Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Need some help? #6

Open
RLutsch opened this issue Jan 29, 2025 · 4 comments
Open

Need some help? #6

RLutsch opened this issue Jan 29, 2025 · 4 comments

Comments

@RLutsch
Copy link

RLutsch commented Jan 29, 2025

I need to load ODK central on a kubernetes cluster and was going to develop my own helm chart until I found this one.

Seems we could do with a readme and also a few things will need to change like the secret management etc.

It would also be great to get an idea of the implimentation like needs a redis, postgres blah blah

How do I get involved to help fix it?
@tobiasmcnulty
Copy link
Member

Thanks for your interest in this chart! Adding documentation is on our backlog and we hope to have something to share soon.

In the meantime, I recommend consulting Charts.yaml to see how we deployed Redis and values.yaml for some of the environment variables you mind need to configure.

If you have any questions, feel free to ask. I'll leave this ticket open until we get the documentation online.

@RLutsch
Copy link
Author

RLutsch commented Feb 4, 2025
edited
Loading

No probs,

I'll document my progress here getting things up and running:
First try I loaded these values

 global:
  centralDomain: example.com
  enketoSecretName: central-enketo-secrets
  enketoSecrets: 
    # Set to 64-character random string
    enketoSecret: "supersecretvalue"
    # Set to 32-character random string
    enketoLessSecret: "lesssecretvalue"
    # Set to 128-character random string
    enketoApiKey: "apikey123456"
frontend:
  ingress:
    enabled: true
    className: "nginx"
    annotations: 
      nginx.ingress.kubernetes.io/ssl-redirect: "true"
      nginx.ingress.kubernetes.io/proxy-body-size: "0"
      cert-manager.io/cluster-issuer: "letsencrypt-prod"
    hosts:
      - host: example.com
        paths:
          - path: /
            pathType: ImplementationSpecific
    tls: 
     - secretName: chart-odk-tls
       hosts:
         - example.com

  ingressApp:
    enabled: true
    className: "nginx"
    annotations: 
      nginx.ingress.kubernetes.io/ssl-redirect: "true"
      nginx.ingress.kubernetes.io/proxy-body-size: "0"
      cert-manager.io/cluster-issuer: "letsencrypt-prod"
    hosts:
      - host: odk-app.example.com
        paths:
          - path: /
            pathType: ImplementationSpecific
    tls: 
     - secretName: chart-odk-app-tls
       hosts:
         - odk-app.example.com

The frontend is falling over with error OIDC_ENABLED must be either true or false
and the backend is falling over due to no postgres installed.

I'll add a client on keycloak for OIDC and load the bitnami helm chart and post back again.

The issue here is that the frontend helm chart does not allow for extraEnvs so can't set it through values file

Would it be possible to change the values so we can add secrets using ExistingSecret and key? this way I don't have to push plaintext sensitive info, another nice touch would be to dynamically create a secret if one isn't provided?

@RLutsch
Copy link
Author

RLutsch commented Feb 4, 2025

for the frontend, seems it's trying to manage it's own certs and things, is it not much better to let cert-bot do the job here and terminate at ingress level?

the logs I'm getting is

writing client config...
......+...+......+........+.+..+...+....+......+..+............+.+.....+......+.+............+............+......+...+..+.........+....+.........+..+......+....+...+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*......+.+...+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*....+...+...+..........+..+......+.........+......+..........+..+....+...+...+..............+.+........+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
..+..+.+.....+.........+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*..+......+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*.+.....+....+.....+.+...............+..+....+......+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
-----
writing fresh nginx templates...
starting nginx for upstream ssl...
2025/02/04 11:52:47 [emerg] 1#1: invalid number of arguments in "server_name" directive in /etc/nginx/conf.d/odk.conf:10
nginx: [emerg] invalid number of arguments in "server_name" directive in /etc/nginx/conf.d/odk.conf:10 ```

@RLutsch
Copy link
Author

RLutsch commented Feb 4, 2025

made some progress added these env's

frontend:
  environmentVariables:
    SSL_TYPE: upstream
    DOMAIN: example.com
    CERT_DOMAIN: example.com
    OIDC_ENABLED: "true"

And the frontend fired up, seems a bit strange as it's trying to replace much of the work of the ingress etc which is not a good implimentation, like 10 workers in nginx won't give more throughput unless you have 10 cpus etc.

Next up backend

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@tobiasmcnulty @RLutsch