Upgrading to bluefin - plex install error

Rickpunzel

Cadet
Joined
Nov 15, 2022
Messages
3
I just did a manual upgrade to bluefin.
After the upgrade, I noticed that my Plex app was deploying, but never finished.
After poking around a bit, I decided to uninstall it, then re-install. It never deploys either.

Looking at the plex log I see this:
{"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"container \"plex\" in pod \"plex-54548b8c7d-7s25z\" is waiting to start: CreateContainerError","reason":"BadRequest","code":400}

Any ideas?

Thanks,
Rick
 

Rickpunzel

Cadet
Joined
Nov 15, 2022
Messages
3
I found a work around. I am setting the Plex data folder (where all my media resides) to a dataset that is also a SMB share. This is so that I can easily drop new content to that folder(s) from client machines.

To get it working:
1 - Shares->Windows (SMB) Shares->Disable the share where you are pointing the PLEX dataset
2 - Apps->Plex->Stop
3 - Apps->Plex->Start (wait for it to finish deploying)
4 - Shares->Windows (SMB) Shares->Enable the share where you are pointing the PLEX dataset

The down side is that you need to do this each time you reboot the TrueNAS scale server...
 

bcat

Explorer
Joined
Oct 20, 2022
Messages
84
This is evidently working as intended, I guess to avoid unintuitive behavior if folks use badly behaved containers that don't gracefully handle chmod failures on datasets using NFSv4 ACLs. But fortunately there's a workaround. :)

Replicating here for clarity, in the TrueNAS cli command, enter app kubernetes update validate_host_path=false. (I assume there's a way to do this with midclt too, but I haven't looked yet since I'm waiting for the final release to update to Bluefin.)
 
Last edited:

Rickpunzel

Cadet
Joined
Nov 15, 2022
Messages
3
bcat thank you sir!!!
For anyone wondering, yes this does survive a reboot.

I wanted to add a detail that took this trueNAS newbie a minute to figure out:
From System Settings->Shell, type cli to get to a different command shell prior to typing the above "app kubernetes ....." command.

Thanks again,
Rick
 

j.lanham

Explorer
Joined
Aug 25, 2021
Messages
68
This is evidently working as intended, I guess to avoid unintuitive behavior if folks use badly behaved containers that don't gracefully handle chmod failures on datasets using NFSv4 ACLs. But fortunately there's a workaround. :)

Replicating here for clarity, in the TrueNAS cli command, enter app kubernetes update validate_host_path=false. (I assume there's a way to do this with midclt too, but I haven't looked yet since I'm waiting for the final release to update to Bluefin.)
I just upgraded to bluefin and I'm having the with the apps not starting. I tried your command in the command line, but the app command can't be found. Do you know if this still applies with the release version of Bluefin?

I missed the cli command part. Sorry about that.
 
Last edited:

mrcranky

Cadet
Joined
Dec 15, 2022
Messages
1
I just upgraded to bluefin and I'm having the with the apps not starting. I tried your command in the command line, but the app command can't be found. Do you know if this still applies with the release version of Bluefin?
To use cli commands, open the shell of your TrueNAS server, and then type cli and hit enter. You are now in the TrueNAS command line. Then type the command that bcat suggested.
 

BradP

Cadet
Joined
Dec 15, 2022
Messages
3
I just upgraded to bluefin and I'm having the with the apps not starting. I tried your command in the command line, but the app command can't be found. Do you know if this still applies with the release version of Bluefin?
I’m pretty clueless about most of this but, using the shell in the web interface, the “app kubernetes…” command worked for me after I entered ”cli”. Without first entering the cli command I also got the message that the command couldn’t be found.
 

j.lanham

Explorer
Joined
Aug 25, 2021
Messages
68
To use cli commands, open the shell of your TrueNAS server, and then type cli and hit enter. You are now in the TrueNAS command line. Then type the command that bcat suggested.
Thanks. You reminded me that I can't read ;-)
 

KRider92

Cadet
Joined
Dec 16, 2022
Messages
1
So I tried this workaround bcat provided, and now there's an activity stuck at 0% with the text
Code:
[
  {
    "validate_host_path": false
  }
]

This has been stuck for approx. 15 minutes now. Any idea what I can do? If I'm losing all my apps over this upgrade, I think I may cry...
 

Trevor68

Contributor
Joined
Oct 15, 2021
Messages
130
you can just untick it in the gui, under apps/advanced.
 

bcat

Explorer
Joined
Oct 20, 2022
Messages
84
You should never disable the host path validation.
Why not? You shouldn't disable it without understanding what it does and why it's there, sure, but that's true of any configuration option.
Presumably it was made configurable precisely because there are legitimate (albeit unsupported by iXsystems) reason to disable it.

Also, note that guidance from Kris Moore is "note you are removing a safety check, use at your own risk". That's a sensible warning, but very different from "never disable".

Semi-related: I do wish it could be disabled on a per-chart basis to make the decision even more intentional, but perhaps there are technical reasons why that's difficult.
 
Last edited:

rjtyler

Cadet
Joined
Jul 16, 2022
Messages
3
I found a work around. I am setting the Plex data folder (where all my media resides) to a dataset that is also a SMB share. This is so that I can easily drop new content to that folder(s) from client machines.

To get it working:
1 - Shares->Windows (SMB) Shares->Disable the share where you are pointing the PLEX dataset
2 - Apps->Plex->Stop
3 - Apps->Plex->Start (wait for it to finish deploying)
4 - Shares->Windows (SMB) Shares->Enable the share where you are pointing the PLEX dataset

The down side is that you need to do this each time you reboot the TrueNAS scale server...
Hi Rick,

I had spent the entire day working out this solution, including doing a post to ask for assistance on this matter and google searches to no success.

And here it is. Many thanks. This worked a treat.... Now busy importing my massive library.
 

Trevor68

Contributor
Joined
Oct 15, 2021
Messages
130
Why would you not just set an SMB share to a top level directory like tank, then put your data in a sub directory like tank/Plex ? No need to ever worry about it again.
 

oblivioncth

Explorer
Joined
Jul 13, 2022
Messages
71
Why would you not just set an SMB share to a top level directory like tank, then put your data in a sub directory like tank/Plex ? No need to ever worry about it again.
Because that's likely an oversight as one of the main points of adding host path validation was to keep containers from being able to write new permissions onto data that is also SMB shared. That principle is still violated even if the dataset that the container is accessing is nested. There's been talk that it looks this workaround will be removed in future SCALE releases.

It's a bit of a long one, but see: https://www.truenas.com/community/t...en-accounting-for-hostpath-validation.106634/
 

Trevor68

Contributor
Joined
Oct 15, 2021
Messages
130
I'll just settle for 6 to 12 months of not having to turn stuff off and on then, and cross that bridge when (and if) it arrives.
 

oblivioncth

Explorer
Joined
Jul 13, 2022
Messages
71
I'll just settle for 6 to 12 months of not having to turn stuff off and on then, and cross that bridge when (and if) it arrives.
I mean to be completely fair, I am also using this workaround and plan to do so until it stops working. It's just important to watch for permission issues depending on the exact app you have interacting with the common dataset. Ideally, the hostpath is mounted as read-only if possible.

When the time comes, I'll either disable hostpath validation (ideally just on Plex if this occurs when Cobia is released, which seems to be when disabling it per-app will be an option), or, somewhat annoyingly, switch to using an NFS share just for Plex.
 

Trevor68

Contributor
Joined
Oct 15, 2021
Messages
130
I read the thread full of entirely pointless speculation, I want that ten minutes back! Only Ix systems can tell what happens in the future.
 

oblivioncth

Explorer
Joined
Jul 13, 2022
Messages
71
I read the thread full of entirely pointless speculation, I want that ten minutes back! Only Ix systems can tell what happens in the future.
I think that's a little bit harsh... but yes we won't know for sure until it happens. Most of the debate was around some people not acknowledging that this is a workaround and not a true solution, not whether it will be removed or not.

However, something that isn't likely to be speculation at all is this comment by TrueCharts staff.

I asked for a reference to the change, but sadly never got a response. That being said, they need to pay close attention to the development of SCALE and therefore its nightlies, so I lean towards taking their word on this.

If true, this means we'll be dealing with the "bridge" in just two weeks

The only way to know for sure without waiting it seems would be to try out the latest nightly in a VM, though I haven't gotten around to it, and may just wait and see now that the next update is this close.
 

Trevor68

Contributor
Joined
Oct 15, 2021
Messages
130
Or just follow the boss advice and turn it off, simples.
 
Top