Closed SmartGuyy closed 10 months ago
Hello,
If I understand you correctly you want to use the redis provided as a dependency in the chart with a custom password and that is not working correctly?
Hello @dlen, maybe i don't understand exactly what are the interactions here but with a relatively simple values, my deployments won't work with Redis enabled.
What i noticed is that there is nowhere we specify the REDIS_HOST, neither the REDIS_PASSWORD so the redis clients can actually contact it successfully. Maybe i'm missing something here.
Hello,
This chart supports multiple options to configure the redis for passbolt:
The default configuration will deploy a set of passbolt api containers, a mariadb database, and redis sentinel. To configure this redis you can change the default configuration we added on our values under the redis field.
To handle the connection between passoblt and redis, we use a proxy that is installed on the same deployment as passbolt api as a side container which has a volume that mounts a configuration to handle the authentication with the sentinel proxy.
So, on the default configuration the environment value CACHE_CAKE_DEFAULT_SERVER points to 127.0.0.1 to use the connection though the proxy and no password is needed since the authentication is handled by the proxy. On the proxy side, whenever you set redis.auth.password will be reflected on the proxy config file so passbolt will be able to connect to the redis server.
In this option, the user has to ensure the connection between passbolt containers and the redis server so, the only configuration needed on the passbolt chart is:
redisDependencyEnabled: false #to disable the redis deploment
app:
cache:
redis:
sentinelProxy:
enabled: false # to avoid [creating](https://github.com/passbolt/charts-passbolt/blob/main/templates/deployment.yaml#L142) the redis proxy side container
passboltEnv:
plain:
CACHE_CAKE_DEFAULT_HOST: <YOUR_SERVER_ADDRESS>
secret:
CACHE_CAKE_DEFAULT_PASSWORD: CHANGEME
So, this configuration disables everything related to managed redis deployemnt and use the default cake envrionemnt values to point to the desided redis server.
@SmartGuyy in case you are not able to solve your issue with this little documentation, we need you to send us your values (without the secrets) so we can investigate if you are facing a bug.
Thanks @Tecnobutrul and sorry for my late response, i'm finally not using Redis for now since we don't have a lot of activity on our Passbolt, maybe we will come back to it later
If you enable Redis, define auth and everything, Passbolt won't be able to contact it because there is some variables missing in the default values :
Even with those 2 values defined in my secret i still have issues contacting it, so i guess i'm either doing something wrong or i wonder how the default values can work with Redis.