Install nubus 1.14.0 on k8s on a vps

duc · October 27, 2025, 6:57am

Dear Team and community,

I tried to install nubus 1.14.0 on kubernetes on a vps and used the article “Install Nubus for Kubernetes on your notebook in 20 minutes” as a reference.

But the installation is failing everytime due to timeout and I don’t know how to fix it, please help me

Here is the full installation log:

# cat kind-cluster-config.yaml
kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
nodes:
- role: control-plane
  kubeadmConfigPatches:
  - |
    kind: InitConfiguration
    nodeRegistration:
      kubeletExtraArgs:
        node-labels: "ingress-ready=true"
  extraPortMappings:
  - containerPort: 80
    hostPort: 8080
    protocol: TCP
  - containerPort: 443
    hostPort: 8443
    protocol: TCP

# kind delete clusters nubus
enabling experimental podman provider
Deleted nodes: ["nubus-control-plane"]
Deleted clusters: ["nubus"]
# kind create cluster --name nubus --config=kind-cluster-config.yaml
enabling experimental podman provider
Creating cluster "nubus" ...
 ✓ Ensuring node image (kindest/node:v1.34.0) 🖼
 ✓ Preparing nodes 📦
 ✓ Writing configuration 📜
 ✓ Starting control-plane 🕹️
 ✓ Installing CNI 🔌
 ✓ Installing StorageClass 💾
Set kubectl context to "kind-nubus"
Thanks for using kind! 😊

# helm upgrade --install ingress-nginx ingress-nginx \
     --repo https://kubernetes.github.io/ingress-nginx \
     --namespace ingress-nginx \
     --create-namespace \
     --version "4.8.0" \
     --set controller.allowSnippetAnnotations=true \
     --set controller.config.hsts=false \
     --set controller.service.enableHttps=false \
     --set controller.hostPort.enabled=true \
     --set controller.service.ports.http=80
Release "ingress-nginx" does not exist. Installing it now.
NAME: ingress-nginx
LAST DEPLOYED: Fri Oct 24 12:36:30 2025
NAMESPACE: ingress-nginx
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
The ingress-nginx controller has been installed.
It may take a few minutes for the LoadBalancer IP to be available.
You can watch the status by running 'kubectl --namespace ingress-nginx get services -o wide -w ingress-nginx-controller'

# export NAMESPACE_FOR_NUBUS="default"
# export RELEASE_NAME="nubus"
# export VERSION="1.14.0"

# curl \
   --output custom_values_examples.yaml \
   https://raw.githubusercontent.com/univention/nubus-stack/v"$VERSION"/helm/nubus/example.yaml

# cat custom_values_examples.yaml
---
global:
  nubusDeployment: true
  ldap:
    baseDn: "dc=example,dc=com"
    domainName: "example.com"
  domain: example.com
  ingressClass: "nginx"
  certManagerIssuer: "letsencrypt"
  secrets:
    masterPassword: "IchHabeHunger2025!!!"

# kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.17.1/cert-manager.yaml
namespace/cert-manager created
customresourcedefinition.apiextensions.k8s.io/certificaterequests.cert-manager.io created
Warning: unrecognized format "int32"
Warning: unrecognized format "int64"
customresourcedefinition.apiextensions.k8s.io/certificates.cert-manager.io created
customresourcedefinition.apiextensions.k8s.io/challenges.acme.cert-manager.io created
customresourcedefinition.apiextensions.k8s.io/clusterissuers.cert-manager.io created
customresourcedefinition.apiextensions.k8s.io/issuers.cert-manager.io created
customresourcedefinition.apiextensions.k8s.io/orders.acme.cert-manager.io created
serviceaccount/cert-manager-cainjector created
serviceaccount/cert-manager created
serviceaccount/cert-manager-webhook created
clusterrole.rbac.authorization.k8s.io/cert-manager-cainjector created
clusterrole.rbac.authorization.k8s.io/cert-manager-controller-issuers created
clusterrole.rbac.authorization.k8s.io/cert-manager-controller-clusterissuers created
clusterrole.rbac.authorization.k8s.io/cert-manager-controller-certificates created
clusterrole.rbac.authorization.k8s.io/cert-manager-controller-orders created
clusterrole.rbac.authorization.k8s.io/cert-manager-controller-challenges created
clusterrole.rbac.authorization.k8s.io/cert-manager-controller-ingress-shim created
clusterrole.rbac.authorization.k8s.io/cert-manager-cluster-view created
clusterrole.rbac.authorization.k8s.io/cert-manager-view created
clusterrole.rbac.authorization.k8s.io/cert-manager-edit created
clusterrole.rbac.authorization.k8s.io/cert-manager-controller-approve:cert-manager-io created
clusterrole.rbac.authorization.k8s.io/cert-manager-controller-certificatesigningrequests created
clusterrole.rbac.authorization.k8s.io/cert-manager-webhook:subjectaccessreviews created
clusterrolebinding.rbac.authorization.k8s.io/cert-manager-cainjector created
clusterrolebinding.rbac.authorization.k8s.io/cert-manager-controller-issuers created
clusterrolebinding.rbac.authorization.k8s.io/cert-manager-controller-clusterissuers created
clusterrolebinding.rbac.authorization.k8s.io/cert-manager-controller-certificates created
clusterrolebinding.rbac.authorization.k8s.io/cert-manager-controller-orders created
clusterrolebinding.rbac.authorization.k8s.io/cert-manager-controller-challenges created
clusterrolebinding.rbac.authorization.k8s.io/cert-manager-controller-ingress-shim created
clusterrolebinding.rbac.authorization.k8s.io/cert-manager-controller-approve:cert-manager-io created
clusterrolebinding.rbac.authorization.k8s.io/cert-manager-controller-certificatesigningrequests created
clusterrolebinding.rbac.authorization.k8s.io/cert-manager-webhook:subjectaccessreviews created
role.rbac.authorization.k8s.io/cert-manager-cainjector:leaderelection created
role.rbac.authorization.k8s.io/cert-manager:leaderelection created
role.rbac.authorization.k8s.io/cert-manager-tokenrequest created
role.rbac.authorization.k8s.io/cert-manager-webhook:dynamic-serving created
rolebinding.rbac.authorization.k8s.io/cert-manager-cainjector:leaderelection created
rolebinding.rbac.authorization.k8s.io/cert-manager:leaderelection created
rolebinding.rbac.authorization.k8s.io/cert-manager-cert-manager-tokenrequest created
rolebinding.rbac.authorization.k8s.io/cert-manager-webhook:dynamic-serving created
service/cert-manager-cainjector created
service/cert-manager created
service/cert-manager-webhook created
deployment.apps/cert-manager-cainjector created
deployment.apps/cert-manager created
deployment.apps/cert-manager-webhook created
mutatingwebhookconfiguration.admissionregistration.k8s.io/cert-manager-webhook created
validatingwebhookconfiguration.admissionregistration.k8s.io/cert-manager-webhook created

# helm upgrade \
   --install \
   --namespace="$NAMESPACE_FOR_NUBUS" \
   --values custom_values.yaml \
   --version "$VERSION" \
   --timeout 20m \
   "$RELEASE_NAME" \
   oci://artifacts.software-univention.de/nubus/charts/nubus
Release "nubus" does not exist. Installing it now.
Pulled: artifacts.software-univention.de/nubus/charts/nubus:1.14.0
Digest: sha256:3443acb94c1b07ce7c3e7620755da7d46b400746bb76d4a922b72535c822da84
coalesce.go:298: warning: cannot overwrite table with non table for nubusGuardian.postgresql.auth.existingSecret (map[keyMapping:map[password:<nil>] name:<nil>])
coalesce.go:298: warning: cannot overwrite table with non table for nubusNotificationsApi.postgresql.auth.existingSecret (map[keyMapping:map[password:<nil>] name:])
coalesce.go:298: warning: cannot overwrite table with non table for keycloak.postgresql.auth.existingSecret (map[keyMapping:map[password:<nil>] name:<nil>])
coalesce.go:301: warning: destination for minio.ingress.tls is a table. Ignoring non-table value (false)
I1024 12:38:53.768259 1183762 warnings.go:110] "Warning: spec.SessionAffinity is ignored for headless services"
I1024 12:38:53.774025 1183762 warnings.go:110] "Warning: spec.SessionAffinity is ignored for headless services"
I1024 12:38:53.776042 1183762 warnings.go:110] "Warning: spec.SessionAffinity is ignored for headless services"
I1024 12:38:53.778573 1183762 warnings.go:110] "Warning: spec.SessionAffinity is ignored for headless services"
I1024 12:38:53.784315 1183762 warnings.go:110] "Warning: spec.SessionAffinity is ignored for headless services"
I1024 12:38:53.784501 1183762 warnings.go:110] "Warning: spec.SessionAffinity is ignored for headless services"
Error: failed post-install: 1 error occurred:
	* timed out waiting for the condition`

# kubectl -n default get pods
NAME                                                 READY   STATUS              RESTARTS   AGE
nubus-guardian-authorization-api-8684b788d7-zrkrx    0/1     Error               0          20m
nubus-guardian-management-api-85bb6cfd9-n8c2n        0/1     Init:Error          0          20m
nubus-guardian-management-ui-86c9c4b4f9-rzcrr        0/1     PodInitializing     0          20m
nubus-guardian-open-policy-agent-5d897fc5cb-f8d7l    0/1     ContainerCreating   0          20m
nubus-guardian-provisioning-1-bjn4j                  0/1     Init:0/1            0          20m
nubus-helpdesk-1-keycloak-bootstrap-dwck4            0/1     Init:0/1            0          20m
nubus-helpdesk-bfdb4fbf5-dpg9n                       0/1     ImagePullBackOff    0          20m
nubus-helpdesk-ui-6975866bb4-l7mnv                   0/1     Init:0/1            0          20m
nubus-keycloak-0                                     0/1     Init:0/1            0          20m
nubus-keycloak-bootstrap-bootstrap-1-g552j           0/1     Init:0/1            0          20m
nubus-ldap-notifier-0                                0/1     ContainerCreating   0          20m
nubus-ldap-server-primary-0                          0/2     Init:0/5            0          20m
nubus-ldap-server-proxy-7dc677747d-stxtd             0/1     Init:0/6            0          20m
nubus-ldap-server-secondary-0                        0/1     Init:0/6            0          20m
nubus-minio-66f765499d-xg8pv                         0/1     ContainerCreating   0          20m
nubus-minio-provisioning-n7gsz                       0/1     Init:0/1            0          20m
nubus-notifications-api-d6fcb866b-dk8f5              0/1     ContainerCreating   0          20m
nubus-portal-consumer-0                              0/1     Init:0/5            0          20m
nubus-portal-frontend-6867c4b57d-cf6pj               0/1     ContainerCreating   0          20m
nubus-portal-server-9d9dbdfc6-ppqcd                  0/1     Init:0/1            0          20m
nubus-postgresql-0                                   0/1     ContainerCreating   0          20m
nubus-postgresql-provisioning-bnxq4                  0/1     Init:0/1            0          20m
nubus-provisioning-api-845c5c4d76-b8mbw              0/1     Init:0/1            0          20m
nubus-provisioning-dispatcher-d5bf74b97-gxdfv        0/1     Init:0/1            0          20m
nubus-provisioning-nats-0                            0/3     ContainerCreating   0          20m
nubus-provisioning-prefill-fdf6869fd-jqsn4           0/1     Init:0/2            0          20m
nubus-provisioning-register-consumers-1-d4cmq        0/1     Init:0/2            0          20m
nubus-provisioning-udm-listener-0                    0/1     Init:0/1            0          20m
nubus-provisioning-udm-transformer-bbf9fcbc7-xh8c6   0/1     Init:0/4            0          20m
nubus-selfservice-listener-86dc79d47c-9fvwd          0/1     Init:0/1            0          20m
nubus-stack-data-ums-1-22zzz                         0/1     Init:0/4            0          20m
nubus-udm-rest-api-6c8bcd7864-sl4t9                  0/1     Init:0/5            0          20m
nubus-umc-gateway-557d474f96-7h8wc                   0/1     Init:0/5            0          20m
nubus-umc-server-0                                   0/2     Init:0/4            0          20m
nubus-umc-server-7b756899dd-wxwb4                    0/1     ContainerCreating   0          20m
nubus-umc-server-memcached-677f7d4546-zs7z5          0/1     ContainerCreating   0          20m


# kubectl -n default describe pod nubus-guardian-authorization-api-8684b788d7-zrkrx
Name:             nubus-guardian-authorization-api-8684b788d7-zrkrx
Namespace:        default
Priority:         0
Service Account:  nubus-guardian
Node:             nubus-control-plane/10.89.0.21
Start Time:       Mon, 27 Oct 2025 07:11:46 +0100
Labels:           app.kubernetes.io/instance=nubus
                  app.kubernetes.io/managed-by=Helm
                  app.kubernetes.io/name=nubus-guardian-authorization-api
                  app.kubernetes.io/version=2.0.0
                  helm.sh/chart=nubusGuardian-0.22.5
                  pod-template-hash=8684b788d7
Annotations:      checksum/config: d8c06944be6eb670f82b1c3734d54d6a3455c491d5fa57257ad06aca5cfd160e
Status:           Running
IP:               10.244.0.11
IPs:
  IP:           10.244.0.11
Controlled By:  ReplicaSet/nubus-guardian-authorization-api-8684b788d7
Containers:
  authorization-api:
    Container ID:    containerd://af50895eac1b0847821a334a89dedbaa5c37a1e45617b38811545d46c0f44e97
    Image:           docker.software-univention.de/guardian-authorization-api-authorization-api:3.0.0
    Image ID:        docker.software-univention.de/guardian-authorization-api-authorization-api@sha256:d2849b25ddd0322e1bef6c1e7b16f59fb63f35b0924f99f200bc22de834d9a2d
    Port:            8000/TCP (http)
    Host Port:       0/TCP (http)
    SeccompProfile:  RuntimeDefault
    State:           Terminated
      Reason:        Error
      Exit Code:     3
      Started:       Mon, 27 Oct 2025 07:12:09 +0100
      Finished:      Mon, 27 Oct 2025 07:12:10 +0100
    Ready:           False
    Restart Count:   0
    Limits:
      cpu:     4
      memory:  4Gi
    Requests:
      cpu:      250m
      memory:   512Mi
    Liveness:   http-get http://:http/guardian/authorization/openapi.json delay=120s timeout=3s period=30s #success=1 #failure=3
    Readiness:  http-get http://:http/guardian/authorization/openapi.json delay=30s timeout=3s period=15s #success=1 #failure=30
    Environment Variables from:
      nubus-guardian-authorization-api  ConfigMap  Optional: false
    Environment:                        <none>
    Mounts:
      /tmp from tmp (rw)
      /var/guardian from udm-adapter-user (rw)
      /var/secrets from secrets (rw)
Conditions:
  Type                        Status
  PodReadyToStartContainers   True
  Initialized                 True
  Ready                       False
  ContainersReady             False
  PodScheduled                True
Volumes:
  tmp:
    Type:       EmptyDir (a temporary directory that shares a pod's lifetime)
    Medium:
    SizeLimit:  <unset>
  udm-adapter-user:
    Type:      ConfigMap (a volume populated by a ConfigMap)
    Name:      nubus-guardian-udm-adapter-user
    Optional:  false
  secrets:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  nubus-ldap-server-admin
    Optional:    false
QoS Class:       Burstable
Node-Selectors:  <none>
Tolerations:     node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
                 node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
  Type    Reason     Age                From               Message
  ----    ------     ----               ----               -------
  Normal  Scheduled  20m                default-scheduler  Successfully assigned default/nubus-guardian-authorization-api-8684b788d7-zrkrx to nubus-control-plane
  Normal  Pulled     20m                kubelet            Successfully pulled image "docker.software-univention.de/guardian-authorization-api-authorization-api:3.0.0" in 21.922s (21.922s including waiting). Image size: 162009083 bytes.
  Normal  Created    20m                kubelet            Created container: authorization-api
  Normal  Started    20m                kubelet            Started container authorization-api
  Normal  Pulling    20m (x2 over 20m)  kubelet            Pulling image "docker.software-univention.de/guardian-authorization-api-authorization-api:3.0.0"


# kubectl -n default describe pod nubus-guardian-management-api-85bb6cfd9-n8c2n
Name:             nubus-guardian-management-api-85bb6cfd9-n8c2n
Namespace:        default
Priority:         0
Service Account:  nubus-guardian
Node:             nubus-control-plane/10.89.0.21
Start Time:       Mon, 27 Oct 2025 07:11:46 +0100
Labels:           app.kubernetes.io/instance=nubus
                  app.kubernetes.io/managed-by=Helm
                  app.kubernetes.io/name=nubus-guardian-management-api
                  app.kubernetes.io/version=2.0.0
                  helm.sh/chart=nubusGuardian-0.22.5
                  pod-template-hash=85bb6cfd9
Annotations:      checksum/config: ec61d4b503a324100c5c5abc7ce677ae50a81f2e708b7758c314a1a90c666e46
Status:           Pending
IP:               10.244.0.12
IPs:
  IP:           10.244.0.12
Controlled By:  ReplicaSet/nubus-guardian-management-api-85bb6cfd9
Init Containers:
  database-migrations:
    Container ID:    containerd://7ffe49680458a38fc7a087b70d70c24538697f8aa33eabe3844f6eb21e0f6cf4
    Image:           docker.software-univention.de/guardian-management-api-management-api:3.0.0
    Image ID:        docker.software-univention.de/guardian-management-api-management-api@sha256:f3c9af13d50632a7e2232f675408b5559fb9ca314b7babf367cf4db80b62ebea
    Port:            <none>
    Host Port:       <none>
    SeccompProfile:  RuntimeDefault
    Command:
      alembic
      upgrade
      head
    State:          Terminated
      Reason:       Error
      Exit Code:    1
      Started:      Mon, 27 Oct 2025 07:12:20 +0100
      Finished:     Mon, 27 Oct 2025 07:12:22 +0100
    Ready:          False
    Restart Count:  0
    Limits:
      cpu:     4
      memory:  4Gi
    Requests:
      cpu:     250m
      memory:  512Mi
    Environment Variables from:
      nubus-guardian-management-api  ConfigMap  Optional: false
    Environment:
      SQL_PERSISTENCE_ADAPTER__PASSWORD:  <set to the key 'password' in secret 'nubus-guardian-management-api-postgresql-credentials'>  Optional: false
    Mounts:                               <none>
Containers:
  management-api:
    Container ID:
    Image:           docker.software-univention.de/guardian-management-api-management-api:3.0.0
    Image ID:
    Port:            8000/TCP (http)
    Host Port:       0/TCP (http)
    SeccompProfile:  RuntimeDefault
    State:           Waiting
      Reason:        PodInitializing
    Ready:           False
    Restart Count:   0
    Limits:
      cpu:     4
      memory:  4Gi
    Requests:
      cpu:      250m
      memory:   512Mi
    Liveness:   http-get http://:http/guardian/management/openapi.json delay=120s timeout=3s period=30s #success=1 #failure=3
    Readiness:  http-get http://:http/guardian/management/openapi.json delay=30s timeout=3s period=15s #success=1 #failure=30
    Environment Variables from:
      nubus-guardian-management-api  ConfigMap  Optional: false
    Environment:
      SQL_PERSISTENCE_ADAPTER__PASSWORD:  <set to the key 'password' in secret 'nubus-guardian-management-api-postgresql-credentials'>  Optional: false
    Mounts:
      /guardian_service_dir/bundle_server from bundles (rw)
      /tmp from tmp (rw)
      /var/secrets from secrets (rw)
Conditions:
  Type                        Status
  PodReadyToStartContainers   True
  Initialized                 False
  Ready                       False
  ContainersReady             False
  PodScheduled                True
Volumes:
  bundles:
    Type:       EmptyDir (a temporary directory that shares a pod's lifetime)
    Medium:
    SizeLimit:  <unset>
  tmp:
    Type:       EmptyDir (a temporary directory that shares a pod's lifetime)
    Medium:
    SizeLimit:  <unset>
  secrets:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  nubus-guardian-keycloak-client-secret
    Optional:    false
QoS Class:       Burstable
Node-Selectors:  <none>
Tolerations:     node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
                 node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
  Type    Reason     Age                From               Message
  ----    ------     ----               ----               -------
  Normal  Scheduled  21m                default-scheduler  Successfully assigned default/nubus-guardian-management-api-85bb6cfd9-n8c2n to nubus-control-plane
  Normal  Pulled     20m                kubelet            Successfully pulled image "docker.software-univention.de/guardian-management-api-management-api:3.0.0" in 11.018s (32.94s including waiting). Image size: 185802902 bytes.
  Normal  Created    20m                kubelet            Created container: database-migrations
  Normal  Started    20m                kubelet            Started container database-migrations
  Normal  Pulling    20m (x2 over 21m)  kubelet            Pulling image "docker.software-univention.de/guardian-management-api-management-api:3.0.0"


# kubectl -n default describe pod nubus-guardian-management-ui-86c9c4b4f9-rzcrr
Name:             nubus-guardian-management-ui-86c9c4b4f9-rzcrr
Namespace:        default
Priority:         0
Service Account:  nubus-guardian
Node:             nubus-control-plane/10.89.0.21
Start Time:       Mon, 27 Oct 2025 07:11:46 +0100
Labels:           app.kubernetes.io/instance=nubus
                  app.kubernetes.io/managed-by=Helm
                  app.kubernetes.io/name=nubus-guardian-management-ui
                  app.kubernetes.io/version=2.0.0
                  helm.sh/chart=nubusGuardian-0.22.5
                  pod-template-hash=86c9c4b4f9
Annotations:      checksum/config: 12ad6b4c86628ce9be4c600eb7408dd1bd517f4b291216b4fa3834960e2f6f21
Status:           Pending
IP:               10.244.0.14
IPs:
  IP:           10.244.0.14
Controlled By:  ReplicaSet/nubus-guardian-management-ui-86c9c4b4f9
Init Containers:
  app-configuration:
    Container ID:    containerd://3836df552d8b07608f198b6fcda704e55f7d9cba4fedfd2d38c8f7989a2b73f4
    Image:           docker.software-univention.de/guardian-management-ui-management-ui:3.0.0
    Image ID:        docker.software-univention.de/guardian-management-ui-management-ui@sha256:b90d496a323353c71e29938a6b1980655fb3aefe53bab455da865e3202b7f0f8
    Port:            <none>
    Host Port:       <none>
    SeccompProfile:  RuntimeDefault
    Command:
      sh
      -c
      /entrypoint.sh; cp -a /app/* /target/app/
    State:          Terminated
      Reason:       Completed
      Exit Code:    0
      Started:      Mon, 27 Oct 2025 07:12:35 +0100
      Finished:     Mon, 27 Oct 2025 07:12:35 +0100
    Ready:          True
    Restart Count:  0
    Limits:
      cpu:     4
      memory:  4Gi
    Requests:
      cpu:     250m
      memory:  512Mi
    Environment Variables from:
      nubus-guardian-management-ui  ConfigMap  Optional: false
    Environment:
      SKIP_CONFIG_GENERATION:  TRUE
    Mounts:
      /target/app from app-config (rw)
Containers:
  management-ui:
    Container ID:
    Image:           docker.software-univention.de/guardian-management-ui-management-ui:3.0.0
    Image ID:
    Port:            8080/TCP (http)
    Host Port:       0/TCP (http)
    SeccompProfile:  RuntimeDefault
    State:           Waiting
      Reason:        PodInitializing
    Ready:           False
    Restart Count:   0
    Limits:
      cpu:     4
      memory:  4Gi
    Requests:
      cpu:      250m
      memory:   512Mi
    Liveness:   http-get http://:http/ delay=120s timeout=3s period=30s #success=1 #failure=3
    Readiness:  http-get http://:http/ delay=30s timeout=3s period=15s #success=1 #failure=30
    Environment Variables from:
      nubus-guardian-management-ui  ConfigMap  Optional: false
    Environment:                    <none>
    Mounts:
      /app from app-config (rw)
      /etc/nginx/sites-enabled/default from nginx-conf (rw,path="nginx.conf")
      /var/lib/nginx from var-lib (rw)
      /var/run from var-run (rw)
Conditions:
  Type                        Status
  PodReadyToStartContainers   True
  Initialized                 True
  Ready                       False
  ContainersReady             False
  PodScheduled                True
Volumes:
  app-config:
    Type:       EmptyDir (a temporary directory that shares a pod's lifetime)
    Medium:
    SizeLimit:  <unset>
  var-lib:
    Type:       EmptyDir (a temporary directory that shares a pod's lifetime)
    Medium:
    SizeLimit:  <unset>
  var-run:
    Type:       EmptyDir (a temporary directory that shares a pod's lifetime)
    Medium:
    SizeLimit:  <unset>
  nginx-conf:
    Type:        ConfigMap (a volume populated by a ConfigMap)
    Name:        nubus-guardian-nginx-conf
    Optional:    false
QoS Class:       Burstable
Node-Selectors:  <none>
Tolerations:     node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
                 node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
  Type    Reason     Age   From               Message
  ----    ------     ----  ----               -------
  Normal  Scheduled  22m   default-scheduler  Successfully assigned default/nubus-guardian-management-ui-86c9c4b4f9-rzcrr to nubus-control-plane
  Normal  Pulling    22m   kubelet            Pulling image "docker.software-univention.de/guardian-management-ui-management-ui:3.0.0"
  Normal  Pulled     21m   kubelet            Successfully pulled image "docker.software-univention.de/guardian-management-ui-management-ui:3.0.0" in 14.592s (47.465s including waiting). Image size: 115354992 bytes.
  Normal  Created    21m   kubelet            Created container: app-configuration
  Normal  Started    21m   kubelet            Started container app-configuration
  Normal  Pulling    21m   kubelet            Pulling image "docker.software-univention.de/guardian-management-ui-management-ui:3.0.0"


# kubectl -n default describe pod nubus-helpdesk-bfdb4fbf5-dpg9n
Name:             nubus-helpdesk-bfdb4fbf5-dpg9n
Namespace:        default
Priority:         0
Service Account:  nubus-helpdesk
Node:             nubus-control-plane/10.89.0.21
Start Time:       Mon, 27 Oct 2025 07:11:46 +0100
Labels:           app=nubus-helpdesk
                  app.kubernetes.io/instance=nubus
                  app.kubernetes.io/managed-by=Helm
                  app.kubernetes.io/name=helpdesk
                  app.kubernetes.io/version=1.0.0
                  helm.sh/chart=nubusTwofaHelpdesk-0.14.1
                  pod-template-hash=bfdb4fbf5
Annotations:      <none>
Status:           Pending
IP:               10.244.0.13
IPs:
  IP:           10.244.0.13
Controlled By:  ReplicaSet/nubus-helpdesk-bfdb4fbf5
Containers:
  twofa-helpdesk-backend-api:
    Container ID:
    Image:           artifacts.software-univention.de/nubus/images/twofa-helpdesk-backend:0.14.1@sha256:78a4f546c83858a749f073f74bcfcbfcfd9db49de520f30e753b3a992f145a5f
    Image ID:
    Port:            8080/TCP
    Host Port:       0/TCP
    SeccompProfile:  RuntimeDefault
    State:           Waiting
      Reason:        ImagePullBackOff
    Ready:           False
    Restart Count:   0
    Limits:
      cpu:     4
      memory:  4Gi
    Requests:
      cpu:      250m
      memory:   512Mi
    Liveness:   http-get http://:8080/backend/ delay=20s timeout=3s period=30s #success=1 #failure=3
    Readiness:  http-get http://:8080/backend/ delay=20s timeout=3s period=15s #success=1 #failure=30
    Environment Variables from:
      nubus-helpdesk-config  ConfigMap  Optional: false
    Environment:
      KEYCLOAK_PASSWORD:  <set to the key 'admin_password' in secret 'nubus-keycloak-credentials'>  Optional: false
    Mounts:               <none>
Conditions:
  Type                        Status
  PodReadyToStartContainers   True
  Initialized                 True
  Ready                       False
  ContainersReady             False
  PodScheduled                True
Volumes:                      <none>
QoS Class:                    Burstable
Node-Selectors:               <none>
Tolerations:                  node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
                              node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
  Type     Reason     Age                From               Message
  ----     ------     ----               ----               -------
  Normal   Scheduled  22m                default-scheduler  Successfully assigned default/nubus-helpdesk-bfdb4fbf5-dpg9n to nubus-control-plane
  Warning  Failed     16m                kubelet            Failed to pull image "artifacts.software-univention.de/nubus/images/twofa-helpdesk-backend:0.14.1@sha256:78a4f546c83858a749f073f74bcfcbfcfd9db49de520f30e753b3a992f145a5f": rpc error: code = Canceled desc = failed to pull and unpack image "artifacts.software-univention.de/nubus/images/twofa-helpdesk-backend@sha256:78a4f546c83858a749f073f74bcfcbfcfd9db49de520f30e753b3a992f145a5f": context canceled
  Warning  Failed     16m                kubelet            Error: ErrImagePull
  Normal   BackOff    16m                kubelet            Back-off pulling image "artifacts.software-univention.de/nubus/images/twofa-helpdesk-backend:0.14.1@sha256:78a4f546c83858a749f073f74bcfcbfcfd9db49de520f30e753b3a992f145a5f"
  Warning  Failed     16m                kubelet            Error: ImagePullBackOff
  Normal   Pulling    16m (x2 over 22m)  kubelet            Pulling image "artifacts.software-univention.de/nubus/images/twofa-helpdesk-backend:0.14.1@sha256:78a4f546c83858a749f073f74bcfcbfcfd9db49de520f30e753b3a992f145a5f"

Please help me and Thanks in Advance !

Duc

duc · October 27, 2025, 6:58am

Directly after installation some pods already went into Error

# kubectl -n default get pods
NAME                                                 READY   STATUS              RESTARTS   AGE
nubus-guardian-authorization-api-8684b788d7-zrkrx    0/1     Error               0          54s
nubus-guardian-management-api-85bb6cfd9-n8c2n        0/1     Init:Error          0          54s
nubus-guardian-management-ui-86c9c4b4f9-rzcrr        0/1     PodInitializing     0          54s
nubus-guardian-open-policy-agent-5d897fc5cb-f8d7l    0/1     ContainerCreating   0          52s
nubus-guardian-provisioning-1-bjn4j                  0/1     Init:0/1            0          54s
nubus-helpdesk-1-keycloak-bootstrap-dwck4            0/1     Init:0/1            0          54s
nubus-helpdesk-bfdb4fbf5-dpg9n                       0/1     ContainerCreating   0          54s
nubus-helpdesk-ui-6975866bb4-l7mnv                   0/1     Init:0/1            0          54s
nubus-keycloak-0                                     0/1     Init:0/1            0          54s
nubus-keycloak-bootstrap-bootstrap-1-g552j           0/1     Init:0/1            0          54s
nubus-ldap-notifier-0                                0/1     ContainerCreating   0          54s
nubus-ldap-server-primary-0                          0/2     Init:0/5            0          54s
nubus-ldap-server-proxy-7dc677747d-stxtd             0/1     Init:0/6            0          53s
nubus-ldap-server-secondary-0                        0/1     Init:0/6            0          52s
nubus-minio-66f765499d-xg8pv                         0/1     ContainerCreating   0          54s
nubus-minio-provisioning-n7gsz                       0/1     Init:0/1            0          51s
nubus-notifications-api-d6fcb866b-dk8f5              0/1     ContainerCreating   0          54s
nubus-portal-consumer-0                              0/1     Init:0/5            0          53s
nubus-portal-frontend-6867c4b57d-cf6pj               0/1     ContainerCreating   0          52s
nubus-portal-server-9d9dbdfc6-ppqcd                  0/1     Init:0/1            0          54s
nubus-postgresql-0                                   0/1     ContainerCreating   0          54s
nubus-postgresql-provisioning-bnxq4                  0/1     Init:0/1            0          54s
nubus-provisioning-api-845c5c4d76-b8mbw              0/1     Init:0/1            0          53s
nubus-provisioning-dispatcher-d5bf74b97-gxdfv        0/1     Init:0/1            0          52s
nubus-provisioning-nats-0                            0/3     ContainerCreating   0          54s
nubus-provisioning-prefill-fdf6869fd-jqsn4           0/1     Init:0/2            0          53s
nubus-provisioning-register-consumers-1-d4cmq        0/1     Init:0/2            0          54s
nubus-provisioning-udm-listener-0                    0/1     Init:0/1            0          53s
nubus-provisioning-udm-transformer-bbf9fcbc7-xh8c6   0/1     Init:0/4            0          54s
nubus-selfservice-listener-86dc79d47c-9fvwd          0/1     Init:0/1            0          52s
nubus-stack-data-ums-1-22zzz                         0/1     Init:0/4            0          54s
nubus-udm-rest-api-6c8bcd7864-sl4t9                  0/1     Init:0/5            0          52s
nubus-umc-gateway-557d474f96-7h8wc                   0/1     Init:0/5            0          52s
nubus-umc-server-0                                   0/2     Init:0/4            0          54s
nubus-umc-server-7b756899dd-wxwb4                    0/1     ContainerCreating   0          54s
nubus-umc-server-memcached-677f7d4546-zs7z5          0/1     ContainerCreating   0          53s```

jconde · October 27, 2025, 2:54pm

Hello duc,

Thanks for giving Nubus a spin! I have replicated all your steps and could find a couple issues:

1. Bitnami images

Sadly, bitnami made some changes to their images, which we bundled as part of Nubus 1.14.0. You can work around by adding the following to you custom_values.yaml:

nubusUmcServer:
  memcached:
    image:
      registry: "docker.io"
      repository: "bitnamilegacy/memcached"
      tag: "1.6.39-debian-12-r0"

postgresql:
  image:
    registry: "docker.io"
    repository: "bitnamilegacy/postgresql"
    tag: "15.4.0-debian-11-r45"

minio:
  image:
    registry: "docker.io"
    repository: "bitnamilegacy/minio"
    tag: "2024.8.3-debian-12-r1"

More about this change can be found here: Upcoming changes to the Bitnami catalog (effective August 28th, 2025) · Issue #35164 · bitnami/charts · GitHub

This will allow PostgreSQL to start, which Keycloak depends on. Then, LDAP primary can start up after Keycloak, on which it depends. And so on.

As for the Error states on a fresh deployment, these components (Pods) depend on others that have not yet been initialized. The important thing is that, in the end (eventually), everything comes up to being Ready and Running.

2. Slow hard-drive or network connection

As you are using Kind, you can use docker stats to see how your control-plane is behaving. You may notice a really high BLOCK I/O, meaning it is really using your local hard-drive. Depending on your hdd/ssd, it may be faster or slower. With a fresh cluster (since you are deleting the kind cluster), all the images need to be pulled, which can also take a lot of network and space.

For context, my BLOCK I/O on the control-plane is of 14GB/24GB while writing this answer.

After a timed out installation, you can run the same command and it will redeploy Nubus. Many of the images will now have been pulled already, so the deployment will be faster.

I would suggest increasing the --timeout to something like 60m if you are running on your personal computer on a freshly initialized cluster. Consecutive upgrades/installs will be much faster, as many of the images and layers will already be in place.

If you still need further support, feel free to reply to this post. I will make sure we change the installation instructions to account for the Bitnami changes.

Thanks!

Cheers,
Jaime.

duc · October 28, 2025, 2:25pm

Hey Jaime,

Thank you for your answer - I did as you said.

For the environment:

K8s is running in a VM on a KVM.
My Block IO on the control-plane is around 614.4kB / 2.75GB.

CPU(s):                               4
RAM:                                   8 GB

Filesystem            Size  Used Avail Use% Mounted on
/dev/mapper/vg0-root  960M  160M  801M  17% /
/dev/mapper/vg0-var    18G  3.2G   15G  18% /var

# podman stats
ID            NAME                 CPU %       MEM USAGE / LIMIT  MEM %       NET IO             BLOCK IO           PIDS        CPU TIME       AVG CPU %
576a80a0e25d  nubus-control-plane  12.84%      1.28GB / 8.153GB   15.70%      278.3MB / 106.1MB  73.73kB / 2.521GB  1043        14m23.409249s  14.23%

I understand that most of the pods are depending from the postgresql.
It just doenst come up (Ready State).
After installation none of the pod was in the Ready State. My timeout was set to 60m.

I just finished the second installation.

Thats the result
You can see by the time which pods were restarted and which not (On each installation I had the timeout for 1h)

NAME                                                 READY   STATUS              RESTARTS   AGE
nubus-guardian-authorization-api-8684b788d7-zk42r    0/1     ContainerCreating   0          145m
nubus-guardian-management-api-f77f48875-xwbgc        0/1     Init:0/1            0          145m
nubus-guardian-management-ui-86b8f5dc78-mtcjj        0/1     Init:0/1            0          145m
nubus-guardian-open-policy-agent-5d897fc5cb-cxx88    0/1     ContainerCreating   0          145m
nubus-guardian-provisioning-1-xtn9p                  0/1     Terminating         0          145m
nubus-guardian-provisioning-2-7mhff                  0/1     Init:0/1            0          62m
nubus-helpdesk-1-keycloak-bootstrap-csjkz            0/1     Terminating         0          145m
nubus-helpdesk-2-keycloak-bootstrap-smxlj            0/1     Init:0/1            0          62m
nubus-helpdesk-bfdb4fbf5-ngl8q                       0/1     ImagePullBackOff    0          145m
nubus-helpdesk-ui-6975866bb4-87bbh                   0/1     Init:0/1            0          145m
nubus-keycloak-0                                     0/1     Init:0/1            0          145m
nubus-keycloak-bootstrap-bootstrap-1-gq449           0/1     Terminating         0          145m
nubus-keycloak-bootstrap-bootstrap-2-bdmr4           0/1     Init:0/1            0          62m
nubus-ldap-notifier-0                                0/1     ContainerCreating   0          145m
nubus-ldap-server-primary-0                          0/2     Init:0/5            0          145m
nubus-ldap-server-proxy-6dd45b6755-s8hpl             0/1     Init:0/6            0          145m
nubus-ldap-server-secondary-0                        0/1     Init:0/6            0          145m
nubus-minio-854766c54f-82rr6                         0/1     ContainerCreating   0          145m
nubus-minio-provisioning-tj8lv                       0/1     Init:0/1            0          62m
nubus-notifications-api-d6fcb866b-4rgrz              0/1     ContainerCreating   0          145m
nubus-portal-consumer-0                              0/1     Init:0/5            0          145m
nubus-portal-frontend-6867c4b57d-kdgg8               0/1     ContainerCreating   0          145m
nubus-portal-server-58f498d6c-79sd7                  0/1     Init:0/1            0          145m
nubus-postgresql-0                                   0/1     ContainerCreating   0          145m
nubus-postgresql-provisioning-c5b6j                  0/1     Init:0/1            0          145m
nubus-provisioning-api-8449df4d4f-bs8tz              0/1     Init:0/1            0          145m
nubus-provisioning-dispatcher-6d5c96b94b-mg8k2       0/1     Init:0/1            0          145m
nubus-provisioning-nats-0                            0/3     ContainerCreating   0          145m
nubus-provisioning-prefill-75bd974fbc-dth8z          0/1     Init:0/2            0          145m
nubus-provisioning-register-consumers-1-5k9pf        0/1     Terminating         0          145m
nubus-provisioning-register-consumers-2-jx5j8        0/1     Init:0/2            0          62m
nubus-provisioning-udm-listener-0                    0/1     Init:0/1            0          145m
nubus-provisioning-udm-transformer-696d5f748-j6gct   0/1     Init:0/4            0          145m
nubus-selfservice-listener-86dc79d47c-5cwbw          0/1     Init:0/1            0          145m
nubus-stack-data-ums-1-7kgkx                         0/1     Terminating         0          145m
nubus-stack-data-ums-2-d9hq7                         0/1     Init:0/4            0          62m
nubus-udm-rest-api-6c8bcd7864-rwfrr                  0/1     Init:0/5            0          145m
nubus-umc-gateway-557d474f96-5c4b6                   0/1     Init:0/5            0          145m
nubus-umc-server-0                                   0/2     Init:0/4            0          145m
nubus-umc-server-7b756899dd-mdksk                    0/1     ContainerCreating   0          145m
nubus-umc-server-memcached-7b8d7477cf-b5h7z          0/1     ContainerCreating   0          145m


[root@vps ~]# kubectl -n default describe pods nubus-postgresql-0
Name:             nubus-postgresql-0
Namespace:        default
Priority:         0
Service Account:  default
Node:             nubus-control-plane/10.89.0.2
Start Time:       Tue, 28 Oct 2025 12:58:22 +0100
Labels:           app.kubernetes.io/component=primary
                  app.kubernetes.io/instance=nubus
                  app.kubernetes.io/managed-by=Helm
                  app.kubernetes.io/name=postgresql
                  app.kubernetes.io/version=15.4.0
                  apps.kubernetes.io/pod-index=0
                  controller-revision-hash=nubus-postgresql-69b5959dcc
                  helm.sh/chart=postgresql-12.12.10
                  statefulset.kubernetes.io/pod-name=nubus-postgresql-0
Annotations:      <none>
Status:           Pending
IP:
IPs:              <none>
Controlled By:    StatefulSet/nubus-postgresql
Containers:
  postgresql:
    Container ID:
    Image:           docker.io/bitnamilegacy/postgresql:15.4.0-debian-11-r45
    Image ID:
    Port:            5432/TCP (tcp-postgresql)
    Host Port:       0/TCP (tcp-postgresql)
    SeccompProfile:  RuntimeDefault
    State:           Waiting
      Reason:        ContainerCreating
    Ready:           False
    Restart Count:   0
    Limits:
      cpu:     288
      memory:  1Gi
    Requests:
      cpu:      10m
      memory:   16Mi
    Liveness:   exec [/bin/sh -c exec pg_isready -U "nubus" -h 127.0.0.1 -p 5432] delay=30s timeout=5s period=10s #success=1 #failure=6
    Readiness:  exec [/bin/sh -c -e exec pg_isready -U "nubus" -h 127.0.0.1 -p 5432
] delay=5s timeout=5s period=10s #success=1 #failure=6
    Environment:
      BITNAMI_DEBUG:                        false
      POSTGRESQL_PORT_NUMBER:               5432
      POSTGRESQL_VOLUME_DIR:                /bitnami/postgresql
      PGDATA:                               /bitnami/postgresql/data
      POSTGRES_USER:                        nubus
      POSTGRES_PASSWORD:                    <set to the key 'user_password' in secret 'nubus-postgresql-credentials'>   Optional: false
      POSTGRES_POSTGRES_PASSWORD:           <set to the key 'admin_password' in secret 'nubus-postgresql-credentials'>  Optional: false
      POSTGRESQL_ENABLE_LDAP:               no
      POSTGRESQL_ENABLE_TLS:                no
      POSTGRESQL_LOG_HOSTNAME:              false
      POSTGRESQL_LOG_CONNECTIONS:           false
      POSTGRESQL_LOG_DISCONNECTIONS:        false
      POSTGRESQL_PGAUDIT_LOG_CATALOG:       off
      POSTGRESQL_CLIENT_MIN_MESSAGES:       error
      POSTGRESQL_SHARED_PRELOAD_LIBRARIES:  pgaudit
    Mounts:
      /bitnami/postgresql from data (rw)
      /dev/shm from dshm (rw)
      /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-ggbwg (ro)
Conditions:
  Type                        Status
  PodReadyToStartContainers   False
  Initialized                 True
  Ready                       False
  ContainersReady             False
  PodScheduled                True
Volumes:
  data:
    Type:       PersistentVolumeClaim (a reference to a PersistentVolumeClaim in the same namespace)
    ClaimName:  data-nubus-postgresql-0
    ReadOnly:   false
  dshm:
    Type:       EmptyDir (a temporary directory that shares a pod's lifetime)
    Medium:     Memory
    SizeLimit:  <unset>
  kube-api-access-ggbwg:
    Type:                    Projected (a volume that contains injected data from multiple sources)
    TokenExpirationSeconds:  3607
    ConfigMapName:           kube-root-ca.crt
    Optional:                false
    DownwardAPI:             true
QoS Class:                   Burstable
Node-Selectors:              <none>
Tolerations:                 node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
                             node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:                      <none>
[root@vps ~]# kubectl -n default describe pods nubus-postgresql-provisioning-c5b6j
Name:             nubus-postgresql-provisioning-c5b6j
Namespace:        default
Priority:         0
Service Account:  default
Node:             nubus-control-plane/10.89.0.2
Start Time:       Tue, 28 Oct 2025 12:58:16 +0100
Labels:           app.kubernetes.io/instance=nubus
                  app.kubernetes.io/managed-by=Helm
                  app.kubernetes.io/name=nubus
                  batch.kubernetes.io/controller-uid=25e79a7d-00bf-4a7a-9bb4-f2acc31470f7
                  batch.kubernetes.io/job-name=nubus-postgresql-provisioning
                  controller-uid=25e79a7d-00bf-4a7a-9bb4-f2acc31470f7
                  helm.sh/chart=nubus-1.14.0
                  job-name=nubus-postgresql-provisioning
Annotations:      checksum/config: f5d9a591711f995f8a56794a8db84bf44552089ad07e4a80bccdb8dff2063958
Status:           Pending
IP:
IPs:              <none>
Controlled By:    Job/nubus-postgresql-provisioning
Init Containers:
  wait-for-postgresql:
    Container ID:
    Image:           docker.io/bitnamilegacy/postgresql:15.4.0-debian-11-r45
    Image ID:
    Port:            <none>
    Host Port:       <none>
    SeccompProfile:  RuntimeDefault
    Command:
      /bin/sh
      -c
      until pg_isready -h nubus-postgresql; do
      sleep 1
      done

    State:          Waiting
      Reason:       PodInitializing
    Ready:          False
    Restart Count:  0
    Limits:
      cpu:     288
      memory:  1Gi
    Requests:
      cpu:     10m
      memory:  16Mi
    Environment:
      PGHOST:      nubus-postgresql
      PGUSER:      postgres
      PGPASSWORD:  <set to the key 'admin_password' in secret 'nubus-postgresql-credentials'>  Optional: false
      PGDATABASE:  postgres
    Mounts:
      /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-9lbkl (ro)
Containers:
  provisioning:
    Container ID:
    Image:           docker.io/bitnamilegacy/postgresql:15.4.0-debian-11-r45
    Image ID:
    Port:            <none>
    Host Port:       <none>
    SeccompProfile:  RuntimeDefault
    Command:
      /bin/bash
      -c
      set -euxo pipefail
      sh -eux /provisioning-scripts/provision-databases.sh
      sh -eux /provisioning-scripts/provision-users.sh

    State:          Waiting
      Reason:       PodInitializing
    Ready:          False
    Restart Count:  0
    Limits:
      cpu:     288
      memory:  1Gi
    Requests:
      cpu:     10m
      memory:  16Mi
    Environment:
      PGHOST:      nubus-postgresql
      PGUSER:      postgres
      PGPASSWORD:  <set to the key 'admin_password' in secret 'nubus-postgresql-credentials'>  Optional: false
      PGDATABASE:  postgres
    Mounts:
      /provisioning-scripts from provisioning-scripts-volume (rw)
      /provisioning/passwords/guardian from guardian-postgresql-credentials (rw,path="guardian")
      /provisioning/passwords/keycloak_extensions from keycloak-extensions-postgresql-credentials (rw,path="keycloak_extensions")
      /provisioning/passwords/keycloak_user from keycloak-postgresql-credentials (rw,path="keycloak_user")
      /provisioning/passwords/notificationsapi from notifications-api-postgresql-credentials (rw,path="notificationsapi")
      /provisioning/passwords/selfservice from umc-server-postgresql-credentials (rw,path="selfservice")
      /provisioning/passwords/umcsession from umc-session-postgresql-credentials (rw,path="umcsession")
      /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-9lbkl (ro)
Conditions:
  Type                        Status
  PodReadyToStartContainers   False
  Initialized                 False
  Ready                       False
  ContainersReady             False
  PodScheduled                True
Volumes:
  provisioning-scripts-volume:
    Type:      ConfigMap (a volume populated by a ConfigMap)
    Name:      nubus-postgresql-provisioning
    Optional:  false
  umc-server-postgresql-credentials:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  nubus-umc-server-postgresql-credentials
    Optional:    false
  notifications-api-postgresql-credentials:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  nubus-notifications-api-postgresql-credentials
    Optional:    false
  keycloak-postgresql-credentials:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  nubus-keycloak-postgresql-credentials
    Optional:    false
  keycloak-extensions-postgresql-credentials:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  nubus-keycloak-extensions-postgresql-credentials
    Optional:    false
  guardian-postgresql-credentials:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  nubus-guardian-management-api-postgresql-credentials
    Optional:    false
  umc-session-postgresql-credentials:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  nubus-umc-server-session-postgresql-credentials
    Optional:    false
  kube-api-access-9lbkl:
    Type:                    Projected (a volume that contains injected data from multiple sources)
    TokenExpirationSeconds:  3607
    ConfigMapName:           kube-root-ca.crt
    Optional:                false
    DownwardAPI:             true
QoS Class:                   Burstable
Node-Selectors:              <none>
Tolerations:                 node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
                             node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:                      <none>

duc · December 2, 2025, 1:57pm

Until today it is not possible for me to install nubus. Also with minikube it was not possible, there was always at least one problem.

If someone is reading this, and is able to run it from scratch - please DM me