The backup job stopped working after upgrade to bitnami images.
Mariabackup was not designed to work remotely, it is supposed to run
on the database server. Because of this we need to mount the data pvc
into the backup job pod. It will however connect to the database daemon
using a hostname, so we need to connect to the first replica in the
cluster. Also had to set readOnlyRootFilesystem=false and add emptyDir
volumes to solve various permission issues.
Issue-ID: OOM-2932
Signed-off-by: Jozsef Csongvai <jozsef.csongvai@bell.ca>
Change-Id: I776903f9ec541f8dc5818b2ba4c1292226ec2bc6
# limitations under the License.
*/}}
# limitations under the License.
*/}}
-{{- if .Values.backup.enabled }}
+{{- if and .Values.backup.enabled .Values.persistence.enabled }}
apiVersion: batch/v1beta1
kind: CronJob
metadata:
apiVersion: batch/v1beta1
kind: CronJob
metadata:
- name: mariadb-galera-backup-init
image: {{ include "repositoryGenerator.image.mariadb" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: mariadb-galera-backup-init
image: {{ include "repositoryGenerator.image.mariadb" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- {{ include "common.containerSecurityContext" . | indent 14 | trim }}
+ securityContext:
+ allowPrivilegeEscalation: false
+ privileged: false
+ readOnlyRootFilesystem: false
command:
- /bin/bash
- -c
command:
- /bin/bash
- -c
target_dir=/backup/backup-`date +%s`
mkdir -p $target_dir
target_dir=/backup/backup-`date +%s`
mkdir -p $target_dir
- mysqlhost={{ include "common.servicename" . }}.{{ include "common.namespace" . }}
+ mysqlhost={{ include "common.fullname" . }}-0.{{ include "common.servicename" . }}-headless.{{ include "common.namespace" . }}
mariabackup --backup --target-dir=$target_dir --user=root --password=$DB_PASS --host=$mysqlhost
mariabackup --backup --target-dir=$target_dir --user=root --password=$DB_PASS --host=$mysqlhost
volumeMounts:
- name: backup-dir
mountPath: /backup
volumeMounts:
- name: backup-dir
mountPath: /backup
+ - name: data
+ mountPath: /bitnami/mariadb
containers:
- name: mariadb-backup-validate
image: {{ include "repositoryGenerator.image.mariadb" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
containers:
- name: mariadb-backup-validate
image: {{ include "repositoryGenerator.image.mariadb" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- {{ include "common.containerSecurityContext" . | indent 14 | trim }}
+ securityContext:
+ allowPrivilegeEscalation: false
+ privileged: false
+ readOnlyRootFilesystem: false
- - name: MYSQL_ROOT_PASSWORD
+ - name: MARIADB_ROOT_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" (include "common.mariadb.secret.rootPassUID" .) "key" "password") | indent 18 }}
command:
- /bin/bash
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" (include "common.mariadb.secret.rootPassUID" .) "key" "password") | indent 18 }}
command:
- /bin/bash
fi
target_dir=$(ls -td -- /backup/backup-* | head -n 1)
fi
target_dir=$(ls -td -- /backup/backup-* | head -n 1)
- cp -Ra $target_dir/* /var/lib/mysql/
+ cp -Ra $target_dir/* /bitnami/mariadb/data
- if [ ! "$(ls -A /var/lib/mysql)" ]; then
+ if [ ! "$(ls -A /bitnami/mariadb/data)" ]; then
remove_dir $target_dir
exit 0
fi
remove_dir $target_dir
exit 0
fi
- /docker-entrypoint.sh mysqld &
+ /opt/bitnami/scripts/mariadb/entrypoint.sh /opt/bitnami/scripts/mariadb/run.sh &
- until mysql --user=root --password=$MYSQL_ROOT_PASSWORD -e "SELECT 1";
+ until mysql --user=root --password=$MARIADB_ROOT_PASSWORD -e "SELECT 1";
do sleep 3;
count=`expr $count + 1`;
if [ $count -ge 30 ]; then
do sleep 3;
count=`expr $count + 1`;
if [ $count -ge 30 ]; then
- mysqlcheck -A --user=root --password=$MYSQL_ROOT_PASSWORD > /tmp/output.log
+ mysqlcheck -A --user=root --password=$MARIADB_ROOT_PASSWORD > /tmp/output.log
error_lines=`cat /tmp/output.log| grep -v "OK" | wc -l`
cat /tmp/output.log
error_lines=`cat /tmp/output.log| grep -v "OK" | wc -l`
cat /tmp/output.log
fi
resources: {{ include "common.resources" . | nindent 12 }}
volumeMounts:
fi
resources: {{ include "common.resources" . | nindent 12 }}
volumeMounts:
+ - mountPath: /bitnami/mariadb/data
+ name: tmp-data
+ - mountPath: /opt/bitnami/mariadb/tmp
+ name: tmp
- mountPath: /etc/localtime
name: localtime
readOnly: true
- mountPath: /etc/localtime
name: localtime
readOnly: true
- name: localtime
hostPath:
path: /etc/localtime
- name: localtime
hostPath:
path: /etc/localtime
+ - name: data
+ persistentVolumeClaim:
+ {{- if .Values.persistence.existingClaim }}
+ claimName: {{ .Values.persistence.existingClaim }}
+ {{- else }}
+ claimName: {{ include "common.fullname" . }}-{{ include "common.fullname" . }}-0
+ {{- end }}
- name: backup-dir
persistentVolumeClaim:
claimName: {{ include "common.fullname" . }}-backup-data
- name: backup-dir
persistentVolumeClaim:
claimName: {{ include "common.fullname" . }}-backup-data
+ - name: tmp-data
+ emptyDir: {}
+ - name: tmp
+ emptyDir: {}
# password:
# externalSecret:
# password:
# externalSecret:
+## The backup job will mount the mariadb data pvc in order to run mariabackup.
+## For this reason the db data pvc needs to have accessMode: ReadWriteMany.
backup:
enabled: false
cron: "00 00 * * *"
backup:
enabled: false
cron: "00 00 * * *"
##
annotations:
## Persistent Volume Access Mode
##
annotations:
## Persistent Volume Access Mode
+ ## Use ReadWriteMany if backup is enabled, see backup section.
##
accessMode: ReadWriteOnce
## Persistent Volume size
##
accessMode: ReadWriteOnce
## Persistent Volume size