[stable/nextcloud] recommended upgrade method unknown; leads to non-functional nextcloud

[hansbogert]

Describe the bug
Upgrading to the latest chart version by doing:

helm upgrade -f nextcloud.yaml nextcloud stable/nextcloud

Where nextcloud.yaml is my values yaml, results in a non functioning nextcloud

Version of Helm and Kubernetes:

 helm version                                             
Client: &version.Version{SemVer:"v2.14.3", GitCommit:"0e7f3b6637f7af8fcfddb3d2941fcc7cbebb0085", GitTreeState:"clean"}
Server: &version.Version{SemVer:"v2.14.1", GitCommit:"5270352a09c7e8b6e8c9593002a73535276507c0", GitTreeState:"clean"}

kubectl version     
Client Version: version.Info{Major:"1", Minor:"15", GitVersion:"v1.15.3", GitCommit:"2d3c76f9091b6bec110a5e63777c332469e0cba2", GitTreeState:"clean", BuildDate:"2019-08-21T15:34:43Z", GoVersion:"go1.12.9", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"15", GitVersion:"v1.15.3", GitCommit:"2d3c76f9091b6bec110a5e63777c332469e0cba2", GitTreeState:"clean", BuildDate:"2019-08-21T15:23:49Z", GoVersion:"go1.12.9", Compiler:"gc", Platform:"linux/amd64"}

Which chart:
stable/nextcloud

What happened:
mariadb comes up but has many failed logins:

2019-09-12 12:39:06 0 [Note] /opt/bitnami/mariadb/sbin/mysqld (mysqld 10.3.15-MariaDB-log) starting as process 1 ...
2019-09-12 12:39:06 0 [Note] InnoDB: Using Linux native AIO
2019-09-12 12:39:06 0 [Note] InnoDB: Mutexes and rw_locks use GCC atomic builtins
2019-09-12 12:39:06 0 [Note] InnoDB: Uses event mutexes
2019-09-12 12:39:06 0 [Note] InnoDB: Compressed tables use zlib 1.2.8
2019-09-12 12:39:06 0 [Note] InnoDB: Number of pools: 1
2019-09-12 12:39:06 0 [Note] InnoDB: Using SSE2 crc32 instructions
2019-09-12 12:39:06 0 [Note] InnoDB: Initializing buffer pool, total size = 128M, instances = 1, chunk size = 128M
2019-09-12 12:39:06 0 [Note] InnoDB: Completed initialization of buffer pool
2019-09-12 12:39:06 0 [Note] InnoDB: If the mysqld execution user is authorized, page cleaner thread priority can be changed. See the man page of setpriority().
2019-09-12 12:39:06 0 [Note] InnoDB: 128 out of 128 rollback segments are active.
2019-09-12 12:39:06 0 [Note] InnoDB: Creating shared tablespace for temporary tables
2019-09-12 12:39:06 0 [Note] InnoDB: Setting file './ibtmp1' size to 12 MB. Physically writing the file full; Please wait ...
2019-09-12 12:39:06 0 [Note] InnoDB: File './ibtmp1' size is now 12 MB.
2019-09-12 12:39:06 0 [Note] InnoDB: Waiting for purge to start
2019-09-12 12:39:06 0 [Note] InnoDB: 10.3.15 started; log sequence number 831329155; transaction id 7721613
2019-09-12 12:39:06 0 [Note] InnoDB: Loading buffer pool(s) from /bitnami/mariadb/data/ib_buffer_pool
2019-09-12 12:39:06 0 [Note] Plugin 'FEEDBACK' is disabled.
2019-09-12 12:39:06 6 [Warning] InnoDB: Table mysql/innodb_table_stats has length mismatch in the column name table_name.  Please run mysql_upgrade
2019-09-12 12:39:06 6 [Warning] InnoDB: Table mysql/innodb_index_stats has length mismatch in the column name table_name.  Please run mysql_upgrade
2019-09-12 12:39:06 0 [Note] InnoDB: Buffer pool(s) load completed at 190912 12:39:06
2019-09-12 12:39:06 0 [Note] Server socket created on IP: '0.0.0.0'.
2019-09-12 12:39:06 0 [Warning] 'proxies_priv' entry '@% root@nextcloud-mariadb-master-0' ignored in --skip-name-resolve mode.
2019-09-12 12:39:06 0 [ERROR] Incorrect definition of table mysql.event: expected column 'sql_mode' at position 14 to have type set('REAL_AS_FLOAT','PIPES_AS_CONCAT','ANSI_QUOTES','IGNORE_SPACE','IGNORE_BAD_TABLE_OPTIONS','ONLY_FULL_GROUP_BY','NO_UNSIGNED_SUBTRACTION','NO_DIR_IN_CREATE','POSTGRESQL','ORACLE','MSSQL','DB2','MAXDB','NO_KEY_OPTIONS','NO_TABLE_OPTIONS','NO_FIELD_OPTIONS','MYSQL323','MYSQL40','ANSI','NO_AUTO_VALUE_ON_ZERO','NO_BACKSLASH_ESCAPES','STRICT_TRANS_TABLES','STRICT_ALL_TABLES','NO_ZERO_IN_DATE','NO_ZERO_DATE','INVALID_DATES','ERROR_FOR_DIVISION_BY_ZERO','TRADITIONAL','NO_AUTO_CREATE_USER','HIGH_NOT_PRECEDENCE','NO_ENGINE_SUBSTITUTION','PAD_CHAR_TO_FULL_LENGTH','EMPTY_STRING_IS_NULL','SIMULTANEOUS_ASSIGNMENT'), found type set('REAL_AS_FLOAT','PIPES_AS_CONCAT','ANSI_QUOTES','IGNORE_SPACE','IGNORE_BAD_TABLE_OPTIONS','ONLY_FULL_GROUP_BY','NO_UNSIGNED_SUBTRACTION','NO_DIR_IN_CREATE','POSTGRESQL','ORACLE','MSSQL','DB2','MAXDB','NO_KEY_OPTIONS','NO_TABLE_OPTIONS','NO_FIELD_OPTIONS','MYSQL323','MYSQL40','ANSI','NO_AUTO_VALU
2019-09-12 12:39:06 0 [ERROR] mysqld: Event Scheduler: An error occurred when initializing system tables. Disabling the Event Scheduler.
2019-09-12 12:39:06 0 [Note] Reading of all Master_info entries succeded
2019-09-12 12:39:06 0 [Note] Added new Master_info '' to hash table
2019-09-12 12:39:06 0 [Note] /opt/bitnami/mariadb/sbin/mysqld: ready for connections.
Version: '10.3.15-MariaDB-log'  socket: '/opt/bitnami/mariadb/tmp/mysql.sock'  port: 3306  Source distribution
2019-09-12 12:39:29 9 [Warning] Access denied for user 'root'@'localhost' (using password: NO)
2019-09-12 12:39:29 10 [Warning] Access denied for user 'root'@'localhost' (using password: NO)
2019-09-12 12:39:39 11 [Warning] Access denied for user 'root'@'localhost' (using password: YES)
2019-09-12 12:39:45 12 [Warning] Access denied for user 'root'@'localhost' (using password: YES)
2019-09-12 12:39:45 13 [Warning] Access denied for user 'root'@'localhost' (using password: YES)
2019-09-12 12:39:49 14 [Warning] Access denied for user 'root'@'localhost' (using password: YES)
2019-09-12 12:39:52 15 [Warning] Access denied for user 'root'@'127.0.0.1' (using password: YES)
2019-09-12 12:39:52 16 [Warning] Access denied for user 'root'@'127.0.0.1' (using password: YES)
2019-09-12 12:39:59 17 [Warning] Access denied for user 'root'@'localhost' (using password: YES)
2019-09-12 12:40:08 18 [Warning] Access denied for user 'root'@'localhost' (using password: YES)
2019-09-12 12:40:09 19 [Warning] Access denied for user 'root'@'localhost' (using password: YES)
2019-09-12 12:40:11 20 [Warning] Access denied for user 'root'@'localhost' (using password: YES)
2019-09-12 12:40:19 21 [Warning] Access denied for user 'root'@'localhost' (using password: YES)
2019-09-12 12:40:29 22 [Warning] Access denied for user 'root'@'localhost' (using password: YES)

consequently, the main pod complains with the following errors:

AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 10.1.18.245. Set the 'ServerName' directive globally to suppress this message
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 10.1.18.245. Set the 'ServerName' directive globally to suppress this message
[Thu Sep 12 12:11:15.428485 2019] [mpm_prefork:notice] [pid 1] AH00163: Apache/2.4.38 (Debian) PHP/7.3.9 configured -- resuming normal operations
[Thu Sep 12 12:11:15.428531 2019] [core:notice] [pid 1] AH00094: Command line: 'apache2 -D FOREGROUND'
[Thu Sep 12 12:11:53.563797 2019] [php7:error] [pid 30] [client 10.1.18.1:40970] PHP Fatal error:  Uncaught Doctrine\\DBAL\\DBALException: Failed to connect to the database: An exception occurred in driver: SQLSTATE[HY000] [2002] Connection refused in /var/www/html/lib/private/DB/Connection.php:64\nStack trace:\n#0 /var/www/html/3rdparty/doctrine/dbal/lib/Doctrine/DBAL/Connection.php(448): OC\\DB\\Connection->connect()\n#1 /var/www/html/3rdparty/doctrine/dbal/lib/Doctrine/DBAL/Connection.php(410): Doctrine\\DBAL\\Connection->getDatabasePlatformVersion()\n#2 /var/www/html/3rdparty/doctrine/dbal/lib/Doctrine/DBAL/Connection.php(354): Doctrine\\DBAL\\Connection->detectDatabasePlatform()\n#3 /var/www/html/3rdparty/doctrine/dbal/lib/Doctrine/DBAL/Connection.php(710): Doctrine\\DBAL\\Connection->getDatabasePlatform()\n#4 /var/www/html/lib/private/DB/Connection.php(151): Doctrine\\DBAL\\Connection->setTransactionIsolation(2)\n#5 /var/www/html/3rdparty/doctrine/dbal/lib/Doctrine/DBAL/DriverManager.php(181): OC\\DB\\Connection->__construct(Array, Object(Doctrine\\DBAL\\Driver\\PDOMySql\\Driver), Object(Doctrine\\DBAL\\Configuration), Object( in /var/www/html/lib/private/DB/Connection.php on line 64

What you expected to happen:
Nextcloud is upgraded without a hitch

How to reproduce it (as minimally and precisely as possible):

• install old version (15.0.x) - use mariadb
• upgrade to new version
• see how it fails

Anything else we need to know:
Seems this is related to secrets being regenerated every time you upgrade. My solution was to rollback, and manually copy the secrets of the mariadb root and replication password. Than re-apply the upgrade, and then edit the secrets by hand to the original value.

[chrisingenhaag]

/assign

[chrisingenhaag]

So would you mind sharing your nextcloud values?

One suggestions from my side would be to use existing secret function of mariadb chart. Then it won´t be created or touched during upgrade.

[hansbogert]

is there a way to get the values from kubernetes/helm itself? I'd hate to give you a yml from my laptop which might not represent the full truth.

[hansbogert]

If there is no way to get the values from k8s/helm/etcd, then this is the file I initially used:

image:
  repository: nextcloud
  tag: 16.0.4-apache
  pullPolicy: IfNotPresent

nameOverride: ""
fullnameOverride: ""

replicaCount: 1

ingress:
  enabled: true
  annotations: 
    kubernetes.io/tls-acme: "true"
    certmanager.k8s.io/cluster-issuer: letsencrypt-prod

  tls:
    - secretName: nextcloud-tls
      hosts:
        - cloud.acme.com
  labels: {}

nextcloud:
  host: cloud.acme.com
  username: admin
  password: changeme
  update: 0
  datadir: /var/www/html/data
  tableprefix:
  mail:
    enabled: false
    fromAddress: user
    domain: domain.com
    smtp:
      host: domain.com
      secure: ssl
      port: 465
      authtype: LOGIN
      name: user
      password: pass
  phpConfigs: {}
  defaultConfigs:
    .htaccess: true
    redis.config.php: true
    apache-pretty-urls.config.php: true
    apcu.config.php: true
    apps.config.php: true
    autoconfig.php: true
    smtp.config.php: true
  configs: {}


internalDatabase:
  enabled: false
  name: nextcloud

externalDatabase:
  enabled: false

  type: mysql

  host:

  user: nextcloud

  password:

  database: nextcloud

mariadb:
  enabled: true

  db:
    name: nextcloud
    user: nextcloud
    password: somethingspecial

  master:
    persistence:
      enabled: true
      accessMode: ReadWriteOnce
      size: 8Gi
      storageClass: "rook-ceph-block"

  slave:
    persistence:
      enabled: true
      accessMode: ReadWriteOnce
      size: 8Gi
      storageClass: "rook-ceph-block"

redis:
  enabled: false
  usePassword: false

cronjob:
  enabled: true
  image: {}
  schedule: "*/15 * * * *"
  annotations: {}
  curlInsecure: false
  failedJobsHistoryLimit: 5
  successfulJobsHistoryLimit: 2




service:
  type: ClusterIP
  port: 8080
  loadBalancerIP: nil

persistence:
  enabled: true
  annotations: {}
  storageClass: "rook-ceph-block"


  accessMode: ReadWriteOnce
  size: 1Ti

resources: {}

livenessProbe:
  enabled: true
  initialDelaySeconds: 30
  periodSeconds: 15
  timeoutSeconds: 5
  failureThreshold: 3
  successThreshold: 1
readinessProbe:
  enabled: true
  initialDelaySeconds: 30
  periodSeconds: 15
  timeoutSeconds: 5
  failureThreshold: 3
  successThreshold: 1

nodeSelector: {}

tolerations: []

affinity: {}

[ftab]

Is the root password getting regenerated and reinstalled somewhere? It doesn't appear to be limited to just upgrading nextcloud. I simply rebooted my machines and I've now got the mariadb containers failing with the same output. My k8s secrets haven't changed since the initial installation a few months ago. Here are my values:

## Official nextcloud image version
## ref: https://hub.docker.com/r/library/nextcloud/tags/
##
image:
  repository: nextcloud
  tag: 16.0.3-apache
  pullPolicy: IfNotPresent
  # pullSecrets:
  #   - myRegistrKeySecretName

nameOverride: ""
fullnameOverride: ""

# Number of replicas to be deployed
replicaCount: 1

## Allowing use of ingress controllers
## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/
##
ingress:
  enabled: true
  annotations:
    nginx.ingress.kubernetes.io/proxy-body-size: 4G
    kubernetes.io/tls-acme: "true"
    certmanager.k8s.io/cluster-issuer: gitlab-cluster-issuer
    nginx.ingress.kubernetes.io/server-snippet: |-
      server_tokens off;
      proxy_hide_header X-Powered-By;

      rewrite ^/.well-known/webfinger /public.php?service=webfinger last;
      rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
      rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json;
      location = /.well-known/carddav {
        return 301 $scheme://$host/remote.php/dav;
      }
      location = /.well-known/caldav {
        return 301 $scheme://$host/remote.php/dav;
      }
      location = /robots.txt {
        allow all;
        log_not_found off;
        access_log off;
      }
      #location ~ \.(?:png|html|ttf|ico|jpg|jpeg)$ {
      #  try_files $uri /index.php$request_uri;
      #  # Optional: Don't log access to other assets
      #  access_log off;
      #}
      location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
        deny all;
      }
      location ~ ^/(?:autotest|occ|issue|indie|db_|console) {
        deny all;
      }
  tls:
     - secretName: nextcloud-tls
       hosts:
         - nextcloud.apps.mydomain.com

nextcloud:
  host: nextcloud.apps.mydomain.com
  username: admin
  password: hunter2
  update: 0
  datadir: /var/www/html/data
  tableprefix:
  mail:
    enabled: true
    fromAddress: files@mydomain.com
    domain: mydomain.com
    smtp:
      host: mail.mydomain.com
      # secure: ssl
      port: 25 # 465
      authtype: LOGIN
      name: files
      password: 12345
  # Extra config files created in /var/www/html/config/
  # ref: https://docs.nextcloud.com/server/15/admin_manual/configuration_server/config_sample_php_parameters.html#multiple-config-php-file
  configs: {}

  # For example, to use S3 as primary storage
  # ref: https://docs.nextcloud.com/server/13/admin_manual/configuration_files/primary_storage.html#simple-storage-service-s3
  #
  #  configs:
  #    s3.config.php: |-
  #      <?php
  #      $CONFIG = array (
  #        'objectstore' => array(
  #          'class' => '\\OC\\Files\\ObjectStore\\S3',
  #          'arguments' => array(
  #            'bucket'     => 'my-bucket',
  #            'autocreate' => true,
  #            'key'        => 'xxx',
  #            'secret'     => 'xxx',
  #            'region'     => 'us-east-1',
  #            'use_ssl'    => true
  #          )
  #        )
  #      );

internalDatabase:
  enabled: false
  name: nextcloud

##
## External database configuration
##
externalDatabase:
  enabled: false

  ## Supported database engines: mysql or postgresql
  type: mysql

  ## Database host
  host:

  ## Database user
  user: nextcloud

  ## Database password
  password:

  ## Database name
  database: nextcloud

##
## MariaDB chart configuration
##
mariadb:
  ## Whether to deploy a mariadb server to satisfy the applications database requirements. To use an external database set this to false and configure the externalDatabase parameters
  enabled: true

  db:
    name: nextcloud
    user: nextcloud
    password: LoveSecretSexGod


  ## Enable persistence using Persistent Volume Claims
  ## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
  ##
  persistence:
    enabled: true
    accessMode: ReadWriteOnce
    size: 8Gi

redis:
  enabled: false
  usePassword: false

## Cronjob to execute Nextcloud background tasks
## ref: https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/background_jobs_configuration.html#cron-jobs
##
cronjob:
  enabled: true
  # Every 15 minutes
  # Note: Setting this to any any other value than 15 minutes might
  #  cause issues with how nextcloud background jobs are executed
  schedule: "*/15 * * * *"
  annotations: {}
  failedJobsHistoryLimit: 5
  successfulJobsHistoryLimit: 2

service:
  type: ClusterIP
  port: 8080
  loadBalancerIP: nil

## Enable persistence using Persistent Volume Claims
## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
##
persistence:
  enabled: true
  ## nextcloud data Persistent Volume Storage Class
  ## If defined, storageClassName: <storageClass>
  ## If set to "-", storageClassName: "", which disables dynamic provisioning
  ## If undefined (the default) or set to null, no storageClassName spec is
  ##   set, choosing the default provisioner.  (gp2 on AWS, standard on
  ##   GKE, AWS & OpenStack)
  ##
  # storageClass: "-"

  ## A manually managed Persistent Volume and Claim
  ## Requires persistence.enabled: true
  ## If defined, PVC must be created manually before volume will be bound
  # existingClaim:

  accessMode: ReadWriteOnce
  size: 50Gi

resources: {}
  # We usually recommend not to specify default resources and to leave this as a conscious
  # choice for the user. This also increases chances charts run on environments with little
  # resources, such as Minikube. If you do want to specify resources, uncomment the following
  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
  # limits:
  #  cpu: 100m
  #  memory: 128Mi
  # requests:
  #  cpu: 100m
  #  memory: 128Mi

## Liveness and readiness probe values
## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
##
livenessProbe:
  enabled: true
  initialDelaySeconds: 30
  periodSeconds: 15
  timeoutSeconds: 5
  failureThreshold: 3
  successThreshold: 1
readinessProbe:
  enabled: true
  initialDelaySeconds: 30
  periodSeconds: 15
  timeoutSeconds: 5
  failureThreshold: 3
  successThreshold: 1

nodeSelector: {}

tolerations: []

affinity: {}

[chrisingenhaag]

So from my perspective it is a point with missing configuration in mariadb values. In mariadb values.yaml there is a block which describes your issue.

rootUser:
  ## MariaDB admin password
  ## ref: https://github.com/bitnami/bitnami-docker-mariadb#setting-the-root-password-on-first-run
  ##
  password:
  ##
  ## Option to force users to specify a password. That is required for 'helm upgrade' to work properly.
  ## If it is not force, a random password will be generated.
  forcePassword: false

So I will close this issue and add forcePassword to the the nextcloud default values, just to be sure.

/close

[ftab]

Nice find. What would be the recommended approach for recovering an instance that has had this happen?

Does anyone know of a way to reset the root and replication passwords in the pod? I've tried googling around looking for ways to do this but so far everything I've found is assuming it's running outside of a container and you can kill mysqld.

[ftab]

Can confirm, btw, if I set forcePassword and rootUser.password and replication.password during the initial install in my values.yaml, I can successfully upgrade an instance from 16.0.3 to 16.0.5 by changing the image tag and running helm upgrade --install nextcloud -f values.yaml, and I can restart the database pods and they will start back up successfully. I tested this on a separate installation.

Half tempted to back up the old install and restore to a new deployment, rather than keep trying to fight the container to reset root password.

Related: #5167

[hansbogert]

aren't there 2 issues at hand then? I could really bring back my mariadb cluster by looking in the helm history for the values of the secrets, re apply those, and it would resolve itself.

[ftab]

You can look at the values of past generated secrets? If that's possible, that would fix my install too...

edit: yes indeed.

helm get nextcloud --revision N | grep password

where N is one of the revisions listed in helm history nextcloud

Decode the password:

base64 -d; echo

Paste the password, press enter, and Ctrl+D.

Test the passwords in the nextcloud mariadb container:

kubectl exec -it nextcloud-mariadb-master-0 bash
mysql -uroot -p

Once the right one is found:

kubectl edit secrets nextcloud-mariadb

Paste the base64 encoded data in place, delete the pods.

[happinesslijian]

This is my values.yaml profile

## Official nextcloud image version
## ref: https://hub.docker.com/r/library/nextcloud/tags/
##
image:
  repository: nextcloud
  tag: 16.0.3-apache
  pullPolicy: IfNotPresent
  # pullSecrets:
  #   - myRegistrKeySecretName

nameOverride: ""
fullnameOverride: ""

# Number of replicas to be deployed
replicaCount: 1

## Allowing use of ingress controllers
## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/
##
ingress:
  enabled: false
  annotations: {}
  #  nginx.ingress.kubernetes.io/proxy-body-size: 4G
  #  kubernetes.io/tls-acme: "true"
  #  certmanager.k8s.io/cluster-issuer: letsencrypt-prod
  #  nginx.ingress.kubernetes.io/server-snippet: |-
  #    server_tokens off;
  #    proxy_hide_header X-Powered-By;

  #    rewrite ^/.well-known/webfinger /public.php?service=webfinger last;
  #    rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
  #    rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json;
  #    location = /.well-known/carddav {
  #      return 301 $scheme://$host/remote.php/dav;
  #    }
  #    location = /.well-known/caldav {
  #      return 301 $scheme://$host/remote.php/dav;
  #    }
  #    location = /robots.txt {
  #      allow all;
  #      log_not_found off;
  #      access_log off;
  #    }
  #    location ~ \.(?:png|html|ttf|ico|jpg|jpeg)$ {
  #      try_files $uri /index.php$request_uri;
  #      # Optional: Don't log access to other assets
  #      access_log off;
  #    }
  #    location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
  #      deny all;
  #    }
  #    location ~ ^/(?:autotest|occ|issue|indie|db_|console) {
  #      deny all;
  #    }
  #  tls:
  #    - secretName: nextcloud-tls
  #      hosts:
  #        - nextcloud.kube.home

nextcloud:
  host: 192.168.100.150
  username: admin
  password: passwd
  update: 0
  datadir: /var/www/html/data
  tableprefix:
  mail:
    enabled: false
    fromAddress: user
    domain: domain.com
    smtp:
      host: domain.com
      secure: ssl
      port: 465
      authtype: LOGIN
      name: user
      password: pass
  # PHP Configuration files
  # Will be injected in /usr/local/etc/php/conf.d
  phpConfigs: {}
  # Default config files
  # IMPORTANT: Will be used only if you put extra configs, otherwise default will come from nextcloud itself
  # Default confgurations can be found here: https://github.com/nextcloud/docker/tree/master/16.0/apache/config
  defaultConfigs:
    # To protect /var/www/html/config
    .htaccess: true
    # Redis default configuration
    redis.config.php: true
    # Apache configuration for rewrite urls
    apache-pretty-urls.config.php: true
    # Define APCu as local cache
    apcu.config.php: true
    # Apps directory configs
    apps.config.php: true
    # Used for auto configure database
    autoconfig.php: true
    # SMTP default configuration
    smtp.config.php: true
  # Extra config files created in /var/www/html/config/
  # ref: https://docs.nextcloud.com/server/15/admin_manual/configuration_server/config_sample_php_parameters.html#multiple-config-php-file
  configs: {}

  # For example, to use S3 as primary storage
  # ref: https://docs.nextcloud.com/server/13/admin_manual/configuration_files/primary_storage.html#simple-storage-service-s3
  #
  #  configs:
  #    s3.config.php: |-
  #      <?php
  #      $CONFIG = array (
  #        'objectstore' => array(
  #          'class' => '\\OC\\Files\\ObjectStore\\S3',
  #          'arguments' => array(
  #            'bucket'     => 'my-bucket',
  #            'autocreate' => true,
  #            'key'        => 'xxx',
  #            'secret'     => 'xxx',
  #            'region'     => 'us-east-1',
  #            'use_ssl'    => true
  #          )
  #        )
  #      );

internalDatabase:
  enabled: false
  name: nextcloud

##
## External database configuration
##
externalDatabase:
  enabled: false

  ## Supported database engines: mysql or postgresql
  type: mysql

  ## Database host
  host:

  ## Database user
  user: nextcloud

  ## Database password
  password:

  ## Database name
  database: nextcloud

##
## MariaDB chart configuration
##
mariadb:
  ## Whether to deploy a mariadb server to satisfy the applications database requirements. To use an external database set this to false and configure the externalDatabase parameters
  enabled: true

  db:
    name: nextcloud
    user: admin
    password: "123456"
  replication:
    enabled: false
  ## Enable persistence using Persistent Volume Claims
  ## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
  ##
  master:
    persistence:
      enabled: true
      storageClass: nextcloud
      accessMode: ReadWriteOnce
      size: 8Gi

redis:
  enabled: false
  usePassword: false


## Cronjob to execute Nextcloud background tasks
## ref: https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/background_jobs_configuration.html#cron-jobs
##
cronjob:
  enabled: false
  # Nexcloud image is used as default but only curl is needed
  image: {}
    # repository: nextcloud
    # tag: 16.0.3-apache
    # pullPolicy: IfNotPresent
    # pullSecrets:
    #   - myRegistrKeySecretName
  # Every 15 minutes
  # Note: Setting this to any any other value than 15 minutes might
  #  cause issues with how nextcloud background jobs are executed
  schedule: "*/15 * * * *"
  annotations: {}
  # Set curl's insecure option if you use e.g. self-signed certificates
  curlInsecure: false
  failedJobsHistoryLimit: 5
  successfulJobsHistoryLimit: 2
  # If not set, nextcloud deployment one will be set
  # resources:
    # We usually recommend not to specify default resources and to leave this as a conscious
    # choice for the user. This also increases chances charts run on environments with little
    # resources, such as Minikube. If you do want to specify resources, uncomment the following
    # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
    # limits:
    #  cpu: 100m
    #  memory: 128Mi
    # requests:
    #  cpu: 100m
    #  memory: 128Mi

  # If not set, nextcloud deployment one will be set
  # nodeSelector: {}

  # If not set, nextcloud deployment one will be set
  # tolerations: []

  # If not set, nextcloud deployment one will be set
  # affinity: {}

service:
  type: NodePort
  port: 8080
  loadBalancerIP: nil

## Enable persistence using Persistent Volume Claims
## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
##
persistence:
  # Nextcloud Data (/var/www/html)
  enabled: true
  annotations: {}
  ## nextcloud data Persistent Volume Storage Class
  ## If defined, storageClassName: <storageClass>
  ## If set to "-", storageClassName: "", which disables dynamic provisioning
  ## If undefined (the default) or set to null, no storageClassName spec is
  ##   set, choosing the default provisioner.  (gp2 on AWS, standard on
  ##   GKE, AWS & OpenStack)
  ##
  storageClass: "nextcloud"

  ## A manually managed Persistent Volume and Claim
  ## Requires persistence.enabled: true
  ## If defined, PVC must be created manually before volume will be bound
  # existingClaim:

  accessMode: ReadWriteOnce
  size: 8Gi

resources: {}
  # We usually recommend not to specify default resources and to leave this as a conscious
  # choice for the user. This also increases chances charts run on environments with little
  # resources, such as Minikube. If you do want to specify resources, uncomment the following
  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
  # limits:
  #  cpu: 100m
  #  memory: 128Mi
  # requests:
  #  cpu: 100m
  #  memory: 128Mi

## Liveness and readiness probe values
## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
##
livenessProbe:
  enabled: true
  initialDelaySeconds: 30
  periodSeconds: 15
  timeoutSeconds: 5
  failureThreshold: 3
  successThreshold: 1
readinessProbe:
  enabled: true
  initialDelaySeconds: 30
  periodSeconds: 15
  timeoutSeconds: 5
  failureThreshold: 3
  successThreshold: 1

nodeSelector: {}

tolerations: []

affinity: {}

The deployment cannot be started after the installation is complete, the log shows

[root@k8s-master ~]# kubectl logs -f nextcloud-76b78c795f-s9kv8 -n nextcloud
Initializing nextcloud 16.0.3.0 ...

The probe tells me

Events:
  Type     Reason     Age                From                Message
  ----     ------     ----               ----                -------
  Normal   Scheduled  66s                default-scheduler   Successfully assigned nextcloud/nextcloud-76b78c795f-s9kv8 to k8s-node2
  Normal   Pulled     65s                kubelet, k8s-node2  Container image "nextcloud:16.0.3-apache" already present on machine
  Normal   Created    64s                kubelet, k8s-node2  Created container nextcloud
  Normal   Started    63s                kubelet, k8s-node2  Started container nextcloud
  Warning  Unhealthy  11s (x2 over 26s)  kubelet, k8s-node2  Liveness probe failed: Get http://10.244.2.199:80/status.php: dial tcp 10.244.2.199:80: connect: connection refused
  Warning  Unhealthy  1s (x3 over 31s)   kubelet, k8s-node2  Readiness probe failed: Get http://10.244.2.199:80/status.php: dial tcp 10.244.2.199:80: connect: connection refused

I want to know why I can't connect to port 80?
How to solve this problem?
I am using stable/nextcloud installed by helm.
Helm version is v2.14.1
Tiller version is v2.14.1
Kubeadm version is v1.15.1

[hansbogert]

@happinesslijian is your issue related to the problem described in the OP ?

[happinesslijian]

@happinesslijian is your issue related to the problem described in the OP ?

Do you know this problem? Please guide me
This pod has not been working properly.

Value.zip is my configuration file, please use helm to install, you will also see this problem.

values.zip

[chrisingenhaag]

Thanks @ftab for explanation. I think this will help other to recover their installation after upgrade. Additionally more details on that should be addressed to the mariadb helm chart collaborators cause I´m not yet that familiar with the chart.

@happinesslijian I don´t think your problem is related to this issue. Any way it is extremely difficult to find out what your problem is if you paste a complete values.yaml. in your values.yaml you only need values that differ from the values.yaml defaults in the chart. With this it would be a lot easier to figure out what might be a problem. I do not really want to go through each property and check if it differs from default values.yaml. Pod logs would also help. And maybe it´s more a topic for a help forum like https://help.nextcloud.com . Thx.

[stale]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Any further update will cause the issue/pull request to no longer be considered stale. Thank you for your contributions.

[stale]

This issue is being automatically closed due to inactivity.