Hi @diana and @jkuester
With the help of @fardarter we’ve built an 3.2 couch db image that seemed to run fine during our smoke tests.
We did take note of the following issue popping up when running the cht --local
command:
ERROR Error trying to get couchdb config: TypeError: Cannot read properties of undefined (reading 'split')
Which, after cloning the cht-conf
repo, seems to occur in the api.js
file’s getCompressibleTypes
method. I’m unsure why, would be great to hear your ideas.
While looking through the cht-conf
repo I noticed the tests
that could be run against couch db.
And, as discussed earlier in the thread, we wanted to be a bit more sure regarding the stability of the upgrade I wanted to run those tests against the new image.
Since simply upgrading the couchdb version in the script did not work, due to the .ini lookup, I’ve done some of the following in hopes of getting a service up to run the tests against - but have been unsuccessful until now.
As mentioned above running the following yields an error and the container stops:
docker run -p 6984:5984 --rm --name cht-conf-couchdb couchdb:3.2
Waiting for cht couchdb
[info] 2023-07-25T14:34:27.372397Z couchdb@127.0.0.1 <0.254.0> -------- Preflight check: Checking For Monsters
[info] 2023-07-25T14:34:27.372457Z couchdb@127.0.0.1 <0.254.0> -------- Preflight check: Asserting Admin Account
[info] 2023-07-25T14:34:27.372488Z couchdb@127.0.0.1 <0.254.0> --------
*************************************************************
ERROR: CouchDB 3.0+ will no longer run in "Admin Party"
mode. You *MUST* specify an admin user and
password, either via your own .ini file mapped
into the container at /opt/couchdb/etc/local.ini
or inside /opt/couchdb/etc/local.d, or with
"-e COUCHDB_USER=admin -e COUCHDB_PASSWORD=password"
to set it via "docker run".
*************************************************************
Changing the the query to something like the following managed to start up the service, but with an periodic error noting that the “_users” db is missing:
docker run -p 6984:5984 -e 'COUCHDB_USER=admin' -e 'COUCHDB_PASSWORD=password' --rm --name cht-conf-couchdb couchdb:3.2
[error] 2023-07-26T06:41:52.918740Z nonode@nohost emulator -------- Error in process <0.390.0> with exit value:
{database_does_not_exist,[{mem3_shards,load_shards_from_db,"_users",[{file,"src/mem3_shards.erl"},{line,400}]},{mem3_shards,load_shards_from_disk,1,[{file,"src/mem3_shards.erl"},{line,375}]},{mem3_shards,load_shards_from_disk,2,[{file,"src/mem3_shards.erl"},{line,404}]},{mem3_shards,for_docid,3,[{file,"src/mem3_shards.erl"},{line,97}]},{fabric_doc_open,go,3,[{file,"src/fabric_doc_open.erl"},{line,39}]},{chttpd_auth_cache,ensure_auth_ddoc_exists,2,[{file,"src/chttpd_auth_cache.erl"},{line,198}]},{chttpd_auth_cache,listen_for_changes,1,[{file,"src/chttpd_auth_cache.erl"},{line,145}]}]}
I did eventually manage to get the service started without the “_users” error by doing the following:
docker rm cht-conf-couchdb
docker volume rm couchdb_data
docker system prune -a
docker build -t my-couchdb-image .
docker run -p 6984:5984 -e 'COUCHDB_USER=admin' -e 'COUCHDB_PASSWORD=password' -v couchdb_data:/opt/couchdb/data --name cht-conf-couchdb my-couchdb-image
This was paired with an edit to the docker file:
...
FROM couchdb:latest
EXPOSE 5984
# Copy the setup script into the container
COPY setup.sh /setup.sh
# Make the setup script executable
RUN chmod +x /setup.sh
# Run the setup script during the container startup
CMD ["/bin/bash", "-c", "/setup.sh"]
And a setup script that added the missing “_user” database:
#!/bin/sh -xe
# Set the CouchDB admin credentials
COUCHDB_ADMIN_USERNAME="admin"
COUCHDB_ADMIN_PASSWORD="password"
cat >/opt/couchdb/etc/local.ini <<EOF
[couchdb]
single_node=true
require_valid_user = false
[admins]
$COUCHDB_ADMIN_USERNAME = $COUCHDB_ADMIN_PASSWORD
COUCHDB_USER=admin
COUCHDB_PASSWORD=password
EOF
nohup bash -c "/docker-entrypoint.sh /opt/couchdb/bin/couchdb &"
sleep 15
# Wait for CouchDB to start and recognize the admin credentials
while true; do
curl http://127.0.0.1:5984/_up
curl http://$COUCHDB_ADMIN_USERNAME:$COUCHDB_ADMIN_PASSWORD@127.0.0.1:5984/_up
# curl -s http://127.0.0.1:5984/_up | grep -q 'true' && break
curl -s http://127.0.0.1:5984/_up | grep -q 'ok' && break
sleep 1
done
echo the site is up
# Create the admin user using the _users database endpoint with basic authentication
curl -X PUT http://127.0.0.1:5984/_users/org.couchdb.user:$COUCHDB_ADMIN_USERNAME \
-H "Content-Type: application/json" \
-u "$COUCHDB_ADMIN_USERNAME:$COUCHDB_ADMIN_PASSWORD" \
-d '{"name": "'"$COUCHDB_ADMIN_USERNAME"'", "password": "'"$COUCHDB_ADMIN_PASSWORD"'", "roles": [], "type": "user"}'
# Make the new admin user an admin
curl -X PUT http://127.0.0.1:5984/_config/admins/$COUCHDB_ADMIN_USERNAME \
-u "$COUCHDB_ADMIN_USERNAME:$COUCHDB_ADMIN_PASSWORD" \
-d "\"$COUCHDB_ADMIN_PASSWORD\""
# Create _replicator database
curl -X PUT http://127.0.0.1:5984/_replicator \
-u "$COUCHDB_ADMIN_USERNAME:$COUCHDB_ADMIN_PASSWORD"
Appending && sh test/scripts/wait_for_response_code.sh 6984 200 CouchDB
to the docker run command, in order to tell if the service was up, got stuck in a continuous loop.
Important to note that I could not access Fauxton at any time while testing.
Checking the docker container’s /opt/couchdb/etc/local.ini
file, nothing immediately jumped out to me as being missing and overwriting it with the cat command in the setup.sh
had no effect to Fauxton’s availability.
The couchdb v3.2 default /opt/couchdb/etc/local.ini
content looks as follows:
; CouchDB Configuration Settings
; Custom settings should be made in this file. They will override settings
; in default.ini, but unlike changes made to default.ini, this file won't be
; overwritten on server upgrade.
[couchdb]
;max_document_size = 4294967296 ; bytes
;os_process_timeout = 5000
[couch_peruser]
; If enabled, couch_peruser ensures that a private per-user database
; exists for each document in _users. These databases are writable only
; by the corresponding user. Databases are in the following form:
; userdb-{hex encoded username}
;enable = true
; If set to true and a user is deleted, the respective database gets
; deleted as well.
;delete_dbs = true
; Set a default q value for peruser-created databases that is different from
; cluster / q
;q = 1
[chttpd]
;port = 5984
;bind_address = 127.0.0.1
; Options for the MochiWeb HTTP server.
;server_options = [{backlog, 128}, {acceptor_pool_size, 16}]
; For more socket options, consult Erlang's module 'inet' man page.
;socket_options = [{sndbuf, 262144}, {nodelay, true}]
[httpd]
; NOTE that this only configures the "backend" node-local port, not the
; "frontend" clustered port. You probably don't want to change anything in
; this section.
; Uncomment next line to trigger basic-auth popup on unauthorized requests.
;WWW-Authenticate = Basic realm="administrator"
; Uncomment next line to set the configuration modification whitelist. Only
; whitelisted values may be changed via the /_config URLs. To allow the admin
; to change this value over HTTP, remember to include {httpd,config_whitelist}
; itself. Excluding it from the list would require editing this file to update
; the whitelist.
;config_whitelist = [{httpd,config_whitelist}, {log,level}, {etc,etc}]
[chttpd_auth]
; If you set this to true, you should also uncomment the WWW-Authenticate line
; above. If you don't configure a WWW-Authenticate header, CouchDB will send
; Basic realm="server" in order to prevent you getting logged out.
; require_valid_user = false
[ssl]
;enable = true
;cert_file = /full/path/to/server_cert.pem
;key_file = /full/path/to/server_key.pem
;password = somepassword
; set to true to validate peer certificates
;verify_ssl_certificates = false
; Set to true to fail if the client does not send a certificate. Only used if verify_ssl_certificates is true.
;fail_if_no_peer_cert = false
; Path to file containing PEM encoded CA certificates (trusted
; certificates used for verifying a peer certificate). May be omitted if
; you do not want to verify the peer.
;cacert_file = /full/path/to/cacertf
; The verification fun (optional) if not specified, the default
; verification fun will be used.
;verify_fun = {Module, VerifyFun}
; maximum peer certificate depth
;ssl_certificate_max_depth = 1
;
; Reject renegotiations that do not live up to RFC 5746.
;secure_renegotiate = true
; The cipher suites that should be supported.
; Can be specified in erlang format "{ecdhe_ecdsa,aes_128_cbc,sha256}"
; or in OpenSSL format "ECDHE-ECDSA-AES128-SHA256".
;ciphers = ["ECDHE-ECDSA-AES128-SHA256", "ECDHE-ECDSA-AES128-SHA"]
; The SSL/TLS versions to support
;tls_versions = [tlsv1, 'tlsv1.1', 'tlsv1.2']
; To enable Virtual Hosts in CouchDB, add a vhost = path directive. All requests to
; the Virual Host will be redirected to the path. In the example below all requests
; to http://example.com/ are redirected to /database.
; If you run CouchDB on a specific port, include the port number in the vhost:
; example.com:5984 = /database
[vhosts]
;example.com = /database/
; To create an admin account uncomment the '[admins]' section below and add a
; line in the format 'username = password'. When you next start CouchDB, it
; will change the password to a hash (so that your passwords don't linger
; around in plain-text files). You can add more admin accounts with more
; 'username = password' lines. Don't forget to restart CouchDB after
; changing this.
[admins]
;admin = mysecretpassword
Would you perhaps be able to provide some guidance on next steps?