Skip to content

Troubleshooting

Frequently asked questions

How can I ensure the fully qualified domain name (FQDN) is resolvable from within the Kubernetes cluster?

  1. Create a pod named debug-dns and spawn an interactive shell.

    kubectl run debug-dns --stdin --tty --rm --image docker.io/rockylinux/rockylinux:9 -- sh

  2. Install package bind-utils.

    dnf install bind-utils

  3. Perform DNS lookups on a given FQDN.

    dig <fqdn>

I'm unsure which Kubernetes namespace or Helm release is associated with my Immuta installation. How can I find this out?

helm list --all-namespaces --output json | jq '.[]|select(.chart | startswith("immuta"))'

I no longer have my immuta-values.yaml Helm values file. How do I recover this file?

helm get values <release-name> > immuta-values.yaml

I don't want to keep passing option --namespace every time I run a Helm command. How do I set a default?

kubectl config set-context --current --namespace=<name>

PostgreSQL

How do I determine if the database is accepting connections?

  1. Create a pod named debug-postgres and spawn an interactive shell.

    kubectl run debug-postgres --stdin --tty --rm --image docker.io/bitnami/postgresql:latest -- sh

  2. Validate that the database is listening.

    pg_isready --host <postgres-fqdn> --port 5432

Redis

How can a TCP connection be established without using Redis CLI?

  1. Create a pod named debug-redis and spawn an interactive shell.

    kubectl run debug-redis --stdin --tty --rm --image docker.io/rockylinux/rockylinux:9 -- sh

  2. Send a raw TCP message to the database using Netcat.

    nc -zv <redis-fqdn> 6379

How do I establish a TCP connection?

  1. Create a pod named debug-redis and spawn an interactive shell.

    kubectl run debug-redis --stdin --tty --rm --image docker.io/bitnami/redis:latest -- sh

  2. Establish a connection to the database using the Redis client.

    Hung connection

    If a connection can be established with Netcat and the redis-cli command does not return, then Redis could be expecting a TLS connection. Pass option --tls.

    redis-cli -h <redis-fqdn> -p 6379

Elasticsearch

How do I query the API using cURL?

  1. Create a pod named debug-elasticsearch and spawn an interactive shell.

    kubectl run debug-elasticsearch --stdin --tty --rm --image docker.io/rockylinux/rockylinux:9 -- sh

  2. Install package curl.

    dnf install curl

  3. Check the cluster health.

    Basic authentication

    Depending on the cluster's configuration it might be necessary to use basic auth. Pass option --header "Authorization: Basic $token" where token equals $(printf '%s:%s' "<username>" "<password>" | base64)

    curl --fail --request GET "http://<elasticsearch-fqdn>:9200/_cluster/health?pretty"