Version: 6.4.1

FAQ

This section provides answers to FAQs.

How to separate application pods(Sensa)(on user nodepool) vs system monitoring pods(on a system nodepool)

Add an annotation to the cortex and compute namespace before helm install to force the pods to a specific nodepool kubectl annotate ns <namespace-name> scheduler.alpha.kubernetes.io node-selector=<label-key-of-nodepool>=<label-value-of-nodepool>

How to verify the validity of certificates

SSL certificates can be verified by using: openssl x509 -in cert.crt -text -noout

How to format your certificate

To check the format of the certs follow the instructions shared by Istio

How to upgrade mongo from version 4 to version 6

If you are upgrading from a Cortex cluster with a helm chart version lower than 6.2.1, which includes MongoDB 4.4, you will need to follow these steps:

Take a backup of the MongoDB 4.4 data to ensure you don't lose any important information.
Delete the MongoDB Persistent Volume Claim (PVC) associated with the previous installation. This will ensure a clean installation of the new MongoDB version.
Install the new helm chart, specifying MongoDB 6 as the desired version. This will deploy the updated MongoDB version within the Cortex cluster.
Restore the backup you created earlier to the newly installed MongoDB 6. This step will bring back your data and configurations to the updated environment.

Refer on how to backup and restore

How to verify if dex config is correct

Use curl -i http(s)://<DNS-NAME>/dex/.well-known/openid-configuration to verify if DNS and values setting for dex callback match

Resolution for Mongo Authentication error when internal Mongo is used

The Mongo password for internal Mongo are auto-generated and if helm uninstall/delete is used during the install process, the PVC which mount the password are not removed, so they would continue to use the old password and we would see Mongo Authentication error.

The resolution would be to remove the PVC when doing a helm uninstall/delete. This would not be an issue for external Mongo

The same is applicable for Redis and Minio too

How to run a local stack on Minikube

For development purposes, you may want to run a local stack. To deploy a local stack on minikube using charts from your local filesystem, you can use the predefined values.yaml and example override values file:

helm install ./cortex5 --name cortex --namespace cortex -f cortex5/examples/values-cortex-minikube.yaml -f cortex5/examples/values-cortex-latest.yaml

How to access Cortex through Admin Console (LOCAL)

Add to /etc/hosts:

127.0.0.1       console.local.insights.ai docs.local.insights.ai

Forward ports:
```
kubectl port-forward -n cortex svc/cortex-kong 8000:8000 &
```
NOTE: to remove this forward, bring it back to foreground using fg and then CTRL-C.
Access the Console at http://console.local.insights.ai:8000.

To get the generated invitation token to register a tenant:

kubectl get -n cortex secrets cortex-vault -o json
echo <invitation_code> | base64 --decode

Get list of overall images being deployed with a specific version of the Helm chart

Specify the version of the Helm chart to inspect:
```
export CHART_VERSION="6.2.0"
```
Specify the file name/location to write the list to (this file will be recreated if it doesn't already exist):
```
export IMAGE_LIST="images.txt"
```

Add/ensure the Fabric helm repository is added to the local cache and up-to-date:

helm repo add cortex https://cognitivescale.github.io/cortex-charts/stable
helm repo update

Run the following two helm template commands to get generate the file from step 2 with the list of images:

helm template cortex/fabric6 --version ${CHART_VERSION} \
  --set mongodb.enabled=false \
  --set minio.enabled=false \
  --set redis.enabled=false \
  --set openldap.enabled=false \
  --set docker-registry.enabled=false \
  | grep " image: .*" | awk '{ print $2 }' > ${IMAGE_LIST}
helm template cortex/fabric6 --version ${CHART_VERSION} | grep 'docker.io' | grep 'value:' | awk '{ print $2 }' >> ${IMAGE_LIST}

NOTE: The first helm command in the example above has all the subchart dependencies disabled with the --set options (to mirror a production installation with externalized infrastructure). A yaml overrides file (ex. values.yaml) can also be provided to get a deployment specific image list:

helm template cortex/fabric6 --version ${CHART_VERSION} -f values.yaml | grep " image: .*" | awk '{ print $2 }' > ${IMAGE_LIST}

#How to separate application pods(Sensa)(on user nodepool) vs system monitoring pods(on a system nodepool)

#How to verify the validity of certificates

#How to format your certificate

#How to upgrade mongo from version 4 to version 6

#How to verify if dex config is correct

#Resolution for Mongo Authentication error when internal Mongo is used

#How to run a local stack on Minikube

#How to access Cortex through Admin Console (LOCAL)

#Get list of overall images being deployed with a specific version of the Helm chart