Helm Kubernetes Deploy RocketChat Error

[Jean-Baptiste-Lasselle]

Description:

I try and deploy rockatchat, to kubernetes, using helm, and access it for the first time using kubectl port-forward

Steps to reproduce:

see below

Expected behavior:

That the helm install with example values from documentation works (but it does not, see below details

Actual behavior:

Server Setup Information:

For all of those, the default values form the stable curated helm chart, and docker hub's rocket.chat image rocket.chat:3.2.2.

• Version of Rocket.Chat Server:
• Operating System:
• Deployment Method:
• Number of Running Instances:
• DB Replicaset Oplog:
• NodeJS Version:
• MongoDB Version:

Client Setup Information

Firefow Debian, never the less, never had the opportunity to use it yet : I can't make the app start.

• Desktop App or Browser Version:
• Operating System:

Additional context

I am just begging for any recipe, with all default values, and example values, even hosts, i'll modify my /etc/hosts as needed.

Relevant logs:

See below, logs of the deployment's pod

Helm Kubernetes Deploy RocketChat Error

https://docs.rocket.chat/installation/helm-chart/#install-rocket-chat-chart-and-configure-mongodbusername-mongodbpassword-mongodbdatabase-and-mongodbrootpassword

helm repo add stable https://kubernetes-charts.storage.googleapis.com
# ---
# version of the rocketchat docker image you base your deployment on.

export ROCKETCHAT_OCI=rocket.chat:3.2.2

# throws an authentication error of rocketchat server to mongo
helm install --set mongodb.mongodbUsername=rocketchat,mongodb.mongodbPassword=changeme,mongodb.mongodbDatabase=rocketchat,mongodb.mongodbRootPassword=root-changeme,repository=${ROCKETCHAT_OCI} pokus stable/rocketchat

# donne une erreur d'encodage de caractère pour le mot de passe
# throws an authentication error of rockatchat server to mongo
helm install pokus stable/rocketchat --set mongodb.mongodbUsername=rocketchat,mongodb.mongodbPassword=$(echo -n $(openssl rand -base64 32)),mongodb.mongodbRootPassword=$(echo -n $(openssl rand -base64 32)),repository=${ROCKETCHAT_OCI},mongodbDatabase=rocketchat

sudo apt-get install -y jq

export ENCODED_PWD1=$(jq -nr --arg v "$(jq -nr --arg v "$(echo -n $(openssl rand -base64 32))" '$v|@uri')" '$v|@uri')
export ENCODED_PWD2=$(jq -nr --arg v "$(jq -nr --arg v "$(echo -n $(openssl rand -base64 32))" '$v|@uri')" '$v|@uri')

# ---
# gives bakc again an authentication error of rockatchat server to mongo, now
# that password is properly encoded with jq
# ---
helm install pokus stable/rocketchat --set mongodb.mongodbUsername=rocketchat,mongodb.mongodbPassword=${ENCODED_PWD1},mongodb.mongodbRootPassword=${ENCODED_PWD2},repository=${ROCKETCHAT_OCI},mongodbDatabase=rocketchat

• auth error :

~$ kubectl logs -f pod/pokus-rocketchat-68955d87b6-95gmf
/app/bundle/programs/server/node_modules/fibers/future.js:313
						throw(ex);
						^

MongoError: Authentication failed.
    at /app/bundle/programs/server/npm/node_modules/meteor/npm-mongo/node_modules/mongodb-core/lib/auth/auth_provider.js:46:25
    at /app/bundle/programs/server/npm/node_modules/meteor/npm-mongo/node_modules/mongodb-core/lib/auth/scram.js:215:18
    at Connection.messageHandler (/app/bundle/programs/server/npm/node_modules/meteor/npm-mongo/node_modules/mongodb-core/lib/connection/connect.js:334:5)
    at Connection.emit (events.js:311:20)
    at processMessage (/app/bundle/programs/server/npm/node_modules/meteor/npm-mongo/node_modules/mongodb-core/lib/connection/connection.js:364:10)
    at Socket.<anonymous> (/app/bundle/programs/server/npm/node_modules/meteor/npm-mongo/node_modules/mongodb-core/lib/connection/connection.js:533:15)
    at Socket.emit (events.js:311:20)
    at addChunk (_stream_readable.js:294:12)
    at readableAddChunk (_stream_readable.js:275:11)
    at Socket.Readable.push (_stream_readable.js:209:10)
    at TCP.onStreamRead (internal/stream_base_commons.js:186:23) {
  name: 'MongoNetworkError',
  errorLabels: [ 'TransientTransactionError' ],
  [Symbol(mongoErrorContextSymbol)]: {}

• url encoding error :

~$ kubectl logs -f pod/pokus-rocketchat-6cfdd7bff4-rft7c
/app/bundle/programs/server/node_modules/fibers/future.js:280
						throw(ex);
						^

Error: Password contains an illegal unescaped character
    at parseConnectionString (/app/bundle/programs/server/npm/node_modules/meteor/npm-mongo/node_modules/mongodb/lib/url_parser.js:298:13)
    at parseHandler (/app/bundle/programs/server/npm/node_modules/meteor/npm-mongo/node_modules/mongodb/lib/url_parser.js:129:14)
    at module.exports (/app/bundle/programs/server/npm/node_modules/meteor/npm-mongo/node_modules/mongodb/lib/url_parser.js:25:12)
    at connect (/app/bundle/programs/server/npm/node_modules/meteor/npm-mongo/node_modules/mongodb/lib/operations/mongo_client_ops.js:195:3)
    at connectOp (/app/bundle/programs/server/npm/node_modules/meteor/npm-mongo/node_modules/mongodb/lib/operations/mongo_client_ops.js:284:3)
    at executeOperation (/app/bundle/programs/server/npm/node_modules/meteor/npm-mongo/node_modules/mongodb/lib/utils.js:416:24)
    at MongoClient.connect (/app/bundle/programs/server/npm/node_modules/meteor/npm-mongo/node_modules/mongodb/lib/mongo_client.js:175:10)
    at Function.MongoClient.connect (/app/bundle/programs/server/npm/node_modules/meteor/npm-mongo/node_modules/mongodb/lib/mongo_client.js:341:22)
    at new MongoConnection (packages/mongo/mongo_driver.js:172:11)
    at new MongoInternals.RemoteCollectionDriver (packages/mongo/remote_collection_driver.js:4:16)
    at Object.<anonymous> (packages/mongo/remote_collection_driver.js:38:10)
    at Object.defaultRemoteCollectionDriver (packages/underscore.js:784:19)
    at new Collection (packages/mongo/collection.js:97:40)
    at new AccountsCommon (packages/accounts-base/accounts_common.js:23:18)
    at new AccountsServer (packages/accounts-base/accounts_server.js:23:5)
    at packages/accounts-base/server_main.js:7:12

[Jean-Baptiste-Lasselle]

ping, stilll very much interested in solving the issue, or having any kind of info/help/

[gabriellsh]

Please, if you need help, goto our open Support Channel or our forums here. Issues are reserved for bugs and feature requests/improvements. Thanks for your comprehension!

[Jean-Baptiste-Lasselle]

Hi @gabriellsh Unless the Rocketchat Team, complies with the common practice, to deal with issues on a platform that they do not have any control on, like github.com, or gitlab.com, which brings in the objectivity/neutrality of an agnostic third party, and puts my words under the control of all engineers in the world, I will advise all the companies I work for, not to ever choose RocketChat, until they provide an open source, reliable (continuously tested) and supported way to deploy a scallable RocketChat.

Your company owns and administers the https://open.rocket.chat/channel/support and https://forums.rocket.chat/ channels, which does not comply to my standard requirements, when I advise a CEO, or CTO.

The difference between your servers, and github's, or gitlab's, is :

• yes, you can also delete anything you want on your repos on github/gitlab
• but even if you do, My company can still contact github/gitlab to ask for audit, and retrieve the data you deleted, if you ever do.
• that is an insurance I give to my customers, when I put on the line, my credibility as I advise CEOs and CTOs.

I understand for the present repo, does not version control the source code of any Helm Chart, but of the source code of RocketChat.

Never the less, The RocketChat Team does not have any repo versioning any Helm Chart.

A simple way to solve this, would, for example to open a repo on github, or gitlab, where you version your helm charts.

Note that I will accept any recipe, helm or not, that will deploy RocketChat to Kubernetes.

I also can offer an official partnership, between RocketChat Team and mine, all free and open source, to support your Helm Charts, if your team needs support, is opened to that. All we will ask for, in return, then, is that our company 's brand is put forward on the official RocketChat Team Website.

I let you decide whether or not, this is an issue, and I will gladly answer if you are interested in the partnership.

[geekgonecrazy]

@Jean-Baptiste-Lasselle

For official support we have a ticketing system that you can open official support related tickets which runs on zoho desk. Its common practice to use github issues for actual bugs and not for support. You can ask here, but it will likely get closed or redirected if its not a bug.

Regarding your ability to contact github / gitlab for an audit of a repo you don't control. I'd be curious to see that. I can't imagine the number of requests they might would get if they provided this.

But doesn't matter in our case we definitely do not delete things we don't agree with. That's just not how we operate. If anyone did their access to our org would be pretty quickly removed.

Anyways.. Regarding helm chart. Version control of the helm chart is done in the official helm chart repo. It doesn't make sense for us to maintain our own copy right now. Maybe in the future with helm v3

If you would like to help contribute to it. Please feel free! We absolutely welcome other contributions and actually have a lot of contributions to our helm chart. You can find the chart here: https://github.com/helm/charts/tree/master/stable/rocketchat

Regarding partnering for sure feel free to get in contact partners@rocket.chat we have some work coming up with Kubernetes operators that you might be interested in as well.

In general for k8s type stuff feel free to hit me up on our open server (aaron.ogle) or the #kubernetes channel. I work with Rocket.Chat in k8s daily :)

[Jean-Baptiste-Lasselle]

But doesn't matter in our case we definitely do not delete things we don't agree with

• Hi @geekgonecrazy thank you for caring about anwsering, and answering so quick :)
• I am sure RocketChat team would not delete anything, and they are engineers with even higher ethics than mine, and I am here because I appreciate their work and try and convince my customers that we have to go for it
• I was not given For official support we have a ticketing system that you can open official support related tickets which runs on zoho desk. , on last answer by @gabriellsh , but 2 servers owned . Would you agree that this does not make RocketChat Policies very clear, does it ? I mean, when I opened the issue, I was just going okay, where do I report this ?

Regarding your ability to contact github / gitlab for an audit of a repo you don't control. I'd be curious to see that. I can't imagine the number of requests they might would get if they provided this.

• I think that the guy I currently work for, yeah, can contact github team and make any custom request, and get that kind of audit no doubt. I'm a consultant, not the owner. Say for example his company is 23.2 billions euros worth, (just checked on corp website), I think, yeah, github will answer the phone, anytime.
• Honestly think RocketChat will not have any overhead delagating whole Unique source of truth on github and gitlab, like many other projects. It Works, and they 'll always do better than any excellent RocketChat Team work, or zoho desk, so why the overhead ? You can even have robots hitting your owned source graph, to provide surgical search capabilities, from inside your public rocketchat dedicated to the tech community.
• My point is My current employer have got their habits, their metrics is on github and gitlab, and they don't like shifting out of it. They go the devops generation, but still, they have past injuries due to some open source experiences. Not just injuries, but they have some. I mean I have to go very far, to provide kind of an "insurance", to my biggest employers as a consultant, as it comes with trying to put forwaafrd an open source product, even if as excellent as RocketChat, and even if it is just for the devops teams. Anyway the decision had to be made this week and my rocketchat proposition was discarded in favor of discord. I believe RocketChat will win, it is an incredible outbreak, because discord and slack are not open source, RocketChat is, and has the technical refineness to make possible future breakouts I believe.
• put otherwise : I dont have a choice, it is my customer's requirements, that issues are treated on github public or gitlab public, because that's what they trust, it is what they use in their comparison matrix. If I don't have that on an opensource component, by experience, I lose 50 % of my customers, they go Oh , yeah, it looks great but you know, I really don't like they don't take issues on github, I prefer not
• Neverther less, I will have many other opportunities, to push forward rocket chat, just because I usually act from early stages of devops toolchain and pipeline building projects, and that 's why I care about having at least one reference repo, where we tackle down issues, especially on the hellm chart issue https://github.com/helm/charts/tree/master/stable/rocketchat : indeed, this issue I opened is related to that accurate Chart. That's very much okay, almost alml major Charts in helm stable (I know a couple of them...) are buggy / out of date because of lack of active support, wherever it should come from.
• I would love to help rocketchat build a even bigger, stable RocketKube Killer Team, which will support like pro, at least one Full Stacked RocketChat K8S deployment, with autoscalers for cloud multi cloud IAAS providers
• Thank you for giving me reference aaron.ogle, I will be flattered to collaborate with you for the best future of RacketChat :) !

[Shaverdoff]

two years left... stiil same error....

mini:~ gerasim$ ku logs rocketchat-rocketchat-7b9fdb9576-x6cl7
/app/bundle/programs/server/node_modules/fibers/future.js:313
throw(ex);
^

MongoError: Authentication failed.
at MessageStream.messageHandler (/app/bundle/programs/server/npm/node_modules/meteor/npm-mongo/node_modules/mongodb/lib/cmap/connection.js:272:20)
at MessageStream.emit (events.js:400:28)
at processIncomingData (/app/bundle/programs/server/npm/node_modules/meteor/npm-mongo/node_modules/mongodb/lib/cmap/message_stream.js:144:12)
at MessageStream.write (/app/bundle/programs/server/npm/node_modules/meteor/npm-mongo/node_modules/mongodb/lib/cmap/message_stream.js:42:5)
at writeOrBuffer (internal/streams/writable.js:358:12)
at MessageStream.Writable.write (internal/streams/writable.js:303:10)
at Socket.ondata (internal/streams/readable.js:731:22)
at Socket.emit (events.js:400:28)
at addChunk (internal/streams/readable.js:293:12)
at readableAddChunk (internal/streams/readable.js:267:9)
at Socket.Readable.push (internal/streams/readable.js:206:10)
at TCP.onStreamRead (internal/stream_base_commons.js:188:23) {
operationTime: Timestamp { bsontype: 'Timestamp', low: 2, high: 1656110206 },
ok: 0,
code: 18,
codeName: 'AuthenticationFailed',
'$clusterTime': {
clusterTime: Timestamp { bsontype: 'Timestamp', low: 2, high_: 1656110206 },
signature: {
hash: Binary {
bsontype: 'Binary',
sub_type: 0,
position: 20,
buffer: Buffer(20) [Uint8Array] [
79, 253, 99, 76, 44, 46,
90, 221, 205, 167, 85, 114,
103, 236, 78, 69, 252, 165,
129, 69
]
},
keyId: Long { bsontype: 'Long', low: 2, high: 1656108650 }
}
}
}