I am deploying FusionAuth in Kubernetes using the latest Helm chart version (0.12.1), with PostgreSQL as the database and FUSIONAUTH_APP_RUNTIME_MODE set to production. I have created a non-root user and database and am trying to get FusionAuth to take the credentials to perform the initial installation.
Here's some excerpts from the values.yaml:
database:
# database.protocol -- Should either be postgresql or mysql. Protocol for jdbc connection to database
protocol: postgresql
# database.host -- Hostname or ip of the database instance
host: "<REDACTED>"
# database.host -- Port of the database instance
port: 5432
# database.tls -- Configures whether or not to use tls when connecting to the database
tls: false
# database.tlsMode -- If tls is enabled, this configures the mode
tlsMode: require
# database.name -- Name of the fusionauth database
name: fusionauth
# To use an existing secret, set `existingSecret` to the name of the secret. We expect at most two keys: `password` is required. `rootpassword` is only required if `database.root.user` is set.
# database.existingSecret -- The name of an existing secret that contains the database passwords
existingSecret: "fusionauth"
# database.user -- Database username for fusionauth to use in normal operation
user: "fusionauth"
# database.password -- Database password for fusionauth to use in normal operation - not required if database.existingSecret is configured
password: ""
# These credentials are used for bootstrapping the database
root:
# database.root.user -- Database username for fusionauth to use during initial bootstrap - not required if you have manually bootstrapped your database
user: ""
# database.root.password -- Database password for fusionauth to use during initial bootstrap - not required if database.existingSecret is configured
password: ""
.....
app:
# app.memory -- Configures the amount of memory Java can use
memory: 256M
# app.memory -- Configures runtime mode for fusionauth. Should be 'development' or 'production'
# learn more about the difference here: https://fusionauth.io/docs/v1/tech/reference/configuration
runtimeMode: production
I can confirm with psql that I'm able to connect and operate in the database just fine. I've also confirmed the secret is applied to the cluster prior to deploying the Helm chart.
The FUSIONAUTH_APP_SILENT_MODE defaults to true, so I would expect FusionAuth to take the credentials and database configuration listed here and do the rest automatically, but it doesn't seem to be the case, as I get the following logs:
Defaulted container "fusionauth" out of: fusionauth, wait-for-db (init)
Starting fusionauth-app...
--> Logging to /usr/local/fusionauth/logs/fusionauth-app.log
2023-05-23 01:38:23.656 PM INFO io.fusionauth.api.configuration.DefaultFusionAuthConfiguration - Loading FusionAuth configuration file [/usr/local/fusionauth/config/fusionauth.properties]
2023-05-23 01:38:23.820 PM INFO io.fusionauth.api.configuration.DefaultFusionAuthConfiguration - Set property [fusionauth-app.url] set to [<REDACTED>] using configured value.
2023-05-23 01:38:23.830 PM INFO com.inversoft.configuration.BasePropertiesFileInversoftConfiguration -
- Overriding default value of property [database.mysql.enforce-utf8mb4] with value [true]
- Overriding default value of property [FUSIONAUTH_APP_RUNTIME_MODE] with value [production]
- Overriding default value of property [SEARCH_TYPE] with value [database]
2023-05-23 01:38:23.851 PM INFO io.fusionauth.app.guice.FusionAuthModule -
---------------------------------------------------------------------------------------------------------
--------------------------------- Starting FusionAuth version [1.45.1] ----------------------------------
---------------------------------------------------------------------------------------------------------
2023-05-23 01:38:24.260 PM INFO io.fusionauth.api.plugin.guice.PluginModule - No plugins found
2023-05-23 01:38:24.543 PM INFO io.fusionauth.api.service.system.NodeService - Node [39f625d7-1c08-4239-a849-5b0f958a2263] started.
2023-05-23 01:38:25.398 PM INFO io.fusionauth.api.configuration.DefaultFusionAuthConfiguration - Loading FusionAuth configuration file [/usr/local/fusionauth/config/fusionauth.properties]
2023-05-23 01:38:25.399 PM INFO com.inversoft.configuration.BasePropertiesFileInversoftConfiguration -
- Overriding default value of property [database.mysql.enforce-utf8mb4] with value [true]
- Overriding default value of property [FUSIONAUTH_APP_RUNTIME_MODE] with value [production]
- Overriding default value of property [SEARCH_TYPE] with value [database]
2023-05-23 01:38:25.404 PM INFO com.inversoft.jdbc.hikari.DataSourceProvider - Connecting to PostgreSQL database at [jdbc:postgresql://<REDACTED>:5432/fusionauth]
2023-05-23 01:38:25.405 PM WARN com.zaxxer.hikari.HikariConfig - HikariPool-1 - idleTimeout has been set but has no effect because the pool is operating as a fixed size pool.
2023-05-23 01:38:25.407 PM INFO com.zaxxer.hikari.HikariDataSource - HikariPool-1 - Starting...
2023-05-23 01:38:26.168 PM INFO com.zaxxer.hikari.pool.HikariPool - HikariPool-1 - Added connection org.postgresql.jdbc.PgConnection@4c6a4ffd
2023-05-23 01:38:26.211 PM INFO com.zaxxer.hikari.HikariDataSource - HikariPool-1 - Start completed.
2023-05-23 01:38:28.369 PM INFO com.inversoft.scheduler.DefaultScheduler - Starting up scheduler
2023-05-23 01:38:28.369 PM INFO com.inversoft.scheduler.DefaultScheduler - Scheduler is running
2023-05-23 01:38:28.456 PM ERROR com.inversoft.scheduler.LogAndRetainFailureHandler - The scheduled service [class io.fusionauth.api.service.cache.ApplicationCacheLoader] failed but will be re-run.
org.apache.ibatis.exceptions.PersistenceException:
### Error querying database. Cause: org.postgresql.util.PSQLException: ERROR: relation "applications" does not exist
Position: 4355
Any ideas on why it's not picking up on the database details and/or why it's failing to perform the initial installation?