From 3ff77ef7f2eba27437c405a35bb09a6121d5561e Mon Sep 17 00:00:00 2001 From: lengjunjie Date: Wed, 29 Jun 2022 09:50:49 +0800 Subject: [PATCH 1/6] Fix build scripts --- build.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build.sh b/build.sh index 794609de..33f713bc 100755 --- a/build.sh +++ b/build.sh @@ -1,8 +1,8 @@ +#!/bin/bash # Copyright (c) 2021, Oracle and/or its affiliates. # # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/ # -#!/bin/bash docker build --build-arg http_proxy=${http_proxy} --build-arg https_proxy=${https_proxy} --build-arg no_proxy=${no_proxy} -t mysql/mysql-operator:8.0 . From 91dd798b4375652d5ad3cab72e832f53b6543a22 Mon Sep 17 00:00:00 2001 From: lengjunjie Date: Wed, 29 Jun 2022 09:51:47 +0800 Subject: [PATCH 2/6] Refine Dockerfile --- docker-build/Dockerfile | 11 +++++------ docker-deps/Dockerfile | 4 +--- 2 files changed, 6 insertions(+), 9 deletions(-) diff --git a/docker-build/Dockerfile b/docker-build/Dockerfile index c786b4c8..62f7d0ac 100644 --- a/docker-build/Dockerfile +++ b/docker-build/Dockerfile @@ -5,12 +5,11 @@ FROM %%MYSQL_OPERATOR_PYTHON_DEPS%% - -RUN rpm -U %%MYSQL_REPO_URL%%/mysql80-community-release-el8.rpm \ - && microdnf update && echo "[main]" > /etc/dnf/dnf.conf \ - && microdnf install -y mysql-shell-%%MYSQL_SHELL_VERSION%% \ - && microdnf remove mysql80-community-release \ - && microdnf clean all +RUN rpm -U %%MYSQL_REPO_URL%%/mysql80-community-release-el8.rpm && \ + microdnf update && echo "[main]" > /etc/dnf/dnf.conf && \ + microdnf install -y mysql-shell-%%MYSQL_SHELL_VERSION%% && \ + microdnf remove mysql80-community-release && \ + microdnf clean all RUN groupadd -g27 mysql && useradd -u27 -g27 mysql diff --git a/docker-deps/Dockerfile b/docker-deps/Dockerfile index 5db99db1..d867dfa2 100644 --- a/docker-deps/Dockerfile +++ b/docker-deps/Dockerfile @@ -11,7 +11,7 @@ ARG PYTHON_BASE_DIR RUN dnf install -y gcc git tar COPY ${PYTHON_TARBALL} . -RUN mkdir -p ${PYTHON_BASE_DIR} && cd ${PYTHON_BASE_DIR} && tar xzf /${PYTHON_TARBALL} +RUN mkdir -p ${PYTHON_BASE_DIR} && cd ${PYTHON_BASE_DIR} && tar -xzf /${PYTHON_TARBALL} ENV PATH=${PYTHON_BASE_DIR}/${PYTHON_ROOT}/bin:$PATH ENV LD_LIBRARY_PATH=${PYTHON_BASE_DIR}/${PYTHON_ROOT}/lib @@ -22,5 +22,3 @@ RUN pip3 install --target=/tmp/site-packages -r requirements.txt FROM oraclelinux:8-slim COPY --from=pip-stage /tmp/site-packages /usr/lib/mysqlsh/python-packages - - From 367d8405c75f719a1f031fdea99927151c94184d Mon Sep 17 00:00:00 2001 From: lengjunjie Date: Wed, 29 Jun 2022 09:59:18 +0800 Subject: [PATCH 3/6] Optimize on_secret_create handler: the original register handlers all secrets' creation or updating events, then kopf framework transfer ever log to k8s event, which overdriving the etcd, in some case this would even trigger OOM on etcd server. --- mysqloperator/controller/innodbcluster/operator_cluster.py | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/mysqloperator/controller/innodbcluster/operator_cluster.py b/mysqloperator/controller/innodbcluster/operator_cluster.py index 5397509b..89f5d363 100644 --- a/mysqloperator/controller/innodbcluster/operator_cluster.py +++ b/mysqloperator/controller/innodbcluster/operator_cluster.py @@ -605,8 +605,10 @@ def on_pod_delete(body: Body, logger: Logger, **kwargs): logger.error(f"Owner cluster for {pod.name} does not exist anymore") -@kopf.on.create("", "v1", "secrets") # type: ignore -@kopf.on.update("", "v1", "secrets") # type: ignore +@kopf.on.create("", "v1", "secrets", + field="type", value="kubernetes.io/tls") # type: ignore +@kopf.on.update("", "v1", "secrets", + field="type", value="kubernetes.io/tls") # type: ignore def on_secret_create(name: str, namespace: str, logger: Logger, **kwargs): """ Wait for Secret objects used by clusters for TLS CA and certificate. From 05347d32d36291694d08db596151b5993f107991 Mon Sep 17 00:00:00 2001 From: lengjunjie Date: Wed, 29 Jun 2022 10:05:24 +0800 Subject: [PATCH 4/6] Optimize on_innodbcluster_field_backup_schedules handler: when the InnoDBCluster is not created this handler also generates lots of events, I think we should involve a handler dynamically. --- .../controller/innodbcluster/operator_cluster.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/mysqloperator/controller/innodbcluster/operator_cluster.py b/mysqloperator/controller/innodbcluster/operator_cluster.py index 89f5d363..3535ff89 100644 --- a/mysqloperator/controller/innodbcluster/operator_cluster.py +++ b/mysqloperator/controller/innodbcluster/operator_cluster.py @@ -385,15 +385,13 @@ def on_innodbcluster_field_router_version(old: str, new: str, body: Body, router_objects.update_router_image(router_deploy, cluster.parsed_spec, logger) - @kopf.on.field(consts.GROUP, consts.VERSION, consts.INNODBCLUSTER_PLURAL, field="spec.backupSchedules") # type: ignore def on_innodbcluster_field_backup_schedules(old: str, new: str, body: Body, - logger: Logger, **kwargs): + logger: Logger, **kwargs): if old == new: return - logger.info("on_innodbcluster_field_backup_schedules") cluster = InnoDBCluster(body) # Ignore spec changes if the cluster is still being initialized @@ -410,8 +408,10 @@ def on_innodbcluster_field_backup_schedules(old: str, new: str, body: Body, # don't need to take actions in post_create_actions() in the cluster controller # but async await for Kopf to call again this handler. if not cluster.get_create_time(): - raise kopf.TemporaryError("The cluster is not ready. Will create the schedules once the first instance is up and running", delay=10) + raise kopf.TemporaryError("Cluster is not created or not ready." + "Will create the schedules once the first instance is up and running", delay=30) + logger.info("on_innodbcluster_field_backup_schedules") cluster.parsed_spec.validate(logger) with ClusterMutex(cluster): backup_objects.update_schedules(cluster.parsed_spec, old, new, logger) From 499fd4c1ef15d719ef63703dc47383958a1f9c62 Mon Sep 17 00:00:00 2001 From: lengjunjie Date: Wed, 29 Jun 2022 11:09:50 +0800 Subject: [PATCH 5/6] Update log message --- mysqloperator/controller/innodbcluster/operator_cluster.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mysqloperator/controller/innodbcluster/operator_cluster.py b/mysqloperator/controller/innodbcluster/operator_cluster.py index 3535ff89..dad3eeb1 100644 --- a/mysqloperator/controller/innodbcluster/operator_cluster.py +++ b/mysqloperator/controller/innodbcluster/operator_cluster.py @@ -408,7 +408,7 @@ def on_innodbcluster_field_backup_schedules(old: str, new: str, body: Body, # don't need to take actions in post_create_actions() in the cluster controller # but async await for Kopf to call again this handler. if not cluster.get_create_time(): - raise kopf.TemporaryError("Cluster is not created or not ready." + raise kopf.TemporaryError("Cluster is not created or not ready. " "Will create the schedules once the first instance is up and running", delay=30) logger.info("on_innodbcluster_field_backup_schedules") From e8838d5bbe534692d3a006904bdf0d253b205b9b Mon Sep 17 00:00:00 2001 From: lengjunjie Date: Wed, 29 Jun 2022 17:19:54 +0800 Subject: [PATCH 6/6] Optimize on_secret_create_or_update handler of sidecar --- mysqloperator/sidecar_main.py | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/mysqloperator/sidecar_main.py b/mysqloperator/sidecar_main.py index 9ba0b652..e1138c9a 100644 --- a/mysqloperator/sidecar_main.py +++ b/mysqloperator/sidecar_main.py @@ -545,8 +545,10 @@ def on_tls_secret_create_or_change(value: dict, useSelfSigned: bool, router_depl raise kopf.PermanentError("Timeout waiting for TLS files to get refreshed") -@kopf.on.create("", "v1", "secrets") # type: ignore -@kopf.on.update("", "v1", "secrets") # type: ignore +@kopf.on.create("", "v1", "secrets", + field="type", value="kubernetes.io/tls") # type: ignore +@kopf.on.update("", "v1", "secrets", + field="type", value="kubernetes.io/tls") # type: ignore def on_secret_create_or_update(name: str, namespace: str, spec, new, logger: Logger, **kwargs): global g_cluster_name