-
Notifications
You must be signed in to change notification settings - Fork 74
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
imagePullSecrets not used in backup cronjob templates #78
Comments
Thank you for reporting this issue when imagePullSecrets are used to pull main database images. Could you please share a YAML example where your configuration does not work? |
thank you for your quick reply.. here is some more info : Launching this yaml file on a cluster (at scaleway.com => scw-xxx) with 1 node is fine apiVersion: v1
data:
.dockerconfigjson: REDACTED
kind: Secret
metadata:
name: registry-secret
namespace: kubegres-sandbox
type: kubernetes.io/dockerconfigjson
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: kubegres-backup-issue-78-pvc
namespace: kubegres-sandbox
spec:
storageClassName: scw-bssd
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
---
apiVersion: kubegres.reactive-tech.io/v1
kind: Kubegres
metadata:
name: kubegres-issue-78
namespace: kubegres-sandbox
spec:
replicas: 1
image: my-private-registry/image:tag
imagePullSecrets:
- name: registry-secret
database:
size: 1Gi
storageClassName: scw-bssd
failover:
isDisabled: true
backup:
schedule: "*/3 * * * *"
pvcName: kubegres-backup-issue-78-pvc
volumeMount: /var/lib/backup
env:
- name: POSTGRES_PASSWORD
value: supassword
- name: POSTGRES_REPLICATION_PASSWORD
value: reppassword Backup CronJob is created : kind: CronJob
apiVersion: batch/v1beta1
metadata:
name: backup-kubegres-issue-78
namespace: kubegres-sandbox
uid: 499fa9f5-5a59-48d9-8fa2-7b08c74ca34b
resourceVersion: '1469331142'
generation: 1
creationTimestamp: '2021-12-27T14:02:36Z'
ownerReferences:
- apiVersion: kubegres.reactive-tech.io/v1
kind: Kubegres
name: kubegres-issue-78
uid: db3cb326-bc37-434e-b3ba-44175b083eb6
controller: true
blockOwnerDeletion: true
spec:
schedule: '*/3 * * * *'
concurrencyPolicy: Forbid
suspend: false
jobTemplate:
metadata:
creationTimestamp: null
spec:
template:
metadata:
creationTimestamp: null
spec:
volumes:
- name: backup-volume
persistentVolumeClaim:
claimName: kubegres-backup-issue-78-pvc
- name: postgres-config
configMap:
name: base-kubegres-config
defaultMode: 511
containers:
- name: backup-postgres
image: my-private-registry/image:tag
args:
- sh
- '-c'
- /tmp/backup_database.sh
env:
- name: PGPASSWORD
- name: KUBEGRES_RESOURCE_NAME
value: kubegres-issue-78
- name: BACKUP_DESTINATION_FOLDER
value: /var/lib/backup
- name: BACKUP_SOURCE_DB_HOST_NAME
value: kubegres-issue-78
- name: POSTGRES_PASSWORD
value: supassword
- name: POSTGRES_REPLICATION_PASSWORD
value: reppassword
resources: {}
volumeMounts:
- name: backup-volume
mountPath: /var/lib/backup
- name: postgres-config
mountPath: /tmp/backup_database.sh
subPath: backup_database.sh
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
imagePullPolicy: IfNotPresent
restartPolicy: OnFailure
terminationGracePeriodSeconds: 30
dnsPolicy: ClusterFirst
securityContext: {}
schedulerName: default-scheduler
successfulJobsHistoryLimit: 3
failedJobsHistoryLimit: 1
status:
lastScheduleTime: '2021-12-27T14:06:00Z'
lastSuccessfulTime: '2021-12-27T14:06:05Z' the imagePullSecrets is missing there..
But if i add some nodes to the cluster
the backup job fails depending of which node it is scheduled :
the private image have not been pulled on new nodes, so when the backup is scheduled on one of these new nodes, as the imagePullSecrets field is missing in CronJob spec, the container cannot be pulled. |
Thank you for those details which will help me with the investigation. |
Hi @alex-arica sent a PR #103 to fix this issue. |
If imagePullSecrets are used to pull main database images, they are not used for backup templates. So if the backup job is scheduled on a pod without database image, it fails pulling the image.
Manually adding imagePullSecrets to CronJob definition works but this is a dirty workaround :)
The text was updated successfully, but these errors were encountered: