Is it possible to deploy community version in k8s I am using GoodData #gooddata-cn

Is it possible to deploy community version in k8s ...

Thomas Pedot

03/30/2022, 4:06 PM

Is it possible to deploy community version in k8s ? I am using Ingress to do such but I am not sure it is possible/allowed ? I have this error No Organization found for hostname XXX

Martin Burian

03/30/2022, 4:21 PM

Hi Thomas. Since version 1.7.0, you can use the community edition for production use case. Please see: https://support.gooddata.com/hc/en-us/articles/4956177429267-GoodData-CN-1-7-0-Release-Notes It also means we allow to run it not just locally. Default hostname is localhost, which you have to override. How to do it is described here: https://www.gooddata.com/developers/cloud-native/doc/1.6/installation/aio/advanced-config/#change-your-hostname

👀 2

Thomas Pedot

03/30/2022, 4:21 PM

Thanks !

Thomas Pedot

03/31/2022, 2:00 PM

I am still having this issue. I change environment variable to to the good URL (inside k8s, I had it to the containers)

Copy code

GDCN_PUBLIC_URL: <https://analytics.example.com>

I feel that there is an Org missing like explained here ? https://www.gooddata.com/developers/cloud-native/doc/1.7/administration/organization/

Martin Burian

04/01/2022, 8:55 AM

If you use the community edition, there is already an organisation, but for some reason it is not found. I am consulting with our engineers.

Thomas Pedot

04/01/2022, 9:21 AM

Yes. I think so but how to map XXX organisation to the default one (named default ?)

Robert Moucha

04/01/2022, 4:09 PM

As Martin wrote, community edition has one organization (with id=

default

) precreated. If not specified using GDCN_PUBLIC_URL, the url is set to http://localhost:3000/. But it's possible to alter hostname (and public url) in case you want to run it behind a SSL-terminating reverse proxy (or in k8s, it's technically almost the same). For your convenience, here's a minimal working example of k8s deployment. Don't forget to update value of GDCN_PUBLIC_URL variable and hostname in Ingress rule to match your environment.

gdcn.yaml

Robert Moucha

04/01/2022, 4:12 PM

Note: this deployment assumes you have SSL-terminating load balancer in front of your ingress controller. If you terminate SSL within the cluster on ingress controller, you may need to add proper tls section to Ingress resource. You know the drill.

🙌 1

Robert Moucha

04/01/2022, 4:14 PM

Persistent volume is not a hard requirement, if you don't mind losing your data 😉 . Refer to your volume provisioner configuration if you need to set a specific storageClass.

Thomas Pedot

04/02/2022, 9:19 AM

Owwww 😱. I had almost everything in place... i was just missing one indetention ... Really sorry ! At the end the minimal exemple helped me to figure it out... and it worked like a charm ! Thanks I learned a lot with GD / k8s...

👍 1

Thomas Pedot

04/02/2022, 9:47 AM

In fact I was in a hurry... I cannot log there is wrong redirection. But I will dig a bit...

Copy code

10.1.1.20 - - [02/Apr/2022:09:42:58 +0000] "GET /static/css/vendors.af8593bf.chunk.css HTTP/1.1" 200 2216 "<https://analytics.example.com/>" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:98.0) Gecko/20100101 Firefox/98.0"
10.1.1.20 - - [02/Apr/2022:09:42:58 +0000] "GET /static/js/gd.75c7cdc5.chunk.js HTTP/1.1" 304 0 "<https://analytics.example.com/>" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:98.0) Gecko/20100101 Firefox/98.0"
10.1.1.20 - - [02/Apr/2022:09:42:58 +0000] "GET /static/css/main.e42c17ba.chunk.css HTTP/1.1" 200 47503 "<https://analytics.example.com/>" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:98.0) Gecko/20100101 Firefox/98.0"
10.1.1.20 - - [02/Apr/2022:09:42:58 +0000] "GET /static/js/vendors.86c8811d.chunk.js HTTP/1.1" 304 0 "<https://analytics.example.com/>" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:98.0) Gecko/20100101 Firefox/98.0"
10.1.1.20 - - [02/Apr/2022:09:42:58 +0000] "GET /static/js/main.943e60dd.chunk.js HTTP/1.1" 304 0 "<https://analytics.example.com/>" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:98.0) Gecko/20100101 Firefox/98.0"
10.1.1.20 - - [02/Apr/2022:09:42:58 +0000] "GET /favicon-v2022.png HTTP/1.1" 200 8208 "<https://analytics.example.com/>" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:98.0) Gecko/20100101 Firefox/98.0"
ts="2022-04-02 09:42:58.975" level=WARN msg="Security cannot be retrieved" logger=com.gooddata.oauth2.server.reactive.UserContextWebFilter thread=reactor-http-epoll-4 spanId=383e6d00a63c5e2f traceId=383e6d00a63c5e2f
10.1.1.20 - - [02/Apr/2022:09:42:58 +0000] "GET /api/profile HTTP/1.1" 401 9 "<https://analytics.example.com/>" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:98.0) Gecko/20100101 Firefox/98.0"
ts="2022-04-02 09:42:59.580" level=WARN msg="Security cannot be retrieved" logger=com.gooddata.oauth2.server.reactive.UserContextWebFilter thread=reactor-http-epoll-1 spanId=cc2cf3a4b795bb0e traceId=cc2cf3a4b795bb0e
10.1.1.20 - - [02/Apr/2022:09:42:59 +0000] "GET /appLogin?redirectTo=%2F HTTP/1.1" 302 0 "<https://analytics.example.com/>" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:98.0) Gecko/20100101 Firefox/98.0"
10.1.1.20 - - [02/Apr/2022:09:42:59 +0000] "GET /oauth2/authorization/analytics.example.com HTTP/1.1" 302 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:98.0) Gecko/20100101 Firefox/98.0"
10.1.1.20 - - [02/Apr/2022:09:42:59 +0000] "GET /dex/auth?response_type=code&client_id=86e39edf-9f51-4764-a58a-ae8724461060&scope=openid%20profile&state=neYU33G3Ktb8sBN6-I3OTmIKo1Xro3oq_uBzZSizHIg%3D&redirect_uri=<https://analytics.example.com/login/oauth2/code/analytics.example.com&nonce=pcRmncbwol429oyypVn2BFMcnW1KW1ybaD7PL6z_CQ4> HTTP/1.1" 302 68 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:98.0) Gecko/20100101 Firefox/98.0"
10.1.1.20 - - [02/Apr/2022:09:43:00 +0000] "GET /dex/auth/local?req=sxcihm3uviyjdmxdo3lcxxxuy HTTP/1.1" 200 811 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:98.0) Gecko/20100101 Firefox/98.0"
10.1.1.20 - - [02/Apr/2022:09:43:00 +0000] "GET /dex/theme/styles.css HTTP/1.1" 499 0 "<https://analytics.example.com/dex/auth/local?req=sxcihm3uviyjdmxdo3lcxxxuy>" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:98.0) Gecko/20100101 Firefox/98.0"
10.1.1.20 - - [02/Apr/2022:09:43:00 +0000] "GET /dex/theme/logo.svg HTTP/1.1" 499 0 "<https://analytics.example.com/dex/auth/local?req=sxcihm3uviyjdmxdo3lcxxxuy>" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:98.0) Gecko/20100101 Firefox/98.0"
10.1.1.20 - - [02/Apr/2022:09:43:00 +0000] "GET /dex/theme/forms.css HTTP/1.1" 200 3040 "<https://analytics.example.com/dex/theme/styles.css>" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:98.0) Gecko/20100101 Firefox/98.0"
10.1.1.20 - - [02/Apr/2022:09:43:00 +0000] "GET /dex/theme/buttons.css HTTP/1.1" 200 951 "<https://analytics.example.com/dex/theme/styles.css>" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:98.0) Gecko/20100101 Firefox/98.0"
10.1.1.20 - - [02/Apr/2022:09:43:07 +0000] "POST /dex/auth/local?req=sxcihm3uviyjdmxdo3lcxxxuy HTTP/1.1" 303 0 "<https://analytics.example.com/dex/auth/local?req=sxcihm3uviyjdmxdo3lcxxxuy>" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:98.0) Gecko/20100101 Firefox/98.0"
10.1.1.20 - - [02/Apr/2022:09:43:07 +0000] "GET /dex/approval?req=sxcihm3uviyjdmxdo3lcxxxuy HTTP/1.1" 303 182 "<https://analytics.example.com/dex/auth/local?req=sxcihm3uviyjdmxdo3lcxxxuy>" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:98.0) Gecko/20100101 Firefox/98.0"
10.1.1.20 - - [02/Apr/2022:09:43:08 +0000] "GET /login/oauth2/code/analytics.example.com?code=f33kg5iswyujmbs27tupzjxpd&state=neYU33G3Ktb8sBN6-I3OTmIKo1Xro3oq_uBzZSizHIg%3D HTTP/1.1" 302 0 "<https://analytics.example.com/dex/auth/local?req=sxcihm3uviyjdmxdo3lcxxxuy>" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:98.0) Gecko/20100101 Firefox/98.0"
2022/04/02 09:43:08 [error] 2120#2120: *17 open() "/usr/share/nginx/html/favicon.ico" failed (2: No such file or directory), client: 10.1.1.20, server: _, request: "GET /favicon.ico HTTP/1.1", host: "<http://analytics.example.com|analytics.example.com>", referrer: "<https://analytics.example.com/login/oauth2/code/analytics.example.com?code=f33kg5iswyujmbs27tupzjxpd&state=neYU33G3Ktb8sBN6-I3OTmIKo1Xro3oq_uBzZSizHIg%3D>"
10.1.1.20 - - [02/Apr/2022:09:43:08 +0000] "GET /favicon.ico HTTP/1.1" 404 136 "<https://analytics.example.com/login/oauth2/code/analytics.example.com?code=f33kg5iswyujmbs27tupzjxpd&state=neYU33G3Ktb8sBN6-I3OTmIKo1Xro3oq_uBzZSizHIg%3D>" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:98.0) Gecko/20100101 Firefox/98.0"

Thomas Pedot

04/02/2022, 9:48 AM

I might need to see where this error come from 502 Bad Gateway

Thomas Pedot

04/02/2022, 9:56 AM

It seems to be related to nginx and not GD.CN *4939495 upstream sent too big header while reading response header from upstream, client: 10.2.17.0, server:

Robert Moucha

04/11/2022, 11:57 AM

Yes, nginx ingress controller may have issues with handling larger HTTP headers. This is addressed in our installation guide. When installing ingress-nginx helm chart, it's reasonable to tune these values to avoid this problem:

Copy code

controller:
  config:
    # This should improve performance
    client-body-buffer-size: '1m'
    # This should resolve possible issue with big headers
    proxy-buffer-size: '16k'

Open in Slack

Previous Next