# Troubleshooting

## Frequently asked questions

### How can I ensure the fully qualified domain name (FQDN) is resolvable from within the Kubernetes cluster?

1. Create a pod named `debug-dns` and spawn an interactive shell.

   ```bash
   kubectl run debug-dns --stdin --tty --rm --image docker.io/rockylinux/rockylinux:9 -- sh
   ```
2. Install package `bind-utils`.

   ```bash
   dnf install bind-utils
   ```
3. Perform DNS lookups on a given FQDN.

   ```bash
   dig <fqdn>
   ```

### I'm unsure which Kubernetes namespace or Helm release is associated with my Immuta installation. How can I find this out?

```bash
helm list --all-namespaces --output json | jq '.[]|select(.chart | startswith("immuta"))'
```

### I no longer have my `immuta-values.yaml` Helm values file. How do I recover this file?

```bash
helm get values <release-name> > immuta-values.yaml
```

### I don't want to keep passing option `--namespace` every time I run a Helm command. How do I set a default?

```bash
kubectl config set-context --current --namespace=<name>
```

## PostgreSQL

### How do I determine if the database is accepting connections?

1. Create a pod named `debug-postgres` and spawn an interactive shell.

   ```bash
   kubectl run debug-postgres --stdin --tty --rm --image docker.io/bitnami/postgresql:latest -- sh
   ```
2. Validate that the database is listening.

   ```bash
   pg_isready --host <postgres-fqdn> --port 5432
   ```

## Redis

### How can a TCP connection be established without using Redis CLI?

1. Create a pod named `debug-redis` and spawn an interactive shell.

   ```bash
   kubectl run debug-redis --stdin --tty --rm --image docker.io/rockylinux/rockylinux:9 -- sh
   ```
2. Send a raw TCP message to the database using Netcat.

   ```bash
   nc -zv <redis-fqdn> 6379
   ```

### How do I establish a TCP connection?

1. Create a pod named `debug-redis` and spawn an interactive shell.

   ```bash
   kubectl run debug-redis --stdin --tty --rm --image docker.io/bitnami/redis:latest -- sh
   ```
2. Establish a connection to the database using the Redis client. If a connection can be established with Netcat and the `redis-cli` command does not return, then Redis could be expecting a TLS connection. Pass option `--tls`.

   ```sh
   redis-cli -h <redis-fqdn> -p 6379
   ```

## Elasticsearch

### How do I query the API using cURL?

1. Create a pod named `debug-elasticsearch` and spawn an interactive shell.

   ```bash
   kubectl run debug-elasticsearch --stdin --tty --rm --image docker.io/rockylinux/rockylinux:9 -- sh
   ```
2. Install package `curl`.

   ```bash
   dnf install curl
   ```
3. Check the [cluster health](https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-health.html).

   ```sh
   curl --fail --request GET "http://<elasticsearch-fqdn>:9200/_cluster/health?pretty"
   ```

{% hint style="info" %}
**Basic authentication**

Depending on the cluster's configuration it might be necessary to use [basic auth](https://developer.mozilla.org/en-US/docs/Web/HTTP/Authentication). Pass option `--header "Authorization: Basic $token"` where token equals `$(printf '%s:%s' "<username>" "<password>" | base64)`
{% endhint %}

## Helm

### When installing the helm chart from ocir.immuta.com, I get error `scheme "oci" not supported`. What's going on?

The Immuta Enterprise Helm chart (IEHC) is distributed as an OCI artifact, and your current Helm version might not support it. Refer to the [Helm documentation](https://helm.sh/docs/topics/registries/#oci-support-prior-to-v380) for further assistance.

1. Determine your Helm version.

   ```bash
   helm version
   ```
2. If older than 3.8.0 you'll need to upgrade. Before this version OCI support wasn't enabled by default.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://documentation.immuta.com/latest/configuration/self-managed-deployment/troubleshooting.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.