# Troubleshooting

## Frequently asked questions

### How can I ensure the fully qualified domain name (FQDN) is resolvable from within the Kubernetes cluster?

1. Create a pod named `debug-dns` and spawn an interactive shell.

   ```shell
   kubectl run debug-dns --stdin --tty --rm --image docker.io/rockylinux/rockylinux:9 -- sh
   ```
2. Install package `bind-utils`.

   ```shell
   dnf install bind-utils
   ```
3. Perform DNS lookups on a given FQDN.

   ```shell
   dig <fqdn>
   ```

### I'm unsure which Kubernetes namespace or Helm release is associated with my Immuta installation. How can I find this out?

```shell
helm list --all-namespaces --output json | jq '.[]|select(.chart | startswith("immuta"))'
```

### I no longer have my `immuta-values.yaml` Helm values file. How do I recover this file?

```shell
helm get values <release-name> > immuta-values.yaml
```

### I don't want to keep passing option `--namespace` every time I run a Helm command. How do I set a default?

```shell
kubectl config set-context --current --namespace=<name>
```

## PostgreSQL

### How do I determine if the database is accepting connections?

1. Create a pod named `debug-postgres` and spawn an interactive shell.

   ```shell
   kubectl run debug-postgres --stdin --tty --rm --image docker.io/bitnami/postgresql:latest -- sh
   ```
2. Validate that the database is listening.

   ```shell
   pg_isready --host <postgres-fqdn> --port 5432
   ```

## Redis

### How can a TCP connection be established without using Redis CLI?

1. Create a pod named `debug-redis` and spawn an interactive shell.

   ```shell
   kubectl run debug-redis --stdin --tty --rm --image docker.io/rockylinux/rockylinux:9 -- sh
   ```
2. Send a raw TCP message to the database using Netcat.

   ```shell
   nc -zv <redis-fqdn> 6379
   ```

### How do I establish a TCP connection?

1. Create a pod named `debug-redis` and spawn an interactive shell.

   ```shell
   kubectl run debug-redis --stdin --tty --rm --image docker.io/bitnami/redis:latest -- sh
   ```
2. Establish a connection to the database using the Redis client. If a connection can be established with Netcat and the `redis-cli` command does not return, then Redis could be expecting a TLS connection. Pass option `--tls`.

   ```sh
   redis-cli -h <redis-fqdn> -p 6379
   ```

## Elasticsearch

### How do I query the API using cURL?

1. Create a pod named `debug-elasticsearch` and spawn an interactive shell.

   ```shell
   kubectl run debug-elasticsearch --stdin --tty --rm --image docker.io/rockylinux/rockylinux:9 -- sh
   ```
2. Install package `curl`.

   ```shell
   dnf install curl
   ```
3. Check the [cluster health](https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-health.html).

   ```sh
   curl --fail --request GET "http://<elasticsearch-fqdn>:9200/_cluster/health?pretty"
   ```

{% hint style="info" %}
**Basic authentication**

Depending on the cluster's configuration it might be necessary to use [basic auth](https://developer.mozilla.org/en-US/docs/Web/HTTP/Authentication). Pass option `--header "Authorization: Basic $token"` where token equals `$(printf '%s:%s' "<username>" "<password>" | base64)`
{% endhint %}