for the kubefirst 2.2.17 deployed console looks like the below which is ignored. No user is created and so the authentication fails after a pod restart.

    - name: MONGODB_ROOT_USER
      value: root
    - name: MONGODB_ROOT_PASSWORD
      valueFrom:
        secretKeyRef:
          key: mongodb-root-password
          name: kubefirst-initial-secrets

If they were like this I think it works.

    - name: MONGODB_INIT_ROOT_USERNAME
      value: root
    - name: MONGODB_INIT_ROOT_PASSWORD
      valueFrom:
        secretKeyRef:
          key: mongodb-root-password
          name: kubefirst-initial-secrets
fharper commented 1 year ago

Thanks for creating the issue @EamonKeane. Our team will give it a closer look soon!

fharper commented 1 year ago

Just to be sure, you are taking about installing the kubefirst console UI to create a new cluster (as in the steps listed at https://docs.kubefirst.io/civo/quick-start/install/ui in the "Helm (ARM / M1 Mac / M2 Mac)" tab, right? If it's the case, it's not using the GitOps catalog: the catalog only helps you to install new applications to your created management cluster.

In the case, when exactly do you get the log-in issue? I tried to replicate, and when following the steps listed in the documentation I shared, even when killing all pods, the console still work as intended. Or is it after you created a cluster with the console UI?

EamonKeane commented 1 year ago

I used the regular cli install. The easiest way to reproduce is to install using the cli, and then port-forward the mongodb container to a database viewer (e.g. Datagrip). Try use the login credentials that are listed on the kubefirst api pod. They won't work, because the user isn't created.

fharper commented 1 year ago

@EamonKeane: oh OK, now I understand, let me check if I can reproduce.

fharper commented 1 year ago

I can reproduce the same on my arm64 (MacBook M1 Pro). Let me check with the engineering team.

fharper commented 1 year ago

For other stumbling on this thread, that would explain that the provisioned services and the catalog in the console app are empty after a pod or cluster restart.

CleanShot 2023-10-05 at 16 35 31@2x CleanShot 2023-10-05 at 16 35 27@2x

fharper commented 1 year ago

This is fixed with your solution, thanks. It will be available in the next release.