Updates and mariadb related fixes #245
Conversation
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: weinimo The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
weinimo
force-pushed
the
mariadb-bump
branch
from
50851fe to
f3eed9b
Compare
|
/retest |
weinimo
force-pushed
the
mariadb-bump
branch
6 times, most recently
from
52f6471 to
718da2e
Compare
weinimo
changed the title
weinimo
force-pushed
the
mariadb-bump
branch
from
d70c69f to
f13bf1b
Compare
pkg/octavia/dbsync.go
Outdated
| @@ -83,7 +83,7 @@ func DbSyncJob( | |||
| initContainerDetails := APIDetails{ | |||
| ContainerImage: instance.Spec.OctaviaAPI.ContainerImage, | |||
| DatabaseHost: instance.Status.DatabaseHostname, | |||
| DatabaseUser: instance.Spec.DatabaseUser, | |||
| DatabaseAccount: instance.Spec.DatabaseAccount, | |||
There was a problem hiding this comment.
this part is going to have to change more. The prior use of DatabaseUser was also not appropriate here as this forms part of the job hash. it means as the username changes, the hash of the dbsync job changes and it will keep running again. This hash should only be based on the database name, not the username.
Yesterday I figured all this out and made these changes for designate and heat; the database account / secret has to be put into the configmaps, which also ideally needs to be a secret, not a configmap.
see the designate / heat PRs for how I changed the job hash for dbsync and others to not use account:
openstack-k8s-operators/designate-operator#156 openstack-k8s-operators/heat-operator#322
these also change from configmap to secret, based on guidance in this doc: https://github.com/openstack-k8s-operators/docs/blob/main/service_config.md#proposed-approach
I took a look at the keystone-operator to see what APIs they use to use a Secret for the config
There was a problem hiding this comment.
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
There was a problem hiding this comment.
I also replaced ConfigMapVolumeSource with SecretVolumeSource. I see in the Designate PR that you removed DBPasswordSelector as well, so I removed it here too.
|
Current error: |
add a role directive on top of the controller, near the mariadbdatabase one at then do a make manifests and you should see new entries in config/rbac/role.yaml the controller should already have some of these roles... |
|
/test all |
|
/test all |
|
/test octavia-operator-build-deploy-kuttl |
1 similar comment
|
/test octavia-operator-build-deploy-kuttl |
|
/retest |
|
kuttl test are currently broken. openstack-k8s-operators/install_yamls#742 should fix it. |
|
/retest |
migrate von databaseUsername to databaseAccount and fully use MariaDBAccount Use EnsureMariaDBAccount fix database.connection and more PR review comments Remove DBPasswordSelector attribute Replace ConfigMapVolumeSource ... with SecretVolumeSource
|
@weinimo: The following test failed, say
Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
|
looks like db-sync job is failing |
|
that usually happens on these PRs because the DB URL is not correct in the conf file. i can take a look if you want |
|
I will be out till 25th of March, so I would appreciate if you could have a look in the meantime. I pushed the changes of this PR to https://github.com/openstack-k8s-operators/octavia-operator/tree/mariadb-bump so that you could push commits there and create a new PR if needed. Thanks. |
| instance.Spec.DatabaseInstance, // mariadb/galera service to target | ||
| octavia.PersistenceDatabaseName, // name used in CREATE DATABASE in mariadb | ||
| "octavia-persistence", // CR name for MariaDBDatabase | ||
| instance.Spec.DatabaseAccount, // CR name for MariaDBAccount |
There was a problem hiding this comment.
OK, this is the problem, or at least one of them, a MariaDBAccount is only for one MariaDBDatabase. If octavia has two databases, we need two MariaDBAccounts
|
Superseded by #269 |
Used openstack-k8s-operators/designate-operator#147 as a template.
Depends-On: install_yamls#742