Problem with access to Redis service

Installation Issues
1

Checklist
I have read intro post
I have read the tutorials, help and searched for similar issues
I provide relevant information about my server (component names and versions, etc.)
I provide a copy of my logs and healthcheck
I describe the steps I have taken to trouble shoot the problem
I describe the steps on how to reproduce the issue

Hi everyone,

I’m try to setup passbolt with helm chart, but passbolt-depl-srv-* pod stuck in CrashLoopBackOff:

kubectl -n passbolt get po
NAME                                      READY   STATUS             RESTARTS        AGE
passbolt-cron-proc-email-28570461-jsd8v   2/2     Running            0               8s
passbolt-depl-srv-67b946bd4c-nf2pm        1/2     CrashLoopBackOff   22 (116s ago)   92m
passbolt-job-create-gpg-keys-rkqhr        0/1     Completed          0               92m
passbolt-job-create-jwt-keys-lf8c2        0/1     Completed          0               92m
passbolt-postgresql-0                     1/1     Running            0               92m
passbolt-redis-master-0                   1/1     Running            0               92m
passbolt-redis-replicas-0                 1/1     Running            0               92m

As can I see, redisproxy can’t resolve Redis headless svc address:

kubectl -n passbolt logs passbolt-depl-srv-67b946bd4c-nf2pm -c redisproxy
[NOTICE]   (1) : config : [/usr/local/etc/haproxy/haproxy.cfg:35] : 'server bk_redis_master/R0' : could not resolve address 'passbolt-redis-node-0.passbolt-redis-headless.passbolt.svc.cluster.local', disabling server.
[NOTICE]   (1) : New worker (8) forked
[NOTICE]   (1) : Loading success.
...

But there is no svc with this name:

kubectl -n passbolt get svc
NAME                      TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)          AGE
passbolt                  ClusterIP   10.233.28.218   <none>        443/TCP,80/TCP   91m
passbolt-postgresql       ClusterIP   10.233.34.233   <none>        5432/TCP         91m
passbolt-postgresql-hl    ClusterIP   None            <none>        5432/TCP         91m
passbolt-redis-headless   ClusterIP   None            <none>        6379/TCP         91m
passbolt-redis-master     ClusterIP   10.233.45.237   <none>        6379/TCP         91m
passbolt-redis-replicas   ClusterIP   10.233.63.223   <none>        6379/TCP         91m

Redis chart creates svc with name ‘passbolt-redis-headless’ (charts/bitnami/redis/templates/headless-svc.yaml at 56a8692dc464dbd0c6e56496b0695d92c4395cce · bitnami/charts · GitHub).

Passbolt chart creates haproxy config with another svc name (charts-passbolt/templates/secret-redis-proxy.yaml at 7a90975fc51dc05fafbafa7665c68a31645c7748 · passbolt/charts-passbolt · GitHub)

This is my Redis config in values:

    # Configure redis dependency chart
    redis:
      global:
        storageClass: sc-hdd
      replica:
        replicaCount: 1
      auth:
        # -- Enable redis authentication
        enabled: true
        # -- Configure redis password
        password: "xxxxxxxxx"
      sentinel:
        # -- Enable redis sentinel
        enabled: false

Is this a bug with the chart or am I missing something?

Kubernetes version: v1.27.7
Passbolt chart version: 1.0.0

Thanks

2

Hello.

This is because you have to configure passbolt to use redis without sentinel, since by default in the chart is enabled. To do so you have to add the followng values:

app:
  cache:
    redis:
      sentinel:
        enabled: false

passboltEnv:
  plain:
    CACHE_CAKE_DEFAULT_SERVER: passbolt-redis-master

With that configurations passbolt will be able to connect to redis.

Let me know if you have further issues.

3

Thanks, everything is installed successfully now.