search

adfinis / openshift-mariadb-galera

Kubernetes / OpenShift Images for a MariaDB Galera Cluster
GNU General Public License v3.0
37 stars 42 forks source link

Openshift deployment problem: entry point script error #23

Open david-banko opened 5 years ago

david-banko commented 5 years ago

Hi everybody,

I was looking into deploying a mariadb galera cluster into our openshift. Starting from an older article from here, I found this repository.

Looking around and using the galera_k8s_v1.6.yml template, I made my own to test it (attached). After container creation, I have the following output in the log:

+ CONTAINER_SCRIPTS_DIR=/usr/share/container-scripts/mysql
+ EXTRA_DEFAULTS_FILE=/etc/my.cnf.d/galera.cnf
+ '[' -z cat-risk-amp ']'
+ echo 'Galera: Finding peers'
Galera: Finding peers
++ hostname -f
++ cut -d. -f2
+ K8S_SVC_NAME=mariadb-galera
+ echo 'Using service name: mariadb-galera'
Using service name: mariadb-galera
+ cp /usr/share/container-scripts/mysql/galera.cnf /etc/my.cnf.d/galera.cnf
cp: cannot create regular file '/etc/my.cnf.d/galera.cnf': Permission denied

As I went through the script files, that are used for image creation, the permissions should be set correctly. Could you provide support? Did I overlooked something in the template, that need to be configured? Is this a bug?

The customized template ```yml kind: Template apiVersion: v1 metadata: name: mariadb-stateful-set annotations: iconClass: "icon-mariadb" tags: "database,mariadb,replication" parameters: - name: MYSQL_USER value: user required: true - name: MYSQL_PASSWORD value: user1234 required: true - name: MYSQL_DATABASE value: userdb required: true - name: MYSQL_ROOT_PASSWORD value: root1234 required: true objects: - kind: Service apiVersion: v1 metadata: annotations: service.alpha.kubernetes.io/tolerate-unready-endpoints: "true" name: mariadb-galera labels: app: mariadb spec: ports: - port: 3306 name: mariadb clusterIP: None selector: app: mariadb - kind: StatefulSet apiVersion: apps/v1beta1 metadata: name: mariadb spec: serviceName: "mariadb-galera" replicas: 2 template: metadata: labels: app: mariadb annotations: pod.alpha.kubernetes.io/initialized: "true" # found this addition in one of the branches here pod.beta.kubernetes.io/init-containers: '[ { "name": "mariadb-galera-prepare", "image": "busybox", "command": ["sh", "-c", "chown -R 27:27 /var/lib/mysql"], "volumeMounts": [ { "name": "datadir", "mountPath": "/var/lib/mysql" } ] } ]' spec: containers: - name: mariadb image: adfinissygroup/k8s-mariadb-galera-centos:v004 imagePullPolicy: IfNotPresent ports: - containerPort: 3306 name: mariadb - containerPort: 4444 name: sst - containerPort: 4567 name: replication - containerPort: 4568 name: ist readinessProbe: exec: command: - /usr/share/container-scripts/mysql/readiness-probe.sh initialDelaySeconds: 15 timeoutSeconds: 5 volumeMounts: - name: datadir mountPath: /var/lib/mysql subPath: data env: - name: MYSQL_USER value: "${MYSQL_USER}" - name: MYSQL_PASSWORD value: "${MYSQL_PASSWORD}" - name: MYSQL_DATABASE value: "${MYSQL_DATABASE}" - name: MYSQL_ROOT_PASSWORD value: "${MYSQL_ROOT_PASSWORD}" - name: POD_NAMESPACE valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.namespace volumeClaimTemplates: - metadata: name: datadir spec: accessModes: [ "ReadWriteOnce" ] resources: requests: storage: 1Gi ```
david-banko commented 5 years ago

When trying to import the stateful set unmodified, I ran into a different error:

create Pod mysql-0 in StatefulSet mysql failed error: pods "mysql-0" is forbidden: unable to validate against any security context constraint: [fsGroup: Invalid value: []int64{27}: 27 is not an allowed group spec.containers[0].securityContext.securityContext.runAsUser: Invalid value: 27: must be in the ranges: [1003180000, 1003189999]]

It is still interesting, that with a customized template, the error came at a different step. I will try to work around the issue by using a different user than 27 for testing in our environment. some helpful comments or suggestions would still be appreciated.