Michael Ardhyanto
06/08/2021, 5:30 PMMartin Burian
06/09/2021, 6:15 AMMartin Burian
06/09/2021, 6:17 AMMichael Ardhyanto
06/09/2021, 7:12 AMMartin Burian
06/09/2021, 7:13 AMMartin Burian
06/09/2021, 7:15 AMMartin Burian
06/09/2021, 7:18 AMMartin Burian
06/09/2021, 7:20 AMMartin Burian
06/09/2021, 7:21 AMdocker pull
and
docker run
https://www.gooddata.com/developers/cloud-native/doc/1.1/installation/aio/Martin Burian
06/09/2021, 7:22 AMMichael Ardhyanto
06/09/2021, 7:25 AMMichael Ardhyanto
06/09/2021, 7:26 AMMichael Ardhyanto
06/09/2021, 7:28 AMMartin Burian
06/09/2021, 7:28 AMMartin Burian
06/09/2021, 7:30 AMMartin Burian
06/09/2021, 8:39 AMMichael Ardhyanto
06/09/2021, 10:47 AMRobert Moucha
06/09/2021, 2:49 PMMichael Ardhyanto
06/10/2021, 6:06 AMMartin Burian
06/10/2021, 7:12 AMMartin Burian
06/10/2021, 7:12 AMMichael Ardhyanto
06/10/2021, 7:22 AMRobert Moucha
06/10/2021, 8:04 AMhelm repo add ingress-nginx <https://kubernetes.github.io/ingress-nginx>
helm -n ingress-nginx install ingress-nginx ingress-nginx/ingress-nginx --set controller.replicaCount=2 --create-namespace
It should automatically create load balancer in your GCP accountRobert Moucha
06/10/2021, 8:05 AMkubectl -n ingress-nginx get svc ingress-nginx-controller
(see the EXTERNAL-IP
value)Robert Moucha
06/10/2021, 8:06 AMkubectl -n ingress-nginx get svc ingress-nginx-controller -o jsonpath='{.status.loadBalancer.ingress[0].ip}'
Robert Moucha
06/10/2021, 8:50 AMexternal-dns
into your cluster, but you can also manage DNS records manually.Michael Ardhyanto
06/10/2021, 9:00 AMcustomized-values-pulsar.yaml
Robert Moucha
06/10/2021, 9:01 AMhelm
command from, typically your personal compuuter.Robert Moucha
06/10/2021, 9:02 AMRobert Moucha
06/10/2021, 9:02 AMRobert Moucha
06/10/2021, 9:04 AMRobert Moucha
06/10/2021, 9:07 AMstorageClassName
values to storage class you want to use, for GCP it may be standard-rwo
Michael Ardhyanto
06/10/2021, 9:45 AMRobert Moucha
06/10/2021, 11:25 AMMichael Ardhyanto
06/14/2021, 3:34 AMhelm install --version 1.1.1 --namespace gooddata-cn --wait \
-f customized-values-gooddata-cn.yaml gooddata-cn gooddata/gooddata-cn
and i'm getting this error Error: failed pre-install: timed out waiting for the conditionRobert Moucha
06/14/2021, 7:30 AMMichael Ardhyanto
06/14/2021, 7:59 AMMichael Ardhyanto
06/14/2021, 8:15 AMRobert Moucha
06/14/2021, 8:21 AMRobert Moucha
06/14/2021, 8:25 AMMichael Ardhyanto
06/14/2021, 9:34 AMRobert Moucha
06/14/2021, 10:18 AMbookkeeper:
configData:
PULSAR_MEM: >
-Xms128m -Xmx256m -XX:MaxDirectMemorySize=128m
replicaCount: 3
resources:
requests:
cpu: 0.2
memory: 128Mi
Michael Ardhyanto
06/14/2021, 10:38 AMRobert Moucha
06/14/2021, 11:55 AMservice:
redis:
hosts:
- <http://IP.AD.RE.SS|IP.AD.RE.SS>
port: 6379
clusterMode: false
The <http://IP.AD.RE.SS|IP.AD.RE.SS>
should point to your redis endpoint. Note that there should be only one hosts
record if you don't run redis in cluster mode.Michael Ardhyanto
06/14/2021, 12:12 PMMichael Ardhyanto
06/14/2021, 12:25 PMRobert Moucha
06/14/2021, 12:28 PMhosts
has wrong type - you entered it as a string but it needs to be a list of strings.
in your particular case it should look like:
service:
redis:
hosts:
- 10.251.96.115
port: 6379
clusterMode: false
Michael Ardhyanto
06/14/2021, 12:39 PMRobert Moucha
06/14/2021, 12:49 PMRobert Moucha
06/14/2021, 12:50 PMMichael Ardhyanto
06/14/2021, 1:34 PMRobert Moucha
06/14/2021, 1:48 PMe2-standard-2
or better.
Did you check the the reasons why the pods in pulsar-bookie statefulset are Unschedulable?Robert Moucha
06/14/2021, 1:50 PMMichael Ardhyanto
06/14/2021, 1:54 PMMichael Ardhyanto
06/14/2021, 2:00 PMMichael Ardhyanto
06/14/2021, 2:01 PMRobert Moucha
06/14/2021, 2:12 PMMichael Ardhyanto
06/14/2021, 2:29 PMRobert Moucha
06/14/2021, 3:07 PMRobert Moucha
06/14/2021, 3:41 PMcustomized-values-gooddata-cn.yaml
file with a correct username
for database user. In documentation we have postgres@gooddata-cn-pg
but correct value is just postgres
Robert Moucha
06/14/2021, 4:03 PMpostgres@gooddata-cn-pg
is valid only for Azure cloud. GCP needs just postgres
Robert Moucha
06/14/2021, 4:06 PMMichael Ardhyanto
06/14/2021, 5:12 PMRobert Moucha
06/14/2021, 5:22 PMMichael Ardhyanto
06/14/2021, 5:39 PMMichael Ardhyanto
06/14/2021, 5:43 PMRobert Moucha
06/14/2021, 7:06 PMRobert Moucha
06/14/2021, 7:07 PMpostgres
and not postgres@postgresqlgooddata
Michael Ardhyanto
06/15/2021, 2:22 AMhelm install --version 1.1.1 --namespace gooddata-cn --wait \
-f customized-values-gooddata-cn.yaml gooddata-cn gooddata/gooddata-cn
it's must be used without --wait
Michael Ardhyanto
06/15/2021, 2:26 AMhelm list
it doesn't show the releaseMichael Ardhyanto
06/15/2021, 4:08 AMRobert Moucha
06/15/2021, 6:45 AMhelm list
will only show releases in your default namespace. If you don't specify one, it's the default
namespace. So you need to use helm list -n gooddata-cn
(or you can run helm list -A
to print all releases in all namespaces).Robert Moucha
06/15/2021, 7:01 AMRobert Moucha
06/15/2021, 7:02 AMMichael Ardhyanto
06/15/2021, 1:07 PMRobert Moucha
06/15/2021, 1:09 PMRobert Moucha
06/15/2021, 1:09 PMRobert Moucha
06/15/2021, 1:11 PMhelm -n gooddata-cn upgrade -f path/to/your/custom-values.yaml gooddata-cn gooddata/gooddata-cn
(please update this command according to your setup - namespace, path, release name and helm repo name)Michael Ardhyanto
06/15/2021, 1:27 PMMichael Ardhyanto
06/16/2021, 4:42 AMRobert Moucha
06/16/2021, 7:23 AMconnection timed out
suggests there network issue and your request can not reach the load balancer for some reason.
Your organization hostname now resolves to 34.101.200.187. Check if this address is the same as the EXTERNAL-IP
of the ingress-nginx-controller
Service resource.Michael Ardhyanto
06/16/2021, 8:07 AMingress-nginx-controller
the one i made using helm -n ingress-nginx install ingress-nginx ingress-nginx/ingress-nginx \
--set controller.replicaCount=2
and nginx is the ingress that i made from external dns tutorial, but i saw the one i made from tutorial only listen to port 80Michael Ardhyanto
06/16/2021, 8:08 AMMichael Ardhyanto
06/16/2021, 8:11 AMMichael Ardhyanto
06/16/2021, 8:17 AMRobert Moucha
06/16/2021, 8:51 AMnginx
) will not be used, you can safely delete it and save some $$$Robert Moucha
06/16/2021, 8:53 AMRobert Moucha
06/16/2021, 8:56 AMRobert Moucha
06/16/2021, 8:58 AMMichael Ardhyanto
06/16/2021, 8:59 AMorganization.yaml
i'm not using tls because i thought i'm using wildcardRobert Moucha
06/16/2021, 9:07 AMspec:
tls:
secretName: secret-with-your-wildcard-cert-and-key
The mentioned secret must exist before modyfing the organization. It will be passed to k8s API when provisioning organization's Ingress.Michael Ardhyanto
06/16/2021, 9:34 AMkubectl apply -f organization.yaml
?Robert Moucha
06/16/2021, 10:39 AMClusterIssuer
, as described in the documentation above. Then, update your organization.yaml so it contains:
spec:
tls:
secretName: secret-name-that-cert-manager-will-use
issuerName: letsencrypt-prod # update depending your CertIssuer name
issuerType: ClusterIssuer
Then apply the organization.yaml using kubectlRobert Moucha
06/16/2021, 10:51 AMdex:
ingress:
authHost: <http://auth.logicnesia.com|auth.logicnesia.com> # you already have this
annotations:
<http://cert-manager.io/cluster-issuer|cert-manager.io/cluster-issuer>: letsencrypt-prod # update depending your CertIssuer name
tls:
authSecretName: gooddata-cn-auth-secret # or use any other name, it's up to you
and upgrade helm chart release using helm upgrade ...
command to reconfigure auth Ingress and let cert-manager to request a new certificate.
Then, your browser should not complain on untrusted TLS certificatesMichael Ardhyanto
06/16/2021, 10:52 AMMichael Ardhyanto
06/16/2021, 11:28 AMorganization.yaml
changing the annotations on customized-values-gooddata-cn.yaml
and execute helm upgrade
but the error still sameRobert Moucha
06/16/2021, 12:10 PM<http://logicnesia.com|logicnesia.com>.
in your case) and not on every single hostname within that domain. But it is a minor issue.
But you are using the same secret name both for dex.tls.authSecretName in values.yaml and for spec.tls.secretName in your Organization. Please use a unique name for every organization, because each Org. will be provisioned with a different TLS certificate.
And one more thing - your license.key is too short - check your e-mail where you have received your license key. The license.key
is the long string starting with key/
text.Michael Ardhyanto
06/16/2021, 1:34 PMcustomized-values-gooddata-cn.yaml
with secret using the authhost private key and crt for <http://auth.logicnesia.com|auth.logicnesia.com>
• tls for file organization.yaml
with secret using host private key and crt which is the <http://staging-dashboard.logicnesia.com|staging-dashboard.logicnesia.com>
Robert Moucha
06/16/2021, 1:35 PMRobert Moucha
06/16/2021, 1:39 PMMichael Ardhyanto
06/16/2021, 1:43 PMRobert Moucha
06/16/2021, 1:49 PMMichael Ardhyanto
06/16/2021, 1:51 PMRobert Moucha
06/16/2021, 2:17 PMRobert Moucha
06/16/2021, 3:40 PMkubectl -n gooddata-cn delete org logicnesia
) and create it again using kubectl apply -f organization.yaml
4. domain filter set on external-dns points to bogus domain --domain-filter=<http://test-logicnesia.com|test-logicnesia.com>
it means that it will not work and you must manage hostnames manually. It probably relates to issue 1.Michael Ardhyanto
06/16/2021, 4:56 PMMichael Ardhyanto
06/16/2021, 5:09 PMRobert Moucha
06/16/2021, 6:51 PMingress-nginx
on my fresh GKE cluster using command:
helm -n ingress-nginx install ingress-nginx ingress-nginx/ingress-nginx \
--set controller.replicaCount=2 --create-namespace
the created LB is of TCP type, not HTTP:Michael Ardhyanto
06/17/2021, 2:42 AMMichael Ardhyanto
06/17/2021, 2:47 AMRobert Moucha
06/17/2021, 7:12 AMlogicnesia-gooddata-cn-dex
is annotated with <http://cloud.google.com/neg|cloud.google.com/neg>
annotation. It causes the service being exposed via GLBC (google's LB controller)Michael Ardhyanto
06/17/2021, 7:18 AMkubectl -n gooddata-cn get ing
so the auth and the staging-dashboard IP must be same?Michael Ardhyanto
06/17/2021, 7:21 AMRobert Moucha
06/17/2021, 7:38 AMRobert Moucha
06/17/2021, 7:41 AMorganization.yaml
file. It should create the ingress as wellRobert Moucha
06/17/2021, 7:42 AMMichael Ardhyanto
06/17/2021, 7:46 AMRobert Moucha
06/17/2021, 7:50 AMkubectl -n gooddata describe org logicnesia
). If yes, I will tell you how to delete it the hard wayMichael Ardhyanto
06/17/2021, 7:53 AMRobert Moucha
06/17/2021, 7:55 AMMichael Ardhyanto
06/17/2021, 7:55 AMRobert Moucha
06/17/2021, 7:57 AMkubectl -n gooddata-cn patch organization logicnesia --type json --patch='[{"op":"remove","path":"/metadata/finalizers"}]'
and then the organization can be deleted by kubectl deleteMichael Ardhyanto
06/17/2021, 8:00 AMRobert Moucha
06/17/2021, 8:01 AMMichael Ardhyanto
06/17/2021, 8:02 AMRobert Moucha
06/17/2021, 8:22 AMdrop database dex;
drop database md;
• install the helm chart (with the previous customized-values)
• wait until all pods come up
• create the organization using your organization.yamlMichael Ardhyanto
06/17/2021, 8:59 AMRobert Moucha
06/17/2021, 9:03 AMMichael Ardhyanto
06/17/2021, 9:03 AMRobert Moucha
06/17/2021, 9:09 AMRobert Moucha
06/17/2021, 9:15 AMMichael Ardhyanto
06/17/2021, 9:18 AMMichael Ardhyanto
06/17/2021, 9:19 AMMichael Ardhyanto
06/17/2021, 9:20 AMRobert Moucha
06/17/2021, 9:20 AMRobert Moucha
06/17/2021, 9:20 AMMichael Ardhyanto
06/17/2021, 9:23 AMRobert Moucha
06/17/2021, 9:26 AMRobert Moucha
06/17/2021, 9:27 AMkubectl -n gooddata-cn patch ingress logicnesia-gooddata-cn-dex --type json --patch='[{"op":"remove","path":"/metadata/finalizers"}]'
Robert Moucha
06/17/2021, 9:29 AMMichael Ardhyanto
06/17/2021, 9:30 AMRobert Moucha
06/17/2021, 9:32 AMRobert Moucha
06/17/2021, 9:33 AMRobert Moucha
06/17/2021, 9:34 AMMichael Ardhyanto
06/17/2021, 9:34 AMRobert Moucha
06/17/2021, 9:37 AM<http://logicnesia.com|logicnesia.com>
so it won't automatically manage your IP addresses anywayMichael Ardhyanto
06/17/2021, 9:40 AMRobert Moucha
06/17/2021, 9:54 AMRobert Moucha
06/17/2021, 9:54 AMMichael Ardhyanto
06/17/2021, 9:59 AMMichael Ardhyanto
06/17/2021, 10:01 AMMichael Ardhyanto
06/17/2021, 10:03 AMRobert Moucha
06/17/2021, 10:04 AMRobert Moucha
06/17/2021, 10:04 AMRobert Moucha
06/17/2021, 10:05 AMRobert Moucha
06/17/2021, 10:06 AMMichael Ardhyanto
06/17/2021, 10:06 AMRobert Moucha
06/17/2021, 10:06 AMMichael Ardhyanto
06/17/2021, 10:09 AMMichael Ardhyanto
06/17/2021, 10:09 AMMichael Ardhyanto
06/17/2021, 10:11 AMRobert Moucha
06/17/2021, 10:17 AMRobert Moucha
06/17/2021, 10:17 AMRobert Moucha
06/17/2021, 10:18 AMRobert Moucha
06/17/2021, 10:19 AMMichael Ardhyanto
06/17/2021, 10:19 AMMichael Ardhyanto
06/17/2021, 10:38 AMRobert Moucha
06/17/2021, 11:43 AMMartin Burian
06/17/2021, 11:53 AM