Camunda Self-Managed for Absolute Beginners

@djhair01 - no, run the command make helm.dependency-update in the main folder, instead of helm dependency update. We include a Makefile with the repo that contains a handful of useful commands, and this is one of those cases.

I am working in Mac/Linux, so Windows might have some differences in syntax, but the primary error in your first screenshot is repo camunda-platform-helm-main not found. You might need to add a ./ before the directory, like so:

helm install camunda-platform -f camunda-values.yaml ./camunda-platform-helm-main/charts/camunda-platform

Hey @nathan.loding - sorry about misinterpreting your instructions…Figured out how to run make in Windows, but getting a 401 even when I do “make helm.dependency-update”:

Hi @djhair01 - first, thanks so much for sticking with this and troubleshooting it to the end! I’ve taken a lot of notes and will be working to make some changes to our documentation to better clarify some of the things encountered here.

I cannot replicate that particular error. It’s not a Camunda error, but rather Docker is unable to access the Bitnami repository to pull the Elasticsearch image. I did a little bit of digging and I found this GitHub issue: Bitnami repo site returns "Access Denied" · Issue #13309 · bitnami/charts · GitHub

… It seems there are some known connectivity issues when pulling this image. That issue points to a possible DNS issue, but also mentions Cloudfront issues. It’s also possible that there is a proxy or firewall issue preventing your workstation from downloading the image.

If you try running this command, does it fail with a similar 401 Unauthorized error? This will not “fix” the Camunda Docker install, but this will attempt to pull the Elasticsearch container from Bitnami and start it, which can help us identify what might be preventing you from pulling the image.

docker run --name elasticsearch bitnami/elasticsearch:latest

Hey @nathan.loding - thanks for your patience and perseverance! The “docker run” command didn’t encounter the 401 error…Including full log for your review - it has a lot of “noise” at the beginning where I was trying to get to the right subdirectory.

I don’t have a good sense of where to go from here, so I eagerly await your guidance. Thanks.

Camunda 8.3 - Logs - 202311071240.yaml (21.1 KB)

I admit that I’m not quite sure where to look next either! We’ve narrowed the issue down, but not quite enough to really pinpoint a cause unfortunately.

The specific error is “unexpected status from GET request” and the unexpected status is “401 Unauthorized” … the URL it is trying to hit is

When I open that URL in my browser (or use curl), it returns a JWT token for me. If you try to open that URL (or try to issue a HTTP GET request from the command line, which I don’t know how to do in Windows :joy:), what response do you get?

Update: I’m finding quite a few similar questions about 401 errors with Docker registries around the internet. One theory is that Docker has low request limits based on IP, so if you’re on a shared network that is pulling frequently from Docker, you might be rate limited.

One other suggestion to look into: perhaps you have expired/invalid cached credentials for the Docker repository on your machine? It might be worth checking the credential store to make sure Docker isn’t accidentally using bad credentials. These images should be public, you shouldn’t need a username/password.

Hi @nathan.loding - i, too, get the JWT token when i hit the ElasticSearch chart URL from a browser.

Regarding invalid docker credentials stored on my machine, i didn’t quite understand what i was looking for and what, if anything needed to change, but i did find the following in ~.docker\config.json:

“auths”: {},
“credsStore”: “desktop”,
“currentContext”: “default”

Also note that Windows Credential Manager, which was mentioned in the articles that you referenced, did not have an entry for Docker:

Finally note that it appears that elasticsearch is already running from the “docker run --name elasticsearch bitnami/elasticsearch:latest” command:

Your thoughts on next steps? Thanks.

Hi @djhair01 - the Elasticsearch container that is running can be removed. That was just a test to make sure your workstation could pull the image, which it can. You could spin up a separate Elasticsearch instance and configure Camunda to use it (you would need to point all Elasticsearch configuration parameters to your instance).

As for next steps, unfortunately I don’t know! This is not an issue with Camunda or with our Helm charts or container images; for some reason, your workstation is blocked from fetching the bitnami/elasticsearch charts. There is a thread in the bitnami GitHub repository that says that upgrading your Helm client to v3.13.1 may fix it.

Hi @nathan.loding - thanks for the follow-up. I read the bitnami thread and see that i am indeed running an older Helm client:

PS C:\Users\dujua.kube\camunda-platform-helm-main\charts> helm version
version.BuildInfo{Version:“v3.13.0”, GitCommit:“825e86f6a7a38cef1112bfa606e4127a706749b1”, GitTreeState:“clean”, GoVersion:“go1.20.8”}

I’ve run several permutations of the “helm upgrade” command using file names and subdirectories for the [CHART] argument, but to no avail (error message transcript is below):

helm upgrade [RELEASE] [CHART] [flags]

My question is: what should I use for the [CHART] argument? Thanks.


PS C:\Users\dujua.kube\camunda-platform-helm-main\charts\camunda-platform> helm upgrade v3.13.1 Chart.yaml
Error: file ‘C:\Users\dujua.kube\camunda-platform-helm-main\charts\camunda-platform\Chart.yaml’ seems to be a YAML file, but expected a gzipped archive
PS C:\Users\dujua.kube\camunda-platform-helm-main\charts\camunda-platform> helm upgrade v3.13.1 charts
Error: Chart.yaml file is missing
PS C:\Users\dujua.kube\camunda-platform-helm-main\charts\camunda-platform> helm upgrade v3.13.1 Chart
Error: non-absolute URLs should be in form of repo_name/path_to_chart, got: Chart
PS C:\Users\dujua.kube\camunda-platform-helm-main\charts\camunda-platform> helm upgrade v3.13.1 Chart.yaml
Error: file ‘C:\Users\dujua.kube\camunda-platform-helm-main\charts\camunda-platform\Chart.yaml’ seems to be a YAML file, but expected a gzipped archive
PS C:\Users\dujua.kube\camunda-platform-helm-main\charts\camunda-platform> helm upgrade v3.13.1
Error: “helm upgrade” requires 2 arguments

Usage: helm upgrade [RELEASE] [CHART] [flags]
PS C:\Users\dujua.kube\camunda-platform-helm-main\charts\camunda-platform> helm upgrade v3.13.1 /charts
Error: repo not found

The helm upgrade command upgrades a deployed cluster with a new chart; it doesn’t upgrade the version of helm installed on your workstation. For that, you need to follow the installation instructions in Helm’s documentation.

Thanks @nathan.loding - making progress…

I did a “choco install kubernetes-helm --version 3.13.1”
and the “make.helm dependency-update”
commands and i’m no longer getting the 401 errors.

Next I tried running a few permutations of the final command from the blog post (I’m not quite sure on the argument values), and I’m getting errors:

I think we’re in the “last mile” and your expertise is much appreciated…Thanks.

This is where I lack some knowledge about Windows and Powershell. I think you need to have a ./ before the folder path for the local copy of the charts:

helm install camunda-platform -f camunda-values.yaml ./camunda-platform-helm-main/charts/camunda-platform

The other set of errors (“cannot re-use a name that is still in use”) means you may already have a cluster using that name. I would recommend removing anything installed (easy to do with Docker, just delete the control planes), then start the installation from the first step again. Hopefully adding a ./ before the path resolves it!

Hi @nathan.loding - thanks, Camunda is running (kind of)…

I tried doing the port forwarding and hitting URLs for Tasklist, Operate and their healthchecks but got errors. I’ve attached “Describe” and “Log” files from k9s for the pods.

Next steps to get me running? Thanks and have a great weekend.

K9S DESCRIBE.yaml (32.4 KB)
K9S LOGS.yaml (53.7 KB)

They are unable to connect to Elasticsearch, and in the k9s screenshot Elasticsearch hasn’t started yet. Did you delete everything in Docker and start from the beginning again? If not, try that first. If you did, then this might be a case where you need to give Docker more resources.