charm-k8s-mattermost

mattermost TLS with new psql charm

Bug #1997540 reported by Maksim Beliaev
10
This bug affects 2 people
Affects Status Importance Assigned to Milestone
charm-k8s-mattermost
Confirmed
Low
Unassigned

Bug Description

Current Mattermost charm will crash (container crash) if related to new postgres charm (from edge)

That is because new psql does not have TLS built-in. Fix is simple, integrate psql with certificates charm.
However, MM should not have container crash but go to the blocked state with clear error message to a user until TLS is available

following will work:
juju deploy postgresql-k8s --channel edge
juju deploy mattermost-k8s
juju deploy tls-certificates-operator --channel=edge
juju config tls-certificates-operator generate-self-signed-certificates="true" ca-common-name="Test CA"
# Enable TLS via relation.
juju relate postgresql-k8s tls-certificates-operator
juju status --relations
juju status --watch 2s
juju integrate mattermost-k8s:db postgresql-k8s:db
juju status --watch 2s

curl 10.1.72.140:8065/api/v4/system/ping

Error from MM:
$ microk8s kubectl logs -n mm-test mattermost-k8s-75bd6c44bd-bbrnw
Defaulted container "mattermost-k8s" out of: mattermost-k8s, juju-pod-init (init)
Error: failed to load configuration: failed to initialize: driver: postgres, message: failed to grab connection to the database, command: grabbing_connection, originalError: pq: SSL is not enabled on the server, query

Tom Haddon (mthaddon)
Changed in charm-k8s-mattermost:
status: New → Confirmed
importance: Undecided → Low
Revision history for this message
Tom Haddon (mthaddon) wrote :

I've updated the deployment instructions (https://charmhub.io/mattermost-k8s) for Mattermost to clarify this, but I agree we should fix the charm to more gracefully handle this.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.