Comments (22)
does your mariadb password contain any accented characters? the current default encoding will only accept the first 256 unicode characters.
could you show the mariadb configuration?
from helm.
I used the simple [password, "mypassword" see below;
## Global Docker image parameters
## Please, note that this will override the image parameters, including dependencies, configured to use the global value
## Current available global Docker image parameters: imageRegistry and imagePullSecrets
##
# global:
# imageRegistry: myRegistryName
# imagePullSecrets:
# - myRegistryKeySecretName
# storageClass: myStorageClass
## Use an alternate scheduler, e.g. "stork".
## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
##
# schedulerName:
## Bitnami MariaDB image
## ref: https://hub.docker.com/r/bitnami/mariadb/tags/
##
image:
registry: docker.io
repository: bitnami/mariadb
tag: 10.3.23-debian-10-r44
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
# pullSecrets:
# - myRegistryKeySecretName
## Set to true if you would like to see extra information on logs
## It turns BASH and NAMI debugging in minideb
## ref: https://github.com/bitnami/minideb-extras/#turn-on-bash-debugging
debug: false
## String to partially override mariadb.fullname template (will maintain the release name)
##
# nameOverride:
## String to fully override mariadb.fullname template
##
# fullnameOverride:
## Additional pod labels
##
# podLabels:
# extraLabel: extraValue
## Init containers parameters:
## volumePermissions: Change the owner and group of the persistent volume mountpoint to runAsUser:fsGroup values from the securityContext section.
##
volumePermissions:
enabled: false
image:
registry: docker.io
repository: bitnami/minideb
tag: buster
pullPolicy: Always
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
# pullSecrets:
# - myRegistryKeySecretName
resources: {}
service:
## Kubernetes service type, ClusterIP and NodePort are supported at present
type: ClusterIP
# clusterIp:
# master: xx.xx.xx.xx
# slave: xx.xx.xx.xx
port: 3306
## Specify the nodePort value for the LoadBalancer and NodePort service types.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
##
# nodePort:
# master: 30001
# slave: 30002
## Pods Service Account
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
serviceAccount:
## Specifies whether a ServiceAccount should be created
##
create: false
## The name of the ServiceAccount to use.
## If not set and create is true, a name is generated using the mariadb.fullname template
# name:
## Role Based Access
## Ref: https://kubernetes.io/docs/admin/authorization/rbac/
##
rbac:
create: false
## Pod Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
##
securityContext:
enabled: true
fsGroup: 1001
runAsUser: 1001
## Use existing secret (ignores root, db and replication passwords)
##
# existingSecret:
## MariaDB admin credentials
##
rootUser:
## MariaDB admin password
## ref: https://github.com/bitnami/bitnami-docker-mariadb#setting-the-root-password-on-first-run
##
password: mypassword
## Option to force users to specify a password. That is required for 'helm upgrade' to work properly.
## If it is not force, a random password will be generated.
##
forcePassword: true
## Mount admin password as a file instead of using an environment variable
##
injectSecretsAsVolume: true
## Custom user/db credentials
##
db:
## MariaDB username and password
## ref: https://github.com/bitnami/bitnami-docker-mariadb#creating-a-database-user-on-first-run
##
user: admin
password: mypassword
## Database to create
## ref: https://github.com/bitnami/bitnami-docker-mariadb#creating-a-database-on-first-run
##
name: erpnext_db
## Option to force users to specify a password. That is required for 'helm upgrade' to work properly.
## If it is not force, a random password will be generated.
##
forcePassword: true
## Mount user password as a file instead of using an environment variable
##
injectSecretsAsVolume: true
## Replication configuration
##
replication:
## Enable replication. This enables the creation of replicas of MariaDB. If false, only a
## master deployment would be created
##
enabled: true
## MariaDB replication user
## ref: https://github.com/bitnami/bitnami-docker-mariadb#setting-up-a-replication-cluster
##
user: replicator
## MariaDB replication user password
## ref: https://github.com/bitnami/bitnami-docker-mariadb#setting-up-a-replication-cluster
##
password: mypassword
## Option to force users to specify a password. That is required for 'helm upgrade' to work properly.
## If it is not force, a random password will be generated.
##
forcePassword: true
## Mount replication user password as a file instead of using an environment variable
##
injectSecretsAsVolume: true
## initdb scripts
## Specify dictionary of scripts to be run at first boot
## Alternatively, you can put your scripts under the files/docker-entrypoint-initdb.d directory
##
# initdbScripts:
# my_init_script.sh: |
# #!/bin/sh
# echo "Do something."
#
## ConfigMap with scripts to be run at first boot
## Note: This will override initdbScripts
# initdbScriptsConfigMap:
master:
## Mariadb Master additional pod annotations
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
# annotations:
# key: value
# another-key: another-value
## MariaDB additional command line flags
## Can be used to specify command line flags, for example:
##
## extraFlags: "--max-connect-errors=1000 --max_connections=155"
## Affinity for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
##
affinity: {}
## An array to add extra environment variables
## For example:
## extraEnvVars:
## - name: TZ
## value: "Europe/Paris"
##
extraEnvVars:
## ConfigMap with extra env vars:
##
extraEnvVarsCM:
## Secret with extra env vars:
##
extraEnvVarsSecret:
## Kept for backwards compatibility. You can now disable it by removing it.
## if you wish to set it through master.affinity.podAntiAffinity instead.
##
antiAffinity: soft
## Node labels for pod assignment
## Ref: https://kubernetes.io/docs/user-guide/node-selection/
##
nodeSelector: {}
## Tolerations for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []
## updateStrategy for MariaDB Master StatefulSet
## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies
updateStrategy:
type: RollingUpdate
## Enable persistence using Persistent Volume Claims
## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
##
persistence:
## If true, use a Persistent Volume Claim, If false, use emptyDir
##
enabled: true
# Enable persistence using an existing PVC
# existingClaim:
# Subdirectory of the volume to mount
# subPath:
mountPath: /bitnami/mariadb
## Persistent Volume Storage Class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
## If undefined (the default) or set to null, no storageClassName spec is
## set, choosing the default provisioner. (gp2 on AWS, standard on
## GKE, AWS & OpenStack)
##
# storageClass: "-"
## Persistent Volume Claim annotations
##
annotations: {}
## Persistent Volume Access Mode
##
accessModes:
- ReadWriteOnce
## Persistent Volume size
##
size: 8Gi
extraInitContainers: []
## An array to add extra environment variables
## For example:
## extraEnvVars:
## - name: TZ
## value: "Europe/Paris"
##
# extraEnvVars:
## Configure MySQL with a custom my.cnf file
## ref: https://mysql.com/kb/en/mysql/configuring-mysql-with-mycnf/#example-of-configuration-file
##
config: |-
[mysqld]
character-set-client-handshake=FALSE
skip-name-resolve
explicit_defaults_for_timestamp
basedir=/opt/bitnami/mariadb
plugin_dir=/opt/bitnami/mariadb/plugin
port=3306
socket=/opt/bitnami/mariadb/tmp/mysql.sock
tmpdir=/opt/bitnami/mariadb/tmp
max_allowed_packet=16M
bind-address=0.0.0.0
pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid
log-error=/opt/bitnami/mariadb/logs/mysqld.log
character-set-server=utf8mb4
collation-server=utf8mb4_unicode_ci
[client]
port=3306
socket=/opt/bitnami/mariadb/tmp/mysql.sock
default-character-set=utf8mb4
plugin_dir=/opt/bitnami/mariadb/plugin
[manager]
port=3306
socket=/opt/bitnami/mariadb/tmp/mysql.sock
pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid
## Configure master resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources: {}
livenessProbe:
enabled: true
##
## Initializing the database could take some time
initialDelaySeconds: 120
##
## Default Kubernetes values
periodSeconds: 10
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 3
readinessProbe:
enabled: true
initialDelaySeconds: 30
##
## Default Kubernetes values
periodSeconds: 10
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 3
podDisruptionBudget:
enabled: false
minAvailable: 1
# maxUnavailable: 1
## Allow customization of the service resource
##
service:
## Add custom annotations to the service
##
annotations: {}
slave:
replicas: 2
## Mariadb Slave additional pod annotations
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
# annotations:
# key: value
# another-key: another-value
## MariaDB additional command line flags
## Can be used to specify command line flags, for example:
##
## extraFlags: --max-connect-errors=1000 --max_connections=155"
## An array to add extra environment variables
## For example:
## extraEnvVars:
## - name: TZ
## value: "Europe/Paris"
##
extraEnvVars:
## ConfigMap with extra env vars:
##
extraEnvVarsCM:
## Secret with extra env vars:
##
extraEnvVarsSecret:
## Affinity for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
##
affinity: {}
## Kept for backwards compatibility. You can now disable it by removing it.
## if you wish to set it through slave.affinity.podAntiAffinity instead.
##
antiAffinity: soft
## Node labels for pod assignment
## Ref: https://kubernetes.io/docs/user-guide/node-selection/
##
nodeSelector: {}
## Tolerations for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []
## updateStrategy for MariaDB Slave StatefulSet
## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies
updateStrategy:
type: RollingUpdate
persistence:
## If true, use a Persistent Volume Claim, If false, use emptyDir
##
enabled: true
# storageClass: "-"
annotations:
accessModes:
- ReadWriteOnce
## Persistent Volume size
##
size: 8Gi
## Add extra init containers
##
extraInitContainers: []
## An array to add extra environment variables
## For example:
## extraEnvVars:
## - name: TZ
## value: "Europe/Paris"
##
# extraEnvVars:
## Configure MySQL slave with a custom my.cnf file
## ref: https://mysql.com/kb/en/mysql/configuring-mysql-with-mycnf/#example-of-configuration-file
##
config: |-
[mysqld]
character-set-client-handshake=FALSE
skip-name-resolve
explicit_defaults_for_timestamp
basedir=/opt/bitnami/mariadb
port=3306
socket=/opt/bitnami/mariadb/tmp/mysql.sock
tmpdir=/opt/bitnami/mariadb/tmp
max_allowed_packet=16M
bind-address=0.0.0.0
pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid
log-error=/opt/bitnami/mariadb/logs/mysqld.log
character-set-server=utf8mb4
collation-server=utf8mb4_unicode_ci
[client]
port=3306
socket=/opt/bitnami/mariadb/tmp/mysql.sock
default-character-set=utf8mb4
[manager]
port=3306
socket=/opt/bitnami/mariadb/tmp/mysql.sock
pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid
##
## Configure slave resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources: {}
livenessProbe:
enabled: true
##
## Initializing the database could take some time
initialDelaySeconds: 120
##
## Default Kubernetes values
periodSeconds: 10
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 3
readinessProbe:
enabled: true
initialDelaySeconds: 45
##
## Default Kubernetes values
periodSeconds: 10
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 3
podDisruptionBudget:
enabled: false
minAvailable: 1
# maxUnavailable: 1
## Allow customization of the service resource
##
service:
## Add custom annotations to the service
##
annotations: {}
metrics:
enabled: true
image:
registry: docker.io
repository: bitnami/mysqld-exporter
tag: 0.12.1-debian-10-r146
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
# pullSecrets:
# - myRegistryKeySecretName
resources: {}
annotations:
prometheus.io/scrape: "true"
prometheus.io/port: "9104"
## Extra args to be passed to mysqld_exporter
## ref: https://github.com/prometheus/mysqld_exporter/
##
extraArgs:
master: []
slave: []
# - --collect.auto_increment.columns
# - --collect.binlog_size
# - --collect.engine_innodb_status
# - --collect.engine_tokudb_status
# - --collect.global_status
# - --collect.global_variables
# - --collect.info_schema.clientstats
# - --collect.info_schema.innodb_metrics
# - --collect.info_schema.innodb_tablespaces
# - --collect.info_schema.innodb_cmp
# - --collect.info_schema.innodb_cmpmem
# - --collect.info_schema.processlist
# - --collect.info_schema.processlist.min_time
# - --collect.info_schema.query_response_time
# - --collect.info_schema.tables
# - --collect.info_schema.tables.databases
# - --collect.info_schema.tablestats
# - --collect.info_schema.userstats
# - --collect.perf_schema.eventsstatements
# - --collect.perf_schema.eventsstatements.digest_text_limit
# - --collect.perf_schema.eventsstatements.limit
# - --collect.perf_schema.eventsstatements.timelimit
# - --collect.perf_schema.eventswaits
# - --collect.perf_schema.file_events
# - --collect.perf_schema.file_instances
# - --collect.perf_schema.indexiowaits
# - --collect.perf_schema.tableiowaits
# - --collect.perf_schema.tablelocks
# - --collect.perf_schema.replication_group_member_stats
# - --collect.slave_status
# - --collect.slave_hosts
# - --collect.heartbeat
# - --collect.heartbeat.database
# - --collect.heartbeat.table
livenessProbe:
enabled: true
##
## Initializing the database could take some time
initialDelaySeconds: 120
##
## Default Kubernetes values
periodSeconds: 10
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 3
readinessProbe:
enabled: true
initialDelaySeconds: 30
##
## Default Kubernetes values
periodSeconds: 10
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 3
# Enable this if you're using https://github.com/coreos/prometheus-operator
serviceMonitor:
enabled: false
## Specify a namespace if needed
# namespace: monitoring
# fallback to the prometheus default unless specified
# interval: 10s
# scrapeTimeout: 10s
## Defaults to what's used if you follow CoreOS [Prometheus Install Instructions](https://github.com/bitnami/charts/tree/master/bitnami/prometheus-operator#tldr)
## [Prometheus Selector Label](https://github.com/bitnami/charts/tree/master/bitnami/prometheus-operator#prometheus-operator-1)
## [Kube Prometheus Selector Label](https://github.com/bitnami/charts/tree/master/bitnami/prometheus-operator#exporters)
selector:
prometheus: kube-prometheus
## Bats Framework (= Bash Automated Testing System) is needed to test if MariaDB is accessible
## See test-runner.yaml and tests.yaml for details.
## To run the tests after the deployment, enter "helm test <release-name>".
tests:
enabled: true
resources: {}
testFramework:
image:
registry: docker.io
repository: dduportal/bats
tag: 0.4.0
resources: {}
from helm.
The db password is stored as a secret in k8s. So I suspected that the encryption process could have added extra characters to the password
kubectl apply -n erpnext -f - <<EOF
apiVersion: v1
data:
password: mypassword
kind: Secret
metadata:
name: mariadb-root-password
type: Opaque
EOF
from helm.
can you get the secret and see what it says:
kubectl get secret --namespace mariadb mariadb -o jsonpath="{.data.mariadb-root-password}"
from helm.
I get this below
enRZdW5YekJIRHox
from helm.
did you encode the password to base64 before creating the secret?
refer: https://helm.erpnext.com/kubernetes-resources/create-mariadb-root-password-secret
from helm.
No I did not.
Let me try with an encoded password
from helm.
I used the encoded password and now I get the error below;
E 2020-07-23T07:32:45.305990106Z
E 2020-07-23T07:32:45.305995222Z Traceback (most recent call last):
File "/home/frappe/frappe-bench/env/lib/python3.7/site-packages/gunicorn/workers/gthread.py", line 280, in handle
keepalive = self.handle_request(req, conn)
File "/home/frappe/frappe-bench/env/lib/python3.7/site-packages/gunicorn/workers/gthread.py", line 329, in handle_request
respiter = self.wsgi(environ, resp.start_response)
File "/home/frappe/frappe-bench/env/lib/python3.7/site-packages/werkzeug/local.py", line 231, in application
return ClosingIterator(app(environ, start_response), self.cleanup)
File "/home/frappe/frappe-bench/env/lib/python3.7/site-packages/werkzeug/wrappers/base_request.py", line 237, in application
resp = f(*args[:-2] + (request,))
File "/home/frappe/frappe-bench/apps/frappe/frappe/app.py", line 85, in application
response = handle_exception(e)
File "/home/frappe/frappe-bench/apps/frappe/frappe/app.py", line 203, in handle_exception
http_status_code=http_status_code)
File "/home/frappe/frappe-bench/apps/frappe/frappe/website/render.py", line 35, in render
raise_if_disabled(path)
File "/home/frappe/frappe-bench/apps/frappe/frappe/website/render.py", line 372, in raise_if_disabled
'route': ['like', '%{0}'.format(path)]
File "/home/frappe/frappe-bench/apps/frappe/frappe/database/database.py", line 528, in get_all
return frappe.get_all(*args, **kwargs)
File "/home/frappe/frappe-bench/apps/frappe/frappe/init.py", line 1317, in get_all
return get_list(doctype, *args, **kwargs)
File "/home/frappe/frappe-bench/apps/frappe/frappe/init.py", line 1290, in get_list
return frappe.model.db_query.DatabaseQuery(doctype).execute(None, *args, **kwargs)
File "/home/frappe/frappe-bench/apps/frappe/frappe/model/db_query.py", line 96, in execute
result = self.build_and_run()
File "/home/frappe/frappe-bench/apps/frappe/frappe/model/db_query.py", line 110, in build_and_run
args = self.prepare_args()
File "/home/frappe/frappe-bench/apps/frappe/frappe/model/db_query.py", line 136, in prepare_args
self.set_optional_columns()
File "/home/frappe/frappe-bench/apps/frappe/frappe/model/db_query.py", line 298, in set_optional_columns
columns = get_table_columns(self.doctype)
File "/home/frappe/frappe-bench/apps/frappe/frappe/model/meta.py", line 49, in get_table_columns
return frappe.db.get_table_columns(doctype)
File "/home/frappe/frappe-bench/apps/frappe/frappe/database/database.py", line 863, in get_table_columns
columns = self.get_db_table_columns('tab' + doctype)
File "/home/frappe/frappe-bench/apps/frappe/frappe/database/database.py", line 854, in get_db_table_columns
where table_name = %s ''', table)]
File "/home/frappe/frappe-bench/apps/frappe/frappe/database/database.py", line 122, in sql
self.connect()
File "/home/frappe/frappe-bench/apps/frappe/frappe/database/database.py", line 75, in connect
self._conn = self.get_connection()
File "/home/frappe/frappe-bench/apps/frappe/frappe/database/mariadb/database.py", line 90, in get_connection
local_infile = frappe.conf.local_infile)
File "/home/frappe/frappe-bench/env/lib/python3.7/site-packages/pymysql/init.py", line 94, in Connect
return Connection(*args, **kwargs)
File "/home/frappe/frappe-bench/env/lib/python3.7/site-packages/pymysql/connections.py", line 325, in init
self.connect()
File "/home/frappe/frappe-bench/env/lib/python3.7/site-packages/pymysql/connections.py", line 599, in connect
self._request_authentication()
File "/home/frappe/frappe-bench/env/lib/python3.7/site-packages/pymysql/connections.py", line 861, in _request_authentication
auth_packet = self._read_packet()
File "/home/frappe/frappe-bench/env/lib/python3.7/site-packages/pymysql/connections.py", line 684, in _read_packet
packet.check_error()
File "/home/frappe/frappe-bench/env/lib/python3.7/site-packages/pymysql/protocol.py", line 220, in check_error
err.raise_mysql_exception(self._data)
File "/home/frappe/frappe-bench/env/lib/python3.7/site-packages/pymysql/err.py", line 109, in raise_mysql_exception
raise errorclass(errno, errval)
pymysql.err.OperationalError: (1045, "Access denied for user '_cea4c96ca04de013'@'10.56.1.43' (using password: YES)")
undefined
from helm.
could you send me the output again:
kubectl get secret --namespace mariadb mariadb -o jsonpath="{.data.mariadb-root-password}"
from helm.
did you make the same changes to the mariadb chart as well? you will have to do so, reapply the chart, and then retry new-site
from helm.
the chart should contain the unhashed password, and the secrets should have the base64 hash of the password.
from helm.
I did just that exactly.
from helm.
I have tried again and still same results.
from helm.
What are the StorageClass being used?
kubectl get pvc --all-namespaces
nfs
is only for ERPNext, don't use NFS for mariadb. https://github.com/bitnami/charts/tree/master/bitnami/mariadb#extra-init-containers
here is my list of PVCs. (scw-bssd is provided by scaleway, google will have their own)
NAMESPACE NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE
erpnext frappe-bench-stable-erpnext Bound pvc-79e435b5-fb27-48cb-9ce7-c438cf0cebf0 8Gi RWX nfs 74d
mariadb data-mariadb-master-0 Bound pvc-1b93d3a9-bfce-4a16-ad9a-f9132b2af731 16Gi RWO scw-bssd 53d
mariadb data-mariadb-slave-0 Bound pvc-9696c3b0-b70e-41b6-bc19-a9564eff0306 16Gi RWO scw-bssd 53d
mongodb datadir-global-mongodb-primary-0 Bound pvc-7c3d6b60-1952-41f5-90e1-048dee65cf29 8Gi RWO scw-bssd 16d
mongodb datadir-global-mongodb-secondary-0 Bound pvc-0bcf2edb-6059-4f27-a741-4b11a81317cd 8Gi RWO scw-bssd 16d
nfs data-nfs-server-nfs-server-provisioner-0 Bound pvc-3db8a3ce-9a3b-45a7-b505-fe2920649e00 16Gi RWO scw-bssd 80d
Can you manually connect to mariadb with instructions from helm status -n mariadb mariadb
NAME: mariadb
LAST DEPLOYED: Sun May 31 00:43:29 2020
NAMESPACE: mariadb
STATUS: deployed
REVISION: 1
NOTES:
Please be patient while the chart is being deployed
Tip:
Watch the deployment status using the command: kubectl get pods -w --namespace mariadb -l release=mariadb
Services:
echo Master: mariadb.mariadb.svc.cluster.local:3306
echo Slave: mariadb-slave.mariadb.svc.cluster.local:3306
Administrator credentials:
Username: root
Password : $(kubectl get secret --namespace mariadb mariadb -o jsonpath="{.data.mariadb-root-password}" | base64 --decode)
To connect to your database:
1. Run a pod that you can use as a client:
kubectl run mariadb-client --rm --tty -i --restart='Never' --image docker.io/bitnami/mariadb:10.3.22-debian-10-r92 --namespace mariadb --command -- bash
2. To connect to master service (read/write):
mysql -h mariadb.mariadb.svc.cluster.local -uroot -p my_database
3. To connect to slave service (read-only):
mysql -h mariadb-slave.mariadb.svc.cluster.local -uroot -p my_database
To upgrade this helm chart:
1. Obtain the password as described on the 'Administrator credentials' section and set the 'rootUser.password' parameter as shown below:
ROOT_PASSWORD=$(kubectl get secret --namespace mariadb mariadb -o jsonpath="{.data.mariadb-root-password}" | base64 --decode)
helm upgrade mariadb bitnami/mariadb --set rootUser.password=$ROOT_PASSWORD
from helm.
$ kubectl get pvc --all-namespaces
NAMESPACE NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE
default nfs Bound nfs 200Gi RWX 22h
erpnext bench-0001-erpnext Bound pvc-36e2c9ef-ccb3-11ea-8f29-42010a800019 8Gi RWX nfs 86m
mariadb data-mariadb-master-0 Bound pvc-fedaef40-ccb1-11ea-8f29-42010a800019 8Gi RWO standard 94m
mariadb data-mariadb-slave-0 Bound pvc-fecfab78-ccb1-11ea-8f29-42010a800019 8Gi RWO standard 94m
mariadb data-mariadb-slave-1 Bound pvc-266a55e3-ccb2-11ea-8f29-42010a800019 8Gi RWO standard 93m
I can manually connect to both Master and Slave , see below;
kubectl run mariadb-client --rm --tty -i --restart='Never' --image docker.io/bitnami/mariadb:10.3.23-debian-10-r44 --namespace mariadb --command -- bash
If you don't see a command prompt, try pressing enter.
I have no name!@mariadb-client:/$ mysql -h mariadb.mariadb.svc.cluster.local -uroot -p erpnext_db
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 5681
Server version: 10.3.23-MariaDB-log Source distribution
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [erpnext_db]>
I have no name!@mariadb-client:/$ mysql -h mariadb-slave.mariadb.svc.cluster.local -uroot -p erpnext_db
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 2079
Server version: 10.3.23-MariaDB-log Source distribution
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [erpnext_db]>
from helm.
If you can login manually then password in erpnext namespace must be wrong.
export MARIADB_ROOT_PASSWORD=$(kubectl get secret --namespace mariadb mariadb -o jsonpath="{.data.mariadb-root-password}" | base64 --decode)
export MARIADB_ERPNEXT_SECRET=$(kubectl get secret -n erpnext mariadb-root-password -o jsonpath="{.data.password}" | base64 --decode)
compare passwords
if [[ $MARIADB_ROOT_PASSWORD == $MARIADB_ERPNEXT_SECRET ]]; then echo "Passwords Match"; else echo "Passwords do not match"; fi
from helm.
Thank you.
The passwords do not match.
Here is how I am applying the mariadb secret -
kubectl apply -n erpnext -f - <<EOF
apiVersion: v1
data:
password: cGFzc3dvcmQ=
kind: Secret
metadata:
name: mariadb-root-password
type: Opaque
EOF
Is there anything wrong with the config? cGFzc3dvcmQ= is the encoded Base64 password
from helm.
I updated the compare passwords command, there was a mistake. I created environment variable MARIADB_ERPNEXT_SECRET and compared MARIADB_SECRET
updated command in previous comment.
to get BASE64_PASSWORD mentioned here https://helm.erpnext.com/kubernetes-resources/create-mariadb-root-password-secret
BASE64_PASSWORD=$(kubectl get secret --namespace mariadb mariadb -o jsonpath="{.data.mariadb-root-password}")
from helm.
The passwords are matching
from helm.
BASE64_PASSWORD=$(kubectl get secret --namespace mariadb mariadb -o jsonpath="{.data.mariadb-root-password}")
returns the hash cGFzc3dvcmQ=
from helm.
Everything seems to be correct on your end.
even tests are passing https://travis-ci.com/github/frappe/frappe_docker/jobs/363864114
I have not tried anything on GKE yet. I'll try if there is any free tier available.
from helm.
Yes, the DB issues have been resolved.
Thank you so much, I will close this issue now.
from helm.
Related Issues (20)
- Migration job is Complete however customization from custom/{document}.json does not take effect HOT 1
- Support `ingressClassName` in ingress HOT 3
- Multiline breaks deployment using automation tool like Flux HOT 1
- drop site job not working HOT 12
- Mount assets on workers HOT 2
- bench migrate failing on kubernetes HOT 1
- worker container cannot access assets/ - results in email queue issue HOT 2
- ERPNext support in TrueCharts HOT 8
- Support for Longhorn storage class HOT 5
- builds failed
- ERPNext Create Site results in Error 404 HOT 2
- v6.0.0 chart ignores image names HOT 8
- Migrate job fails with new 6.0.1 custom app HOT 2
- Install on the OpenShift Platform HOT 2
- Update icons for the chart HOT 1
- Add custom app installation to helm charts HOT 3
- make HPA part of helm chart
- Wrong NodeSelector configuration for socketio HOT 1
- [conf-bench-job] frappe-bench-ownership changes ownership on container filesystem
- Update redis chart HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from helm.