#How can I deploy the Helm chart?

I'm new to Helm, as I usually write the deployments myself. This time, I wanted to be bold, so I opted to go for the Helm chart. I've done what the instructions tell me to do (create PVC for library) but redis and postgres also seem to require this?

The only things I've changed in the original configuration is image.tag: v1.107.2, immich.persistence.library.existingClaim: immich-pvc-library, postgresql.enabled: true, and redis.enabled: true - other than that, it's a stock configuration.

What am I doing wrong? Thank you in advance 🙂

:wave: Hey @grand grail,

Thanks for reaching out to us. Please follow the recommended actions below; this will help us be more effective in our support effort and leave more time for building Immich .

References

• Container Logs: docker compose logs docs
• Container Status: docker compose ps docs
• Reverse Proxy: https://immich.app/docs/administration/reverse-proxy

Checklist

1. :ballot_box_with_check: I have verified I'm on the latest release(note that mobile app releases may take some time).
2. :ballot_box_with_check: I have read applicable release notes.
3. :ballot_box_with_check: I have reviewed the FAQs for known issues.
4. :ballot_box_with_check: I have reviewed Github for known issues.
5. :blue_square: I have tried accessing Immich via local ip (without a custom reverse proxy).
6. :blue_square: I have uploaded the relevant logs, docker compose, and .env files using the buttons below or the /upload command.
7. :blue_square: I have tried an incognito window, disabled extensions, cleared mobile app cache, logged out and back in, different browsers, etc. as applicable

(an item can be marked as "complete" by reacting with the appropriate number)

If this ticket can be closed you can use the /close command, and re-open it later if needed.

@grand grail uploaded

You shouldn't need to copy the whole values file, just set the ones you want to override

Your message implies that things are going wrong at some point, but doesn't describe how or where

Hi. Thanks, I'm the guy in the GitHub issues 😊

You comment on GH says "You need to either set a default storageClass, set a storageClass for postgres to use, or create your own PVC for postgres." - I'm unsure how to define this in the values.yaml... how do I define this there? Is it something like:

...
postgresql:
  enabled: true # false
  persistence:
    enabled: true
    storageClass: immich-sc
  image:
    repository: tensorchord/pgvecto-rs
    tag: pg14-v0.2.0
  global:
    postgresql:
      auth:
        username: immich
        database: immich
        password: immich
  primary:
    initdb:
      scripts:
        create-extensions.sql: |
          CREATE EXTENSION cube;
          CREATE EXTENSION earthdistance;
          CREATE EXTENSION vectors;
...

I'm sorry if it might be a dumb question but, as mentioned, I'm new to Helm. Thank you for your patience.

That's a pretty solid guess. Using helm charts is unfortunately always a bit of a pain because they're chronically underdocumented (which is mostly just a failure of Helm as a tool). In this case:
In the Immich Chart.yaml (https://github.com/immich-app/immich-charts/blob/main/charts/immich/Chart.yaml#L21-L24) you can see that for postgres, it uses the postgres chart from bitnami as a dependency.
If you look up the values for that bitnami chart and search through them, you'll find that you can either:

1. Set global.storageClass: https://github.com/bitnami/charts/blob/postgresql/13.2.24/bitnami/postgresql/values.yaml#L19
2. Set primary.persistence.storageClass: https://github.com/bitnami/charts/blob/postgresql/13.2.24/bitnami/postgresql/values.yaml#L679
3. Set primary.persistence.existingClaim: https://github.com/bitnami/charts/blob/postgresql/13.2.24/bitnami/postgresql/values.yaml#L663

Thank you! I will try as soon as I get back home and let you know 😁

Hmmm... Adding global.storageClass did not work. I'll try the other ones and see if something bites

Do make sure you're adding it in the postgresql section

I think I did it like you mean (?):

...
postgresql:
  enabled: true # false
  image:
    repository: tensorchord/pgvecto-rs
    tag: pg14-v0.2.0
  global:
    storageClass: immich-sc
    postgresql:
      auth:
        username: immich
        database: immich
        password: immich
  primary:
    initdb:
      scripts:
        create-extensions.sql: |
          CREATE EXTENSION cube;
          CREATE EXTENSION earthdistance;
          CREATE EXTENSION vectors;

redis:
  enabled: true # false
  architecture: standalone
  auth:
    enabled: false
  global:
    storageClass: immich-sc
...

At least that's what they looked like in the Bitnami charts

The outcome is what's in the attached file and

$ kubectl get pvc -n immich
NAME                               STATUS    VOLUME              CAPACITY   ACCESS MODES   STORAGECLASS   VOLUMEATTRIBUTESCLASS   AGE
immich-pvc-library                 Bound     immich-pv-library   1Ti        RWO            immich-sc      <unset>                 69s
redis-data-immich-redis-master-0   Pending                                                 immich-sc      <unset>                 66s
data-immich-postgresql-0           Pending                                                 immich-sc      <unset>                 66s

I guess I'll have to try step #3

:wave: Hey @grand grail,

Thanks for reaching out to us. Please follow the recommended actions below; this will help us be more effective in our support effort and leave more time for building Immich .

References

• Container Logs: docker compose logs docs
• Container Status: docker compose ps docs
• Reverse Proxy: https://immich.app/docs/administration/reverse-proxy

Checklist

1. :blue_square: I have verified I'm on the latest release(note that mobile app releases may take some time).
2. :blue_square: I have read applicable release notes.
3. :blue_square: I have reviewed the FAQs for known issues.
4. :blue_square: I have reviewed Github for known issues.
5. :blue_square: I have tried accessing Immich via local ip (without a custom reverse proxy).
6. :blue_square: I have uploaded the relevant logs, docker compose, and .env files using the buttons below or the /upload command.
7. :blue_square: I have tried an incognito window, disabled extensions, cleared mobile app cache, logged out and back in, different browsers, etc. as applicable

(an item can be marked as "complete" by reacting with the appropriate number)

If this ticket can be closed you can use the /close command, and re-open it later if needed.

I don't know what is happening to the chat 🙄

None of the 3 actually worked... not even creating a claim and binding to it with existingClaim

I'm at a loss

Can you post the full logs/events/statuses for the existingClaim attempt?

Sure.

NAMESPACE             NAME                                      READY   STATUS                 RESTARTS         AGE
...
immich                immich-redis-master-0                     0/1     CreateContainerError   8 (5m9s ago)     17m
immich                immich-machine-learning-867898db4-56kr6   1/1     Running                10 (4m42s ago)   17m
immich                immich-server-78bdb95f65-l4kzh            0/1     CrashLoopBackOff       10 (3m23s ago)   17m
immich                immich-postgresql-0                       0/1     CrashLoopBackOff       9 (2m31s ago)    17m
...

klogs immich-redis-master-0 -n immich 
1:C 07 Jul 2024 18:27:38.126 * oO0OoO0OoO0Oo Redis is starting oO0OoO0OoO0Oo
1:C 07 Jul 2024 18:27:38.126 * Redis version=7.2.3, bits=64, commit=00000000, modified=0, pid=1, just started
1:C 07 Jul 2024 18:27:38.126 * Configuration loaded
1:M 07 Jul 2024 18:27:38.126 * monotonic clock: POSIX clock_gettime
1:M 07 Jul 2024 18:27:38.127 * Running mode=standalone, port=6379.
1:M 07 Jul 2024 18:27:38.127 * Server initialized
1:M 07 Jul 2024 18:27:38.127 # Can't open or create append-only dir appendonlydir: Permission denied

klogs immich-postgresql-0 -n immich 
mkdir: cannot create directory ‘/bitnami/postgresql/data’: Permission denied

I see now that there's some issues with permissions

While I was searching among existing issues, earlier, I saw someone posting about something similar

I'll go through them and see if I can find them again

That is very strange. chowning to my user and chmodding it to 777 seems to have done the trick. What I don't understand, though, is that I thought that the correct permissions would be applied "automagically"?

Still trouble, though. I cannot seem to be able to reach the webapp

It kinda depends on your storageClass and what's behind it

Can you get the status of all the pods?

And the logs of immich-server

kubectl get pods -n immich
NAME                                      READY   STATUS    RESTARTS        AGE
immich-machine-learning-867898db4-q9hl9   1/1     Running   19 (176m ago)   20h
immich-postgresql-0                       1/1     Running   5               20h
immich-redis-master-0                     1/1     Running   4 (176m ago)    20h
immich-server-78bdb95f65-b9bmm            1/1     Running   10 (172m ago)   7h27m

klogs immich-postgresql-0 -n immich 
chmod: changing permissions of '/var/run/postgresql': Operation not permitted

PostgreSQL Database directory appears to contain a database; Skipping initialization

2024-07-08 14:32:03.295 UTC [1] LOG:  starting PostgreSQL 14.10 (Debian 14.10-1.pgdg120+1) on x86_64-pc-linux-gnu, compiled by gcc (Debian 12.2.0-14) 12.2.0, 64-bit
2024-07-08 14:32:03.295 UTC [1] LOG:  listening on IPv4 address "0.0.0.0", port 5432
2024-07-08 14:32:03.295 UTC [1] LOG:  listening on IPv6 address "::", port 5432
2024-07-08 14:32:05.349 UTC [1] LOG:  listening on Unix socket "/var/run/postgresql/.s.PGSQL.5432"
2024-07-08 14:32:05.855 UTC [14] LOG:  database system was interrupted; last known up at 2024-07-08 14:23:19 UTC
[2024-07-08T14:32:05Z INFO  service::utils::clean] Find directory "pg_vectors/indexes/17533".
[2024-07-08T14:32:05Z INFO  service::utils::clean] Find directory "pg_vectors/indexes/17765".
2024-07-08 14:32:06.299 UTC [14] LOG:  database system was not properly shut down; automatic recovery in progress
2024-07-08 14:32:06.349 UTC [14] LOG:  redo starts at 0/2F48E138
2024-07-08 14:32:06.349 UTC [14] LOG:  invalid record length at 0/2F48F2D0: wanted 24, got 0
2024-07-08 14:32:06.349 UTC [14] LOG:  redo done at 0/2F48F2A8 system usage: CPU: user: 0.00 s, system: 0.00 s, elapsed: 0.00 s
2024-07-08 14:32:08.510 UTC [1] LOG:  database system is ready to accept connections

klogs immich-redis-master-0 -n immich 
1:C 08 Jul 2024 14:30:13.792 * oO0OoO0OoO0Oo Redis is starting oO0OoO0OoO0Oo
1:C 08 Jul 2024 14:30:13.792 * Redis version=7.2.3, bits=64, commit=00000000, modified=0, pid=1, just started
1:C 08 Jul 2024 14:30:13.792 * Configuration loaded
1:M 08 Jul 2024 14:30:13.792 * monotonic clock: POSIX clock_gettime
1:M 08 Jul 2024 14:30:13.793 * Running mode=standalone, port=6379.
1:M 08 Jul 2024 14:30:13.793 * Server initialized
1:M 08 Jul 2024 14:30:13.793 * Reading RDB base file on AOF loading...
1:M 08 Jul 2024 14:30:13.793 * Loading RDB produced by version 7.2.3
1:M 08 Jul 2024 14:30:13.793 * RDB age 64841 seconds
1:M 08 Jul 2024 14:30:13.793 * RDB memory usage when created 0.83 Mb
1:M 08 Jul 2024 14:30:13.793 * RDB is base AOF
1:M 08 Jul 2024 14:30:13.793 * Done loading RDB, keys loaded: 0, keys expired: 0.
1:M 08 Jul 2024 14:30:13.794 * DB loaded from base file appendonly.aof.1.base.rdb: 0.000 seconds
1:M 08 Jul 2024 14:30:13.836 * DB loaded from incr file appendonly.aof.1.incr.aof: 0.043 seconds
1:M 08 Jul 2024 14:30:13.836 * DB loaded from append only file: 0.043 seconds
1:M 08 Jul 2024 14:30:13.836 * Opening AOF incr file appendonly.aof.1.incr.aof on server start
1:M 08 Jul 2024 14:30:13.836 * Ready to accept connections tcp

Server logs

As far as I can tell from that, everything should be working well

Yeah... that's what I gather, too

Oh, well. I'll try to write a manual deployment - thank you for your time and patience 😄

I mean there's still more troubleshooting to do if you want :P

The issue is just no longer in the running containers anymore

But rather in how you're reaching them

If you have time, sure ^^

FWIW, I tried applying a configuration using LoadBalancer and assigning a loadBalancerIP, but I still couldn't reach the server

Do you have something deployed to handle loadbalancers for you?

Yes, MetalLB

Can you kubectl describe the LoadBalancer for me?

That's the metallb components, I mean the Service with type: LoadBalancer that was created

Ah, sorry. I misunderstood 😅 I reverted back to the original conf since that didn't work, either

Do you want me to spin up a second instance?

Let's start by double checking Immich is working properly

Can you kubectl port-forward the immich-server pod?

kubectl port-forward svc/immich-server 3001 -n immich
Forwarding from 127.0.0.1:3001 -> 3001
Forwarding from [::1]:3001 -> 3001

FWIW, I cannot curl http://192.168.7.100:3001/api

Neither with, nor without k8s port-forwarding. Also, I do not have firewall enabled

Hey!

Doing kubectl port-forward pod/immich-server-7fd56cb4d6-qclg6 --address 0.0.0.0 3001 -n immich allows me to connect to immich 😄

If you don't mind: how do I make the kubectl port-forward pod/immich-server-7fd56cb4d6-qclg6 --address 0.0.0.0 3001 -n immich persistent instead of having to manually do it?

If you use Immich with k8s, would you mind sharing your configuration with me?

That's just a debugging tool to make sure the pod itself is doing well

The way to set up persistent access is with either a LoadBalancer or an Ingress

My recommendation will be to join the Home-Ops discord with many people more knowledgeable than me, they'll be able to help you troubleshoot getting those things set up better than I can

https://discord.gg/FBCwkntp