#help
Title
a
ambitious-student-88371
06/28/2023, 4:14 PMHi everyone, I tried self-hosting the cloud pricing API in K8s by installing your helm chart. I am facing an issue, the db download job completes correctly but when I query http://localhost:4000 it shows the home page of the cloud pricing API, when I enter the self-hosted-api-key it returns a 403 error and an Invalid API key response. Although the self-hosted API key is the same as listed in the secret of the pod.
l
little-author-61621
06/28/2023, 4:29 PM
Hi @ambitious-student-88371, I’ve not been able to reproduce. If you curl it with that API key as per below does that work?
https://www.infracost.io/docs/cloud_pricing_api/self_hosted/#cli-fails-to-connect-to-your-cloud-pricing-api
a
ambitious-student-88371
06/28/2023, 4:51 PMss.png
l
little-author-61621
06/28/2023, 4:54 PM
Thanks @ambitious-student-88371, can you confirm if the pod has the
SELF_HOSTED_INFRACOST_API_KEYa
ambitious-student-88371
06/28/2023, 4:58 PMaa (1).png
l
little-author-61621
06/28/2023, 5:06 PM
@ambitious-student-88371 is that a screenshot of the secret? Can you also confirmed what is being passed into
SELF_HOSTED_INFRACOST_API_KEYa
ambitious-student-88371
06/28/2023, 5:19 PMYes, also the environment variable does has
SELF_HOSTED_INFRACOST_API_KEYl
little-author-61621
06/28/2023, 5:24 PM
Okay, that seems odd. This error should only be returned if the configured API key doesn’t match the passed one. What happens if you curl it without passing an API key.
a
ambitious-student-88371
06/28/2023, 5:26 PMonly this:
curl -i <http://localhost>:port/graphqll
little-author-61621
06/28/2023, 5:30 PM
Hmm, ok so the app at least thinks an API key has been set, but for some reason it doesn’t think it’s the one you’re passing.
Have you tried running
echo $SELF_HOSTED_INFRACOST_API_KEYa
ambitious-student-88371
06/28/2023, 5:34 PMI just ran this and i got a diff key and this returns 200 from the endpont
l
little-author-61621
06/28/2023, 5:37 PM
Okay, so somehow a different value is being passed in 😕. Do you a
existingSecretSelfHostedAPIKeya
ambitious-student-88371
06/28/2023, 5:38 PM Copy code
echo "Your self-hosted Infracost API key is $(kubectl get secret --namespace $NAMESPACE cloud-pricing-api --template="{{ index .data \"self-hosted-infracost-api-key\" }}" | base64 -D)"l
little-author-61621
06/28/2023, 5:39 PM
What does the YAML for the API deployment look like?
a
ambitious-student-88371
06/28/2023, 5:45 PMWhat exactly to look for?
Copy code
apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
<http://deployment.kubernetes.io/revision|deployment.kubernetes.io/revision>: "1"
<http://meta.helm.sh/release-name|meta.helm.sh/release-name>: cloud-pricing-api
<http://meta.helm.sh/release-namespace|meta.helm.sh/release-namespace>: default
creationTimestamp: "2023-06-28T13:02:03Z"
generation: 1
labels:
<http://app.kubernetes.io/instance|app.kubernetes.io/instance>: cloud-pricing-api
<http://app.kubernetes.io/managed-by|app.kubernetes.io/managed-by>: Helm
<http://app.kubernetes.io/name|app.kubernetes.io/name>: cloud-pricing-api
<http://app.kubernetes.io/version|app.kubernetes.io/version>: 0.3.16
<http://helm.sh/chart|helm.sh/chart>: cloud-pricing-api-0.6.9
name: cloud-pricing-api
namespace: default
resourceVersion: "683"
uid: 4aea41d5-85bb-4bd9-b029-07b04f1f518a
spec:
progressDeadlineSeconds: 600
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
<http://app.kubernetes.io/instance|app.kubernetes.io/instance>: cloud-pricing-api
<http://app.kubernetes.io/name|app.kubernetes.io/name>: cloud-pricing-api
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
creationTimestamp: null
labels:
<http://app.kubernetes.io/instance|app.kubernetes.io/instance>: cloud-pricing-api
<http://app.kubernetes.io/name|app.kubernetes.io/name>: cloud-pricing-api
spec:
containers:
- env:
- name: POSTGRES_HOST
value: cloud-pricing-api-postgresql
- name: POSTGRES_PORT
value: "5432"
- name: POSTGRES_DB
value: cloudpricingapi
- name: POSTGRES_USER
value: cloudpricingapi
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
key: password
name: cloud-pricing-api-postgresql
- name: INFRACOST_API_KEY
valueFrom:
secretKeyRef:
key: infracost-api-key
name: cloud-pricing-api
- name: SELF_HOSTED_INFRACOST_API_KEY
valueFrom:
secretKeyRef:
key: self-hosted-infracost-api-key
name: cloud-pricing-api
- name: LOG_LEVEL
value: info
- name: DISABLE_TELEMETRY
value: "false"
image: infracost/cloud-pricing-api:0.3.16
imagePullPolicy: Always
livenessProbe:
failureThreshold: 3
httpGet:
path: /health
port: http
scheme: HTTP
initialDelaySeconds: 5
periodSeconds: 5
successThreshold: 1
timeoutSeconds: 2
name: cloud-pricing-api
ports:
- containerPort: 4000
name: http
protocol: TCP
readinessProbe:
failureThreshold: 3
httpGet:
path: /health
port: http
scheme: HTTP
initialDelaySeconds: 5
periodSeconds: 5
successThreshold: 1
timeoutSeconds: 2
resources:
limits:
cpu: "1"
memory: 512Mi
requests:
cpu: 50m
memory: 64Mi
securityContext: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
dnsPolicy: ClusterFirst
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
serviceAccount: cloud-pricing-api
serviceAccountName: cloud-pricing-api
terminationGracePeriodSeconds: 30
status:
availableReplicas: 1
conditions:
- lastTransitionTime: "2023-06-28T13:02:38Z"
lastUpdateTime: "2023-06-28T13:02:38Z"
message: Deployment has minimum availability.
reason: MinimumReplicasAvailable
status: "True"
type: Available
- lastTransitionTime: "2023-06-28T13:02:03Z"
lastUpdateTime: "2023-06-28T13:02:38Z"
message: ReplicaSet "cloud-pricing-api-5b94ff9c46" has successfully progressed.
reason: NewReplicaSetAvailable
status: "True"
type: Progressing
observedGeneration: 1
readyReplicas: 1
replicas: 1
updatedReplicas: 1l
little-author-61621
06/28/2023, 5:48 PM
Thanks, if you restart the deployment does it still use that same API key?
a
ambitious-student-88371
06/28/2023, 5:59 PMYeah, now it's the same at every place
l
little-author-61621
06/28/2023, 6:47 PM
Ah ok that's good to know, thanks.
2 Views