Book a demo

Troubleshooting

Frequently asked questions

How can I ensure the fully qualified domain name (FQDN) is resolvable from within the Kubernetes cluster?

  1. Create a pod named debug-dns and spawn an interactive shell.

    kubectl run debug-dns --stdin --tty --rm --image docker.io/rockylinux/rockylinux:9 -- sh

  2. Install package bind-utils.

    dnf install bind-utils

  3. Perform DNS lookups on a given FQDN.

    dig <fqdn>

I'm unsure which Kubernetes namespace or Helm release is associated with my Immuta installation. How can I find this out?

helm list --all-namespaces --output json | jq '.[]|select(.chart | startswith("immuta"))'

I no longer have my immuta-values.yaml Helm values file. How do I recover this file?

helm get values <release-name> > immuta-values.yaml

I don't want to keep passing option --namespace every time I run a Helm command. How do I set a default?

kubectl config set-context --current --namespace=<name>

PostgreSQL

How do I determine if the database is accepting connections?

  1. Create a pod named debug-postgres and spawn an interactive shell.

    kubectl run debug-postgres --stdin --tty --rm --image docker.io/bitnami/postgresql:latest -- sh

  2. Validate that the database is listening.

    pg_isready --host <postgres-fqdn> --port 5432

Redis

How can a TCP connection be established without using Redis CLI?

  1. Create a pod named debug-redis and spawn an interactive shell.

    kubectl run debug-redis --stdin --tty --rm --image docker.io/rockylinux/rockylinux:9 -- sh

  2. Send a raw TCP message to the database using Netcat.

    nc -zv <redis-fqdn> 6379

How do I establish a TCP connection?

  1. Create a pod named debug-redis and spawn an interactive shell.

    kubectl run debug-redis --stdin --tty --rm --image docker.io/bitnami/redis:latest -- sh

  2. Establish a connection to the database using the Redis client. If a connection can be established with Netcat and the redis-cli command does not return, then Redis could be expecting a TLS connection. Pass option --tls.

    redis-cli -h <redis-fqdn> -p 6379

Elasticsearch

How do I query the API using cURL?

  1. Create a pod named debug-elasticsearch and spawn an interactive shell.

    kubectl run debug-elasticsearch --stdin --tty --rm --image docker.io/rockylinux/rockylinux:9 -- sh

  2. Install package curl.

    dnf install curl

  3. Check the cluster health.

    curl --fail --request GET "http://<elasticsearch-fqdn>:9200/_cluster/health?pretty"

Basic authentication

Depending on the cluster's configuration it might be necessary to use basic auth. Pass option --header "Authorization: Basic $token" where token equals $(printf '%s:%s' "<username>" "<password>" | base64)

Helm

When installing the helm chart from ocir.immuta.com, I get error scheme "oci" not supported. What's going on?

The Immuta Enterprise Helm chart (IEHC) is distributed as an OCI artifact, and your current Helm version might not support it. Refer to the Helm documentation for further assistance.

  1. Determine your Helm version.

    helm version

  2. If older than 3.8.0 you'll need to upgrade. Before this version OCI support wasn't enabled by default.

PreviousDisaster RecoveryNextConventions

Last updated

Was this helpful?