From 88fc3b21b9ec819b35fc6e161a11c512fcb179cd Mon Sep 17 00:00:00 2001 From: mikechengwei <842725815@qq.com> Date: Sun, 26 Dec 2021 22:45:32 +0800 Subject: [PATCH 01/70] random password --- go.mod | 1 + go.sum | 2 + pkg/apis/pingcap/v1alpha1/types.go | 10 +++++ pkg/controller/generic_control.go | 21 +++++++++ pkg/manager/member/tidb_member_manager.go | 55 +++++++++++++++++++++++ pkg/util/util.go | 17 +++++++ 6 files changed, 106 insertions(+) diff --git a/go.mod b/go.mod index 06db98d0b6..627a84846b 100644 --- a/go.mod +++ b/go.mod @@ -57,6 +57,7 @@ require ( github.com/prometheus/prom2json v1.3.0 github.com/prometheus/prometheus v1.8.2 github.com/robfig/cron v1.1.0 + github.com/sethvargo/go-password v0.2.0 github.com/sirupsen/logrus v1.6.0 github.com/spf13/cobra v1.0.0 github.com/spf13/pflag v1.0.5 diff --git a/go.sum b/go.sum index 76d7410d85..c1e83ba68e 100644 --- a/go.sum +++ b/go.sum @@ -801,6 +801,8 @@ github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdh github.com/seccomp/libseccomp-golang v0.9.1/go.mod h1:GbW5+tmTXfcxTToHLXlScSlAvWlF4P2Ca7zGrPiEpWo= github.com/serenize/snaker v0.0.0-20171204205717-a683aaf2d516/go.mod h1:Yow6lPLSAXx2ifx470yD/nUe22Dv5vBvxK/UK9UUTVs= github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo= +github.com/sethvargo/go-password v0.2.0 h1:BTDl4CC/gjf/axHMaDQtw507ogrXLci6XRiLc7i/UHI= +github.com/sethvargo/go-password v0.2.0/go.mod h1:Ym4Mr9JXLBycr02MFuVQ/0JHidNetSgbzutTr3zsYXE= github.com/shopspring/decimal v0.0.0-20180709203117-cd690d0c9e24/go.mod h1:M+9NzErvs504Cn4c5DxATwIqPbtswREoFCre64PpcG4= github.com/shurcooL/go v0.0.0-20180423040247-9e1955d9fb6e/go.mod h1:TDJrrUr11Vxrven61rcy3hJMUqaf/CLWYhHNPmT14Lk= github.com/shurcooL/go-goon v0.0.0-20170922171312-37c2f522c041/go.mod h1:N5mDOmsrJOB+vfqUK+7DmDyjhSLIIBnXo9lvZJj3MWQ= diff --git a/pkg/apis/pingcap/v1alpha1/types.go b/pkg/apis/pingcap/v1alpha1/types.go index 708c0cc60e..18ad88b98a 100644 --- a/pkg/apis/pingcap/v1alpha1/types.go +++ b/pkg/apis/pingcap/v1alpha1/types.go @@ -764,6 +764,15 @@ type TiDBSpec struct { // the default behavior is like setting type as "tcp" // +optional ReadinessProbe *TiDBProbe `json:"readinessProbe,omitempty"` + + // Initializer is the init configurations of TiDB + // + // +optional + Initializer *TiDBInitializer `json:"initializer,omitempty"` +} + +type TiDBInitializer struct { + CreatePassword bool `json:"createPassword"` } const ( @@ -1120,6 +1129,7 @@ type TiDBStatus struct { FailureMembers map[string]TiDBFailureMember `json:"failureMembers,omitempty"` ResignDDLOwnerRetryCount int32 `json:"resignDDLOwnerRetryCount,omitempty"` Image string `json:"image,omitempty"` + InitPassword bool `json:"initPassword,omitempty"` } // TiDBMember is TiDB member diff --git a/pkg/controller/generic_control.go b/pkg/controller/generic_control.go index 0eb835e640..35f8b09a82 100644 --- a/pkg/controller/generic_control.go +++ b/pkg/controller/generic_control.go @@ -19,6 +19,8 @@ import ( "fmt" "strings" + "github.com/pingcap/tidb-operator/pkg/apis/pingcap/v1alpha1" + "github.com/pingcap/tidb-operator/pkg/scheme" appsv1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" @@ -62,6 +64,8 @@ type TypedControlInterface interface { CreateOrUpdateIngress(controller client.Object, ingress *networkingv1.Ingress) (*networkingv1.Ingress, error) // CreateOrUpdateIngressV1beta1 create the desired v1beta1 ingress or update the current one to desired state if already existed CreateOrUpdateIngressV1beta1(controller client.Object, ingress *extensionsv1beta1.Ingress) (*extensionsv1beta1.Ingress, error) + // CreateOrUpdateTidbInitializer create the desired v1alpha1 TidbInitializer or update the current one to desired state if already existed + CreateOrUpdateTidbInitializer(controller client.Object, tidbInitializer *v1alpha1.TidbInitializer) (*v1alpha1.TidbInitializer, error) // UpdateStatus update the /status subresource of the object UpdateStatus(newStatus client.Object) error // Delete delete the given object from the cluster @@ -263,6 +267,23 @@ func (w *typedWrapper) CreateOrUpdateConfigMap(controller client.Object, cm *cor return result.(*corev1.ConfigMap), nil } +func (w *typedWrapper) CreateOrUpdateTidbInitializer(controller client.Object, tidbInitializer *v1alpha1.TidbInitializer) (*v1alpha1.TidbInitializer, error) { + result, err := w.GenericControlInterface.CreateOrUpdate(controller, tidbInitializer, func(existing, desired client.Object) error { + existingInitializer := existing.(*v1alpha1.TidbInitializer) + desiredInitializer := desired.(*v1alpha1.TidbInitializer) + + existingInitializer.Labels = desiredInitializer.Labels + for k, v := range desiredInitializer.Annotations { + existingInitializer.Annotations[k] = v + } + return nil + }, true) + if err != nil { + return nil, err + } + return result.(*v1alpha1.TidbInitializer), nil +} + func (w *typedWrapper) CreateOrUpdateService(controller client.Object, svc *corev1.Service) (*corev1.Service, error) { result, err := w.GenericControlInterface.CreateOrUpdate(controller, svc, func(existing, desired client.Object) error { existingSvc := existing.(*corev1.Service) diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index 2f56e8bd7a..672f9e67be 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -20,6 +20,8 @@ import ( "strconv" "strings" + "github.com/pingcap/tidb-operator/pkg/backup/constants" + "github.com/pingcap/tidb-operator/pkg/apis/label" "github.com/pingcap/tidb-operator/pkg/apis/pingcap/v1alpha1" "github.com/pingcap/tidb-operator/pkg/controller" @@ -241,10 +243,63 @@ func (m *tidbMemberManager) syncTiDBStatefulSetForTidbCluster(tc *v1alpha1.TidbC return err } } + // set random password + if tc.Spec.TiDB.Initializer != nil && tc.Spec.TiDB.Initializer.CreatePassword && !tc.Status.InitPassword { + // sync password secret + secret := m.buildRandomPasswordSecret(tc) + secret, err := m.deps.TypedControl.CreateOrUpdateSecret(tc, secret) + if err != nil { + return err + } + tidbInitializer := &v1alpha1.TidbInitializer{ + TypeMeta: metav1.TypeMeta{ + Kind: "TidbCluster", + APIVersion: "pingcap.com/v1alpha1", + }, + ObjectMeta: metav1.ObjectMeta{ + Name: fmt.Sprintf("%s-init", tc.Name), + Namespace: tc.Namespace, + }, + Spec: v1alpha1.TidbInitializerSpec{ + Clusters: v1alpha1.TidbClusterRef{ + Name: tc.Name, + Namespace: tc.Namespace, + }, + PasswordSecret: pointer.StringPtr(secret.Name), + }, + } + _, err = m.deps.TypedControl.CreateOrUpdateTidbInitializer(tc, tidbInitializer) + if err != nil { + return err + } + + exist, err := m.deps.TiDBInitializerLister.TidbInitializers(tidbInitializer.Namespace).Get(tidbInitializer.Name) + if err != nil { + return err + } + if exist.Status.Phase == v1alpha1.InitializePhaseCompleted { + tc.Status.InitPassword = true + } + } return mngerutils.UpdateStatefulSet(m.deps.StatefulSetControl, tc, newTiDBSet, oldTiDBSet) } +func (m *tidbMemberManager) buildRandomPasswordSecret(tc *v1alpha1.TidbCluster) *corev1.Secret { + + s := &corev1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Name: fmt.Sprintf("%s-secret", tc.Name), + Namespace: tc.Namespace, + }, + } + password := util.FixedLengthRandomPasswordBytes() + s.Data = map[string][]byte{ + constants.TidbPasswordKey: password, + } + return s +} + func (m *tidbMemberManager) shouldRecover(tc *v1alpha1.TidbCluster) bool { if tc.Status.TiDB.FailureMembers == nil { return false diff --git a/pkg/util/util.go b/pkg/util/util.go index 79e88a4700..410e8b9479 100644 --- a/pkg/util/util.go +++ b/pkg/util/util.go @@ -25,6 +25,7 @@ import ( "github.com/pingcap/tidb-operator/pkg/apis/label" "github.com/pingcap/tidb-operator/pkg/apis/pingcap/v1alpha1" "github.com/pingcap/tidb-operator/pkg/features" + "github.com/sethvargo/go-password/password" apps "k8s.io/api/apps/v1" appsv1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" @@ -426,3 +427,19 @@ func ResolvePVCFromPod(pod *corev1.Pod, pvcLister corelisterv1.PersistentVolumeC } return pvcs, nil } + +// FixedLengthRandomPasswordBytes generates a random password +func FixedLengthRandomPasswordBytes() []byte { + return RandomBytes(24) +} + +// RandomBytes generates some random bytes that can be used as a token or as a key +func RandomBytes(length int) []byte { + return []byte(password.MustGenerate( + length, + 10, // number of digits to include in the result + 0, // number of symbols to include in the result + false, // noUpper + true, // allowRepeat + )) +} From f9cb7fee63aacacc629299234cea8f0964582da9 Mon Sep 17 00:00:00 2001 From: mikechengwei <842725815@qq.com> Date: Sun, 26 Dec 2021 22:46:22 +0800 Subject: [PATCH 02/70] random password --- docs/api-references/docs.md | 51 +++++++++++++++++++ manifests/crd.yaml | 9 ++++ .../crd/v1/pingcap.com_tidbclusters.yaml | 9 ++++ .../crd/v1beta1/pingcap.com_tidbclusters.yaml | 9 ++++ manifests/crd_v1beta1.yaml | 9 ++++ .../pingcap/v1alpha1/openapi_generated.go | 8 ++- .../pingcap/v1alpha1/zz_generated.deepcopy.go | 21 ++++++++ 7 files changed, 115 insertions(+), 1 deletion(-) diff --git a/docs/api-references/docs.md b/docs/api-references/docs.md index f799e750a3..f860193b40 100644 --- a/docs/api-references/docs.md +++ b/docs/api-references/docs.md @@ -14552,6 +14552,33 @@ Kubernetes meta/v1.Time +

TiDBInitializer

+

+(Appears on: +TiDBSpec) +

+

+

+ + + + + + + + + + + + + +
FieldDescription
+createPassword
+ +bool + +
+

TiDBMember

(Appears on: @@ -15068,6 +15095,20 @@ TiDBProbe the default behavior is like setting type as “tcp”

+ + +initializer
+ + +TiDBInitializer + + + + +(Optional) +

Initializer is the init configurations of TiDB

+ +

TiDBStatus

@@ -15154,6 +15195,16 @@ string + + +initPassword
+ +bool + + + + +

TiDBTLSClient

diff --git a/manifests/crd.yaml b/manifests/crd.yaml index d21ee22c2f..40017d2e98 100644 --- a/manifests/crd.yaml +++ b/manifests/crd.yaml @@ -23746,6 +23746,13 @@ spec: - name type: object type: array + initializer: + properties: + createPassword: + type: boolean + required: + - createPassword + type: object labels: additionalProperties: type: string @@ -29171,6 +29178,8 @@ spec: type: object image: type: string + initPassword: + type: boolean members: additionalProperties: properties: diff --git a/manifests/crd/v1/pingcap.com_tidbclusters.yaml b/manifests/crd/v1/pingcap.com_tidbclusters.yaml index e3c3d0141a..adf1ecd2bb 100644 --- a/manifests/crd/v1/pingcap.com_tidbclusters.yaml +++ b/manifests/crd/v1/pingcap.com_tidbclusters.yaml @@ -11759,6 +11759,13 @@ spec: - name type: object type: array + initializer: + properties: + createPassword: + type: boolean + required: + - createPassword + type: object labels: additionalProperties: type: string @@ -17184,6 +17191,8 @@ spec: type: object image: type: string + initPassword: + type: boolean members: additionalProperties: properties: diff --git a/manifests/crd/v1beta1/pingcap.com_tidbclusters.yaml b/manifests/crd/v1beta1/pingcap.com_tidbclusters.yaml index b5a90873f0..9f2b6dab18 100644 --- a/manifests/crd/v1beta1/pingcap.com_tidbclusters.yaml +++ b/manifests/crd/v1beta1/pingcap.com_tidbclusters.yaml @@ -11743,6 +11743,13 @@ spec: - name type: object type: array + initializer: + properties: + createPassword: + type: boolean + required: + - createPassword + type: object labels: additionalProperties: type: string @@ -17161,6 +17168,8 @@ spec: type: object image: type: string + initPassword: + type: boolean members: additionalProperties: properties: diff --git a/manifests/crd_v1beta1.yaml b/manifests/crd_v1beta1.yaml index f87ca7af8a..9f30595ff3 100644 --- a/manifests/crd_v1beta1.yaml +++ b/manifests/crd_v1beta1.yaml @@ -23730,6 +23730,13 @@ spec: - name type: object type: array + initializer: + properties: + createPassword: + type: boolean + required: + - createPassword + type: object labels: additionalProperties: type: string @@ -29148,6 +29155,8 @@ spec: type: object image: type: string + initPassword: + type: boolean members: additionalProperties: properties: diff --git a/pkg/apis/pingcap/v1alpha1/openapi_generated.go b/pkg/apis/pingcap/v1alpha1/openapi_generated.go index 0cd9b5e991..60e7b4eb37 100644 --- a/pkg/apis/pingcap/v1alpha1/openapi_generated.go +++ b/pkg/apis/pingcap/v1alpha1/openapi_generated.go @@ -8100,12 +8100,18 @@ func schema_pkg_apis_pingcap_v1alpha1_TiDBSpec(ref common.ReferenceCallback) com Ref: ref("github.com/pingcap/tidb-operator/pkg/apis/pingcap/v1alpha1.TiDBProbe"), }, }, + "initializer": { + SchemaProps: spec.SchemaProps{ + Description: "Initializer is the init configurations of TiDB", + Ref: ref("github.com/pingcap/tidb-operator/pkg/apis/pingcap/v1alpha1.TiDBInitializer"), + }, + }, }, Required: []string{"replicas"}, }, }, Dependencies: []string{ - "github.com/pingcap/tidb-operator/pkg/apis/pingcap/v1alpha1.StorageVolume", "github.com/pingcap/tidb-operator/pkg/apis/pingcap/v1alpha1.TiDBConfigWraper", "github.com/pingcap/tidb-operator/pkg/apis/pingcap/v1alpha1.TiDBProbe", "github.com/pingcap/tidb-operator/pkg/apis/pingcap/v1alpha1.TiDBServiceSpec", "github.com/pingcap/tidb-operator/pkg/apis/pingcap/v1alpha1.TiDBSlowLogTailerSpec", "github.com/pingcap/tidb-operator/pkg/apis/pingcap/v1alpha1.TiDBTLSClient", "github.com/pingcap/tidb-operator/pkg/apis/pingcap/v1alpha1.TopologySpreadConstraint", "k8s.io/api/core/v1.Affinity", "k8s.io/api/core/v1.Container", "k8s.io/api/core/v1.EnvVar", "k8s.io/api/core/v1.Lifecycle", "k8s.io/api/core/v1.LocalObjectReference", "k8s.io/api/core/v1.PodSecurityContext", "k8s.io/api/core/v1.Toleration", "k8s.io/api/core/v1.Volume", "k8s.io/api/core/v1.VolumeMount", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, + "github.com/pingcap/tidb-operator/pkg/apis/pingcap/v1alpha1.StorageVolume", "github.com/pingcap/tidb-operator/pkg/apis/pingcap/v1alpha1.TiDBConfigWraper", "github.com/pingcap/tidb-operator/pkg/apis/pingcap/v1alpha1.TiDBInitializer", "github.com/pingcap/tidb-operator/pkg/apis/pingcap/v1alpha1.TiDBProbe", "github.com/pingcap/tidb-operator/pkg/apis/pingcap/v1alpha1.TiDBServiceSpec", "github.com/pingcap/tidb-operator/pkg/apis/pingcap/v1alpha1.TiDBSlowLogTailerSpec", "github.com/pingcap/tidb-operator/pkg/apis/pingcap/v1alpha1.TiDBTLSClient", "github.com/pingcap/tidb-operator/pkg/apis/pingcap/v1alpha1.TopologySpreadConstraint", "k8s.io/api/core/v1.Affinity", "k8s.io/api/core/v1.Container", "k8s.io/api/core/v1.EnvVar", "k8s.io/api/core/v1.Lifecycle", "k8s.io/api/core/v1.LocalObjectReference", "k8s.io/api/core/v1.PodSecurityContext", "k8s.io/api/core/v1.Toleration", "k8s.io/api/core/v1.Volume", "k8s.io/api/core/v1.VolumeMount", "k8s.io/apimachinery/pkg/api/resource.Quantity"}, } } diff --git a/pkg/apis/pingcap/v1alpha1/zz_generated.deepcopy.go b/pkg/apis/pingcap/v1alpha1/zz_generated.deepcopy.go index bbcaf58331..991d88c386 100644 --- a/pkg/apis/pingcap/v1alpha1/zz_generated.deepcopy.go +++ b/pkg/apis/pingcap/v1alpha1/zz_generated.deepcopy.go @@ -5362,6 +5362,22 @@ func (in *TiDBFailureMember) DeepCopy() *TiDBFailureMember { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TiDBInitializer) DeepCopyInto(out *TiDBInitializer) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TiDBInitializer. +func (in *TiDBInitializer) DeepCopy() *TiDBInitializer { + if in == nil { + return nil + } + out := new(TiDBInitializer) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *TiDBMember) DeepCopyInto(out *TiDBMember) { *out = *in @@ -5538,6 +5554,11 @@ func (in *TiDBSpec) DeepCopyInto(out *TiDBSpec) { *out = new(TiDBProbe) (*in).DeepCopyInto(*out) } + if in.Initializer != nil { + in, out := &in.Initializer, &out.Initializer + *out = new(TiDBInitializer) + **out = **in + } return } From 5b31a93cbb45e629ee7546accc0effe45b59ff52 Mon Sep 17 00:00:00 2001 From: mikechengwei <842725815@qq.com> Date: Mon, 27 Dec 2021 09:48:50 +0800 Subject: [PATCH 03/70] optimize code --- pkg/manager/member/tidb_member_manager.go | 22 +++++++++++++++++----- 1 file changed, 17 insertions(+), 5 deletions(-) diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index 672f9e67be..f34ff6739c 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -17,6 +17,7 @@ import ( "crypto/tls" "fmt" "path" + "sigs.k8s.io/controller-runtime/pkg/client" "strconv" "strings" @@ -244,7 +245,7 @@ func (m *tidbMemberManager) syncTiDBStatefulSetForTidbCluster(tc *v1alpha1.TidbC } } // set random password - if tc.Spec.TiDB.Initializer != nil && tc.Spec.TiDB.Initializer.CreatePassword && !tc.Status.InitPassword { + if tc.Spec.TiDB.Initializer != nil && tc.Spec.TiDB.Initializer.CreatePassword && !tc.Status.TiDB.InitPassword { // sync password secret secret := m.buildRandomPasswordSecret(tc) secret, err := m.deps.TypedControl.CreateOrUpdateSecret(tc, secret) @@ -268,17 +269,28 @@ func (m *tidbMemberManager) syncTiDBStatefulSetForTidbCluster(tc *v1alpha1.TidbC PasswordSecret: pointer.StringPtr(secret.Name), }, } - _, err = m.deps.TypedControl.CreateOrUpdateTidbInitializer(tc, tidbInitializer) + + exist, err := m.deps.TypedControl.Exist(client.ObjectKey{ + Namespace: tidbInitializer.Namespace, + Name: tidbInitializer.Name, + }, tidbInitializer) if err != nil { return err } + if !exist { + _, err = m.deps.TypedControl.CreateOrUpdateTidbInitializer(tc, tidbInitializer) + if err != nil { + return err + } + + } - exist, err := m.deps.TiDBInitializerLister.TidbInitializers(tidbInitializer.Namespace).Get(tidbInitializer.Name) + existInitializer, err := m.deps.TiDBInitializerLister.TidbInitializers(tidbInitializer.Namespace).Get(tidbInitializer.Name) if err != nil { return err } - if exist.Status.Phase == v1alpha1.InitializePhaseCompleted { - tc.Status.InitPassword = true + if existInitializer.Status.Phase == v1alpha1.InitializePhaseCompleted { + tc.Status.TiDB.InitPassword = true } } From b5de12395fc02460cb3de3df3651aa97692cefd1 Mon Sep 17 00:00:00 2001 From: mikechengwei <842725815@qq.com> Date: Mon, 27 Dec 2021 10:22:48 +0800 Subject: [PATCH 04/70] optimize code --- pkg/manager/member/tidb_member_manager.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index f34ff6739c..1807e5578b 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -17,7 +17,6 @@ import ( "crypto/tls" "fmt" "path" - "sigs.k8s.io/controller-runtime/pkg/client" "strconv" "strings" @@ -42,6 +41,7 @@ import ( "k8s.io/klog/v2" podutil "k8s.io/kubernetes/pkg/api/v1/pod" "k8s.io/utils/pointer" + "sigs.k8s.io/controller-runtime/pkg/client" ) const ( From ab37b18b717343a1fd278aab2156770dfe5438c2 Mon Sep 17 00:00:00 2001 From: mikechengwei <842725815@qq.com> Date: Tue, 4 Jan 2022 01:07:06 +0800 Subject: [PATCH 05/70] optimize code --- examples/basic/tidb-cluster.yaml | 2 ++ pkg/backup/constants/constants.go | 3 +++ pkg/manager/member/tidb_member_manager.go | 3 ++- pkg/util/util.go | 2 +- 4 files changed, 8 insertions(+), 2 deletions(-) diff --git a/examples/basic/tidb-cluster.yaml b/examples/basic/tidb-cluster.yaml index 601707bc9b..506acdb686 100644 --- a/examples/basic/tidb-cluster.yaml +++ b/examples/basic/tidb-cluster.yaml @@ -42,6 +42,8 @@ spec: raftdb: max-open-files: 256 tidb: + initializer: + createPassword: true baseImage: pingcap/tidb maxFailoverCount: 0 replicas: 1 diff --git a/pkg/backup/constants/constants.go b/pkg/backup/constants/constants.go index 0a36145c64..658c59c738 100644 --- a/pkg/backup/constants/constants.go +++ b/pkg/backup/constants/constants.go @@ -49,4 +49,7 @@ const ( // KMS secret env prefix KMSSecretPrefix = "KMS_ENCRYPTED" + + // RootKey represents the username in tidb secret + TidbRootKey = "root" ) diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index 1807e5578b..b7363935fd 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -262,6 +262,7 @@ func (m *tidbMemberManager) syncTiDBStatefulSetForTidbCluster(tc *v1alpha1.TidbC Namespace: tc.Namespace, }, Spec: v1alpha1.TidbInitializerSpec{ + Image: "tnir/mysqlclient", Clusters: v1alpha1.TidbClusterRef{ Name: tc.Name, Namespace: tc.Namespace, @@ -307,7 +308,7 @@ func (m *tidbMemberManager) buildRandomPasswordSecret(tc *v1alpha1.TidbCluster) } password := util.FixedLengthRandomPasswordBytes() s.Data = map[string][]byte{ - constants.TidbPasswordKey: password, + constants.TidbRootKey: password, } return s } diff --git a/pkg/util/util.go b/pkg/util/util.go index 410e8b9479..6d9c00b407 100644 --- a/pkg/util/util.go +++ b/pkg/util/util.go @@ -438,7 +438,7 @@ func RandomBytes(length int) []byte { return []byte(password.MustGenerate( length, 10, // number of digits to include in the result - 0, // number of symbols to include in the result + 5, // number of symbols to include in the result false, // noUpper true, // allowRepeat )) From 41b888f5f6cace793acbce7007959af631d5c325 Mon Sep 17 00:00:00 2001 From: mikechengwei <842725815@qq.com> Date: Tue, 4 Jan 2022 17:50:55 +0800 Subject: [PATCH 06/70] optimize code --- pkg/manager/member/tidb_member_manager.go | 7 +++++-- pkg/util/util.go | 8 ++++---- 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index b7363935fd..59598e20f5 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -252,9 +252,10 @@ func (m *tidbMemberManager) syncTiDBStatefulSetForTidbCluster(tc *v1alpha1.TidbC if err != nil { return err } + policy := corev1.PullIfNotPresent tidbInitializer := &v1alpha1.TidbInitializer{ TypeMeta: metav1.TypeMeta{ - Kind: "TidbCluster", + Kind: "TidbInitializer", APIVersion: "pingcap.com/v1alpha1", }, ObjectMeta: metav1.ObjectMeta{ @@ -262,11 +263,13 @@ func (m *tidbMemberManager) syncTiDBStatefulSetForTidbCluster(tc *v1alpha1.TidbC Namespace: tc.Namespace, }, Spec: v1alpha1.TidbInitializerSpec{ - Image: "tnir/mysqlclient", + Image: "tnir/mysqlclient", + ImagePullPolicy: &policy, Clusters: v1alpha1.TidbClusterRef{ Name: tc.Name, Namespace: tc.Namespace, }, + InitSql: pointer.StringPtr("create database hello;"), PasswordSecret: pointer.StringPtr(secret.Name), }, } diff --git a/pkg/util/util.go b/pkg/util/util.go index 6d9c00b407..c3ae1b93dc 100644 --- a/pkg/util/util.go +++ b/pkg/util/util.go @@ -430,16 +430,16 @@ func ResolvePVCFromPod(pod *corev1.Pod, pvcLister corelisterv1.PersistentVolumeC // FixedLengthRandomPasswordBytes generates a random password func FixedLengthRandomPasswordBytes() []byte { - return RandomBytes(24) + return RandomBytes(13) } // RandomBytes generates some random bytes that can be used as a token or as a key func RandomBytes(length int) []byte { return []byte(password.MustGenerate( length, - 10, // number of digits to include in the result - 5, // number of symbols to include in the result + 2, // number of digits to include in the result + 3, // number of symbols to include in the result false, // noUpper - true, // allowRepeat + false, // allowRepeat )) } From c269faacc9baf51fe1dcc842d81ea44bb23be663 Mon Sep 17 00:00:00 2001 From: mikechengwei <842725815@qq.com> Date: Wed, 5 Jan 2022 12:10:37 +0800 Subject: [PATCH 07/70] optimize code --- examples/basic-random-password/README.md | 74 ++++++++++++++++++ .../basic-random-password/tidb-cluster.yaml | 56 ++++++++++++++ pkg/manager/member/tidb_member_manager.go | 75 +++++++++++-------- 3 files changed, 172 insertions(+), 33 deletions(-) create mode 100644 examples/basic-random-password/README.md create mode 100644 examples/basic-random-password/tidb-cluster.yaml diff --git a/examples/basic-random-password/README.md b/examples/basic-random-password/README.md new file mode 100644 index 0000000000..e04fc8b783 --- /dev/null +++ b/examples/basic-random-password/README.md @@ -0,0 +1,74 @@ +# A Basic TiDB cluster with random password initialized + +> **Note:** +> +> This setup is for test or demo purpose only and **IS NOT** applicable for critical environment. Refer to the [Documents](https://pingcap.com/docs/stable/tidb-in-kubernetes/deploy/prerequisites/) for production setup. + +The following steps will create a TiDB cluster with random password initialized. + +**Prerequisites**: +- Has TiDB operator `v1.1.0-beta.1` or higher version installed. [Doc](https://pingcap.com/docs/stable/tidb-in-kubernetes/deploy/tidb-operator/) +- Has default `StorageClass` configured, and there are enough PVs (by default, 6 PVs are required) of that storageClass: + + This could by verified by the following command: + + ```bash + > kubectl get storageclass + ``` + + The output is similar to this: + + ```bash + NAME PROVISIONER AGE + standard (default) kubernetes.io/gce-pd 1d + gold kubernetes.io/gce-pd 1d + ``` + + Alternatively, you could specify the storageClass explicitly by modifying `tidb-cluster.yaml`. + +## Install + +The following commands is assumed to be executed in this directory. + +Install the cluster: + +```bash +> kubectl -n apply -f ./ +``` + +Wait for cluster Pods ready: + +```bash +watch kubectl -n get pod +``` + +## Explore +Get password by secret: +```bash +> kubectl get secret basic-secret -o=jsonpath='{.data.root}' -n | base64 --decode; echo +``` + +Explore the TiDB sql interface: + +```bash +> kubectl -n port-forward svc/basic-tidb 4000:4000 &>/tmp/pf-tidb.log & +``` + +Test connection successfully: + +```bash +> mysql -h 127.0.0.1 -P 4000 -u root -p --comments +``` + +## Destroy + +```bash +> kubectl -n delete -f ./ +``` + +The PVCs used by TiDB cluster will not be deleted in the above process, therefore, the PVs will be not be released neither. You can delete PVCs and release the PVs by the following command: + +```bash +> kubectl -n delete pvc -l app.kubernetes.io/instance=basic,app.kubernetes.io/managed-by=tidb-operator +``` + diff --git a/examples/basic-random-password/tidb-cluster.yaml b/examples/basic-random-password/tidb-cluster.yaml new file mode 100644 index 0000000000..dfd675e075 --- /dev/null +++ b/examples/basic-random-password/tidb-cluster.yaml @@ -0,0 +1,56 @@ +# IT IS NOT SUITABLE FOR PRODUCTION USE. +# This YAML describes a basic TiDB cluster with minimum resource requirements, +# which should be able to run in any Kubernetes cluster with storage support. +apiVersion: pingcap.com/v1alpha1 +kind: TidbCluster +metadata: + name: basic +spec: + version: v5.3.0 + timezone: UTC + pvReclaimPolicy: Retain + enableDynamicConfiguration: true + configUpdateStrategy: RollingUpdate + discovery: {} + helper: + image: busybox:1.34.1 + pd: + baseImage: pingcap/pd + maxFailoverCount: 0 + replicas: 1 + # if storageClassName is not set, the default Storage Class of the Kubernetes cluster will be used + # storageClassName: local-storage + requests: + storage: "1Gi" + config: {} + tikv: + baseImage: pingcap/tikv + maxFailoverCount: 0 + # If only 1 TiKV is deployed, the TiKV region leader + # cannot be transferred during upgrade, so we have + # to configure a short timeout + evictLeaderTimeout: 1m + replicas: 1 + # if storageClassName is not set, the default Storage Class of the Kubernetes cluster will be used + # storageClassName: local-storage + requests: + storage: "1Gi" + config: + storage: + # In basic examples, we set this to avoid using too much storage. + reserve-space: "0MB" + rocksdb: + # In basic examples, we set this to avoid the following error in some Kubernetes clusters: + # "the maximum number of open file descriptors is too small, got 1024, expect greater or equal to 82920" + max-open-files: 256 + raftdb: + max-open-files: 256 + tidb: + initializer: + createPassword: true + baseImage: pingcap/tidb + maxFailoverCount: 0 + replicas: 1 + service: + type: ClusterIP + config: {} diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index 59598e20f5..1d80dbf3a8 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -247,55 +247,64 @@ func (m *tidbMemberManager) syncTiDBStatefulSetForTidbCluster(tc *v1alpha1.TidbC // set random password if tc.Spec.TiDB.Initializer != nil && tc.Spec.TiDB.Initializer.CreatePassword && !tc.Status.TiDB.InitPassword { // sync password secret - secret := m.buildRandomPasswordSecret(tc) - secret, err := m.deps.TypedControl.CreateOrUpdateSecret(tc, secret) + secretName := fmt.Sprintf("%s-secret", tc.Name) + passwordSecret := &corev1.Secret{} + exist, err := m.deps.TypedControl.Exist(client.ObjectKey{ + Namespace: ns, + Name: secretName, + }, passwordSecret) if err != nil { return err } - policy := corev1.PullIfNotPresent - tidbInitializer := &v1alpha1.TidbInitializer{ - TypeMeta: metav1.TypeMeta{ - Kind: "TidbInitializer", - APIVersion: "pingcap.com/v1alpha1", - }, - ObjectMeta: metav1.ObjectMeta{ - Name: fmt.Sprintf("%s-init", tc.Name), - Namespace: tc.Namespace, - }, - Spec: v1alpha1.TidbInitializerSpec{ - Image: "tnir/mysqlclient", - ImagePullPolicy: &policy, - Clusters: v1alpha1.TidbClusterRef{ - Name: tc.Name, - Namespace: tc.Namespace, - }, - InitSql: pointer.StringPtr("create database hello;"), - PasswordSecret: pointer.StringPtr(secret.Name), - }, + if !exist { + klog.Errorf("buildRandomPasswordSecret run") + secret := m.buildRandomPasswordSecret(tc) + secret, err := m.deps.TypedControl.CreateOrUpdateSecret(tc, secret) + if err != nil { + return err + } } - - exist, err := m.deps.TypedControl.Exist(client.ObjectKey{ - Namespace: tidbInitializer.Namespace, - Name: tidbInitializer.Name, + tidbInitializer := &v1alpha1.TidbInitializer{} + tidbInitializerName := fmt.Sprintf("%s-init", tc.Name) + exist, err = m.deps.TypedControl.Exist(client.ObjectKey{ + Namespace: tc.Namespace, + Name: tidbInitializerName, }, tidbInitializer) if err != nil { return err } if !exist { + policy := corev1.PullIfNotPresent + tidbInitializer = &v1alpha1.TidbInitializer{ + ObjectMeta: metav1.ObjectMeta{ + Name: fmt.Sprintf("%s-init", tc.Name), + Namespace: tc.Namespace, + }, + Spec: v1alpha1.TidbInitializerSpec{ + Image: "tnir/mysqlclient", + ImagePullPolicy: &policy, + Clusters: v1alpha1.TidbClusterRef{ + Name: tc.Name, + Namespace: tc.Namespace, + }, + PasswordSecret: pointer.StringPtr(secretName), + }, + } _, err = m.deps.TypedControl.CreateOrUpdateTidbInitializer(tc, tidbInitializer) if err != nil { return err } + } else { + existInitializer, err := m.deps.TiDBInitializerLister.TidbInitializers(tc.Name).Get(tidbInitializerName) + if err != nil { + return err + } + if existInitializer.Status.Phase == v1alpha1.InitializePhaseCompleted { + tc.Status.TiDB.InitPassword = true + } } - existInitializer, err := m.deps.TiDBInitializerLister.TidbInitializers(tidbInitializer.Namespace).Get(tidbInitializer.Name) - if err != nil { - return err - } - if existInitializer.Status.Phase == v1alpha1.InitializePhaseCompleted { - tc.Status.TiDB.InitPassword = true - } } return mngerutils.UpdateStatefulSet(m.deps.StatefulSetControl, tc, newTiDBSet, oldTiDBSet) From 412dd41f413144bf0caed90e7e8dbd53859ccfc3 Mon Sep 17 00:00:00 2001 From: mikechengwei <842725815@qq.com> Date: Wed, 5 Jan 2022 16:47:28 +0800 Subject: [PATCH 08/70] optimize code --- pkg/manager/member/tidb_member_manager.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index 1d80dbf3a8..368056c126 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -259,7 +259,7 @@ func (m *tidbMemberManager) syncTiDBStatefulSetForTidbCluster(tc *v1alpha1.TidbC if !exist { klog.Errorf("buildRandomPasswordSecret run") secret := m.buildRandomPasswordSecret(tc) - secret, err := m.deps.TypedControl.CreateOrUpdateSecret(tc, secret) + _, err := m.deps.TypedControl.CreateOrUpdateSecret(tc, secret) if err != nil { return err } From 280dab879740874135907094725960d11aa7d3a1 Mon Sep 17 00:00:00 2001 From: DanielZhangQD <36026334+DanielZhangQD@users.noreply.github.com> Date: Thu, 6 Jan 2022 11:04:27 +0800 Subject: [PATCH 09/70] Update README.md --- examples/basic-random-password/README.md | 41 +++++++----------------- 1 file changed, 11 insertions(+), 30 deletions(-) diff --git a/examples/basic-random-password/README.md b/examples/basic-random-password/README.md index e04fc8b783..48036d1c45 100644 --- a/examples/basic-random-password/README.md +++ b/examples/basic-random-password/README.md @@ -2,30 +2,10 @@ > **Note:** > -> This setup is for test or demo purpose only and **IS NOT** applicable for critical environment. Refer to the [Documents](https://pingcap.com/docs/stable/tidb-in-kubernetes/deploy/prerequisites/) for production setup. +> This setup is for test or demo purpose only and **IS NOT** applicable for critical environment. The following steps will create a TiDB cluster with random password initialized. -**Prerequisites**: -- Has TiDB operator `v1.1.0-beta.1` or higher version installed. [Doc](https://pingcap.com/docs/stable/tidb-in-kubernetes/deploy/tidb-operator/) -- Has default `StorageClass` configured, and there are enough PVs (by default, 6 PVs are required) of that storageClass: - - This could by verified by the following command: - - ```bash - > kubectl get storageclass - ``` - - The output is similar to this: - - ```bash - NAME PROVISIONER AGE - standard (default) kubernetes.io/gce-pd 1d - gold kubernetes.io/gce-pd 1d - ``` - - Alternatively, you could specify the storageClass explicitly by modifying `tidb-cluster.yaml`. - ## Install The following commands is assumed to be executed in this directory. @@ -33,7 +13,7 @@ The following commands is assumed to be executed in this directory. Install the cluster: ```bash -> kubectl -n apply -f ./ +kubectl -n apply -f ./ ``` Wait for cluster Pods ready: @@ -43,32 +23,33 @@ watch kubectl -n get pod ``` ## Explore -Get password by secret: + +Get the password from secret: + ```bash -> kubectl get secret basic-secret -o=jsonpath='{.data.root}' -n | base64 --decode; echo +kubectl get secret basic-secret -o=jsonpath='{.data.root}' -n | base64 --decode ``` -Explore the TiDB sql interface: +Explore the TiDB SQL interface: ```bash -> kubectl -n port-forward svc/basic-tidb 4000:4000 &>/tmp/pf-tidb.log & +kubectl -n port-forward svc/basic-tidb 4000:4000 ``` Test connection successfully: ```bash -> mysql -h 127.0.0.1 -P 4000 -u root -p --comments +mysql -h 127.0.0.1 -P 4000 -u root -p --comments ``` ## Destroy ```bash -> kubectl -n delete -f ./ +kubectl -n delete -f ./ ``` The PVCs used by TiDB cluster will not be deleted in the above process, therefore, the PVs will be not be released neither. You can delete PVCs and release the PVs by the following command: ```bash -> kubectl -n delete pvc -l app.kubernetes.io/instance=basic,app.kubernetes.io/managed-by=tidb-operator +kubectl -n delete pvc -l app.kubernetes.io/instance=basic,app.kubernetes.io/managed-by=tidb-operator ``` - From 2fe7dfdefc386fa7b09c211214132b913fa276b7 Mon Sep 17 00:00:00 2001 From: Mike <842725815@qq.com> Date: Thu, 6 Jan 2022 11:52:14 +0800 Subject: [PATCH 10/70] Update pkg/manager/member/tidb_member_manager.go Co-authored-by: DanielZhangQD <36026334+DanielZhangQD@users.noreply.github.com> --- pkg/manager/member/tidb_member_manager.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index 368056c126..de0e900e3b 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -257,7 +257,7 @@ func (m *tidbMemberManager) syncTiDBStatefulSetForTidbCluster(tc *v1alpha1.TidbC return err } if !exist { - klog.Errorf("buildRandomPasswordSecret run") + klog.Infof("Create random password for cluster %s/%s", tc.Namespace, tc.Name) secret := m.buildRandomPasswordSecret(tc) _, err := m.deps.TypedControl.CreateOrUpdateSecret(tc, secret) if err != nil { From 00cde544ccbb77176bd55009bd5efbe0fcfe0917 Mon Sep 17 00:00:00 2001 From: mikechengwei <842725815@qq.com> Date: Thu, 6 Jan 2022 16:14:12 +0800 Subject: [PATCH 11/70] update policy --- examples/basic/tidb-cluster.yaml | 2 -- pkg/apis/pingcap/v1alpha1/types.go | 2 +- pkg/controller/controller_utils.go | 10 ++++++ pkg/controller/generic_control.go | 31 ++++++++-------- .../member/tidb_member_manager_test.go | 36 +++++++++++++++++++ 5 files changed, 63 insertions(+), 18 deletions(-) diff --git a/examples/basic/tidb-cluster.yaml b/examples/basic/tidb-cluster.yaml index dfd675e075..fe6ec56597 100644 --- a/examples/basic/tidb-cluster.yaml +++ b/examples/basic/tidb-cluster.yaml @@ -46,8 +46,6 @@ spec: raftdb: max-open-files: 256 tidb: - initializer: - createPassword: true baseImage: pingcap/tidb maxFailoverCount: 0 replicas: 1 diff --git a/pkg/apis/pingcap/v1alpha1/types.go b/pkg/apis/pingcap/v1alpha1/types.go index 4c5d0ed99b..96fffc9efd 100644 --- a/pkg/apis/pingcap/v1alpha1/types.go +++ b/pkg/apis/pingcap/v1alpha1/types.go @@ -772,7 +772,7 @@ type TiDBSpec struct { } type TiDBInitializer struct { - CreatePassword bool `json:"createPassword"` + CreatePassword bool `json:"createPassword,omitempty"` } const ( diff --git a/pkg/controller/controller_utils.go b/pkg/controller/controller_utils.go index 604a6406b6..4747a0181d 100644 --- a/pkg/controller/controller_utils.go +++ b/pkg/controller/controller_utils.go @@ -345,6 +345,16 @@ func DMWorkerPeerMemberName(clusterName string) string { return fmt.Sprintf("%s-dm-worker-peer", clusterName) } +// TiDBInitializer returns tidb initializer name +func TiDBInitializer(clusterName string) string { + return fmt.Sprintf("%s-init", clusterName) +} + +// TiDBSecret returns tidb secret name +func TiDBSecret(clusterName string) string { + return fmt.Sprintf("%s-secret", clusterName) +} + // AnnProm adds annotations for prometheus scraping metrics func AnnProm(port int32) map[string]string { return map[string]string{ diff --git a/pkg/controller/generic_control.go b/pkg/controller/generic_control.go index 35f8b09a82..cddd9df7c8 100644 --- a/pkg/controller/generic_control.go +++ b/pkg/controller/generic_control.go @@ -64,8 +64,8 @@ type TypedControlInterface interface { CreateOrUpdateIngress(controller client.Object, ingress *networkingv1.Ingress) (*networkingv1.Ingress, error) // CreateOrUpdateIngressV1beta1 create the desired v1beta1 ingress or update the current one to desired state if already existed CreateOrUpdateIngressV1beta1(controller client.Object, ingress *extensionsv1beta1.Ingress) (*extensionsv1beta1.Ingress, error) - // CreateOrUpdateTidbInitializer create the desired v1alpha1 TidbInitializer or update the current one to desired state if already existed - CreateOrUpdateTidbInitializer(controller client.Object, tidbInitializer *v1alpha1.TidbInitializer) (*v1alpha1.TidbInitializer, error) + // CreateTidbInitializer create the desired v1alpha1 TidbInitializer or update the current one to desired state if already existed + CreateTidbInitializer(controller client.Object, tidbInitializer *v1alpha1.TidbInitializer) error // UpdateStatus update the /status subresource of the object UpdateStatus(newStatus client.Object) error // Delete delete the given object from the cluster @@ -267,21 +267,12 @@ func (w *typedWrapper) CreateOrUpdateConfigMap(controller client.Object, cm *cor return result.(*corev1.ConfigMap), nil } -func (w *typedWrapper) CreateOrUpdateTidbInitializer(controller client.Object, tidbInitializer *v1alpha1.TidbInitializer) (*v1alpha1.TidbInitializer, error) { - result, err := w.GenericControlInterface.CreateOrUpdate(controller, tidbInitializer, func(existing, desired client.Object) error { - existingInitializer := existing.(*v1alpha1.TidbInitializer) - desiredInitializer := desired.(*v1alpha1.TidbInitializer) - - existingInitializer.Labels = desiredInitializer.Labels - for k, v := range desiredInitializer.Annotations { - existingInitializer.Annotations[k] = v - } - return nil - }, true) +func (w *typedWrapper) CreateTidbInitializer(controller client.Object, tidbInitializer *v1alpha1.TidbInitializer) error { + err := w.GenericControlInterface.Create(controller, tidbInitializer, true) if err != nil { - return nil, err + return err } - return result.(*v1alpha1.TidbInitializer), nil + return nil } func (w *typedWrapper) CreateOrUpdateService(controller client.Object, svc *corev1.Service) (*corev1.Service, error) { @@ -682,6 +673,16 @@ func (c *FakeGenericControl) CreateOrUpdate(controller, obj client.Object, fn Me return c.control.CreateOrUpdate(controller, obj, fn, setOwnerFlag) } +func (c *FakeGenericControl) CreateTidbInitializer(controller client.Object, tidbInitializer *v1alpha1.TidbInitializer) error { + defer c.createOrUpdateTracker.Inc() + if c.createOrUpdateTracker.ErrorReady() { + defer c.createOrUpdateTracker.Reset() + return c.createOrUpdateTracker.GetError() + } + + return c.control.Create(controller, tidbInitializer, true) +} + func (c *FakeGenericControl) Delete(controller, obj client.Object) error { defer c.deleteTracker.Inc() if c.deleteTracker.ErrorReady() { diff --git a/pkg/manager/member/tidb_member_manager_test.go b/pkg/manager/member/tidb_member_manager_test.go index 13913a9b3b..0cf739517f 100644 --- a/pkg/manager/member/tidb_member_manager_test.go +++ b/pkg/manager/member/tidb_member_manager_test.go @@ -26,6 +26,7 @@ import ( "github.com/pingcap/tidb-operator/pkg/apis/util/toml" "github.com/pingcap/tidb-operator/pkg/controller" mngerutils "github.com/pingcap/tidb-operator/pkg/manager/utils" + "sigs.k8s.io/controller-runtime/pkg/client" "github.com/google/go-cmp/cmp" . "github.com/onsi/gomega" @@ -144,6 +145,7 @@ func TestTiDBMemberManagerSyncUpdate(t *testing.T) { statusChange func(*apps.StatefulSet) err bool expectStatefulSetFn func(*GomegaWithT, *apps.StatefulSet, error) + isCreatePassword bool } testFn := func(test *testcase, t *testing.T) { @@ -197,6 +199,27 @@ func TestTiDBMemberManagerSyncUpdate(t *testing.T) { set, err := tmm.deps.StatefulSetLister.StatefulSets(ns).Get(controller.TiDBMemberName(tcName)) test.expectStatefulSetFn(g, set, err) } + if test.isCreatePassword { + + tiDBInitializer := &v1alpha1.TidbInitializer{} + existTiDBInitializer, err := tmm.deps.TypedControl.Exist(client.ObjectKey{ + Namespace: ns, + Name: controller.TiDBInitializer(tcName), + }, tiDBInitializer) + + g.Expect(err).NotTo(HaveOccurred()) + g.Expect(existTiDBInitializer).To(Equal(true)) + + secret := &v1.Secret{} + existSecret, err := tmm.deps.TypedControl.Exist(client.ObjectKey{ + Namespace: ns, + Name: controller.TiDBSecret(tcName), + }, secret) + + g.Expect(err).NotTo(HaveOccurred()) + g.Expect(existSecret).To(Equal(true)) + + } } tests := []testcase{ @@ -239,6 +262,19 @@ func TestTiDBMemberManagerSyncUpdate(t *testing.T) { g.Expect(set.Spec.Template.Spec.Containers).To(HaveLen(2)) }, }, + { + name: "enable random password", + modify: func(tc *v1alpha1.TidbCluster) { + tc.Spec.TiDB.Initializer = &v1alpha1.TiDBInitializer{CreatePassword: true} + }, + errWhenUpdateStatefulSet: false, + err: false, + expectStatefulSetFn: func(g *GomegaWithT, set *apps.StatefulSet, err error) { + g.Expect(err).NotTo(HaveOccurred()) + g.Expect(set.Spec.Template.Spec.Containers).To(HaveLen(2)) + }, + isCreatePassword: true, + }, } for i := range tests { From d1fe63d32a5eca3ce3fac38a33b1995accbc1aa3 Mon Sep 17 00:00:00 2001 From: mikechengwei <842725815@qq.com> Date: Thu, 6 Jan 2022 16:46:05 +0800 Subject: [PATCH 12/70] optimize code --- docs/api-references/docs.md | 7 +- manifests/crd.yaml | 4834 ++++++++-------- .../crd/v1/pingcap.com_tidbclusters.yaml | 6 +- .../crd/v1beta1/pingcap.com_tidbclusters.yaml | 6 +- manifests/crd_v1beta1.yaml | 4838 ++++++++--------- pkg/apis/pingcap/v1alpha1/types.go | 2 +- .../pingcap/v1alpha1/zz_generated.deepcopy.go | 5 + pkg/manager/member/tidb_member_manager.go | 47 +- 8 files changed, 4872 insertions(+), 4873 deletions(-) diff --git a/docs/api-references/docs.md b/docs/api-references/docs.md index 209e45aa8b..0d37b2146d 100644 --- a/docs/api-references/docs.md +++ b/docs/api-references/docs.md @@ -6919,6 +6919,7 @@ Kubernetes core/v1.ResourceRequirements

InitializePhase

(Appears on: +TiDBStatus, TidbInitializerStatus)

@@ -15198,9 +15199,11 @@ string -initPassword
+initPasswordPhase
-bool + +InitializePhase + diff --git a/manifests/crd.yaml b/manifests/crd.yaml index 908a1a9a5e..ba380f97a9 100644 --- a/manifests/crd.yaml +++ b/manifests/crd.yaml @@ -6,35 +6,43 @@ metadata: annotations: controller-gen.kubebuilder.io/version: v0.6.2 creationTimestamp: null - name: backupschedules.pingcap.com + name: backups.pingcap.com spec: group: pingcap.com names: - kind: BackupSchedule - listKind: BackupScheduleList - plural: backupschedules + kind: Backup + listKind: BackupList + plural: backups shortNames: - - bks - singular: backupschedule + - bk + singular: backup scope: Namespaced versions: - additionalPrinterColumns: - - description: The cron format string used for backup scheduling - jsonPath: .spec.schedule - name: Schedule + - description: The current status of the backup + jsonPath: .status.phase + name: Status type: string - - description: The max number of backups we want to keep - jsonPath: .spec.maxBackups - name: MaxBackups - type: integer - - description: The last backup CR name - jsonPath: .status.lastBackup - name: LastBackup - priority: 1 + - description: The full path of backup data + jsonPath: .status.backupPath + name: BackupPath type: string - - description: The last time the backup was successfully created - jsonPath: .status.lastBackupTime - name: LastBackupTime + - description: The data size of the backup + jsonPath: .status.backupSizeReadable + name: BackupSize + type: string + - description: The commit ts of tidb cluster dump + jsonPath: .status.commitTs + name: CommitTS + type: string + - description: The time at which the backup was started + jsonPath: .status.timeStarted + name: Started + priority: 1 + type: date + - description: The time at which the backup was completed + jsonPath: .status.timeCompleted + name: Completed priority: 1 type: date - jsonPath: .metadata.creationTimestamp @@ -52,16 +60,107 @@ spec: type: object spec: properties: - backupTemplate: + affinity: properties: - affinity: + nodeAffinity: properties: - nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + preference: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + weight: + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: properties: - preferredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: items: properties: - preference: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + type: array + required: + - nodeSelectorTerms + type: object + type: object + podAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: properties: matchExpressions: items: @@ -79,125 +178,73 @@ spec: - operator type: object type: array - matchFields: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array + matchLabels: + additionalProperties: + type: string + type: object type: object - weight: - format: int32 - type: integer + namespaces: + items: + type: string + type: array + topologyKey: + type: string required: - - preference - - weight + - topologyKey type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - properties: - nodeSelectorTerms: - items: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - type: array - required: - - nodeSelectorTerms - type: object - type: object - podAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - podAffinityTerm: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - weight: - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - properties: - labelSelector: + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: properties: matchExpressions: items: @@ -229,1103 +276,214 @@ spec: required: - topologyKey type: object - type: array - type: object - podAntiAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: properties: - podAffinityTerm: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: + matchExpressions: + items: + properties: + key: type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - weight: - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: + operator: type: string - type: object - type: object - namespaces: - items: - type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object type: array - topologyKey: - type: string - required: - - topologyKey + matchLabels: + additionalProperties: + type: string + type: object type: object - type: array - type: object - type: object - backupType: - type: string - br: - properties: - checksum: - type: boolean - cluster: - type: string - clusterNamespace: - type: string - concurrency: - format: int32 - type: integer - db: - type: string - logLevel: - type: string - onLine: - type: boolean - options: - items: - type: string + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object type: array - rateLimit: - type: integer - sendCredToTikv: - type: boolean - statusAddr: - type: string - table: - type: string - timeAgo: - type: string - required: - - cluster - type: object - cleanOption: - properties: - batchConcurrency: - format: int32 - type: integer - disableBatchConcurrency: - type: boolean - pageSize: - format: int64 - type: integer - routineConcurrency: - format: int32 - type: integer type: object - cleanPolicy: + type: object + backupType: + type: string + br: + properties: + checksum: + type: boolean + cluster: type: string - dumpling: - properties: - options: - items: - type: string - type: array - tableFilter: - items: - type: string - type: array - type: object - env: - items: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - resourceFieldRef: - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - required: - - resource - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - from: - properties: - host: - type: string - port: - format: int32 - type: integer - secretName: - type: string - tlsClientSecretName: - type: string - user: - type: string - required: - - host - - secretName - type: object - gcs: - properties: - bucket: - type: string - bucketAcl: - type: string - location: - type: string - objectAcl: - type: string - path: - type: string - prefix: - type: string - projectId: - type: string - secretName: - type: string - storageClass: - type: string - required: - - projectId - type: object - imagePullSecrets: - items: - properties: - name: - type: string - type: object - type: array - local: - properties: - prefix: - type: string - volume: - properties: - awsElasticBlockStore: - properties: - fsType: - type: string - partition: - format: int32 - type: integer - readOnly: - type: boolean - volumeID: - type: string - required: - - volumeID - type: object - azureDisk: - properties: - cachingMode: - type: string - diskName: - type: string - diskURI: - type: string - fsType: - type: string - kind: - type: string - readOnly: - type: boolean - required: - - diskName - - diskURI - type: object - azureFile: - properties: - readOnly: - type: boolean - secretName: - type: string - shareName: - type: string - required: - - secretName - - shareName - type: object - cephfs: - properties: - monitors: - items: - type: string - type: array - path: - type: string - readOnly: - type: boolean - secretFile: - type: string - secretRef: - properties: - name: - type: string - type: object - user: - type: string - required: - - monitors - type: object - cinder: - properties: - fsType: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - volumeID: - type: string - required: - - volumeID - type: object - configMap: - properties: - defaultMode: - format: int32 - type: integer - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - csi: - properties: - driver: - type: string - fsType: - type: string - nodePublishSecretRef: - properties: - name: - type: string - type: object - readOnly: - type: boolean - volumeAttributes: - additionalProperties: - type: string - type: object - required: - - driver - type: object - downwardAPI: - properties: - defaultMode: - format: int32 - type: integer - items: - items: - properties: - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - mode: - format: int32 - type: integer - path: - type: string - resourceFieldRef: - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - required: - - resource - type: object - required: - - path - type: object - type: array - type: object - emptyDir: - properties: - medium: - type: string - sizeLimit: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - ephemeral: - properties: - readOnly: - type: boolean - volumeClaimTemplate: - properties: - metadata: - type: object - spec: - properties: - accessModes: - items: - type: string - type: array - dataSource: - properties: - apiGroup: - type: string - kind: - type: string - name: - type: string - required: - - kind - - name - type: object - resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - type: object - selector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - storageClassName: - type: string - volumeMode: - type: string - volumeName: - type: string - type: object - required: - - spec - type: object - type: object - fc: - properties: - fsType: - type: string - lun: - format: int32 - type: integer - readOnly: - type: boolean - targetWWNs: - items: - type: string - type: array - wwids: - items: - type: string - type: array - type: object - flexVolume: - properties: - driver: - type: string - fsType: - type: string - options: - additionalProperties: - type: string - type: object - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - required: - - driver - type: object - flocker: - properties: - datasetName: - type: string - datasetUUID: - type: string - type: object - gcePersistentDisk: - properties: - fsType: - type: string - partition: - format: int32 - type: integer - pdName: - type: string - readOnly: - type: boolean - required: - - pdName - type: object - gitRepo: - properties: - directory: - type: string - repository: - type: string - revision: - type: string - required: - - repository - type: object - glusterfs: - properties: - endpoints: - type: string - path: - type: string - readOnly: - type: boolean - required: - - endpoints - - path - type: object - hostPath: - properties: - path: - type: string - type: - type: string - required: - - path - type: object - iscsi: - properties: - chapAuthDiscovery: - type: boolean - chapAuthSession: - type: boolean - fsType: - type: string - initiatorName: - type: string - iqn: - type: string - iscsiInterface: - type: string - lun: - format: int32 - type: integer - portals: - items: - type: string - type: array - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - targetPortal: - type: string - required: - - iqn - - lun - - targetPortal - type: object - name: - type: string - nfs: - properties: - path: - type: string - readOnly: - type: boolean - server: - type: string - required: - - path - - server - type: object - persistentVolumeClaim: - properties: - claimName: - type: string - readOnly: - type: boolean - required: - - claimName - type: object - photonPersistentDisk: - properties: - fsType: - type: string - pdID: - type: string - required: - - pdID - type: object - portworxVolume: - properties: - fsType: - type: string - readOnly: - type: boolean - volumeID: - type: string - required: - - volumeID - type: object - projected: - properties: - defaultMode: - format: int32 - type: integer - sources: - items: - properties: - configMap: - properties: - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - downwardAPI: - properties: - items: - items: - properties: - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - mode: - format: int32 - type: integer - path: - type: string - resourceFieldRef: - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - required: - - resource - type: object - required: - - path - type: object - type: array - type: object - secret: - properties: - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - serviceAccountToken: - properties: - audience: - type: string - expirationSeconds: - format: int64 - type: integer - path: - type: string - required: - - path - type: object - type: object - type: array - required: - - sources - type: object - quobyte: - properties: - group: - type: string - readOnly: - type: boolean - registry: - type: string - tenant: - type: string - user: - type: string - volume: - type: string - required: - - registry - - volume - type: object - rbd: - properties: - fsType: - type: string - image: - type: string - keyring: - type: string - monitors: - items: - type: string - type: array - pool: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - user: - type: string - required: - - image - - monitors - type: object - scaleIO: - properties: - fsType: - type: string - gateway: - type: string - protectionDomain: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - sslEnabled: - type: boolean - storageMode: - type: string - storagePool: - type: string - system: - type: string - volumeName: - type: string - required: - - gateway - - secretRef - - system - type: object - secret: - properties: - defaultMode: - format: int32 - type: integer - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - optional: - type: boolean - secretName: - type: string - type: object - storageos: - properties: - fsType: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - volumeName: - type: string - volumeNamespace: - type: string - type: object - vsphereVolume: - properties: - fsType: - type: string - storagePolicyID: - type: string - storagePolicyName: - type: string - volumePath: - type: string - required: - - volumePath - type: object - required: - - name - type: object - volumeMount: - properties: - mountPath: - type: string - mountPropagation: - type: string - name: - type: string - readOnly: - type: boolean - subPath: - type: string - subPathExpr: - type: string - required: - - mountPath - - name - type: object - required: - - volume - - volumeMount - type: object - podSecurityContext: - properties: - fsGroup: - format: int64 - type: integer - fsGroupChangePolicy: - type: string - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - seccompProfile: - properties: - localhostProfile: - type: string - type: - type: string - required: - - type - type: object - supplementalGroups: - items: - format: int64 - type: integer - type: array - sysctls: - items: + clusterNamespace: + type: string + concurrency: + format: int32 + type: integer + db: + type: string + logLevel: + type: string + onLine: + type: boolean + options: + items: + type: string + type: array + rateLimit: + type: integer + sendCredToTikv: + type: boolean + statusAddr: + type: string + table: + type: string + timeAgo: + type: string + required: + - cluster + type: object + cleanOption: + properties: + batchConcurrency: + format: int32 + type: integer + disableBatchConcurrency: + type: boolean + pageSize: + format: int64 + type: integer + routineConcurrency: + format: int32 + type: integer + type: object + cleanPolicy: + type: string + dumpling: + properties: + options: + items: + type: string + type: array + tableFilter: + items: + type: string + type: array + type: object + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: properties: + key: + type: string name: type: string - value: + optional: + type: boolean + required: + - key + type: object + fieldRef: + properties: + apiVersion: + type: string + fieldPath: type: string required: - - name - - value + - fieldPath type: object - type: array - windowsOptions: - properties: - gmsaCredentialSpec: - type: string - gmsaCredentialSpecName: - type: string - runAsUserName: - type: string - type: object - type: object - priorityClassName: + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + from: + properties: + host: + type: string + port: + format: int32 + type: integer + secretName: + type: string + tlsClientSecretName: + type: string + user: + type: string + required: + - host + - secretName + type: object + gcs: + properties: + bucket: type: string - resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - type: object - s3: - properties: - acl: - type: string - bucket: - type: string - endpoint: - type: string - options: - items: - type: string - type: array - path: - type: string - prefix: - type: string - provider: - type: string - region: - type: string - secretName: - type: string - sse: - type: string - storageClass: - type: string - required: - - provider - type: object - serviceAccount: + bucketAcl: type: string - storageClassName: + location: type: string - storageSize: + objectAcl: type: string - tableFilter: - items: - type: string - type: array - tikvGCLifeTime: + path: type: string - tolerations: - items: - properties: - effect: - type: string - key: - type: string - operator: - type: string - tolerationSeconds: - format: int64 - type: integer - value: - type: string - type: object - type: array - toolImage: + prefix: type: string - useKMS: - type: boolean + projectId: + type: string + secretName: + type: string + storageClass: + type: string + required: + - projectId type: object imagePullSecrets: items: @@ -1334,1423 +492,2265 @@ spec: type: string type: object type: array - maxBackups: - format: int32 - type: integer - maxReservedTime: - type: string - pause: - type: boolean - schedule: - type: string - storageClassName: - type: string - storageSize: - type: string - required: - - backupTemplate - - schedule - type: object - status: - properties: - allBackupCleanTime: - format: date-time - type: string - lastBackup: - type: string - lastBackupTime: - format: date-time - type: string - type: object - required: - - metadata - - spec - type: object - served: true - storage: true - subresources: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] - ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.6.2 - creationTimestamp: null - name: backups.pingcap.com -spec: - group: pingcap.com - names: - kind: Backup - listKind: BackupList - plural: backups - shortNames: - - bk - singular: backup - scope: Namespaced - versions: - - additionalPrinterColumns: - - description: The current status of the backup - jsonPath: .status.phase - name: Status - type: string - - description: The full path of backup data - jsonPath: .status.backupPath - name: BackupPath - type: string - - description: The data size of the backup - jsonPath: .status.backupSizeReadable - name: BackupSize - type: string - - description: The commit ts of tidb cluster dump - jsonPath: .status.commitTs - name: CommitTS - type: string - - description: The time at which the backup was started - jsonPath: .status.timeStarted - name: Started - priority: 1 - type: date - - description: The time at which the backup was completed - jsonPath: .status.timeCompleted - name: Completed - priority: 1 - type: date - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - properties: - affinity: + local: properties: - nodeAffinity: + prefix: + type: string + volume: properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - preference: + awsElasticBlockStore: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + azureDisk: + properties: + cachingMode: + type: string + diskName: + type: string + diskURI: + type: string + fsType: + type: string + kind: + type: string + readOnly: + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + properties: + readOnly: + type: boolean + secretName: + type: string + shareName: + type: string + required: + - secretName + - shareName + type: object + cephfs: + properties: + monitors: + items: + type: string + type: array + path: + type: string + readOnly: + type: boolean + secretFile: + type: string + secretRef: + properties: + name: + type: string + type: object + user: + type: string + required: + - monitors + type: object + cinder: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + volumeID: + type: string + required: + - volumeID + type: object + configMap: + properties: + defaultMode: + format: int32 + type: integer + items: + items: properties: - matchExpressions: - items: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + csi: + properties: + driver: + type: string + fsType: + type: string + nodePublishSecretRef: + properties: + name: + type: string + type: object + readOnly: + type: boolean + volumeAttributes: + additionalProperties: + type: string + type: object + required: + - driver + type: object + downwardAPI: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + required: + - path + type: object + type: array + type: object + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + properties: + readOnly: + type: boolean + volumeClaimTemplate: + properties: + metadata: + type: object + spec: + properties: + accessModes: + items: + type: string + type: array + dataSource: properties: - key: + apiGroup: type: string - operator: + kind: + type: string + name: type: string - values: - items: - type: string - type: array required: - - key - - operator + - kind + - name type: object - type: array - matchFields: - items: + resources: properties: - key: - type: string - operator: - type: string - values: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + selector: + properties: + matchExpressions: items: - type: string + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object type: array - required: - - key - - operator + matchLabels: + additionalProperties: + type: string + type: object type: object - type: array - type: object - weight: - format: int32 - type: integer - required: - - preference - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: + storageClassName: + type: string + volumeMode: + type: string + volumeName: + type: string + type: object + required: + - spec + type: object + type: object + fc: + properties: + fsType: + type: string + lun: + format: int32 + type: integer + readOnly: + type: boolean + targetWWNs: + items: + type: string + type: array + wwids: + items: + type: string + type: array + type: object + flexVolume: + properties: + driver: + type: string + fsType: + type: string + options: + additionalProperties: + type: string + type: object + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + required: + - driver + type: object + flocker: properties: - nodeSelectorTerms: + datasetName: + type: string + datasetUUID: + type: string + type: object + gcePersistentDisk: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + pdName: + type: string + readOnly: + type: boolean + required: + - pdName + type: object + gitRepo: + properties: + directory: + type: string + repository: + type: string + revision: + type: string + required: + - repository + type: object + glusterfs: + properties: + endpoints: + type: string + path: + type: string + readOnly: + type: boolean + required: + - endpoints + - path + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + iscsi: + properties: + chapAuthDiscovery: + type: boolean + chapAuthSession: + type: boolean + fsType: + type: string + initiatorName: + type: string + iqn: + type: string + iscsiInterface: + type: string + lun: + format: int32 + type: integer + portals: items: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object + type: string type: array + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + targetPortal: + type: string required: - - nodeSelectorTerms + - iqn + - lun + - targetPortal type: object - type: object - podAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - podAffinityTerm: + name: + type: string + nfs: + properties: + path: + type: string + readOnly: + type: boolean + server: + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + properties: + fsType: + type: string + pdID: + type: string + required: + - pdID + type: object + portworxVolume: + properties: + fsType: + type: string + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + projected: + properties: + defaultMode: + format: int32 + type: integer + sources: + items: properties: - labelSelector: + configMap: properties: - matchExpressions: + items: items: properties: key: type: string - operator: + mode: + format: int32 + type: integer + path: type: string - values: - items: - type: string - type: array required: - key - - operator + - path type: object type: array - matchLabels: - additionalProperties: - type: string - type: object + name: + type: string + optional: + type: boolean type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - weight: - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string + downwardAPI: + properties: + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + required: + - path + type: object + type: array type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - type: array - type: object - podAntiAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - podAffinityTerm: - properties: - labelSelector: + secret: properties: - matchExpressions: + items: items: properties: key: type: string - operator: + mode: + format: int32 + type: integer + path: type: string - values: - items: - type: string - type: array required: - key - - operator + - path type: object type: array - matchLabels: - additionalProperties: - type: string - type: object + name: + type: string + optional: + type: boolean + type: object + serviceAccountToken: + properties: + audience: + type: string + expirationSeconds: + format: int64 + type: integer + path: + type: string + required: + - path type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey type: object - weight: - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - properties: - labelSelector: + type: array + required: + - sources + type: object + quobyte: + properties: + group: + type: string + readOnly: + type: boolean + registry: + type: string + tenant: + type: string + user: + type: string + volume: + type: string + required: + - registry + - volume + type: object + rbd: + properties: + fsType: + type: string + image: + type: string + keyring: + type: string + monitors: + items: + type: string + type: array + pool: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + user: + type: string + required: + - image + - monitors + type: object + scaleIO: + properties: + fsType: + type: string + gateway: + type: string + protectionDomain: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + sslEnabled: + type: boolean + storageMode: + type: string + storagePool: + type: string + system: + type: string + volumeName: + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + properties: + defaultMode: + format: int32 + type: integer + items: + items: properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path type: object - namespaces: - items: + type: array + optional: + type: boolean + secretName: + type: string + type: object + storageos: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - type: array + type: object + volumeName: + type: string + volumeNamespace: + type: string + type: object + vsphereVolume: + properties: + fsType: + type: string + storagePolicyID: + type: string + storagePolicyName: + type: string + volumePath: + type: string + required: + - volumePath + type: object + required: + - name + type: object + volumeMount: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name type: object + required: + - volume + - volumeMount type: object - backupType: - type: string - br: + podSecurityContext: properties: - checksum: - type: boolean - cluster: - type: string - clusterNamespace: - type: string - concurrency: - format: int32 - type: integer - db: - type: string - logLevel: - type: string - onLine: - type: boolean - options: - items: - type: string - type: array - rateLimit: + fsGroup: + format: int64 type: integer - sendCredToTikv: - type: boolean - statusAddr: - type: string - table: - type: string - timeAgo: + fsGroupChangePolicy: type: string - required: - - cluster - type: object - cleanOption: - properties: - batchConcurrency: - format: int32 + runAsGroup: + format: int64 type: integer - disableBatchConcurrency: + runAsNonRoot: type: boolean - pageSize: + runAsUser: format: int64 type: integer - routineConcurrency: - format: int32 - type: integer - type: object - cleanPolicy: - type: string - dumpling: - properties: - options: + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + supplementalGroups: items: - type: string + format: int64 + type: integer type: array - tableFilter: + sysctls: items: - type: string - type: array - type: object - env: - items: - properties: - name: - type: string - value: - type: string - valueFrom: properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - resourceFieldRef: - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - required: - - resource - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object + name: + type: string + value: + type: string + required: + - name + - value type: object - required: - - name - type: object - type: array - from: + type: array + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + runAsUserName: + type: string + type: object + type: object + priorityClassName: + type: string + resources: properties: - host: - type: string - port: - format: int32 - type: integer - secretName: - type: string - tlsClientSecretName: - type: string - user: - type: string - required: - - host - - secretName + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object type: object - gcs: + s3: properties: - bucket: - type: string - bucketAcl: + acl: type: string - location: + bucket: type: string - objectAcl: + endpoint: type: string + options: + items: + type: string + type: array path: type: string prefix: type: string - projectId: + provider: + type: string + region: type: string secretName: type: string + sse: + type: string storageClass: type: string required: - - projectId + - provider type: object - imagePullSecrets: + serviceAccount: + type: string + storageClassName: + type: string + storageSize: + type: string + tableFilter: + items: + type: string + type: array + tikvGCLifeTime: + type: string + tolerations: items: properties: - name: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: type: string type: object type: array - local: + toolImage: + type: string + useKMS: + type: boolean + type: object + status: + properties: + backupPath: + type: string + backupSize: + format: int64 + type: integer + backupSizeReadable: + type: string + commitTs: + type: string + conditions: + items: + properties: + lastTransitionTime: + format: date-time + nullable: true + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - status + - type + type: object + nullable: true + type: array + phase: + type: string + timeCompleted: + format: date-time + nullable: true + type: string + timeStarted: + format: date-time + nullable: true + type: string + type: object + required: + - metadata + - spec + type: object + served: true + storage: true + subresources: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.6.2 + creationTimestamp: null + name: backupschedules.pingcap.com +spec: + group: pingcap.com + names: + kind: BackupSchedule + listKind: BackupScheduleList + plural: backupschedules + shortNames: + - bks + singular: backupschedule + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The cron format string used for backup scheduling + jsonPath: .spec.schedule + name: Schedule + type: string + - description: The max number of backups we want to keep + jsonPath: .spec.maxBackups + name: MaxBackups + type: integer + - description: The last backup CR name + jsonPath: .status.lastBackup + name: LastBackup + priority: 1 + type: string + - description: The last time the backup was successfully created + jsonPath: .status.lastBackupTime + name: LastBackupTime + priority: 1 + type: date + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + backupTemplate: properties: - prefix: - type: string - volume: + affinity: properties: - awsElasticBlockStore: - properties: - fsType: - type: string - partition: - format: int32 - type: integer - readOnly: - type: boolean - volumeID: - type: string - required: - - volumeID - type: object - azureDisk: - properties: - cachingMode: - type: string - diskName: - type: string - diskURI: - type: string - fsType: - type: string - kind: - type: string - readOnly: - type: boolean - required: - - diskName - - diskURI - type: object - azureFile: + nodeAffinity: properties: - readOnly: - type: boolean - secretName: - type: string - shareName: - type: string - required: - - secretName - - shareName + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + preference: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + weight: + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + properties: + nodeSelectorTerms: + items: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + type: array + required: + - nodeSelectorTerms + type: object type: object - cephfs: + podAffinity: properties: - monitors: + preferredDuringSchedulingIgnoredDuringExecution: items: - type: string + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object type: array - path: - type: string - readOnly: - type: boolean - secretFile: - type: string - secretRef: - properties: - name: - type: string - type: object - user: - type: string - required: - - monitors - type: object - cinder: - properties: - fsType: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - volumeID: - type: string - required: - - volumeID type: object - configMap: + podAntiAffinity: properties: - defaultMode: - format: int32 - type: integer - items: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + backupType: + type: string + br: + properties: + checksum: + type: boolean + cluster: + type: string + clusterNamespace: + type: string + concurrency: + format: int32 + type: integer + db: + type: string + logLevel: + type: string + onLine: + type: boolean + options: + items: + type: string + type: array + rateLimit: + type: integer + sendCredToTikv: + type: boolean + statusAddr: + type: string + table: + type: string + timeAgo: + type: string + required: + - cluster + type: object + cleanOption: + properties: + batchConcurrency: + format: int32 + type: integer + disableBatchConcurrency: + type: boolean + pageSize: + format: int64 + type: integer + routineConcurrency: + format: int32 + type: integer + type: object + cleanPolicy: + type: string + dumpling: + properties: + options: + items: + type: string + type: array + tableFilter: + items: + type: string + type: array + type: object + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: properties: key: type: string - mode: - format: int32 - type: integer - path: + name: type: string + optional: + type: boolean required: - key - - path type: object - type: array - name: - type: string - optional: - type: boolean - type: object - csi: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + from: + properties: + host: + type: string + port: + format: int32 + type: integer + secretName: + type: string + tlsClientSecretName: + type: string + user: + type: string + required: + - host + - secretName + type: object + gcs: + properties: + bucket: + type: string + bucketAcl: + type: string + location: + type: string + objectAcl: + type: string + path: + type: string + prefix: + type: string + projectId: + type: string + secretName: + type: string + storageClass: + type: string + required: + - projectId + type: object + imagePullSecrets: + items: + properties: + name: + type: string + type: object + type: array + local: + properties: + prefix: + type: string + volume: properties: - driver: - type: string - fsType: - type: string - nodePublishSecretRef: + awsElasticBlockStore: properties: - name: + fsType: + type: string + partition: + format: int32 + type: integer + readOnly: + type: boolean + volumeID: type: string + required: + - volumeID type: object - readOnly: - type: boolean - volumeAttributes: - additionalProperties: - type: string + azureDisk: + properties: + cachingMode: + type: string + diskName: + type: string + diskURI: + type: string + fsType: + type: string + kind: + type: string + readOnly: + type: boolean + required: + - diskName + - diskURI type: object - required: - - driver - type: object - downwardAPI: - properties: - defaultMode: - format: int32 - type: integer - items: - items: - properties: - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - mode: - format: int32 - type: integer - path: + azureFile: + properties: + readOnly: + type: boolean + secretName: + type: string + shareName: + type: string + required: + - secretName + - shareName + type: object + cephfs: + properties: + monitors: + items: type: string - resourceFieldRef: + type: array + path: + type: string + readOnly: + type: boolean + secretFile: + type: string + secretRef: + properties: + name: + type: string + type: object + user: + type: string + required: + - monitors + type: object + cinder: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + volumeID: + type: string + required: + - volumeID + type: object + configMap: + properties: + defaultMode: + format: int32 + type: integer + items: + items: properties: - containerName: + key: type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: + mode: + format: int32 + type: integer + path: type: string required: - - resource + - key + - path type: object - required: - - path - type: object - type: array - type: object - emptyDir: - properties: - medium: - type: string - sizeLimit: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - ephemeral: - properties: - readOnly: - type: boolean - volumeClaimTemplate: + type: array + name: + type: string + optional: + type: boolean + type: object + csi: properties: - metadata: - type: object - spec: + driver: + type: string + fsType: + type: string + nodePublishSecretRef: properties: - accessModes: - items: + name: + type: string + type: object + readOnly: + type: boolean + volumeAttributes: + additionalProperties: + type: string + type: object + required: + - driver + type: object + downwardAPI: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + mode: + format: int32 + type: integer + path: type: string - type: array - dataSource: - properties: - apiGroup: - type: string - kind: - type: string - name: - type: string - required: - - kind - - name - type: object - resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: + resourceFieldRef: + properties: + containerName: + type: string + divisor: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - type: object + resource: + type: string + required: + - resource + type: object + required: + - path + type: object + type: array + type: object + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + properties: + readOnly: + type: boolean + volumeClaimTemplate: + properties: + metadata: type: object - selector: + spec: properties: - matchExpressions: + accessModes: items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: type: string + type: array + dataSource: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + resources: + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object type: object + storageClassName: + type: string + volumeMode: + type: string + volumeName: + type: string type: object - storageClassName: - type: string - volumeMode: - type: string - volumeName: + required: + - spec + type: object + type: object + fc: + properties: + fsType: + type: string + lun: + format: int32 + type: integer + readOnly: + type: boolean + targetWWNs: + items: + type: string + type: array + wwids: + items: + type: string + type: array + type: object + flexVolume: + properties: + driver: + type: string + fsType: + type: string + options: + additionalProperties: + type: string + type: object + readOnly: + type: boolean + secretRef: + properties: + name: type: string type: object required: - - spec + - driver type: object - type: object - fc: - properties: - fsType: - type: string - lun: - format: int32 - type: integer - readOnly: - type: boolean - targetWWNs: - items: - type: string - type: array - wwids: - items: - type: string - type: array - type: object - flexVolume: - properties: - driver: - type: string - fsType: - type: string - options: - additionalProperties: - type: string + flocker: + properties: + datasetName: + type: string + datasetUUID: + type: string type: object - readOnly: - type: boolean - secretRef: + gcePersistentDisk: properties: - name: + fsType: + type: string + partition: + format: int32 + type: integer + pdName: type: string + readOnly: + type: boolean + required: + - pdName type: object - required: - - driver - type: object - flocker: - properties: - datasetName: - type: string - datasetUUID: - type: string - type: object - gcePersistentDisk: - properties: - fsType: - type: string - partition: - format: int32 - type: integer - pdName: - type: string - readOnly: - type: boolean - required: - - pdName - type: object - gitRepo: - properties: - directory: - type: string - repository: - type: string - revision: - type: string - required: - - repository - type: object - glusterfs: - properties: - endpoints: - type: string - path: - type: string - readOnly: - type: boolean - required: - - endpoints - - path - type: object - hostPath: - properties: - path: - type: string - type: - type: string - required: - - path - type: object - iscsi: - properties: - chapAuthDiscovery: - type: boolean - chapAuthSession: - type: boolean - fsType: - type: string - initiatorName: - type: string - iqn: - type: string - iscsiInterface: - type: string - lun: - format: int32 - type: integer - portals: - items: - type: string - type: array - readOnly: - type: boolean - secretRef: + gitRepo: properties: - name: + directory: type: string + repository: + type: string + revision: + type: string + required: + - repository type: object - targetPortal: - type: string - required: - - iqn - - lun - - targetPortal - type: object - name: - type: string - nfs: - properties: - path: - type: string - readOnly: - type: boolean - server: - type: string - required: - - path - - server - type: object - persistentVolumeClaim: - properties: - claimName: - type: string - readOnly: - type: boolean - required: - - claimName - type: object - photonPersistentDisk: - properties: - fsType: - type: string - pdID: - type: string - required: - - pdID - type: object - portworxVolume: - properties: - fsType: - type: string - readOnly: - type: boolean - volumeID: + glusterfs: + properties: + endpoints: + type: string + path: + type: string + readOnly: + type: boolean + required: + - endpoints + - path + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + iscsi: + properties: + chapAuthDiscovery: + type: boolean + chapAuthSession: + type: boolean + fsType: + type: string + initiatorName: + type: string + iqn: + type: string + iscsiInterface: + type: string + lun: + format: int32 + type: integer + portals: + items: + type: string + type: array + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + targetPortal: + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: type: string - required: - - volumeID - type: object - projected: - properties: - defaultMode: - format: int32 - type: integer - sources: - items: - properties: - configMap: - properties: - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - downwardAPI: + nfs: + properties: + path: + type: string + readOnly: + type: boolean + server: + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + properties: + fsType: + type: string + pdID: + type: string + required: + - pdID + type: object + portworxVolume: + properties: + fsType: + type: string + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + projected: + properties: + defaultMode: + format: int32 + type: integer + sources: + items: properties: - items: - items: - properties: - fieldRef: + configMap: + properties: + items: + items: properties: - apiVersion: + key: type: string - fieldPath: + mode: + format: int32 + type: integer + path: type: string required: - - fieldPath + - key + - path type: object - mode: - format: int32 - type: integer - path: - type: string - resourceFieldRef: + type: array + name: + type: string + optional: + type: boolean + type: object + downwardAPI: + properties: + items: + items: properties: - containerName: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + mode: + format: int32 + type: integer + path: type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + required: + - path + type: object + type: array + type: object + secret: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: type: string required: - - resource + - key + - path type: object - required: - - path - type: object - type: array - type: object - secret: - properties: - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - name: - type: string - optional: - type: boolean + type: array + name: + type: string + optional: + type: boolean + type: object + serviceAccountToken: + properties: + audience: + type: string + expirationSeconds: + format: int64 + type: integer + path: + type: string + required: + - path + type: object type: object - serviceAccountToken: + type: array + required: + - sources + type: object + quobyte: + properties: + group: + type: string + readOnly: + type: boolean + registry: + type: string + tenant: + type: string + user: + type: string + volume: + type: string + required: + - registry + - volume + type: object + rbd: + properties: + fsType: + type: string + image: + type: string + keyring: + type: string + monitors: + items: + type: string + type: array + pool: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + user: + type: string + required: + - image + - monitors + type: object + scaleIO: + properties: + fsType: + type: string + gateway: + type: string + protectionDomain: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + sslEnabled: + type: boolean + storageMode: + type: string + storagePool: + type: string + system: + type: string + volumeName: + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + properties: + defaultMode: + format: int32 + type: integer + items: + items: properties: - audience: + key: type: string - expirationSeconds: - format: int64 + mode: + format: int32 type: integer path: type: string required: + - key - path type: object - type: object - type: array + type: array + optional: + type: boolean + secretName: + type: string + type: object + storageos: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + volumeName: + type: string + volumeNamespace: + type: string + type: object + vsphereVolume: + properties: + fsType: + type: string + storagePolicyID: + type: string + storagePolicyName: + type: string + volumePath: + type: string + required: + - volumePath + type: object required: - - sources + - name type: object - quobyte: + volumeMount: properties: - group: + mountPath: type: string - readOnly: - type: boolean - registry: + mountPropagation: type: string - tenant: + name: type: string - user: + readOnly: + type: boolean + subPath: type: string - volume: + subPathExpr: type: string required: - - registry - - volume + - mountPath + - name type: object - rbd: + required: + - volume + - volumeMount + type: object + podSecurityContext: + properties: + fsGroup: + format: int64 + type: integer + fsGroupChangePolicy: + type: string + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: properties: - fsType: - type: string - image: + level: type: string - keyring: + role: type: string - monitors: - items: - type: string - type: array - pool: + type: type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object user: type: string - required: - - image - - monitors type: object - scaleIO: + seccompProfile: properties: - fsType: - type: string - gateway: - type: string - protectionDomain: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - sslEnabled: - type: boolean - storageMode: - type: string - storagePool: - type: string - system: + localhostProfile: type: string - volumeName: + type: type: string required: - - gateway - - secretRef - - system - type: object - secret: - properties: - defaultMode: - format: int32 - type: integer - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - optional: - type: boolean - secretName: - type: string + - type type: object - storageos: + supplementalGroups: + items: + format: int64 + type: integer + type: array + sysctls: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + windowsOptions: properties: - fsType: + gmsaCredentialSpec: type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - volumeName: + gmsaCredentialSpecName: type: string - volumeNamespace: + runAsUserName: type: string type: object - vsphereVolume: - properties: - fsType: - type: string - storagePolicyID: - type: string - storagePolicyName: - type: string - volumePath: - type: string - required: - - volumePath + type: object + priorityClassName: + type: string + resources: + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true type: object - required: - - name type: object - volumeMount: + s3: properties: - mountPath: - type: string - mountPropagation: + acl: type: string - name: + bucket: type: string - readOnly: - type: boolean - subPath: + endpoint: type: string - subPathExpr: + options: + items: + type: string + type: array + path: type: string - required: - - mountPath - - name - type: object - required: - - volume - - volumeMount - type: object - podSecurityContext: - properties: - fsGroup: - format: int64 - type: integer - fsGroupChangePolicy: - type: string - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: + prefix: type: string - role: + provider: type: string - type: + region: type: string - user: + secretName: type: string - type: object - seccompProfile: - properties: - localhostProfile: + sse: type: string - type: + storageClass: type: string required: - - type + - provider type: object - supplementalGroups: + serviceAccount: + type: string + storageClassName: + type: string + storageSize: + type: string + tableFilter: items: - format: int64 - type: integer + type: string type: array - sysctls: + tikvGCLifeTime: + type: string + tolerations: items: properties: - name: + effect: + type: string + key: + type: string + operator: type: string + tolerationSeconds: + format: int64 + type: integer value: type: string - required: - - name - - value type: object type: array - windowsOptions: - properties: - gmsaCredentialSpec: - type: string - gmsaCredentialSpecName: - type: string - runAsUserName: - type: string - type: object - type: object - priorityClassName: - type: string - resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - type: object - s3: - properties: - acl: - type: string - bucket: - type: string - endpoint: - type: string - options: - items: - type: string - type: array - path: - type: string - prefix: - type: string - provider: - type: string - region: - type: string - secretName: - type: string - sse: - type: string - storageClass: + toolImage: type: string - required: - - provider + useKMS: + type: boolean type: object - serviceAccount: - type: string - storageClassName: - type: string - storageSize: - type: string - tableFilter: - items: - type: string - type: array - tikvGCLifeTime: - type: string - tolerations: + imagePullSecrets: items: properties: - effect: - type: string - key: - type: string - operator: - type: string - tolerationSeconds: - format: int64 - type: integer - value: + name: type: string type: object type: array - toolImage: + maxBackups: + format: int32 + type: integer + maxReservedTime: type: string - useKMS: + pause: type: boolean - type: object - status: - properties: - backupPath: - type: string - backupSize: - format: int64 - type: integer - backupSizeReadable: + schedule: type: string - commitTs: + storageClassName: type: string - conditions: - items: - properties: - lastTransitionTime: - format: date-time - nullable: true - type: string - message: - type: string - reason: - type: string - status: - type: string - type: - type: string - required: - - status - - type - type: object - nullable: true - type: array - phase: + storageSize: type: string - timeCompleted: + required: + - backupTemplate + - schedule + type: object + status: + properties: + allBackupCleanTime: format: date-time - nullable: true type: string - timeStarted: + lastBackup: + type: string + lastBackupTime: format: date-time - nullable: true type: string type: object required: @@ -23750,8 +23750,6 @@ spec: properties: createPassword: type: boolean - required: - - createPassword type: object labels: additionalProperties: @@ -29178,8 +29176,8 @@ spec: type: object image: type: string - initPassword: - type: boolean + initPasswordPhase: + type: string members: additionalProperties: properties: diff --git a/manifests/crd/v1/pingcap.com_tidbclusters.yaml b/manifests/crd/v1/pingcap.com_tidbclusters.yaml index adf1ecd2bb..a2f79fbf57 100644 --- a/manifests/crd/v1/pingcap.com_tidbclusters.yaml +++ b/manifests/crd/v1/pingcap.com_tidbclusters.yaml @@ -11763,8 +11763,6 @@ spec: properties: createPassword: type: boolean - required: - - createPassword type: object labels: additionalProperties: @@ -17191,8 +17189,8 @@ spec: type: object image: type: string - initPassword: - type: boolean + initPasswordPhase: + type: string members: additionalProperties: properties: diff --git a/manifests/crd/v1beta1/pingcap.com_tidbclusters.yaml b/manifests/crd/v1beta1/pingcap.com_tidbclusters.yaml index 9f2b6dab18..dd2f4254cf 100644 --- a/manifests/crd/v1beta1/pingcap.com_tidbclusters.yaml +++ b/manifests/crd/v1beta1/pingcap.com_tidbclusters.yaml @@ -11747,8 +11747,6 @@ spec: properties: createPassword: type: boolean - required: - - createPassword type: object labels: additionalProperties: @@ -17168,8 +17166,8 @@ spec: type: object image: type: string - initPassword: - type: boolean + initPasswordPhase: + type: string members: additionalProperties: properties: diff --git a/manifests/crd_v1beta1.yaml b/manifests/crd_v1beta1.yaml index 84d91b698a..35edebe9f6 100644 --- a/manifests/crd_v1beta1.yaml +++ b/manifests/crd_v1beta1.yaml @@ -6,25 +6,33 @@ metadata: annotations: controller-gen.kubebuilder.io/version: v0.6.2 creationTimestamp: null - name: backupschedules.pingcap.com + name: backups.pingcap.com spec: additionalPrinterColumns: - - JSONPath: .spec.schedule - description: The cron format string used for backup scheduling - name: Schedule + - JSONPath: .status.phase + description: The current status of the backup + name: Status type: string - - JSONPath: .spec.maxBackups - description: The max number of backups we want to keep - name: MaxBackups - type: integer - - JSONPath: .status.lastBackup - description: The last backup CR name - name: LastBackup - priority: 1 + - JSONPath: .status.backupPath + description: The full path of backup data + name: BackupPath type: string - - JSONPath: .status.lastBackupTime - description: The last time the backup was successfully created - name: LastBackupTime + - JSONPath: .status.backupSizeReadable + description: The data size of the backup + name: BackupSize + type: string + - JSONPath: .status.commitTs + description: The commit ts of tidb cluster dump + name: CommitTS + type: string + - JSONPath: .status.timeStarted + description: The time at which the backup was started + name: Started + priority: 1 + type: date + - JSONPath: .status.timeCompleted + description: The time at which the backup was completed + name: Completed priority: 1 type: date - JSONPath: .metadata.creationTimestamp @@ -32,12 +40,12 @@ spec: type: date group: pingcap.com names: - kind: BackupSchedule - listKind: BackupScheduleList - plural: backupschedules + kind: Backup + listKind: BackupList + plural: backups shortNames: - - bks - singular: backupschedule + - bk + singular: backup preserveUnknownFields: false scope: Namespaced subresources: {} @@ -52,16 +60,107 @@ spec: type: object spec: properties: - backupTemplate: + affinity: properties: - affinity: + nodeAffinity: properties: - nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + preference: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + weight: + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: properties: - preferredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: items: properties: - preference: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + type: array + required: + - nodeSelectorTerms + type: object + type: object + podAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: properties: matchExpressions: items: @@ -79,125 +178,73 @@ spec: - operator type: object type: array - matchFields: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array + matchLabels: + additionalProperties: + type: string + type: object type: object - weight: - format: int32 - type: integer + namespaces: + items: + type: string + type: array + topologyKey: + type: string required: - - preference - - weight + - topologyKey type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - properties: - nodeSelectorTerms: - items: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - type: array - required: - - nodeSelectorTerms - type: object - type: object - podAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - podAffinityTerm: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - weight: - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - properties: - labelSelector: + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: properties: matchExpressions: items: @@ -229,1103 +276,214 @@ spec: required: - topologyKey type: object - type: array - type: object - podAntiAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: properties: - podAffinityTerm: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: + matchExpressions: + items: + properties: + key: type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - weight: - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: + operator: type: string - type: object - type: object - namespaces: - items: - type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object type: array - topologyKey: - type: string - required: - - topologyKey + matchLabels: + additionalProperties: + type: string + type: object type: object - type: array - type: object - type: object - backupType: - type: string - br: - properties: - checksum: - type: boolean - cluster: - type: string - clusterNamespace: - type: string - concurrency: - format: int32 - type: integer - db: - type: string - logLevel: - type: string - onLine: - type: boolean - options: - items: - type: string + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object type: array - rateLimit: - type: integer - sendCredToTikv: - type: boolean - statusAddr: - type: string - table: - type: string - timeAgo: - type: string - required: - - cluster - type: object - cleanOption: - properties: - batchConcurrency: - format: int32 - type: integer - disableBatchConcurrency: - type: boolean - pageSize: - format: int64 - type: integer - routineConcurrency: - format: int32 - type: integer type: object - cleanPolicy: + type: object + backupType: + type: string + br: + properties: + checksum: + type: boolean + cluster: type: string - dumpling: - properties: - options: - items: - type: string - type: array - tableFilter: - items: - type: string - type: array - type: object - env: - items: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - resourceFieldRef: - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - required: - - resource - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - from: - properties: - host: - type: string - port: - format: int32 - type: integer - secretName: - type: string - tlsClientSecretName: - type: string - user: - type: string - required: - - host - - secretName - type: object - gcs: - properties: - bucket: - type: string - bucketAcl: - type: string - location: - type: string - objectAcl: - type: string - path: - type: string - prefix: - type: string - projectId: - type: string - secretName: - type: string - storageClass: - type: string - required: - - projectId - type: object - imagePullSecrets: - items: - properties: - name: - type: string - type: object - type: array - local: - properties: - prefix: - type: string - volume: - properties: - awsElasticBlockStore: - properties: - fsType: - type: string - partition: - format: int32 - type: integer - readOnly: - type: boolean - volumeID: - type: string - required: - - volumeID - type: object - azureDisk: - properties: - cachingMode: - type: string - diskName: - type: string - diskURI: - type: string - fsType: - type: string - kind: - type: string - readOnly: - type: boolean - required: - - diskName - - diskURI - type: object - azureFile: - properties: - readOnly: - type: boolean - secretName: - type: string - shareName: - type: string - required: - - secretName - - shareName - type: object - cephfs: - properties: - monitors: - items: - type: string - type: array - path: - type: string - readOnly: - type: boolean - secretFile: - type: string - secretRef: - properties: - name: - type: string - type: object - user: - type: string - required: - - monitors - type: object - cinder: - properties: - fsType: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - volumeID: - type: string - required: - - volumeID - type: object - configMap: - properties: - defaultMode: - format: int32 - type: integer - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - csi: - properties: - driver: - type: string - fsType: - type: string - nodePublishSecretRef: - properties: - name: - type: string - type: object - readOnly: - type: boolean - volumeAttributes: - additionalProperties: - type: string - type: object - required: - - driver - type: object - downwardAPI: - properties: - defaultMode: - format: int32 - type: integer - items: - items: - properties: - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - mode: - format: int32 - type: integer - path: - type: string - resourceFieldRef: - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - required: - - resource - type: object - required: - - path - type: object - type: array - type: object - emptyDir: - properties: - medium: - type: string - sizeLimit: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - ephemeral: - properties: - readOnly: - type: boolean - volumeClaimTemplate: - properties: - metadata: - type: object - spec: - properties: - accessModes: - items: - type: string - type: array - dataSource: - properties: - apiGroup: - type: string - kind: - type: string - name: - type: string - required: - - kind - - name - type: object - resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - type: object - selector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - storageClassName: - type: string - volumeMode: - type: string - volumeName: - type: string - type: object - required: - - spec - type: object - type: object - fc: - properties: - fsType: - type: string - lun: - format: int32 - type: integer - readOnly: - type: boolean - targetWWNs: - items: - type: string - type: array - wwids: - items: - type: string - type: array - type: object - flexVolume: - properties: - driver: - type: string - fsType: - type: string - options: - additionalProperties: - type: string - type: object - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - required: - - driver - type: object - flocker: - properties: - datasetName: - type: string - datasetUUID: - type: string - type: object - gcePersistentDisk: - properties: - fsType: - type: string - partition: - format: int32 - type: integer - pdName: - type: string - readOnly: - type: boolean - required: - - pdName - type: object - gitRepo: - properties: - directory: - type: string - repository: - type: string - revision: - type: string - required: - - repository - type: object - glusterfs: - properties: - endpoints: - type: string - path: - type: string - readOnly: - type: boolean - required: - - endpoints - - path - type: object - hostPath: - properties: - path: - type: string - type: - type: string - required: - - path - type: object - iscsi: - properties: - chapAuthDiscovery: - type: boolean - chapAuthSession: - type: boolean - fsType: - type: string - initiatorName: - type: string - iqn: - type: string - iscsiInterface: - type: string - lun: - format: int32 - type: integer - portals: - items: - type: string - type: array - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - targetPortal: - type: string - required: - - iqn - - lun - - targetPortal - type: object - name: - type: string - nfs: - properties: - path: - type: string - readOnly: - type: boolean - server: - type: string - required: - - path - - server - type: object - persistentVolumeClaim: - properties: - claimName: - type: string - readOnly: - type: boolean - required: - - claimName - type: object - photonPersistentDisk: - properties: - fsType: - type: string - pdID: - type: string - required: - - pdID - type: object - portworxVolume: - properties: - fsType: - type: string - readOnly: - type: boolean - volumeID: - type: string - required: - - volumeID - type: object - projected: - properties: - defaultMode: - format: int32 - type: integer - sources: - items: - properties: - configMap: - properties: - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - downwardAPI: - properties: - items: - items: - properties: - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - mode: - format: int32 - type: integer - path: - type: string - resourceFieldRef: - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - required: - - resource - type: object - required: - - path - type: object - type: array - type: object - secret: - properties: - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - serviceAccountToken: - properties: - audience: - type: string - expirationSeconds: - format: int64 - type: integer - path: - type: string - required: - - path - type: object - type: object - type: array - required: - - sources - type: object - quobyte: - properties: - group: - type: string - readOnly: - type: boolean - registry: - type: string - tenant: - type: string - user: - type: string - volume: - type: string - required: - - registry - - volume - type: object - rbd: - properties: - fsType: - type: string - image: - type: string - keyring: - type: string - monitors: - items: - type: string - type: array - pool: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - user: - type: string - required: - - image - - monitors - type: object - scaleIO: - properties: - fsType: - type: string - gateway: - type: string - protectionDomain: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - sslEnabled: - type: boolean - storageMode: - type: string - storagePool: - type: string - system: - type: string - volumeName: - type: string - required: - - gateway - - secretRef - - system - type: object - secret: - properties: - defaultMode: - format: int32 - type: integer - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - optional: - type: boolean - secretName: - type: string - type: object - storageos: - properties: - fsType: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - volumeName: - type: string - volumeNamespace: - type: string - type: object - vsphereVolume: - properties: - fsType: - type: string - storagePolicyID: - type: string - storagePolicyName: - type: string - volumePath: - type: string - required: - - volumePath - type: object - required: - - name - type: object - volumeMount: - properties: - mountPath: - type: string - mountPropagation: - type: string - name: - type: string - readOnly: - type: boolean - subPath: - type: string - subPathExpr: - type: string - required: - - mountPath - - name - type: object - required: - - volume - - volumeMount - type: object - podSecurityContext: - properties: - fsGroup: - format: int64 - type: integer - fsGroupChangePolicy: - type: string - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - seccompProfile: - properties: - localhostProfile: - type: string - type: - type: string - required: - - type - type: object - supplementalGroups: - items: - format: int64 - type: integer - type: array - sysctls: - items: + clusterNamespace: + type: string + concurrency: + format: int32 + type: integer + db: + type: string + logLevel: + type: string + onLine: + type: boolean + options: + items: + type: string + type: array + rateLimit: + type: integer + sendCredToTikv: + type: boolean + statusAddr: + type: string + table: + type: string + timeAgo: + type: string + required: + - cluster + type: object + cleanOption: + properties: + batchConcurrency: + format: int32 + type: integer + disableBatchConcurrency: + type: boolean + pageSize: + format: int64 + type: integer + routineConcurrency: + format: int32 + type: integer + type: object + cleanPolicy: + type: string + dumpling: + properties: + options: + items: + type: string + type: array + tableFilter: + items: + type: string + type: array + type: object + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: properties: + key: + type: string name: type: string - value: + optional: + type: boolean + required: + - key + type: object + fieldRef: + properties: + apiVersion: + type: string + fieldPath: type: string required: - - name - - value + - fieldPath type: object - type: array - windowsOptions: - properties: - gmsaCredentialSpec: - type: string - gmsaCredentialSpecName: - type: string - runAsUserName: - type: string - type: object - type: object - priorityClassName: + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + from: + properties: + host: + type: string + port: + format: int32 + type: integer + secretName: + type: string + tlsClientSecretName: + type: string + user: + type: string + required: + - host + - secretName + type: object + gcs: + properties: + bucket: + type: string + bucketAcl: type: string - resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - type: object - s3: - properties: - acl: - type: string - bucket: - type: string - endpoint: - type: string - options: - items: - type: string - type: array - path: - type: string - prefix: - type: string - provider: - type: string - region: - type: string - secretName: - type: string - sse: - type: string - storageClass: - type: string - required: - - provider - type: object - serviceAccount: + location: type: string - storageClassName: + objectAcl: type: string - storageSize: + path: type: string - tableFilter: - items: - type: string - type: array - tikvGCLifeTime: + prefix: type: string - tolerations: - items: - properties: - effect: - type: string - key: - type: string - operator: - type: string - tolerationSeconds: - format: int64 - type: integer - value: - type: string - type: object - type: array - toolImage: + projectId: type: string - useKMS: - type: boolean + secretName: + type: string + storageClass: + type: string + required: + - projectId type: object imagePullSecrets: items: @@ -1334,1425 +492,2267 @@ spec: type: string type: object type: array - maxBackups: - format: int32 - type: integer - maxReservedTime: - type: string - pause: - type: boolean - schedule: - type: string - storageClassName: - type: string - storageSize: - type: string - required: - - backupTemplate - - schedule - type: object - status: - properties: - allBackupCleanTime: - format: date-time - type: string - lastBackup: - type: string - lastBackupTime: - format: date-time - type: string - type: object - required: - - metadata - - spec - type: object - version: v1alpha1 - versions: - - name: v1alpha1 - served: true - storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] - ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.6.2 - creationTimestamp: null - name: backups.pingcap.com -spec: - additionalPrinterColumns: - - JSONPath: .status.phase - description: The current status of the backup - name: Status - type: string - - JSONPath: .status.backupPath - description: The full path of backup data - name: BackupPath - type: string - - JSONPath: .status.backupSizeReadable - description: The data size of the backup - name: BackupSize - type: string - - JSONPath: .status.commitTs - description: The commit ts of tidb cluster dump - name: CommitTS - type: string - - JSONPath: .status.timeStarted - description: The time at which the backup was started - name: Started - priority: 1 - type: date - - JSONPath: .status.timeCompleted - description: The time at which the backup was completed - name: Completed - priority: 1 - type: date - - JSONPath: .metadata.creationTimestamp - name: Age - type: date - group: pingcap.com - names: - kind: Backup - listKind: BackupList - plural: backups - shortNames: - - bk - singular: backup - preserveUnknownFields: false - scope: Namespaced - subresources: {} - validation: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - properties: - affinity: + local: properties: - nodeAffinity: + prefix: + type: string + volume: properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - preference: + awsElasticBlockStore: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + azureDisk: + properties: + cachingMode: + type: string + diskName: + type: string + diskURI: + type: string + fsType: + type: string + kind: + type: string + readOnly: + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + properties: + readOnly: + type: boolean + secretName: + type: string + shareName: + type: string + required: + - secretName + - shareName + type: object + cephfs: + properties: + monitors: + items: + type: string + type: array + path: + type: string + readOnly: + type: boolean + secretFile: + type: string + secretRef: + properties: + name: + type: string + type: object + user: + type: string + required: + - monitors + type: object + cinder: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + volumeID: + type: string + required: + - volumeID + type: object + configMap: + properties: + defaultMode: + format: int32 + type: integer + items: + items: properties: - matchExpressions: - items: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + csi: + properties: + driver: + type: string + fsType: + type: string + nodePublishSecretRef: + properties: + name: + type: string + type: object + readOnly: + type: boolean + volumeAttributes: + additionalProperties: + type: string + type: object + required: + - driver + type: object + downwardAPI: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + required: + - path + type: object + type: array + type: object + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + properties: + readOnly: + type: boolean + volumeClaimTemplate: + properties: + metadata: + type: object + spec: + properties: + accessModes: + items: + type: string + type: array + dataSource: properties: - key: + apiGroup: type: string - operator: + kind: + type: string + name: type: string - values: - items: - type: string - type: array required: - - key - - operator + - kind + - name type: object - type: array - matchFields: - items: + resources: properties: - key: - type: string - operator: - type: string - values: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + selector: + properties: + matchExpressions: items: - type: string + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object type: array - required: - - key - - operator + matchLabels: + additionalProperties: + type: string + type: object type: object - type: array - type: object - weight: - format: int32 - type: integer - required: - - preference - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: + storageClassName: + type: string + volumeMode: + type: string + volumeName: + type: string + type: object + required: + - spec + type: object + type: object + fc: + properties: + fsType: + type: string + lun: + format: int32 + type: integer + readOnly: + type: boolean + targetWWNs: + items: + type: string + type: array + wwids: + items: + type: string + type: array + type: object + flexVolume: + properties: + driver: + type: string + fsType: + type: string + options: + additionalProperties: + type: string + type: object + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + required: + - driver + type: object + flocker: properties: - nodeSelectorTerms: + datasetName: + type: string + datasetUUID: + type: string + type: object + gcePersistentDisk: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + pdName: + type: string + readOnly: + type: boolean + required: + - pdName + type: object + gitRepo: + properties: + directory: + type: string + repository: + type: string + revision: + type: string + required: + - repository + type: object + glusterfs: + properties: + endpoints: + type: string + path: + type: string + readOnly: + type: boolean + required: + - endpoints + - path + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + iscsi: + properties: + chapAuthDiscovery: + type: boolean + chapAuthSession: + type: boolean + fsType: + type: string + initiatorName: + type: string + iqn: + type: string + iscsiInterface: + type: string + lun: + format: int32 + type: integer + portals: items: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object + type: string type: array + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + targetPortal: + type: string required: - - nodeSelectorTerms + - iqn + - lun + - targetPortal type: object - type: object - podAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - podAffinityTerm: + name: + type: string + nfs: + properties: + path: + type: string + readOnly: + type: boolean + server: + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + properties: + fsType: + type: string + pdID: + type: string + required: + - pdID + type: object + portworxVolume: + properties: + fsType: + type: string + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + projected: + properties: + defaultMode: + format: int32 + type: integer + sources: + items: properties: - labelSelector: + configMap: properties: - matchExpressions: + items: items: properties: key: type: string - operator: + mode: + format: int32 + type: integer + path: type: string - values: - items: - type: string - type: array required: - key - - operator + - path type: object type: array - matchLabels: - additionalProperties: - type: string - type: object + name: + type: string + optional: + type: boolean type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - weight: - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string + downwardAPI: + properties: + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + required: + - path + type: object + type: array type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - type: array - type: object - podAntiAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - podAffinityTerm: - properties: - labelSelector: + secret: properties: - matchExpressions: + items: items: properties: key: type: string - operator: + mode: + format: int32 + type: integer + path: type: string - values: - items: - type: string - type: array required: - key - - operator + - path type: object type: array - matchLabels: - additionalProperties: - type: string - type: object + name: + type: string + optional: + type: boolean + type: object + serviceAccountToken: + properties: + audience: + type: string + expirationSeconds: + format: int64 + type: integer + path: + type: string + required: + - path type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey type: object - weight: - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - properties: - labelSelector: + type: array + required: + - sources + type: object + quobyte: + properties: + group: + type: string + readOnly: + type: boolean + registry: + type: string + tenant: + type: string + user: + type: string + volume: + type: string + required: + - registry + - volume + type: object + rbd: + properties: + fsType: + type: string + image: + type: string + keyring: + type: string + monitors: + items: + type: string + type: array + pool: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + user: + type: string + required: + - image + - monitors + type: object + scaleIO: + properties: + fsType: + type: string + gateway: + type: string + protectionDomain: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + sslEnabled: + type: boolean + storageMode: + type: string + storagePool: + type: string + system: + type: string + volumeName: + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + properties: + defaultMode: + format: int32 + type: integer + items: + items: properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path type: object - namespaces: - items: + type: array + optional: + type: boolean + secretName: + type: string + type: object + storageos: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - type: array + type: object + volumeName: + type: string + volumeNamespace: + type: string + type: object + vsphereVolume: + properties: + fsType: + type: string + storagePolicyID: + type: string + storagePolicyName: + type: string + volumePath: + type: string + required: + - volumePath + type: object + required: + - name + type: object + volumeMount: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name type: object + required: + - volume + - volumeMount type: object - backupType: - type: string - br: + podSecurityContext: properties: - checksum: - type: boolean - cluster: - type: string - clusterNamespace: - type: string - concurrency: - format: int32 - type: integer - db: - type: string - logLevel: - type: string - onLine: - type: boolean - options: - items: - type: string - type: array - rateLimit: + fsGroup: + format: int64 type: integer - sendCredToTikv: - type: boolean - statusAddr: - type: string - table: - type: string - timeAgo: + fsGroupChangePolicy: type: string - required: - - cluster - type: object - cleanOption: - properties: - batchConcurrency: - format: int32 + runAsGroup: + format: int64 type: integer - disableBatchConcurrency: + runAsNonRoot: type: boolean - pageSize: + runAsUser: format: int64 type: integer - routineConcurrency: - format: int32 - type: integer - type: object - cleanPolicy: - type: string - dumpling: - properties: - options: + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + supplementalGroups: items: - type: string + format: int64 + type: integer type: array - tableFilter: + sysctls: items: - type: string - type: array - type: object - env: - items: - properties: - name: - type: string - value: - type: string - valueFrom: properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - resourceFieldRef: - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - required: - - resource - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object + name: + type: string + value: + type: string + required: + - name + - value type: object - required: - - name - type: object - type: array - from: + type: array + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + runAsUserName: + type: string + type: object + type: object + priorityClassName: + type: string + resources: properties: - host: - type: string - port: - format: int32 - type: integer - secretName: - type: string - tlsClientSecretName: - type: string - user: - type: string - required: - - host - - secretName + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object type: object - gcs: + s3: properties: - bucket: - type: string - bucketAcl: + acl: type: string - location: + bucket: type: string - objectAcl: + endpoint: type: string + options: + items: + type: string + type: array path: type: string prefix: type: string - projectId: + provider: + type: string + region: type: string secretName: type: string + sse: + type: string storageClass: type: string required: - - projectId + - provider type: object - imagePullSecrets: + serviceAccount: + type: string + storageClassName: + type: string + storageSize: + type: string + tableFilter: + items: + type: string + type: array + tikvGCLifeTime: + type: string + tolerations: items: properties: - name: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: type: string type: object type: array - local: + toolImage: + type: string + useKMS: + type: boolean + type: object + status: + properties: + backupPath: + type: string + backupSize: + format: int64 + type: integer + backupSizeReadable: + type: string + commitTs: + type: string + conditions: + items: + properties: + lastTransitionTime: + format: date-time + nullable: true + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - status + - type + type: object + nullable: true + type: array + phase: + type: string + timeCompleted: + format: date-time + nullable: true + type: string + timeStarted: + format: date-time + nullable: true + type: string + type: object + required: + - metadata + - spec + type: object + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] + +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.6.2 + creationTimestamp: null + name: backupschedules.pingcap.com +spec: + additionalPrinterColumns: + - JSONPath: .spec.schedule + description: The cron format string used for backup scheduling + name: Schedule + type: string + - JSONPath: .spec.maxBackups + description: The max number of backups we want to keep + name: MaxBackups + type: integer + - JSONPath: .status.lastBackup + description: The last backup CR name + name: LastBackup + priority: 1 + type: string + - JSONPath: .status.lastBackupTime + description: The last time the backup was successfully created + name: LastBackupTime + priority: 1 + type: date + - JSONPath: .metadata.creationTimestamp + name: Age + type: date + group: pingcap.com + names: + kind: BackupSchedule + listKind: BackupScheduleList + plural: backupschedules + shortNames: + - bks + singular: backupschedule + preserveUnknownFields: false + scope: Namespaced + subresources: {} + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + backupTemplate: properties: - prefix: - type: string - volume: + affinity: properties: - awsElasticBlockStore: - properties: - fsType: - type: string - partition: - format: int32 - type: integer - readOnly: - type: boolean - volumeID: - type: string - required: - - volumeID - type: object - azureDisk: - properties: - cachingMode: - type: string - diskName: - type: string - diskURI: - type: string - fsType: - type: string - kind: - type: string - readOnly: - type: boolean - required: - - diskName - - diskURI - type: object - azureFile: + nodeAffinity: properties: - readOnly: - type: boolean - secretName: - type: string - shareName: - type: string - required: - - secretName - - shareName + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + preference: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + weight: + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + properties: + nodeSelectorTerms: + items: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + type: array + required: + - nodeSelectorTerms + type: object type: object - cephfs: + podAffinity: properties: - monitors: + preferredDuringSchedulingIgnoredDuringExecution: items: - type: string + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object type: array - path: - type: string - readOnly: - type: boolean - secretFile: - type: string - secretRef: - properties: - name: - type: string - type: object - user: - type: string - required: - - monitors - type: object - cinder: - properties: - fsType: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - volumeID: - type: string - required: - - volumeID type: object - configMap: + podAntiAffinity: properties: - defaultMode: - format: int32 - type: integer - items: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + backupType: + type: string + br: + properties: + checksum: + type: boolean + cluster: + type: string + clusterNamespace: + type: string + concurrency: + format: int32 + type: integer + db: + type: string + logLevel: + type: string + onLine: + type: boolean + options: + items: + type: string + type: array + rateLimit: + type: integer + sendCredToTikv: + type: boolean + statusAddr: + type: string + table: + type: string + timeAgo: + type: string + required: + - cluster + type: object + cleanOption: + properties: + batchConcurrency: + format: int32 + type: integer + disableBatchConcurrency: + type: boolean + pageSize: + format: int64 + type: integer + routineConcurrency: + format: int32 + type: integer + type: object + cleanPolicy: + type: string + dumpling: + properties: + options: + items: + type: string + type: array + tableFilter: + items: + type: string + type: array + type: object + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: properties: key: type: string - mode: - format: int32 - type: integer - path: + name: type: string + optional: + type: boolean required: - key - - path type: object - type: array - name: - type: string - optional: - type: boolean - type: object - csi: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + from: + properties: + host: + type: string + port: + format: int32 + type: integer + secretName: + type: string + tlsClientSecretName: + type: string + user: + type: string + required: + - host + - secretName + type: object + gcs: + properties: + bucket: + type: string + bucketAcl: + type: string + location: + type: string + objectAcl: + type: string + path: + type: string + prefix: + type: string + projectId: + type: string + secretName: + type: string + storageClass: + type: string + required: + - projectId + type: object + imagePullSecrets: + items: + properties: + name: + type: string + type: object + type: array + local: + properties: + prefix: + type: string + volume: properties: - driver: - type: string - fsType: - type: string - nodePublishSecretRef: + awsElasticBlockStore: properties: - name: + fsType: + type: string + partition: + format: int32 + type: integer + readOnly: + type: boolean + volumeID: type: string + required: + - volumeID type: object - readOnly: - type: boolean - volumeAttributes: - additionalProperties: - type: string + azureDisk: + properties: + cachingMode: + type: string + diskName: + type: string + diskURI: + type: string + fsType: + type: string + kind: + type: string + readOnly: + type: boolean + required: + - diskName + - diskURI type: object - required: - - driver - type: object - downwardAPI: - properties: - defaultMode: - format: int32 - type: integer - items: - items: - properties: - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - mode: - format: int32 - type: integer - path: + azureFile: + properties: + readOnly: + type: boolean + secretName: + type: string + shareName: + type: string + required: + - secretName + - shareName + type: object + cephfs: + properties: + monitors: + items: type: string - resourceFieldRef: + type: array + path: + type: string + readOnly: + type: boolean + secretFile: + type: string + secretRef: + properties: + name: + type: string + type: object + user: + type: string + required: + - monitors + type: object + cinder: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + volumeID: + type: string + required: + - volumeID + type: object + configMap: + properties: + defaultMode: + format: int32 + type: integer + items: + items: properties: - containerName: + key: type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: + mode: + format: int32 + type: integer + path: type: string required: - - resource + - key + - path type: object - required: - - path - type: object - type: array - type: object - emptyDir: - properties: - medium: - type: string - sizeLimit: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - ephemeral: - properties: - readOnly: - type: boolean - volumeClaimTemplate: + type: array + name: + type: string + optional: + type: boolean + type: object + csi: properties: - metadata: - type: object - spec: + driver: + type: string + fsType: + type: string + nodePublishSecretRef: properties: - accessModes: - items: + name: + type: string + type: object + readOnly: + type: boolean + volumeAttributes: + additionalProperties: + type: string + type: object + required: + - driver + type: object + downwardAPI: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + mode: + format: int32 + type: integer + path: type: string - type: array - dataSource: - properties: - apiGroup: - type: string - kind: - type: string - name: - type: string - required: - - kind - - name - type: object - resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: + resourceFieldRef: + properties: + containerName: + type: string + divisor: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - type: object + resource: + type: string + required: + - resource + type: object + required: + - path + type: object + type: array + type: object + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + properties: + readOnly: + type: boolean + volumeClaimTemplate: + properties: + metadata: type: object - selector: + spec: properties: - matchExpressions: + accessModes: items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: type: string + type: array + dataSource: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + resources: + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object type: object + storageClassName: + type: string + volumeMode: + type: string + volumeName: + type: string type: object - storageClassName: - type: string - volumeMode: - type: string - volumeName: + required: + - spec + type: object + type: object + fc: + properties: + fsType: + type: string + lun: + format: int32 + type: integer + readOnly: + type: boolean + targetWWNs: + items: + type: string + type: array + wwids: + items: + type: string + type: array + type: object + flexVolume: + properties: + driver: + type: string + fsType: + type: string + options: + additionalProperties: + type: string + type: object + readOnly: + type: boolean + secretRef: + properties: + name: type: string type: object required: - - spec + - driver type: object - type: object - fc: - properties: - fsType: - type: string - lun: - format: int32 - type: integer - readOnly: - type: boolean - targetWWNs: - items: - type: string - type: array - wwids: - items: - type: string - type: array - type: object - flexVolume: - properties: - driver: - type: string - fsType: - type: string - options: - additionalProperties: - type: string + flocker: + properties: + datasetName: + type: string + datasetUUID: + type: string type: object - readOnly: - type: boolean - secretRef: + gcePersistentDisk: properties: - name: + fsType: + type: string + partition: + format: int32 + type: integer + pdName: type: string + readOnly: + type: boolean + required: + - pdName type: object - required: - - driver - type: object - flocker: - properties: - datasetName: - type: string - datasetUUID: - type: string - type: object - gcePersistentDisk: - properties: - fsType: - type: string - partition: - format: int32 - type: integer - pdName: - type: string - readOnly: - type: boolean - required: - - pdName - type: object - gitRepo: - properties: - directory: - type: string - repository: - type: string - revision: - type: string - required: - - repository - type: object - glusterfs: - properties: - endpoints: - type: string - path: - type: string - readOnly: - type: boolean - required: - - endpoints - - path - type: object - hostPath: - properties: - path: - type: string - type: - type: string - required: - - path - type: object - iscsi: - properties: - chapAuthDiscovery: - type: boolean - chapAuthSession: - type: boolean - fsType: - type: string - initiatorName: - type: string - iqn: - type: string - iscsiInterface: - type: string - lun: - format: int32 - type: integer - portals: - items: - type: string - type: array - readOnly: - type: boolean - secretRef: + gitRepo: properties: - name: + directory: type: string + repository: + type: string + revision: + type: string + required: + - repository type: object - targetPortal: - type: string - required: - - iqn - - lun - - targetPortal - type: object - name: - type: string - nfs: - properties: - path: - type: string - readOnly: - type: boolean - server: - type: string - required: - - path - - server - type: object - persistentVolumeClaim: - properties: - claimName: - type: string - readOnly: - type: boolean - required: - - claimName - type: object - photonPersistentDisk: - properties: - fsType: - type: string - pdID: - type: string - required: - - pdID - type: object - portworxVolume: - properties: - fsType: - type: string - readOnly: - type: boolean - volumeID: + glusterfs: + properties: + endpoints: + type: string + path: + type: string + readOnly: + type: boolean + required: + - endpoints + - path + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + iscsi: + properties: + chapAuthDiscovery: + type: boolean + chapAuthSession: + type: boolean + fsType: + type: string + initiatorName: + type: string + iqn: + type: string + iscsiInterface: + type: string + lun: + format: int32 + type: integer + portals: + items: + type: string + type: array + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + targetPortal: + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: type: string - required: - - volumeID - type: object - projected: - properties: - defaultMode: - format: int32 - type: integer - sources: - items: - properties: - configMap: - properties: - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - downwardAPI: + nfs: + properties: + path: + type: string + readOnly: + type: boolean + server: + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + properties: + fsType: + type: string + pdID: + type: string + required: + - pdID + type: object + portworxVolume: + properties: + fsType: + type: string + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + projected: + properties: + defaultMode: + format: int32 + type: integer + sources: + items: properties: - items: - items: - properties: - fieldRef: + configMap: + properties: + items: + items: properties: - apiVersion: + key: type: string - fieldPath: + mode: + format: int32 + type: integer + path: type: string required: - - fieldPath + - key + - path type: object - mode: - format: int32 - type: integer - path: - type: string - resourceFieldRef: + type: array + name: + type: string + optional: + type: boolean + type: object + downwardAPI: + properties: + items: + items: properties: - containerName: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + mode: + format: int32 + type: integer + path: type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + required: + - path + type: object + type: array + type: object + secret: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: type: string required: - - resource + - key + - path type: object - required: - - path - type: object - type: array - type: object - secret: - properties: - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - name: - type: string - optional: - type: boolean + type: array + name: + type: string + optional: + type: boolean + type: object + serviceAccountToken: + properties: + audience: + type: string + expirationSeconds: + format: int64 + type: integer + path: + type: string + required: + - path + type: object type: object - serviceAccountToken: + type: array + required: + - sources + type: object + quobyte: + properties: + group: + type: string + readOnly: + type: boolean + registry: + type: string + tenant: + type: string + user: + type: string + volume: + type: string + required: + - registry + - volume + type: object + rbd: + properties: + fsType: + type: string + image: + type: string + keyring: + type: string + monitors: + items: + type: string + type: array + pool: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + user: + type: string + required: + - image + - monitors + type: object + scaleIO: + properties: + fsType: + type: string + gateway: + type: string + protectionDomain: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + sslEnabled: + type: boolean + storageMode: + type: string + storagePool: + type: string + system: + type: string + volumeName: + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + properties: + defaultMode: + format: int32 + type: integer + items: + items: properties: - audience: + key: type: string - expirationSeconds: - format: int64 + mode: + format: int32 type: integer path: type: string required: + - key - path type: object - type: object - type: array + type: array + optional: + type: boolean + secretName: + type: string + type: object + storageos: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + volumeName: + type: string + volumeNamespace: + type: string + type: object + vsphereVolume: + properties: + fsType: + type: string + storagePolicyID: + type: string + storagePolicyName: + type: string + volumePath: + type: string + required: + - volumePath + type: object required: - - sources + - name type: object - quobyte: + volumeMount: properties: - group: + mountPath: type: string - readOnly: - type: boolean - registry: + mountPropagation: type: string - tenant: + name: type: string - user: + readOnly: + type: boolean + subPath: type: string - volume: + subPathExpr: type: string required: - - registry - - volume + - mountPath + - name type: object - rbd: + required: + - volume + - volumeMount + type: object + podSecurityContext: + properties: + fsGroup: + format: int64 + type: integer + fsGroupChangePolicy: + type: string + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: properties: - fsType: - type: string - image: + level: type: string - keyring: + role: type: string - monitors: - items: - type: string - type: array - pool: + type: type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object user: type: string - required: - - image - - monitors type: object - scaleIO: + seccompProfile: properties: - fsType: - type: string - gateway: - type: string - protectionDomain: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - sslEnabled: - type: boolean - storageMode: - type: string - storagePool: - type: string - system: + localhostProfile: type: string - volumeName: + type: type: string required: - - gateway - - secretRef - - system - type: object - secret: - properties: - defaultMode: - format: int32 - type: integer - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - optional: - type: boolean - secretName: - type: string + - type type: object - storageos: + supplementalGroups: + items: + format: int64 + type: integer + type: array + sysctls: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + windowsOptions: properties: - fsType: + gmsaCredentialSpec: type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - volumeName: + gmsaCredentialSpecName: type: string - volumeNamespace: + runAsUserName: type: string type: object - vsphereVolume: - properties: - fsType: - type: string - storagePolicyID: - type: string - storagePolicyName: - type: string - volumePath: - type: string - required: - - volumePath + type: object + priorityClassName: + type: string + resources: + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true type: object - required: - - name type: object - volumeMount: + s3: properties: - mountPath: - type: string - mountPropagation: + acl: type: string - name: + bucket: type: string - readOnly: - type: boolean - subPath: + endpoint: type: string - subPathExpr: + options: + items: + type: string + type: array + path: type: string - required: - - mountPath - - name - type: object - required: - - volume - - volumeMount - type: object - podSecurityContext: - properties: - fsGroup: - format: int64 - type: integer - fsGroupChangePolicy: - type: string - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: + prefix: type: string - role: + provider: type: string - type: + region: type: string - user: + secretName: type: string - type: object - seccompProfile: - properties: - localhostProfile: + sse: type: string - type: + storageClass: type: string required: - - type + - provider type: object - supplementalGroups: + serviceAccount: + type: string + storageClassName: + type: string + storageSize: + type: string + tableFilter: items: - format: int64 - type: integer + type: string type: array - sysctls: + tikvGCLifeTime: + type: string + tolerations: items: properties: - name: + effect: + type: string + key: + type: string + operator: type: string + tolerationSeconds: + format: int64 + type: integer value: type: string - required: - - name - - value type: object type: array - windowsOptions: - properties: - gmsaCredentialSpec: - type: string - gmsaCredentialSpecName: - type: string - runAsUserName: - type: string - type: object - type: object - priorityClassName: - type: string - resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - type: object - s3: - properties: - acl: - type: string - bucket: - type: string - endpoint: - type: string - options: - items: - type: string - type: array - path: - type: string - prefix: - type: string - provider: - type: string - region: - type: string - secretName: - type: string - sse: - type: string - storageClass: + toolImage: type: string - required: - - provider + useKMS: + type: boolean type: object - serviceAccount: - type: string - storageClassName: - type: string - storageSize: - type: string - tableFilter: - items: - type: string - type: array - tikvGCLifeTime: - type: string - tolerations: + imagePullSecrets: items: properties: - effect: - type: string - key: - type: string - operator: - type: string - tolerationSeconds: - format: int64 - type: integer - value: + name: type: string type: object type: array - toolImage: + maxBackups: + format: int32 + type: integer + maxReservedTime: type: string - useKMS: + pause: type: boolean - type: object - status: - properties: - backupPath: - type: string - backupSize: - format: int64 - type: integer - backupSizeReadable: + schedule: type: string - commitTs: + storageClassName: type: string - conditions: - items: - properties: - lastTransitionTime: - format: date-time - nullable: true - type: string - message: - type: string - reason: - type: string - status: - type: string - type: - type: string - required: - - status - - type - type: object - nullable: true - type: array - phase: + storageSize: type: string - timeCompleted: + required: + - backupTemplate + - schedule + type: object + status: + properties: + allBackupCleanTime: format: date-time - nullable: true type: string - timeStarted: + lastBackup: + type: string + lastBackupTime: format: date-time - nullable: true type: string type: object required: @@ -23734,8 +23734,6 @@ spec: properties: createPassword: type: boolean - required: - - createPassword type: object labels: additionalProperties: @@ -29155,8 +29153,8 @@ spec: type: object image: type: string - initPassword: - type: boolean + initPasswordPhase: + type: string members: additionalProperties: properties: diff --git a/pkg/apis/pingcap/v1alpha1/types.go b/pkg/apis/pingcap/v1alpha1/types.go index 96fffc9efd..aae33c959b 100644 --- a/pkg/apis/pingcap/v1alpha1/types.go +++ b/pkg/apis/pingcap/v1alpha1/types.go @@ -1130,7 +1130,7 @@ type TiDBStatus struct { FailureMembers map[string]TiDBFailureMember `json:"failureMembers,omitempty"` ResignDDLOwnerRetryCount int32 `json:"resignDDLOwnerRetryCount,omitempty"` Image string `json:"image,omitempty"` - InitPassword bool `json:"initPassword,omitempty"` + InitPasswordPhase *InitializePhase `json:"initPasswordPhase,omitempty"` } // TiDBMember is TiDB member diff --git a/pkg/apis/pingcap/v1alpha1/zz_generated.deepcopy.go b/pkg/apis/pingcap/v1alpha1/zz_generated.deepcopy.go index 991d88c386..76e073aa6c 100644 --- a/pkg/apis/pingcap/v1alpha1/zz_generated.deepcopy.go +++ b/pkg/apis/pingcap/v1alpha1/zz_generated.deepcopy.go @@ -5594,6 +5594,11 @@ func (in *TiDBStatus) DeepCopyInto(out *TiDBStatus) { (*out)[key] = *val.DeepCopy() } } + if in.InitPasswordPhase != nil { + in, out := &in.InitPasswordPhase, &out.InitPasswordPhase + *out = new(InitializePhase) + **out = **in + } return } diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index de0e900e3b..2850cc7659 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -41,7 +41,6 @@ import ( "k8s.io/klog/v2" podutil "k8s.io/kubernetes/pkg/api/v1/pod" "k8s.io/utils/pointer" - "sigs.k8s.io/controller-runtime/pkg/client" ) const ( @@ -245,35 +244,38 @@ func (m *tidbMemberManager) syncTiDBStatefulSetForTidbCluster(tc *v1alpha1.TidbC } } // set random password - if tc.Spec.TiDB.Initializer != nil && tc.Spec.TiDB.Initializer.CreatePassword && !tc.Status.TiDB.InitPassword { + if tc.Spec.TiDB.Initializer != nil && tc.Spec.TiDB.Initializer.CreatePassword && tc.Status.TiDB.InitPasswordPhase == nil { // sync password secret - secretName := fmt.Sprintf("%s-secret", tc.Name) - passwordSecret := &corev1.Secret{} - exist, err := m.deps.TypedControl.Exist(client.ObjectKey{ - Namespace: ns, - Name: secretName, - }, passwordSecret) + secretName := controller.TiDBSecret(tc.Name) + _, err := m.deps.ServiceLister.Services(ns).Get(secretName) + isExistPasswordSecret := true if err != nil { - return err + if errors.IsNotFound(err) { + isExistPasswordSecret = false + } else { + return err + } } - if !exist { + if !isExistPasswordSecret { klog.Infof("Create random password for cluster %s/%s", tc.Namespace, tc.Name) secret := m.buildRandomPasswordSecret(tc) - _, err := m.deps.TypedControl.CreateOrUpdateSecret(tc, secret) + err := m.deps.TypedControl.Create(tc, secret) if err != nil { return err } } - tidbInitializer := &v1alpha1.TidbInitializer{} - tidbInitializerName := fmt.Sprintf("%s-init", tc.Name) - exist, err = m.deps.TypedControl.Exist(client.ObjectKey{ - Namespace: tc.Namespace, - Name: tidbInitializerName, - }, tidbInitializer) + + tidbInitializerName := controller.TiDBInitializer(tc.Name) + tidbInitializer, err := m.deps.TiDBInitializerLister.TidbInitializers(ns).Get(tidbInitializerName) + isExistTidbInitializer := true if err != nil { - return err + if errors.IsNotFound(err) { + isExistTidbInitializer = false + } else { + return err + } } - if !exist { + if !isExistTidbInitializer { policy := corev1.PullIfNotPresent tidbInitializer = &v1alpha1.TidbInitializer{ ObjectMeta: metav1.ObjectMeta{ @@ -290,7 +292,7 @@ func (m *tidbMemberManager) syncTiDBStatefulSetForTidbCluster(tc *v1alpha1.TidbC PasswordSecret: pointer.StringPtr(secretName), }, } - _, err = m.deps.TypedControl.CreateOrUpdateTidbInitializer(tc, tidbInitializer) + err = m.deps.TypedControl.CreateTidbInitializer(tc, tidbInitializer) if err != nil { return err } @@ -299,12 +301,9 @@ func (m *tidbMemberManager) syncTiDBStatefulSetForTidbCluster(tc *v1alpha1.TidbC if err != nil { return err } - if existInitializer.Status.Phase == v1alpha1.InitializePhaseCompleted { - tc.Status.TiDB.InitPassword = true - } + tc.Status.TiDB.InitPasswordPhase = &existInitializer.Status.Phase } - } return mngerutils.UpdateStatefulSet(m.deps.StatefulSetControl, tc, newTiDBSet, oldTiDBSet) From 09d5b5a071daffb71a98c28eb3e002673e748fb4 Mon Sep 17 00:00:00 2001 From: mikechengwei <842725815@qq.com> Date: Thu, 6 Jan 2022 17:08:33 +0800 Subject: [PATCH 13/70] optimize code --- pkg/manager/member/tidb_member_manager.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index 2850cc7659..207e808c8c 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -266,7 +266,7 @@ func (m *tidbMemberManager) syncTiDBStatefulSetForTidbCluster(tc *v1alpha1.TidbC } tidbInitializerName := controller.TiDBInitializer(tc.Name) - tidbInitializer, err := m.deps.TiDBInitializerLister.TidbInitializers(ns).Get(tidbInitializerName) + _, err = m.deps.TiDBInitializerLister.TidbInitializers(ns).Get(tidbInitializerName) isExistTidbInitializer := true if err != nil { if errors.IsNotFound(err) { @@ -277,7 +277,7 @@ func (m *tidbMemberManager) syncTiDBStatefulSetForTidbCluster(tc *v1alpha1.TidbC } if !isExistTidbInitializer { policy := corev1.PullIfNotPresent - tidbInitializer = &v1alpha1.TidbInitializer{ + tidbInitializer := &v1alpha1.TidbInitializer{ ObjectMeta: metav1.ObjectMeta{ Name: fmt.Sprintf("%s-init", tc.Name), Namespace: tc.Namespace, From 7b5cb24b52238bcb48f1ce0fbb2fa91a48346c0d Mon Sep 17 00:00:00 2001 From: mikechengwei <842725815@qq.com> Date: Thu, 20 Jan 2022 00:33:04 +0800 Subject: [PATCH 14/70] optimize tidb check --- cmd/backup-manager/app/backup/backup.go | 3 +- cmd/backup-manager/app/backup/manager.go | 2 +- cmd/backup-manager/app/export/export.go | 3 +- cmd/backup-manager/app/export/manager.go | 2 +- cmd/backup-manager/app/import/import.go | 3 +- cmd/backup-manager/app/restore/manager.go | 2 +- cmd/backup-manager/app/restore/restore.go | 4 +- cmd/backup-manager/app/util/util.go | 14 -- docs/api-references/docs.md | 5 +- manifests/crd.yaml | 2 +- .../crd/v1/pingcap.com_tidbclusters.yaml | 2 +- .../crd/v1beta1/pingcap.com_tidbclusters.yaml | 2 +- manifests/crd_v1beta1.yaml | 2 +- pkg/apis/pingcap/v1alpha1/types.go | 2 +- .../pingcap/v1alpha1/zz_generated.deepcopy.go | 5 - pkg/manager/member/tidb_member_manager.go | 124 ++++++++++-------- .../member/tidb_member_manager_test.go | 40 +----- .../util => pkg/util/tidbcluster}/generic.go | 24 +++- 18 files changed, 115 insertions(+), 126 deletions(-) rename {cmd/backup-manager/app/util => pkg/util/tidbcluster}/generic.go (81%) diff --git a/cmd/backup-manager/app/backup/backup.go b/cmd/backup-manager/app/backup/backup.go index d086a4c0f1..92edf61293 100644 --- a/cmd/backup-manager/app/backup/backup.go +++ b/cmd/backup-manager/app/backup/backup.go @@ -17,6 +17,7 @@ import ( "bufio" "context" "fmt" + "github.com/pingcap/tidb-operator/pkg/util/tidbcluster" "io" "io/ioutil" "os/exec" @@ -32,7 +33,7 @@ import ( // Options contains the input arguments to the backup command type Options struct { - backupUtil.GenericOptions + tidbcluster.GenericOptions } // backupData generates br args and runs br binary to do the real backup work diff --git a/cmd/backup-manager/app/backup/manager.go b/cmd/backup-manager/app/backup/manager.go index 6b3fe8ecdb..c09e4f7423 100644 --- a/cmd/backup-manager/app/backup/manager.go +++ b/cmd/backup-manager/app/backup/manager.go @@ -110,7 +110,7 @@ func (bm *Manager) ProcessBackup() error { klog.Errorf("can't get dsn of tidb cluster %s, err: %s", bm, err) return false, err } - db, err = util.OpenDB(ctx, dsn) + db, err = bm.OpenDB(ctx, dsn) if err != nil { klog.Warningf("can't connect to tidb cluster %s, err: %s", bm, err) if ctx.Err() != nil { diff --git a/cmd/backup-manager/app/export/export.go b/cmd/backup-manager/app/export/export.go index b474afc65e..6983112af1 100644 --- a/cmd/backup-manager/app/export/export.go +++ b/cmd/backup-manager/app/export/export.go @@ -28,13 +28,14 @@ import ( backupUtil "github.com/pingcap/tidb-operator/cmd/backup-manager/app/util" "github.com/pingcap/tidb-operator/pkg/apis/pingcap/v1alpha1" "github.com/pingcap/tidb-operator/pkg/util" + "github.com/pingcap/tidb-operator/pkg/util/tidbcluster" corev1 "k8s.io/api/core/v1" "k8s.io/klog/v2" ) // Options contains the input arguments to the backup command type Options struct { - backupUtil.GenericOptions + tidbcluster.GenericOptions Bucket string Prefix string StorageType string diff --git a/cmd/backup-manager/app/export/manager.go b/cmd/backup-manager/app/export/manager.go index a2cb76407a..a32df5f725 100644 --- a/cmd/backup-manager/app/export/manager.go +++ b/cmd/backup-manager/app/export/manager.go @@ -121,7 +121,7 @@ func (bm *BackupManager) ProcessBackup() error { return false, err } - db, err = util.OpenDB(ctx, dsn) + db, err = bm.OpenDB(ctx, dsn) if err != nil { klog.Warningf("can't connect to tidb cluster %s, err: %s", bm, err) if ctx.Err() != nil { diff --git a/cmd/backup-manager/app/import/import.go b/cmd/backup-manager/app/import/import.go index 20b3312808..c4ed303a77 100644 --- a/cmd/backup-manager/app/import/import.go +++ b/cmd/backup-manager/app/import/import.go @@ -27,13 +27,14 @@ import ( backupUtil "github.com/pingcap/tidb-operator/cmd/backup-manager/app/util" "github.com/pingcap/tidb-operator/pkg/apis/pingcap/v1alpha1" "github.com/pingcap/tidb-operator/pkg/util" + "github.com/pingcap/tidb-operator/pkg/util/tidbcluster" corev1 "k8s.io/api/core/v1" "k8s.io/klog/v2" ) // Options contains the input arguments to the restore command type Options struct { - backupUtil.GenericOptions + tidbcluster.GenericOptions BackupPath string } diff --git a/cmd/backup-manager/app/restore/manager.go b/cmd/backup-manager/app/restore/manager.go index d52ade6dbf..de3c4547b3 100644 --- a/cmd/backup-manager/app/restore/manager.go +++ b/cmd/backup-manager/app/restore/manager.go @@ -107,7 +107,7 @@ func (rm *Manager) ProcessRestore() error { return false, err } - db, err = util.OpenDB(ctx, dsn) + db, err = rm.OpenDB(ctx, dsn) if err != nil { klog.Warningf("can't connect to tidb cluster %s, err: %s", rm, err) if ctx.Err() != nil { diff --git a/cmd/backup-manager/app/restore/restore.go b/cmd/backup-manager/app/restore/restore.go index f7f0bed38b..41f7c5344d 100644 --- a/cmd/backup-manager/app/restore/restore.go +++ b/cmd/backup-manager/app/restore/restore.go @@ -23,6 +23,8 @@ import ( "path" "strings" + "github.com/pingcap/tidb-operator/pkg/util/tidbcluster" + backupUtil "github.com/pingcap/tidb-operator/cmd/backup-manager/app/util" "github.com/pingcap/tidb-operator/pkg/apis/pingcap/v1alpha1" "github.com/pingcap/tidb-operator/pkg/util" @@ -31,7 +33,7 @@ import ( ) type Options struct { - backupUtil.GenericOptions + tidbcluster.GenericOptions } func (ro *Options) restoreData(ctx context.Context, restore *v1alpha1.Restore) error { diff --git a/cmd/backup-manager/app/util/util.go b/cmd/backup-manager/app/util/util.go index aa0fd8fe3d..9f132ec271 100644 --- a/cmd/backup-manager/app/util/util.go +++ b/cmd/backup-manager/app/util/util.go @@ -15,7 +15,6 @@ package util import ( "context" - "database/sql" "fmt" "io/ioutil" "os" @@ -113,19 +112,6 @@ func GetStoragePath(backup *v1alpha1.Backup) (string, error) { } } -// OpenDB opens db -func OpenDB(ctx context.Context, dsn string) (*sql.DB, error) { - db, err := sql.Open("mysql", dsn) - if err != nil { - return nil, fmt.Errorf("open datasource failed, err: %v", err) - } - if err := db.PingContext(ctx); err != nil { - db.Close() - return nil, fmt.Errorf("cannot connect to mysql, err: %v", err) - } - return db, nil -} - // IsFileExist return true if file exist and is a regular file, other cases return false func IsFileExist(file string) bool { fi, err := os.Stat(file) diff --git a/docs/api-references/docs.md b/docs/api-references/docs.md index 0d37b2146d..9b56234ec4 100644 --- a/docs/api-references/docs.md +++ b/docs/api-references/docs.md @@ -6919,7 +6919,6 @@ Kubernetes core/v1.ResourceRequirements

InitializePhase

(Appears on: -TiDBStatus, TidbInitializerStatus)

@@ -15201,9 +15200,7 @@ string initPasswordPhase
- -InitializePhase - +bool diff --git a/manifests/crd.yaml b/manifests/crd.yaml index ba380f97a9..e4c95df44f 100644 --- a/manifests/crd.yaml +++ b/manifests/crd.yaml @@ -29177,7 +29177,7 @@ spec: image: type: string initPasswordPhase: - type: string + type: boolean members: additionalProperties: properties: diff --git a/manifests/crd/v1/pingcap.com_tidbclusters.yaml b/manifests/crd/v1/pingcap.com_tidbclusters.yaml index a2f79fbf57..c98b9109ac 100644 --- a/manifests/crd/v1/pingcap.com_tidbclusters.yaml +++ b/manifests/crd/v1/pingcap.com_tidbclusters.yaml @@ -17190,7 +17190,7 @@ spec: image: type: string initPasswordPhase: - type: string + type: boolean members: additionalProperties: properties: diff --git a/manifests/crd/v1beta1/pingcap.com_tidbclusters.yaml b/manifests/crd/v1beta1/pingcap.com_tidbclusters.yaml index dd2f4254cf..7c40099ce4 100644 --- a/manifests/crd/v1beta1/pingcap.com_tidbclusters.yaml +++ b/manifests/crd/v1beta1/pingcap.com_tidbclusters.yaml @@ -17167,7 +17167,7 @@ spec: image: type: string initPasswordPhase: - type: string + type: boolean members: additionalProperties: properties: diff --git a/manifests/crd_v1beta1.yaml b/manifests/crd_v1beta1.yaml index 35edebe9f6..fb8df74d5b 100644 --- a/manifests/crd_v1beta1.yaml +++ b/manifests/crd_v1beta1.yaml @@ -29154,7 +29154,7 @@ spec: image: type: string initPasswordPhase: - type: string + type: boolean members: additionalProperties: properties: diff --git a/pkg/apis/pingcap/v1alpha1/types.go b/pkg/apis/pingcap/v1alpha1/types.go index aae33c959b..454dcc1784 100644 --- a/pkg/apis/pingcap/v1alpha1/types.go +++ b/pkg/apis/pingcap/v1alpha1/types.go @@ -1130,7 +1130,7 @@ type TiDBStatus struct { FailureMembers map[string]TiDBFailureMember `json:"failureMembers,omitempty"` ResignDDLOwnerRetryCount int32 `json:"resignDDLOwnerRetryCount,omitempty"` Image string `json:"image,omitempty"` - InitPasswordPhase *InitializePhase `json:"initPasswordPhase,omitempty"` + InitPasswordPhase bool `json:"initPasswordPhase,omitempty"` } // TiDBMember is TiDB member diff --git a/pkg/apis/pingcap/v1alpha1/zz_generated.deepcopy.go b/pkg/apis/pingcap/v1alpha1/zz_generated.deepcopy.go index 76e073aa6c..991d88c386 100644 --- a/pkg/apis/pingcap/v1alpha1/zz_generated.deepcopy.go +++ b/pkg/apis/pingcap/v1alpha1/zz_generated.deepcopy.go @@ -5594,11 +5594,6 @@ func (in *TiDBStatus) DeepCopyInto(out *TiDBStatus) { (*out)[key] = *val.DeepCopy() } } - if in.InitPasswordPhase != nil { - in, out := &in.InitPasswordPhase, &out.InitPasswordPhase - *out = new(InitializePhase) - **out = **in - } return } diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index 207e808c8c..73b2e644e1 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -14,11 +14,16 @@ package member import ( + "context" "crypto/tls" + "database/sql" "fmt" "path" "strconv" "strings" + "time" + + "k8s.io/apimachinery/pkg/util/wait" "github.com/pingcap/tidb-operator/pkg/backup/constants" @@ -28,6 +33,7 @@ import ( "github.com/pingcap/tidb-operator/pkg/manager" mngerutils "github.com/pingcap/tidb-operator/pkg/manager/utils" "github.com/pingcap/tidb-operator/pkg/util" + "github.com/pingcap/tidb-operator/pkg/util/tidbcluster" "github.com/pingcap/advanced-statefulset/client/apis/apps/v1/helper" apps "k8s.io/api/apps/v1" @@ -63,6 +69,7 @@ type tidbMemberManager struct { tidbUpgrader Upgrader tidbFailover Failover tidbStatefulSetIsUpgradingFn func(corelisters.PodLister, *apps.StatefulSet, *v1alpha1.TidbCluster) (bool, error) + tidbcluster.GenericOptions } // NewTiDBMemberManager returns a *tidbMemberManager @@ -244,72 +251,85 @@ func (m *tidbMemberManager) syncTiDBStatefulSetForTidbCluster(tc *v1alpha1.TidbC } } // set random password - if tc.Spec.TiDB.Initializer != nil && tc.Spec.TiDB.Initializer.CreatePassword && tc.Status.TiDB.InitPasswordPhase == nil { - // sync password secret - secretName := controller.TiDBSecret(tc.Name) - _, err := m.deps.ServiceLister.Services(ns).Get(secretName) - isExistPasswordSecret := true - if err != nil { - if errors.IsNotFound(err) { - isExistPasswordSecret = false - } else { - return err + if tc.Spec.TiDB.Initializer != nil && tc.Spec.TiDB.Initializer.CreatePassword && !tc.Status.TiDB.InitPasswordPhase { + // check tidb pod is ready + podOrdinals := helper.GetPodOrdinals(*oldTiDBSet.Spec.Replicas, oldTiDBSet).List() + isTiDBReady := true + for _i := len(podOrdinals) - 1; _i >= 0; _i-- { + i := podOrdinals[_i] + podName := tidbPodName(tcName, i) + pod, err := m.deps.PodLister.Pods(ns).Get(podName) + if err != nil { + return fmt.Errorf("failed to get pods %s for cluster %s/%s, error: %s", podName, ns, tcName, err) + } + isReady := podutil.IsPodReady(pod) + if !isReady { + isTiDBReady = false + break } } - if !isExistPasswordSecret { - klog.Infof("Create random password for cluster %s/%s", tc.Namespace, tc.Name) - secret := m.buildRandomPasswordSecret(tc) - err := m.deps.TypedControl.Create(tc, secret) + if isTiDBReady { + // sync password secret + var password string + secretName := controller.TiDBSecret(tc.Name) + _, err := m.deps.SecretLister.Secrets(ns).Get(secretName) + isExistPasswordSecret := true if err != nil { - return err + if errors.IsNotFound(err) { + isExistPasswordSecret = false + } else { + return err + } } - } - tidbInitializerName := controller.TiDBInitializer(tc.Name) - _, err = m.deps.TiDBInitializerLister.TidbInitializers(ns).Get(tidbInitializerName) - isExistTidbInitializer := true - if err != nil { - if errors.IsNotFound(err) { - isExistTidbInitializer = false - } else { - return err - } - } - if !isExistTidbInitializer { - policy := corev1.PullIfNotPresent - tidbInitializer := &v1alpha1.TidbInitializer{ - ObjectMeta: metav1.ObjectMeta{ - Name: fmt.Sprintf("%s-init", tc.Name), - Namespace: tc.Namespace, - }, - Spec: v1alpha1.TidbInitializerSpec{ - Image: "tnir/mysqlclient", - ImagePullPolicy: &policy, - Clusters: v1alpha1.TidbClusterRef{ - Name: tc.Name, - Namespace: tc.Namespace, - }, - PasswordSecret: pointer.StringPtr(secretName), - }, + if !isExistPasswordSecret { + klog.Infof("Create random password for cluster %s/%s", tc.Namespace, tc.Name) + var secret *corev1.Secret + secret, password = m.buildRandomPasswordSecret(tc) + err := m.deps.TypedControl.Create(tc, secret) + if err != nil { + return err + } } - err = m.deps.TypedControl.CreateTidbInitializer(tc, tidbInitializer) + // init password + var db *sql.DB + var dsn string + err = wait.PollImmediate(5*time.Second, 30*time.Minute, func() (done bool, err error) { + dsn, err = m.GetDSN(tc.IsTLSClusterEnabled()) + if err != nil { + klog.Errorf("can't get dsn of tidb cluster[%s:%s], err: %s", tc.Namespace, tc.Name, err) + return false, err + } + ctx := context.TODO() + db, err = m.OpenDB(ctx, dsn) + if err != nil { + klog.Warningf("can't connect to tidb cluster[%s:%s], err: %s", tc.Namespace, tc.Name, err) + if ctx.Err() != nil { + return false, ctx.Err() + } + return false, nil + } + return true, nil + }) if err != nil { - return err + klog.Errorf("can't get connection of tidb cluster[%s:%s], err: %s", tc.Namespace, tc.Name, err) + } else { + err = m.SetPassword(context.TODO(), db, password) + if err != nil { + klog.Errorf("set tidb[%s:%s] password err: %s", tc.Namespace, tc.Name, err) + } + tc.Status.TiDB.InitPasswordPhase = true } + defer db.Close() } else { - existInitializer, err := m.deps.TiDBInitializerLister.TidbInitializers(tc.Name).Get(tidbInitializerName) - if err != nil { - return err - } - tc.Status.TiDB.InitPasswordPhase = &existInitializer.Status.Phase - + klog.Infof("set password wit for tidb[%s:%s] pod ready, err: %s", tc.Namespace, tc.Name, err) } } return mngerutils.UpdateStatefulSet(m.deps.StatefulSetControl, tc, newTiDBSet, oldTiDBSet) } -func (m *tidbMemberManager) buildRandomPasswordSecret(tc *v1alpha1.TidbCluster) *corev1.Secret { +func (m *tidbMemberManager) buildRandomPasswordSecret(tc *v1alpha1.TidbCluster) (*corev1.Secret, string) { s := &corev1.Secret{ ObjectMeta: metav1.ObjectMeta{ @@ -321,7 +341,7 @@ func (m *tidbMemberManager) buildRandomPasswordSecret(tc *v1alpha1.TidbCluster) s.Data = map[string][]byte{ constants.TidbRootKey: password, } - return s + return s, string(password) } func (m *tidbMemberManager) shouldRecover(tc *v1alpha1.TidbCluster) bool { diff --git a/pkg/manager/member/tidb_member_manager_test.go b/pkg/manager/member/tidb_member_manager_test.go index 0cf739517f..e4f3d9b33c 100644 --- a/pkg/manager/member/tidb_member_manager_test.go +++ b/pkg/manager/member/tidb_member_manager_test.go @@ -21,15 +21,13 @@ import ( "testing" "time" + "github.com/google/go-cmp/cmp" + . "github.com/onsi/gomega" "github.com/pingcap/tidb-operator/pkg/apis/label" "github.com/pingcap/tidb-operator/pkg/apis/pingcap/v1alpha1" "github.com/pingcap/tidb-operator/pkg/apis/util/toml" "github.com/pingcap/tidb-operator/pkg/controller" mngerutils "github.com/pingcap/tidb-operator/pkg/manager/utils" - "sigs.k8s.io/controller-runtime/pkg/client" - - "github.com/google/go-cmp/cmp" - . "github.com/onsi/gomega" apps "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" v1 "k8s.io/api/core/v1" @@ -199,27 +197,6 @@ func TestTiDBMemberManagerSyncUpdate(t *testing.T) { set, err := tmm.deps.StatefulSetLister.StatefulSets(ns).Get(controller.TiDBMemberName(tcName)) test.expectStatefulSetFn(g, set, err) } - if test.isCreatePassword { - - tiDBInitializer := &v1alpha1.TidbInitializer{} - existTiDBInitializer, err := tmm.deps.TypedControl.Exist(client.ObjectKey{ - Namespace: ns, - Name: controller.TiDBInitializer(tcName), - }, tiDBInitializer) - - g.Expect(err).NotTo(HaveOccurred()) - g.Expect(existTiDBInitializer).To(Equal(true)) - - secret := &v1.Secret{} - existSecret, err := tmm.deps.TypedControl.Exist(client.ObjectKey{ - Namespace: ns, - Name: controller.TiDBSecret(tcName), - }, secret) - - g.Expect(err).NotTo(HaveOccurred()) - g.Expect(existSecret).To(Equal(true)) - - } } tests := []testcase{ @@ -262,19 +239,6 @@ func TestTiDBMemberManagerSyncUpdate(t *testing.T) { g.Expect(set.Spec.Template.Spec.Containers).To(HaveLen(2)) }, }, - { - name: "enable random password", - modify: func(tc *v1alpha1.TidbCluster) { - tc.Spec.TiDB.Initializer = &v1alpha1.TiDBInitializer{CreatePassword: true} - }, - errWhenUpdateStatefulSet: false, - err: false, - expectStatefulSetFn: func(g *GomegaWithT, set *apps.StatefulSet, err error) { - g.Expect(err).NotTo(HaveOccurred()) - g.Expect(set.Spec.Template.Spec.Containers).To(HaveLen(2)) - }, - isCreatePassword: true, - }, } for i := range tests { diff --git a/cmd/backup-manager/app/util/generic.go b/pkg/util/tidbcluster/generic.go similarity index 81% rename from cmd/backup-manager/app/util/generic.go rename to pkg/util/tidbcluster/generic.go index c10c76d9c5..15a8b54286 100644 --- a/cmd/backup-manager/app/util/generic.go +++ b/pkg/util/tidbcluster/generic.go @@ -11,7 +11,7 @@ // See the License for the specific language governing permissions and // limitations under the License. -package util +package tidbcluster import ( "context" @@ -94,3 +94,25 @@ func (bo *GenericOptions) SetTikvGCLifeTime(ctx context.Context, db *sql.DB, gcT } return nil } + +func (bo *GenericOptions) SetPassword(ctx context.Context, db *sql.DB, password string) error { + sql := fmt.Sprintf("SET PASSWORD FOR 'root'@'%%' = '%s'; FLUSH PRIVILEGES;", password) + _, err := db.ExecContext(ctx, sql) + if err != nil { + return fmt.Errorf("set cluster %s password failed, sql: %s, err: %v", bo, sql, err) + } + return nil +} + +// OpenDB opens db +func (bo *GenericOptions) OpenDB(ctx context.Context, dsn string) (*sql.DB, error) { + db, err := sql.Open("mysql", dsn) + if err != nil { + return nil, fmt.Errorf("open datasource failed, err: %v", err) + } + if err := db.PingContext(ctx); err != nil { + db.Close() + return nil, fmt.Errorf("cannot connect to mysql, err: %v", err) + } + return db, nil +} From 701328042f66ec6aa9c48d631ba57554468c9434 Mon Sep 17 00:00:00 2001 From: mikechengwei <842725815@qq.com> Date: Thu, 20 Jan 2022 00:38:00 +0800 Subject: [PATCH 15/70] optimize code --- cmd/backup-manager/app/backup/backup.go | 3 ++- manifests/crd.yaml | 7 +++++++ manifests/crd_v1beta1.yaml | 7 +++++++ pkg/manager/member/tidb_member_manager.go | 6 +++--- 4 files changed, 19 insertions(+), 4 deletions(-) diff --git a/cmd/backup-manager/app/backup/backup.go b/cmd/backup-manager/app/backup/backup.go index 92edf61293..e99ec79b1b 100644 --- a/cmd/backup-manager/app/backup/backup.go +++ b/cmd/backup-manager/app/backup/backup.go @@ -17,13 +17,14 @@ import ( "bufio" "context" "fmt" - "github.com/pingcap/tidb-operator/pkg/util/tidbcluster" "io" "io/ioutil" "os/exec" "path" "strings" + "github.com/pingcap/tidb-operator/pkg/util/tidbcluster" + backupUtil "github.com/pingcap/tidb-operator/cmd/backup-manager/app/util" "github.com/pingcap/tidb-operator/pkg/apis/pingcap/v1alpha1" "github.com/pingcap/tidb-operator/pkg/util" diff --git a/manifests/crd.yaml b/manifests/crd.yaml index a10f02227f..ab3c77eb1a 100644 --- a/manifests/crd.yaml +++ b/manifests/crd.yaml @@ -23705,6 +23705,11 @@ spec: - name type: object type: array + initializer: + properties: + createPassword: + type: boolean + type: object labels: additionalProperties: type: string @@ -29140,6 +29145,8 @@ spec: type: object image: type: string + initPasswordPhase: + type: boolean members: additionalProperties: properties: diff --git a/manifests/crd_v1beta1.yaml b/manifests/crd_v1beta1.yaml index a8af2b282f..1bf0bd0833 100644 --- a/manifests/crd_v1beta1.yaml +++ b/manifests/crd_v1beta1.yaml @@ -23689,6 +23689,11 @@ spec: - name type: object type: array + initializer: + properties: + createPassword: + type: boolean + type: object labels: additionalProperties: type: string @@ -29117,6 +29122,8 @@ spec: type: object image: type: string + initPasswordPhase: + type: boolean members: additionalProperties: properties: diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index 73b2e644e1..78a6a22e39 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -273,16 +273,16 @@ func (m *tidbMemberManager) syncTiDBStatefulSetForTidbCluster(tc *v1alpha1.TidbC var password string secretName := controller.TiDBSecret(tc.Name) _, err := m.deps.SecretLister.Secrets(ns).Get(secretName) - isExistPasswordSecret := true + passwordSecretExist := true if err != nil { if errors.IsNotFound(err) { - isExistPasswordSecret = false + passwordSecretExist = false } else { return err } } - if !isExistPasswordSecret { + if !passwordSecretExist { klog.Infof("Create random password for cluster %s/%s", tc.Namespace, tc.Name) var secret *corev1.Secret secret, password = m.buildRandomPasswordSecret(tc) From 45e1884d40a8e03b12b01d95257808f50256d433 Mon Sep 17 00:00:00 2001 From: mikechengwei <842725815@qq.com> Date: Thu, 20 Jan 2022 02:06:11 +0800 Subject: [PATCH 16/70] optimize code --- cmd/backup-manager/app/backup/backup.go | 4 +- cmd/backup-manager/app/backup/manager.go | 2 +- cmd/backup-manager/app/export/export.go | 3 +- cmd/backup-manager/app/export/manager.go | 2 +- cmd/backup-manager/app/import/import.go | 3 +- cmd/backup-manager/app/restore/manager.go | 2 +- cmd/backup-manager/app/restore/restore.go | 4 +- .../backup-manager/app/util}/generic.go | 24 +---------- cmd/backup-manager/app/util/util.go | 14 ++++++ .../basic-random-password/tidb-cluster.yaml | 2 +- pkg/manager/member/tidb_member_manager.go | 43 +++++++++++++++---- .../member/tidb_member_manager_test.go | 1 - 12 files changed, 58 insertions(+), 46 deletions(-) rename {pkg/util/tidbcluster => cmd/backup-manager/app/util}/generic.go (81%) diff --git a/cmd/backup-manager/app/backup/backup.go b/cmd/backup-manager/app/backup/backup.go index e99ec79b1b..d086a4c0f1 100644 --- a/cmd/backup-manager/app/backup/backup.go +++ b/cmd/backup-manager/app/backup/backup.go @@ -23,8 +23,6 @@ import ( "path" "strings" - "github.com/pingcap/tidb-operator/pkg/util/tidbcluster" - backupUtil "github.com/pingcap/tidb-operator/cmd/backup-manager/app/util" "github.com/pingcap/tidb-operator/pkg/apis/pingcap/v1alpha1" "github.com/pingcap/tidb-operator/pkg/util" @@ -34,7 +32,7 @@ import ( // Options contains the input arguments to the backup command type Options struct { - tidbcluster.GenericOptions + backupUtil.GenericOptions } // backupData generates br args and runs br binary to do the real backup work diff --git a/cmd/backup-manager/app/backup/manager.go b/cmd/backup-manager/app/backup/manager.go index c09e4f7423..6b3fe8ecdb 100644 --- a/cmd/backup-manager/app/backup/manager.go +++ b/cmd/backup-manager/app/backup/manager.go @@ -110,7 +110,7 @@ func (bm *Manager) ProcessBackup() error { klog.Errorf("can't get dsn of tidb cluster %s, err: %s", bm, err) return false, err } - db, err = bm.OpenDB(ctx, dsn) + db, err = util.OpenDB(ctx, dsn) if err != nil { klog.Warningf("can't connect to tidb cluster %s, err: %s", bm, err) if ctx.Err() != nil { diff --git a/cmd/backup-manager/app/export/export.go b/cmd/backup-manager/app/export/export.go index 6983112af1..b474afc65e 100644 --- a/cmd/backup-manager/app/export/export.go +++ b/cmd/backup-manager/app/export/export.go @@ -28,14 +28,13 @@ import ( backupUtil "github.com/pingcap/tidb-operator/cmd/backup-manager/app/util" "github.com/pingcap/tidb-operator/pkg/apis/pingcap/v1alpha1" "github.com/pingcap/tidb-operator/pkg/util" - "github.com/pingcap/tidb-operator/pkg/util/tidbcluster" corev1 "k8s.io/api/core/v1" "k8s.io/klog/v2" ) // Options contains the input arguments to the backup command type Options struct { - tidbcluster.GenericOptions + backupUtil.GenericOptions Bucket string Prefix string StorageType string diff --git a/cmd/backup-manager/app/export/manager.go b/cmd/backup-manager/app/export/manager.go index a32df5f725..a2cb76407a 100644 --- a/cmd/backup-manager/app/export/manager.go +++ b/cmd/backup-manager/app/export/manager.go @@ -121,7 +121,7 @@ func (bm *BackupManager) ProcessBackup() error { return false, err } - db, err = bm.OpenDB(ctx, dsn) + db, err = util.OpenDB(ctx, dsn) if err != nil { klog.Warningf("can't connect to tidb cluster %s, err: %s", bm, err) if ctx.Err() != nil { diff --git a/cmd/backup-manager/app/import/import.go b/cmd/backup-manager/app/import/import.go index c4ed303a77..20b3312808 100644 --- a/cmd/backup-manager/app/import/import.go +++ b/cmd/backup-manager/app/import/import.go @@ -27,14 +27,13 @@ import ( backupUtil "github.com/pingcap/tidb-operator/cmd/backup-manager/app/util" "github.com/pingcap/tidb-operator/pkg/apis/pingcap/v1alpha1" "github.com/pingcap/tidb-operator/pkg/util" - "github.com/pingcap/tidb-operator/pkg/util/tidbcluster" corev1 "k8s.io/api/core/v1" "k8s.io/klog/v2" ) // Options contains the input arguments to the restore command type Options struct { - tidbcluster.GenericOptions + backupUtil.GenericOptions BackupPath string } diff --git a/cmd/backup-manager/app/restore/manager.go b/cmd/backup-manager/app/restore/manager.go index de3c4547b3..d52ade6dbf 100644 --- a/cmd/backup-manager/app/restore/manager.go +++ b/cmd/backup-manager/app/restore/manager.go @@ -107,7 +107,7 @@ func (rm *Manager) ProcessRestore() error { return false, err } - db, err = rm.OpenDB(ctx, dsn) + db, err = util.OpenDB(ctx, dsn) if err != nil { klog.Warningf("can't connect to tidb cluster %s, err: %s", rm, err) if ctx.Err() != nil { diff --git a/cmd/backup-manager/app/restore/restore.go b/cmd/backup-manager/app/restore/restore.go index 41f7c5344d..f7f0bed38b 100644 --- a/cmd/backup-manager/app/restore/restore.go +++ b/cmd/backup-manager/app/restore/restore.go @@ -23,8 +23,6 @@ import ( "path" "strings" - "github.com/pingcap/tidb-operator/pkg/util/tidbcluster" - backupUtil "github.com/pingcap/tidb-operator/cmd/backup-manager/app/util" "github.com/pingcap/tidb-operator/pkg/apis/pingcap/v1alpha1" "github.com/pingcap/tidb-operator/pkg/util" @@ -33,7 +31,7 @@ import ( ) type Options struct { - tidbcluster.GenericOptions + backupUtil.GenericOptions } func (ro *Options) restoreData(ctx context.Context, restore *v1alpha1.Restore) error { diff --git a/pkg/util/tidbcluster/generic.go b/cmd/backup-manager/app/util/generic.go similarity index 81% rename from pkg/util/tidbcluster/generic.go rename to cmd/backup-manager/app/util/generic.go index 15a8b54286..c10c76d9c5 100644 --- a/pkg/util/tidbcluster/generic.go +++ b/cmd/backup-manager/app/util/generic.go @@ -11,7 +11,7 @@ // See the License for the specific language governing permissions and // limitations under the License. -package tidbcluster +package util import ( "context" @@ -94,25 +94,3 @@ func (bo *GenericOptions) SetTikvGCLifeTime(ctx context.Context, db *sql.DB, gcT } return nil } - -func (bo *GenericOptions) SetPassword(ctx context.Context, db *sql.DB, password string) error { - sql := fmt.Sprintf("SET PASSWORD FOR 'root'@'%%' = '%s'; FLUSH PRIVILEGES;", password) - _, err := db.ExecContext(ctx, sql) - if err != nil { - return fmt.Errorf("set cluster %s password failed, sql: %s, err: %v", bo, sql, err) - } - return nil -} - -// OpenDB opens db -func (bo *GenericOptions) OpenDB(ctx context.Context, dsn string) (*sql.DB, error) { - db, err := sql.Open("mysql", dsn) - if err != nil { - return nil, fmt.Errorf("open datasource failed, err: %v", err) - } - if err := db.PingContext(ctx); err != nil { - db.Close() - return nil, fmt.Errorf("cannot connect to mysql, err: %v", err) - } - return db, nil -} diff --git a/cmd/backup-manager/app/util/util.go b/cmd/backup-manager/app/util/util.go index 9f132ec271..aa0fd8fe3d 100644 --- a/cmd/backup-manager/app/util/util.go +++ b/cmd/backup-manager/app/util/util.go @@ -15,6 +15,7 @@ package util import ( "context" + "database/sql" "fmt" "io/ioutil" "os" @@ -112,6 +113,19 @@ func GetStoragePath(backup *v1alpha1.Backup) (string, error) { } } +// OpenDB opens db +func OpenDB(ctx context.Context, dsn string) (*sql.DB, error) { + db, err := sql.Open("mysql", dsn) + if err != nil { + return nil, fmt.Errorf("open datasource failed, err: %v", err) + } + if err := db.PingContext(ctx); err != nil { + db.Close() + return nil, fmt.Errorf("cannot connect to mysql, err: %v", err) + } + return db, nil +} + // IsFileExist return true if file exist and is a regular file, other cases return false func IsFileExist(file string) bool { fi, err := os.Stat(file) diff --git a/examples/basic-random-password/tidb-cluster.yaml b/examples/basic-random-password/tidb-cluster.yaml index dfd675e075..2112daa300 100644 --- a/examples/basic-random-password/tidb-cluster.yaml +++ b/examples/basic-random-password/tidb-cluster.yaml @@ -6,7 +6,7 @@ kind: TidbCluster metadata: name: basic spec: - version: v5.3.0 + version: v5.2.1 timezone: UTC pvReclaimPolicy: Retain enableDynamicConfiguration: true diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index 78a6a22e39..475e39b6fe 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -27,15 +27,13 @@ import ( "github.com/pingcap/tidb-operator/pkg/backup/constants" + "github.com/pingcap/advanced-statefulset/client/apis/apps/v1/helper" "github.com/pingcap/tidb-operator/pkg/apis/label" "github.com/pingcap/tidb-operator/pkg/apis/pingcap/v1alpha1" "github.com/pingcap/tidb-operator/pkg/controller" "github.com/pingcap/tidb-operator/pkg/manager" mngerutils "github.com/pingcap/tidb-operator/pkg/manager/utils" "github.com/pingcap/tidb-operator/pkg/util" - "github.com/pingcap/tidb-operator/pkg/util/tidbcluster" - - "github.com/pingcap/advanced-statefulset/client/apis/apps/v1/helper" apps "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/api/equality" @@ -47,6 +45,8 @@ import ( "k8s.io/klog/v2" podutil "k8s.io/kubernetes/pkg/api/v1/pod" "k8s.io/utils/pointer" + // for sql/driver + _ "github.com/go-sql-driver/mysql" ) const ( @@ -69,7 +69,6 @@ type tidbMemberManager struct { tidbUpgrader Upgrader tidbFailover Failover tidbStatefulSetIsUpgradingFn func(corelisters.PodLister, *apps.StatefulSet, *v1alpha1.TidbCluster) (bool, error) - tidbcluster.GenericOptions } // NewTiDBMemberManager returns a *tidbMemberManager @@ -251,7 +250,7 @@ func (m *tidbMemberManager) syncTiDBStatefulSetForTidbCluster(tc *v1alpha1.TidbC } } // set random password - if tc.Spec.TiDB.Initializer != nil && tc.Spec.TiDB.Initializer.CreatePassword && !tc.Status.TiDB.InitPasswordPhase { + if tc.Spec.TiDB.Initializer.CreatePassword && !tc.Status.TiDB.InitPasswordPhase && !tc.IsTLSClusterEnabled() { // check tidb pod is ready podOrdinals := helper.GetPodOrdinals(*oldTiDBSet.Spec.Replicas, oldTiDBSet).List() isTiDBReady := true @@ -272,7 +271,7 @@ func (m *tidbMemberManager) syncTiDBStatefulSetForTidbCluster(tc *v1alpha1.TidbC // sync password secret var password string secretName := controller.TiDBSecret(tc.Name) - _, err := m.deps.SecretLister.Secrets(ns).Get(secretName) + secret, err := m.deps.SecretLister.Secrets(ns).Get(secretName) passwordSecretExist := true if err != nil { if errors.IsNotFound(err) { @@ -290,12 +289,14 @@ func (m *tidbMemberManager) syncTiDBStatefulSetForTidbCluster(tc *v1alpha1.TidbC if err != nil { return err } + } else { + password = string(secret.Data["root"]) } // init password var db *sql.DB var dsn string err = wait.PollImmediate(5*time.Second, 30*time.Minute, func() (done bool, err error) { - dsn, err = m.GetDSN(tc.IsTLSClusterEnabled()) + dsn, err = m.GetDBUrl(tc) if err != nil { klog.Errorf("can't get dsn of tidb cluster[%s:%s], err: %s", tc.Namespace, tc.Name, err) return false, err @@ -319,10 +320,11 @@ func (m *tidbMemberManager) syncTiDBStatefulSetForTidbCluster(tc *v1alpha1.TidbC klog.Errorf("set tidb[%s:%s] password err: %s", tc.Namespace, tc.Name, err) } tc.Status.TiDB.InitPasswordPhase = true + klog.Infof("set password successfully for tidb[%s:%s]", tc.Namespace, tc.Name) } defer db.Close() } else { - klog.Infof("set password wit for tidb[%s:%s] pod ready, err: %s", tc.Namespace, tc.Name, err) + klog.Infof("set password wait for tidb[%s:%s] pod ready", tc.Namespace, tc.Name) } } @@ -997,6 +999,31 @@ func (m *tidbMemberManager) syncTidbClusterStatus(tc *v1alpha1.TidbCluster, set return nil } +func (m *tidbMemberManager) GetDBUrl(tc *v1alpha1.TidbCluster) (string, error) { + return fmt.Sprintf("root:@tcp(%s-tidb.%s.svc:4000)/?charset=utf8mb4,utf8&multiStatements=true", tc.Name, tc.Namespace), nil +} + +func (bo *tidbMemberManager) OpenDB(ctx context.Context, dsn string) (*sql.DB, error) { + db, err := sql.Open("mysql", dsn) + if err != nil { + return nil, fmt.Errorf("open datasource failed, err: %v", err) + } + if err := db.PingContext(ctx); err != nil { + db.Close() + return nil, fmt.Errorf("cannot connect to mysql, err: %v", err) + } + return db, nil +} + +func (bo *tidbMemberManager) SetPassword(ctx context.Context, db *sql.DB, password string) error { + sql := fmt.Sprintf("SET PASSWORD FOR 'root'@'%%' = '%s'; FLUSH PRIVILEGES;", password) + _, err := db.ExecContext(ctx, sql) + if err != nil { + return fmt.Errorf("set cluster %s password failed, sql: %s, err: %v", bo, sql, err) + } + return nil +} + func tidbStatefulSetIsUpgrading(podLister corelisters.PodLister, set *apps.StatefulSet, tc *v1alpha1.TidbCluster) (bool, error) { if mngerutils.StatefulSetIsUpgrading(set) { return true, nil diff --git a/pkg/manager/member/tidb_member_manager_test.go b/pkg/manager/member/tidb_member_manager_test.go index e4f3d9b33c..7da3488c52 100644 --- a/pkg/manager/member/tidb_member_manager_test.go +++ b/pkg/manager/member/tidb_member_manager_test.go @@ -143,7 +143,6 @@ func TestTiDBMemberManagerSyncUpdate(t *testing.T) { statusChange func(*apps.StatefulSet) err bool expectStatefulSetFn func(*GomegaWithT, *apps.StatefulSet, error) - isCreatePassword bool } testFn := func(test *testcase, t *testing.T) { From fee697a59d71122bcfa6bc66a1273971f159b78d Mon Sep 17 00:00:00 2001 From: mikechengwei <842725815@qq.com> Date: Thu, 20 Jan 2022 14:04:42 +0800 Subject: [PATCH 17/70] optimize code --- pkg/controller/controller_utils.go | 2 +- pkg/controller/generic_control.go | 22 ---------------------- pkg/manager/member/tidb_member_manager.go | 5 +---- 3 files changed, 2 insertions(+), 27 deletions(-) diff --git a/pkg/controller/controller_utils.go b/pkg/controller/controller_utils.go index 4747a0181d..9e63ea6182 100644 --- a/pkg/controller/controller_utils.go +++ b/pkg/controller/controller_utils.go @@ -352,7 +352,7 @@ func TiDBInitializer(clusterName string) string { // TiDBSecret returns tidb secret name func TiDBSecret(clusterName string) string { - return fmt.Sprintf("%s-secret", clusterName) + return fmt.Sprintf("%s-init", clusterName) } // AnnProm adds annotations for prometheus scraping metrics diff --git a/pkg/controller/generic_control.go b/pkg/controller/generic_control.go index cddd9df7c8..0eb835e640 100644 --- a/pkg/controller/generic_control.go +++ b/pkg/controller/generic_control.go @@ -19,8 +19,6 @@ import ( "fmt" "strings" - "github.com/pingcap/tidb-operator/pkg/apis/pingcap/v1alpha1" - "github.com/pingcap/tidb-operator/pkg/scheme" appsv1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" @@ -64,8 +62,6 @@ type TypedControlInterface interface { CreateOrUpdateIngress(controller client.Object, ingress *networkingv1.Ingress) (*networkingv1.Ingress, error) // CreateOrUpdateIngressV1beta1 create the desired v1beta1 ingress or update the current one to desired state if already existed CreateOrUpdateIngressV1beta1(controller client.Object, ingress *extensionsv1beta1.Ingress) (*extensionsv1beta1.Ingress, error) - // CreateTidbInitializer create the desired v1alpha1 TidbInitializer or update the current one to desired state if already existed - CreateTidbInitializer(controller client.Object, tidbInitializer *v1alpha1.TidbInitializer) error // UpdateStatus update the /status subresource of the object UpdateStatus(newStatus client.Object) error // Delete delete the given object from the cluster @@ -267,14 +263,6 @@ func (w *typedWrapper) CreateOrUpdateConfigMap(controller client.Object, cm *cor return result.(*corev1.ConfigMap), nil } -func (w *typedWrapper) CreateTidbInitializer(controller client.Object, tidbInitializer *v1alpha1.TidbInitializer) error { - err := w.GenericControlInterface.Create(controller, tidbInitializer, true) - if err != nil { - return err - } - return nil -} - func (w *typedWrapper) CreateOrUpdateService(controller client.Object, svc *corev1.Service) (*corev1.Service, error) { result, err := w.GenericControlInterface.CreateOrUpdate(controller, svc, func(existing, desired client.Object) error { existingSvc := existing.(*corev1.Service) @@ -673,16 +661,6 @@ func (c *FakeGenericControl) CreateOrUpdate(controller, obj client.Object, fn Me return c.control.CreateOrUpdate(controller, obj, fn, setOwnerFlag) } -func (c *FakeGenericControl) CreateTidbInitializer(controller client.Object, tidbInitializer *v1alpha1.TidbInitializer) error { - defer c.createOrUpdateTracker.Inc() - if c.createOrUpdateTracker.ErrorReady() { - defer c.createOrUpdateTracker.Reset() - return c.createOrUpdateTracker.GetError() - } - - return c.control.Create(controller, tidbInitializer, true) -} - func (c *FakeGenericControl) Delete(controller, obj client.Object) error { defer c.deleteTracker.Inc() if c.deleteTracker.ErrorReady() { diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index 475e39b6fe..ea56d22c13 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -1018,10 +1018,7 @@ func (bo *tidbMemberManager) OpenDB(ctx context.Context, dsn string) (*sql.DB, e func (bo *tidbMemberManager) SetPassword(ctx context.Context, db *sql.DB, password string) error { sql := fmt.Sprintf("SET PASSWORD FOR 'root'@'%%' = '%s'; FLUSH PRIVILEGES;", password) _, err := db.ExecContext(ctx, sql) - if err != nil { - return fmt.Errorf("set cluster %s password failed, sql: %s, err: %v", bo, sql, err) - } - return nil + return err } func tidbStatefulSetIsUpgrading(podLister corelisters.PodLister, set *apps.StatefulSet, tc *v1alpha1.TidbCluster) (bool, error) { From 501643e82a9b26ad2e45cbefad9a223c82774319 Mon Sep 17 00:00:00 2001 From: mikechengwei <842725815@qq.com> Date: Thu, 20 Jan 2022 14:05:06 +0800 Subject: [PATCH 18/70] optimize code --- pkg/manager/member/tidb_member_manager.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index ea56d22c13..b92be9832d 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -282,7 +282,7 @@ func (m *tidbMemberManager) syncTiDBStatefulSetForTidbCluster(tc *v1alpha1.TidbC } if !passwordSecretExist { - klog.Infof("Create random password for cluster %s/%s", tc.Namespace, tc.Name) + klog.Infof("Create random password for cluster[%s:%s]", tc.Namespace, tc.Name) var secret *corev1.Secret secret, password = m.buildRandomPasswordSecret(tc) err := m.deps.TypedControl.Create(tc, secret) From 3cc4750d2b639c33bb5ab2936f4db635b5b6e6fe Mon Sep 17 00:00:00 2001 From: mikechengwei <842725815@qq.com> Date: Thu, 20 Jan 2022 14:09:47 +0800 Subject: [PATCH 19/70] optimize code --- pkg/manager/member/tidb_member_manager.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index b92be9832d..80a51325f5 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -250,7 +250,7 @@ func (m *tidbMemberManager) syncTiDBStatefulSetForTidbCluster(tc *v1alpha1.TidbC } } // set random password - if tc.Spec.TiDB.Initializer.CreatePassword && !tc.Status.TiDB.InitPasswordPhase && !tc.IsTLSClusterEnabled() { + if tc.Spec.TiDB.Initializer != nil && tc.Spec.TiDB.Initializer.CreatePassword && !tc.Status.TiDB.InitPasswordPhase && !tc.IsTLSClusterEnabled() { // check tidb pod is ready podOrdinals := helper.GetPodOrdinals(*oldTiDBSet.Spec.Replicas, oldTiDBSet).List() isTiDBReady := true @@ -290,7 +290,7 @@ func (m *tidbMemberManager) syncTiDBStatefulSetForTidbCluster(tc *v1alpha1.TidbC return err } } else { - password = string(secret.Data["root"]) + password = string(secret.Data[constants.TidbRootKey]) } // init password var db *sql.DB From 2cb2c9bc50a9369153be9e53a4bf6829c03d1709 Mon Sep 17 00:00:00 2001 From: Mike <842725815@qq.com> Date: Thu, 20 Jan 2022 14:10:41 +0800 Subject: [PATCH 20/70] Update pkg/manager/member/tidb_member_manager.go Co-authored-by: DanielZhangQD <36026334+DanielZhangQD@users.noreply.github.com> --- pkg/manager/member/tidb_member_manager.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index 80a51325f5..0c7a2adb8c 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -295,7 +295,7 @@ func (m *tidbMemberManager) syncTiDBStatefulSetForTidbCluster(tc *v1alpha1.TidbC // init password var db *sql.DB var dsn string - err = wait.PollImmediate(5*time.Second, 30*time.Minute, func() (done bool, err error) { + err = wait.PollImmediate(1*time.Second, 5*time.Second, func() (done bool, err error) { dsn, err = m.GetDBUrl(tc) if err != nil { klog.Errorf("can't get dsn of tidb cluster[%s:%s], err: %s", tc.Namespace, tc.Name, err) From f61774f7e1e96c8f5d785962b26c5b82d8b1cb0a Mon Sep 17 00:00:00 2001 From: Mike <842725815@qq.com> Date: Thu, 20 Jan 2022 14:10:51 +0800 Subject: [PATCH 21/70] Update examples/basic-random-password/tidb-cluster.yaml Co-authored-by: DanielZhangQD <36026334+DanielZhangQD@users.noreply.github.com> --- examples/basic-random-password/tidb-cluster.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/examples/basic-random-password/tidb-cluster.yaml b/examples/basic-random-password/tidb-cluster.yaml index 2112daa300..dfd675e075 100644 --- a/examples/basic-random-password/tidb-cluster.yaml +++ b/examples/basic-random-password/tidb-cluster.yaml @@ -6,7 +6,7 @@ kind: TidbCluster metadata: name: basic spec: - version: v5.2.1 + version: v5.3.0 timezone: UTC pvReclaimPolicy: Retain enableDynamicConfiguration: true From c583907fc6e895ffa52890a5d9a8739c8c438bb8 Mon Sep 17 00:00:00 2001 From: mikechengwei <842725815@qq.com> Date: Thu, 20 Jan 2022 15:59:08 +0800 Subject: [PATCH 22/70] optimize code --- cmd/backup-manager/app/backup/manager.go | 3 +- cmd/backup-manager/app/export/manager.go | 3 +- cmd/backup-manager/app/restore/manager.go | 3 +- cmd/backup-manager/app/util/util.go | 14 ---- pkg/manager/member/tidb_member_manager.go | 80 ++++++++++++----------- pkg/util/util.go | 30 +++++++-- 6 files changed, 74 insertions(+), 59 deletions(-) diff --git a/cmd/backup-manager/app/backup/manager.go b/cmd/backup-manager/app/backup/manager.go index 6b3fe8ecdb..a4497609af 100644 --- a/cmd/backup-manager/app/backup/manager.go +++ b/cmd/backup-manager/app/backup/manager.go @@ -17,6 +17,7 @@ import ( "context" "database/sql" "fmt" + util2 "github.com/pingcap/tidb-operator/pkg/util" "strconv" "time" @@ -110,7 +111,7 @@ func (bm *Manager) ProcessBackup() error { klog.Errorf("can't get dsn of tidb cluster %s, err: %s", bm, err) return false, err } - db, err = util.OpenDB(ctx, dsn) + db, err = util2.OpenDB(ctx, dsn) if err != nil { klog.Warningf("can't connect to tidb cluster %s, err: %s", bm, err) if ctx.Err() != nil { diff --git a/cmd/backup-manager/app/export/manager.go b/cmd/backup-manager/app/export/manager.go index a2cb76407a..181be72cbc 100644 --- a/cmd/backup-manager/app/export/manager.go +++ b/cmd/backup-manager/app/export/manager.go @@ -16,6 +16,7 @@ package export import ( "context" "database/sql" + util2 "github.com/pingcap/tidb-operator/pkg/util" "os" "strings" "time" @@ -121,7 +122,7 @@ func (bm *BackupManager) ProcessBackup() error { return false, err } - db, err = util.OpenDB(ctx, dsn) + db, err = util2.OpenDB(ctx, dsn) if err != nil { klog.Warningf("can't connect to tidb cluster %s, err: %s", bm, err) if ctx.Err() != nil { diff --git a/cmd/backup-manager/app/restore/manager.go b/cmd/backup-manager/app/restore/manager.go index d52ade6dbf..39bdf98e47 100644 --- a/cmd/backup-manager/app/restore/manager.go +++ b/cmd/backup-manager/app/restore/manager.go @@ -17,6 +17,7 @@ import ( "context" "database/sql" "fmt" + util2 "github.com/pingcap/tidb-operator/pkg/util" "strconv" "time" @@ -107,7 +108,7 @@ func (rm *Manager) ProcessRestore() error { return false, err } - db, err = util.OpenDB(ctx, dsn) + db, err = util2.OpenDB(ctx, dsn) if err != nil { klog.Warningf("can't connect to tidb cluster %s, err: %s", rm, err) if ctx.Err() != nil { diff --git a/cmd/backup-manager/app/util/util.go b/cmd/backup-manager/app/util/util.go index aa0fd8fe3d..9f132ec271 100644 --- a/cmd/backup-manager/app/util/util.go +++ b/cmd/backup-manager/app/util/util.go @@ -15,7 +15,6 @@ package util import ( "context" - "database/sql" "fmt" "io/ioutil" "os" @@ -113,19 +112,6 @@ func GetStoragePath(backup *v1alpha1.Backup) (string, error) { } } -// OpenDB opens db -func OpenDB(ctx context.Context, dsn string) (*sql.DB, error) { - db, err := sql.Open("mysql", dsn) - if err != nil { - return nil, fmt.Errorf("open datasource failed, err: %v", err) - } - if err := db.PingContext(ctx); err != nil { - db.Close() - return nil, fmt.Errorf("cannot connect to mysql, err: %v", err) - } - return db, nil -} - // IsFileExist return true if file exist and is a regular file, other cases return false func IsFileExist(file string) bool { fi, err := os.Stat(file) diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index 80a51325f5..1a5a5e4bde 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -115,6 +115,13 @@ func (m *tidbMemberManager) Sync(tc *v1alpha1.TidbCluster) error { } } + isSet, err := m.syncInitializer(tc) + if isSet { + return nil + } + if err != nil { + klog.Errorf("SyncInitializer err:%v", err) + } // Sync TiDB StatefulSet return m.syncTiDBStatefulSetForTidbCluster(tc) } @@ -249,35 +256,36 @@ func (m *tidbMemberManager) syncTiDBStatefulSetForTidbCluster(tc *v1alpha1.TidbC return err } } + return mngerutils.UpdateStatefulSet(m.deps.StatefulSetControl, tc, newTiDBSet, oldTiDBSet) +} + +func (m *tidbMemberManager) syncInitializer(tc *v1alpha1.TidbCluster) (bool, error) { // set random password - if tc.Spec.TiDB.Initializer != nil && tc.Spec.TiDB.Initializer.CreatePassword && !tc.Status.TiDB.InitPasswordPhase && !tc.IsTLSClusterEnabled() { - // check tidb pod is ready - podOrdinals := helper.GetPodOrdinals(*oldTiDBSet.Spec.Replicas, oldTiDBSet).List() - isTiDBReady := true - for _i := len(podOrdinals) - 1; _i >= 0; _i-- { - i := podOrdinals[_i] - podName := tidbPodName(tcName, i) - pod, err := m.deps.PodLister.Pods(ns).Get(podName) - if err != nil { - return fmt.Errorf("failed to get pods %s for cluster %s/%s, error: %s", podName, ns, tcName, err) - } - isReady := podutil.IsPodReady(pod) - if !isReady { - isTiDBReady = false - break - } + ns := tc.Namespace + tcName := tc.Name + if tc.Spec.TiDB.Initializer != nil && tc.Spec.TiDB.Initializer.CreatePassword && !tc.Status.TiDB.InitPasswordPhase { + //check endpoints ready + isTiDBReady := false + eps, epErr := m.deps.EndpointLister.Endpoints(tc.Namespace).Get(controller.TiDBMemberName(tc.Name)) + if epErr != nil { + return false, fmt.Errorf("Failed to get endpoints %s for cluster %s/%s, err: %s", controller.PDMemberName(tc.Name), ns, tcName, epErr) + } + // pd service has no endpoints + if eps != nil && len(eps.Subsets) > 0 { + isTiDBReady = true } + if isTiDBReady { // sync password secret var password string secretName := controller.TiDBSecret(tc.Name) - secret, err := m.deps.SecretLister.Secrets(ns).Get(secretName) + secret, err := m.deps.SecretLister.Secrets(tc.Namespace).Get(secretName) passwordSecretExist := true if err != nil { if errors.IsNotFound(err) { passwordSecretExist = false } else { - return err + return false, err } } @@ -287,7 +295,7 @@ func (m *tidbMemberManager) syncTiDBStatefulSetForTidbCluster(tc *v1alpha1.TidbC secret, password = m.buildRandomPasswordSecret(tc) err := m.deps.TypedControl.Create(tc, secret) if err != nil { - return err + return false, err } } else { password = string(secret.Data[constants.TidbRootKey]) @@ -296,15 +304,15 @@ func (m *tidbMemberManager) syncTiDBStatefulSetForTidbCluster(tc *v1alpha1.TidbC var db *sql.DB var dsn string err = wait.PollImmediate(5*time.Second, 30*time.Minute, func() (done bool, err error) { - dsn, err = m.GetDBUrl(tc) + dsn, err = m.GetDSN(tc) if err != nil { - klog.Errorf("can't get dsn of tidb cluster[%s:%s], err: %s", tc.Namespace, tc.Name, err) + klog.Errorf("Can't get dsn of tidb cluster[%s:%s], err: %s", tc.Namespace, tc.Name, err) return false, err } ctx := context.TODO() - db, err = m.OpenDB(ctx, dsn) + db, err = util.OpenDB(ctx, dsn) if err != nil { - klog.Warningf("can't connect to tidb cluster[%s:%s], err: %s", tc.Namespace, tc.Name, err) + klog.Warningf("Can't connect to tidb cluster[%s:%s], err: %s", tc.Namespace, tc.Name, err) if ctx.Err() != nil { return false, ctx.Err() } @@ -312,23 +320,25 @@ func (m *tidbMemberManager) syncTiDBStatefulSetForTidbCluster(tc *v1alpha1.TidbC } return true, nil }) + defer db.Close() if err != nil { - klog.Errorf("can't get connection of tidb cluster[%s:%s], err: %s", tc.Namespace, tc.Name, err) + klog.Errorf("Can't get connection of tidb cluster[%s:%s], err: %s", tc.Namespace, tc.Name, err) } else { - err = m.SetPassword(context.TODO(), db, password) + err = util.SetPassword(context.TODO(), db, password) if err != nil { - klog.Errorf("set tidb[%s:%s] password err: %s", tc.Namespace, tc.Name, err) + klog.Errorf("Set tidb[%s:%s] password err: %s", tc.Namespace, tc.Name, err) } tc.Status.TiDB.InitPasswordPhase = true - klog.Infof("set password successfully for tidb[%s:%s]", tc.Namespace, tc.Name) + klog.Infof("Set password successfully for tidb[%s:%s]", tc.Namespace, tc.Name) + return true, nil } - defer db.Close() + } else { - klog.Infof("set password wait for tidb[%s:%s] pod ready", tc.Namespace, tc.Name) + klog.Infof("Set password wait for tidb[%s:%s] endpoint ready", tc.Namespace, tc.Name) } } + return false, nil - return mngerutils.UpdateStatefulSet(m.deps.StatefulSetControl, tc, newTiDBSet, oldTiDBSet) } func (m *tidbMemberManager) buildRandomPasswordSecret(tc *v1alpha1.TidbCluster) (*corev1.Secret, string) { @@ -999,8 +1009,8 @@ func (m *tidbMemberManager) syncTidbClusterStatus(tc *v1alpha1.TidbCluster, set return nil } -func (m *tidbMemberManager) GetDBUrl(tc *v1alpha1.TidbCluster) (string, error) { - return fmt.Sprintf("root:@tcp(%s-tidb.%s.svc:4000)/?charset=utf8mb4,utf8&multiStatements=true", tc.Name, tc.Namespace), nil +func (m *tidbMemberManager) GetDSN(tc *v1alpha1.TidbCluster) (string, error) { + return fmt.Sprintf("root:@tcp(%s-tidb.%s:4000)/?charset=utf8mb4,utf8&multiStatements=true", tc.Name, tc.Namespace), nil } func (bo *tidbMemberManager) OpenDB(ctx context.Context, dsn string) (*sql.DB, error) { @@ -1015,12 +1025,6 @@ func (bo *tidbMemberManager) OpenDB(ctx context.Context, dsn string) (*sql.DB, e return db, nil } -func (bo *tidbMemberManager) SetPassword(ctx context.Context, db *sql.DB, password string) error { - sql := fmt.Sprintf("SET PASSWORD FOR 'root'@'%%' = '%s'; FLUSH PRIVILEGES;", password) - _, err := db.ExecContext(ctx, sql) - return err -} - func tidbStatefulSetIsUpgrading(podLister corelisters.PodLister, set *apps.StatefulSet, tc *v1alpha1.TidbCluster) (bool, error) { if mngerutils.StatefulSetIsUpgrading(set) { return true, nil diff --git a/pkg/util/util.go b/pkg/util/util.go index 0e7e8b55ec..89b5736491 100644 --- a/pkg/util/util.go +++ b/pkg/util/util.go @@ -14,6 +14,8 @@ package util import ( + "context" + "database/sql" "encoding/json" "fmt" "os" @@ -437,9 +439,29 @@ func FixedLengthRandomPasswordBytes() []byte { func RandomBytes(length int) []byte { return []byte(password.MustGenerate( length, - 2, // number of digits to include in the result - 3, // number of symbols to include in the result - false, // noUpper - false, // allowRepeat + length/3, // number of digits to include in the result + length/4, // number of symbols to include in the result + false, // noUpper + false, // allowRepeat )) } + +// OpenDB opens db +func OpenDB(ctx context.Context, dsn string) (*sql.DB, error) { + db, err := sql.Open("mysql", dsn) + if err != nil { + return nil, fmt.Errorf("open datasource failed, err: %v", err) + } + if err := db.PingContext(ctx); err != nil { + db.Close() + return nil, fmt.Errorf("cannot connect to mysql, err: %v", err) + } + return db, nil +} + +// SetPassword set tidb password +func SetPassword(ctx context.Context, db *sql.DB, password string) error { + sql := fmt.Sprintf("SET PASSWORD FOR 'root'@'%%' = '%s'; FLUSH PRIVILEGES;", password) + _, err := db.ExecContext(ctx, sql) + return err +} From 79d78a5685f42367e813ddd7989ad4bf0a8266c8 Mon Sep 17 00:00:00 2001 From: mikechengwei <842725815@qq.com> Date: Thu, 20 Jan 2022 16:23:33 +0800 Subject: [PATCH 23/70] optimize code --- cmd/backup-manager/app/backup/manager.go | 2 +- cmd/backup-manager/app/export/manager.go | 2 +- cmd/backup-manager/app/restore/manager.go | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/cmd/backup-manager/app/backup/manager.go b/cmd/backup-manager/app/backup/manager.go index a4497609af..f4e57339c2 100644 --- a/cmd/backup-manager/app/backup/manager.go +++ b/cmd/backup-manager/app/backup/manager.go @@ -17,7 +17,6 @@ import ( "context" "database/sql" "fmt" - util2 "github.com/pingcap/tidb-operator/pkg/util" "strconv" "time" @@ -28,6 +27,7 @@ import ( bkconstants "github.com/pingcap/tidb-operator/pkg/backup/constants" listers "github.com/pingcap/tidb-operator/pkg/client/listers/pingcap/v1alpha1" "github.com/pingcap/tidb-operator/pkg/controller" + util2 "github.com/pingcap/tidb-operator/pkg/util" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" errorutils "k8s.io/apimachinery/pkg/util/errors" diff --git a/cmd/backup-manager/app/export/manager.go b/cmd/backup-manager/app/export/manager.go index 181be72cbc..4e36f14f73 100644 --- a/cmd/backup-manager/app/export/manager.go +++ b/cmd/backup-manager/app/export/manager.go @@ -16,7 +16,6 @@ package export import ( "context" "database/sql" - util2 "github.com/pingcap/tidb-operator/pkg/util" "os" "strings" "time" @@ -29,6 +28,7 @@ import ( backuputil "github.com/pingcap/tidb-operator/pkg/backup/util" listers "github.com/pingcap/tidb-operator/pkg/client/listers/pingcap/v1alpha1" "github.com/pingcap/tidb-operator/pkg/controller" + util2 "github.com/pingcap/tidb-operator/pkg/util" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" errorutils "k8s.io/apimachinery/pkg/util/errors" diff --git a/cmd/backup-manager/app/restore/manager.go b/cmd/backup-manager/app/restore/manager.go index 39bdf98e47..da489493cd 100644 --- a/cmd/backup-manager/app/restore/manager.go +++ b/cmd/backup-manager/app/restore/manager.go @@ -17,7 +17,6 @@ import ( "context" "database/sql" "fmt" - util2 "github.com/pingcap/tidb-operator/pkg/util" "strconv" "time" @@ -27,6 +26,7 @@ import ( bkconstants "github.com/pingcap/tidb-operator/pkg/backup/constants" listers "github.com/pingcap/tidb-operator/pkg/client/listers/pingcap/v1alpha1" "github.com/pingcap/tidb-operator/pkg/controller" + util2 "github.com/pingcap/tidb-operator/pkg/util" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" errorutils "k8s.io/apimachinery/pkg/util/errors" From 1bf113cab2c5dd5c4fdeeaea5f113bd83fbfff86 Mon Sep 17 00:00:00 2001 From: mikechengwei <842725815@qq.com> Date: Thu, 20 Jan 2022 16:40:23 +0800 Subject: [PATCH 24/70] optimize code --- pkg/manager/member/tidb_member_manager.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index 1a5a5e4bde..c1eb64e37b 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -24,6 +24,7 @@ import ( "time" "k8s.io/apimachinery/pkg/util/wait" + "k8s.io/utils/pointer" "github.com/pingcap/tidb-operator/pkg/backup/constants" @@ -44,7 +45,6 @@ import ( corelisters "k8s.io/client-go/listers/core/v1" "k8s.io/klog/v2" podutil "k8s.io/kubernetes/pkg/api/v1/pod" - "k8s.io/utils/pointer" // for sql/driver _ "github.com/go-sql-driver/mysql" ) From 3d90a28d22375f65a5f2654f630cfb025fa1be45 Mon Sep 17 00:00:00 2001 From: mikechengwei <842725815@qq.com> Date: Thu, 20 Jan 2022 16:43:09 +0800 Subject: [PATCH 25/70] optimize code --- pkg/manager/member/tidb_member_manager.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index c1eb64e37b..33de7a2949 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -345,7 +345,7 @@ func (m *tidbMemberManager) buildRandomPasswordSecret(tc *v1alpha1.TidbCluster) s := &corev1.Secret{ ObjectMeta: metav1.ObjectMeta{ - Name: fmt.Sprintf("%s-secret", tc.Name), + Name: controller.TiDBSecret(tc.Name), Namespace: tc.Namespace, }, } From 47b4489f15d5a692fad92c7e9ace1492a2e180ce Mon Sep 17 00:00:00 2001 From: mikechengwei <842725815@qq.com> Date: Thu, 20 Jan 2022 16:46:29 +0800 Subject: [PATCH 26/70] optimize code --- pkg/controller/controller_utils.go | 4 ++-- pkg/manager/member/tidb_member_manager.go | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/pkg/controller/controller_utils.go b/pkg/controller/controller_utils.go index 9e63ea6182..e1b8d5f7b7 100644 --- a/pkg/controller/controller_utils.go +++ b/pkg/controller/controller_utils.go @@ -350,8 +350,8 @@ func TiDBInitializer(clusterName string) string { return fmt.Sprintf("%s-init", clusterName) } -// TiDBSecret returns tidb secret name -func TiDBSecret(clusterName string) string { +// TiDBInitSecret returns tidb init secret name +func TiDBInitSecret(clusterName string) string { return fmt.Sprintf("%s-init", clusterName) } diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index 33de7a2949..94b2822f55 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -278,7 +278,7 @@ func (m *tidbMemberManager) syncInitializer(tc *v1alpha1.TidbCluster) (bool, err if isTiDBReady { // sync password secret var password string - secretName := controller.TiDBSecret(tc.Name) + secretName := controller.TiDBInitSecret(tc.Name) secret, err := m.deps.SecretLister.Secrets(tc.Namespace).Get(secretName) passwordSecretExist := true if err != nil { @@ -303,7 +303,7 @@ func (m *tidbMemberManager) syncInitializer(tc *v1alpha1.TidbCluster) (bool, err // init password var db *sql.DB var dsn string - err = wait.PollImmediate(5*time.Second, 30*time.Minute, func() (done bool, err error) { + err = wait.PollImmediate(5*time.Second, 1*time.Minute, func() (done bool, err error) { dsn, err = m.GetDSN(tc) if err != nil { klog.Errorf("Can't get dsn of tidb cluster[%s:%s], err: %s", tc.Namespace, tc.Name, err) @@ -345,7 +345,7 @@ func (m *tidbMemberManager) buildRandomPasswordSecret(tc *v1alpha1.TidbCluster) s := &corev1.Secret{ ObjectMeta: metav1.ObjectMeta{ - Name: controller.TiDBSecret(tc.Name), + Name: controller.TiDBInitSecret(tc.Name), Namespace: tc.Namespace, }, } From f0e37011ad510015156c2757a9db9d19c2ef4d13 Mon Sep 17 00:00:00 2001 From: mikechengwei <842725815@qq.com> Date: Thu, 20 Jan 2022 16:49:36 +0800 Subject: [PATCH 27/70] optimize code --- pkg/manager/member/tidb_member_manager.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index 94b2822f55..4a1a4f76f2 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -303,7 +303,7 @@ func (m *tidbMemberManager) syncInitializer(tc *v1alpha1.TidbCluster) (bool, err // init password var db *sql.DB var dsn string - err = wait.PollImmediate(5*time.Second, 1*time.Minute, func() (done bool, err error) { + err = wait.PollImmediate(1*time.Second, 5*time.Second, func() (done bool, err error) { dsn, err = m.GetDSN(tc) if err != nil { klog.Errorf("Can't get dsn of tidb cluster[%s:%s], err: %s", tc.Namespace, tc.Name, err) @@ -326,7 +326,7 @@ func (m *tidbMemberManager) syncInitializer(tc *v1alpha1.TidbCluster) (bool, err } else { err = util.SetPassword(context.TODO(), db, password) if err != nil { - klog.Errorf("Set tidb[%s:%s] password err: %s", tc.Namespace, tc.Name, err) + klog.Errorf("Fail to set TiDB password for [%s:%s], err: %s", tc.Namespace, tc.Name, err) } tc.Status.TiDB.InitPasswordPhase = true klog.Infof("Set password successfully for tidb[%s:%s]", tc.Namespace, tc.Name) From 1496f18a302c2778e81f11855b9be7766edbec9d Mon Sep 17 00:00:00 2001 From: mikechengwei <842725815@qq.com> Date: Thu, 20 Jan 2022 16:58:26 +0800 Subject: [PATCH 28/70] optimize code --- pkg/manager/member/tidb_member_manager.go | 13 +++++++++---- pkg/util/util.go | 1 + 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index 4a1a4f76f2..620ddba525 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -309,22 +309,27 @@ func (m *tidbMemberManager) syncInitializer(tc *v1alpha1.TidbCluster) (bool, err klog.Errorf("Can't get dsn of tidb cluster[%s:%s], err: %s", tc.Namespace, tc.Name, err) return false, err } - ctx := context.TODO() + ctx, cancel := context.WithTimeout(context.Background(), 1*time.Second) + defer cancel() db, err = util.OpenDB(ctx, dsn) if err != nil { - klog.Warningf("Can't connect to tidb cluster[%s:%s], err: %s", tc.Namespace, tc.Name, err) + klog.Warningf("Can't connect to the TiDB service of TiDB cluster[%s:%s], err: %s", tc.Namespace, tc.Name, err) if ctx.Err() != nil { return false, ctx.Err() } return false, nil } + return true, nil }) defer db.Close() if err != nil { - klog.Errorf("Can't get connection of tidb cluster[%s:%s], err: %s", tc.Namespace, tc.Name, err) + klog.Errorf("Can't get TiDB connection of the TiDB cluster[%s:%s], err: %s", tc.Namespace, tc.Name, err) + return false, err } else { - err = util.SetPassword(context.TODO(), db, password) + ctx, cancel := context.WithTimeout(context.Background(), 1*time.Second) + defer cancel() + err = util.SetPassword(ctx, db, password) if err != nil { klog.Errorf("Fail to set TiDB password for [%s:%s], err: %s", tc.Namespace, tc.Name, err) } diff --git a/pkg/util/util.go b/pkg/util/util.go index 89b5736491..2fccaa1b60 100644 --- a/pkg/util/util.go +++ b/pkg/util/util.go @@ -461,6 +461,7 @@ func OpenDB(ctx context.Context, dsn string) (*sql.DB, error) { // SetPassword set tidb password func SetPassword(ctx context.Context, db *sql.DB, password string) error { + sql := fmt.Sprintf("SET PASSWORD FOR 'root'@'%%' = '%s'; FLUSH PRIVILEGES;", password) _, err := db.ExecContext(ctx, sql) return err From 4e14c3df1aed1e8131c6eaec15b10d44969966d9 Mon Sep 17 00:00:00 2001 From: mikechengwei <842725815@qq.com> Date: Thu, 20 Jan 2022 17:11:20 +0800 Subject: [PATCH 29/70] optimize code --- pkg/manager/member/tidb_member_manager.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index 620ddba525..67791b2332 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -24,6 +24,7 @@ import ( "time" "k8s.io/apimachinery/pkg/util/wait" + podutil "k8s.io/kubernetes/pkg/api/v1/pod" "k8s.io/utils/pointer" "github.com/pingcap/tidb-operator/pkg/backup/constants" @@ -44,7 +45,6 @@ import ( "k8s.io/apimachinery/pkg/util/uuid" corelisters "k8s.io/client-go/listers/core/v1" "k8s.io/klog/v2" - podutil "k8s.io/kubernetes/pkg/api/v1/pod" // for sql/driver _ "github.com/go-sql-driver/mysql" ) From 63a30d7ef73596299f2e9e7fb583bb2a644708db Mon Sep 17 00:00:00 2001 From: Mike <842725815@qq.com> Date: Fri, 21 Jan 2022 15:13:03 +0800 Subject: [PATCH 30/70] Update cmd/backup-manager/app/backup/manager.go Co-authored-by: DanielZhangQD <36026334+DanielZhangQD@users.noreply.github.com> --- cmd/backup-manager/app/backup/manager.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cmd/backup-manager/app/backup/manager.go b/cmd/backup-manager/app/backup/manager.go index f4e57339c2..6995a02fca 100644 --- a/cmd/backup-manager/app/backup/manager.go +++ b/cmd/backup-manager/app/backup/manager.go @@ -27,7 +27,7 @@ import ( bkconstants "github.com/pingcap/tidb-operator/pkg/backup/constants" listers "github.com/pingcap/tidb-operator/pkg/client/listers/pingcap/v1alpha1" "github.com/pingcap/tidb-operator/pkg/controller" - util2 "github.com/pingcap/tidb-operator/pkg/util" + pkgutil "github.com/pingcap/tidb-operator/pkg/util" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" errorutils "k8s.io/apimachinery/pkg/util/errors" From 6c40b18556ca332c6628ec3dc07e42e5449e8e2d Mon Sep 17 00:00:00 2001 From: Mike <842725815@qq.com> Date: Fri, 21 Jan 2022 15:13:11 +0800 Subject: [PATCH 31/70] Update pkg/apis/pingcap/v1alpha1/types.go Co-authored-by: DanielZhangQD <36026334+DanielZhangQD@users.noreply.github.com> --- pkg/apis/pingcap/v1alpha1/types.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/apis/pingcap/v1alpha1/types.go b/pkg/apis/pingcap/v1alpha1/types.go index a34deb174c..d81bf9c126 100644 --- a/pkg/apis/pingcap/v1alpha1/types.go +++ b/pkg/apis/pingcap/v1alpha1/types.go @@ -1142,7 +1142,7 @@ type TiDBStatus struct { FailureMembers map[string]TiDBFailureMember `json:"failureMembers,omitempty"` ResignDDLOwnerRetryCount int32 `json:"resignDDLOwnerRetryCount,omitempty"` Image string `json:"image,omitempty"` - InitPasswordPhase bool `json:"initPasswordPhase,omitempty"` + PasswordInitialized bool `json:"passwordInitialized,omitempty"` } // TiDBMember is TiDB member From 3e6ef17e732f409948ddc357937082c85a1bfec4 Mon Sep 17 00:00:00 2001 From: mikechengwei <842725815@qq.com> Date: Fri, 21 Jan 2022 15:15:28 +0800 Subject: [PATCH 32/70] optimize code --- pkg/controller/controller_utils.go | 5 ----- pkg/manager/member/tidb_member_manager.go | 18 +----------------- pkg/util/util.go | 5 +++++ 3 files changed, 6 insertions(+), 22 deletions(-) diff --git a/pkg/controller/controller_utils.go b/pkg/controller/controller_utils.go index e1b8d5f7b7..f91f9629ec 100644 --- a/pkg/controller/controller_utils.go +++ b/pkg/controller/controller_utils.go @@ -345,11 +345,6 @@ func DMWorkerPeerMemberName(clusterName string) string { return fmt.Sprintf("%s-dm-worker-peer", clusterName) } -// TiDBInitializer returns tidb initializer name -func TiDBInitializer(clusterName string) string { - return fmt.Sprintf("%s-init", clusterName) -} - // TiDBInitSecret returns tidb init secret name func TiDBInitSecret(clusterName string) string { return fmt.Sprintf("%s-init", clusterName) diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index 67791b2332..c67e5c07db 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -304,7 +304,7 @@ func (m *tidbMemberManager) syncInitializer(tc *v1alpha1.TidbCluster) (bool, err var db *sql.DB var dsn string err = wait.PollImmediate(1*time.Second, 5*time.Second, func() (done bool, err error) { - dsn, err = m.GetDSN(tc) + dsn, err = util.GetDSN(tc) if err != nil { klog.Errorf("Can't get dsn of tidb cluster[%s:%s], err: %s", tc.Namespace, tc.Name, err) return false, err @@ -1014,22 +1014,6 @@ func (m *tidbMemberManager) syncTidbClusterStatus(tc *v1alpha1.TidbCluster, set return nil } -func (m *tidbMemberManager) GetDSN(tc *v1alpha1.TidbCluster) (string, error) { - return fmt.Sprintf("root:@tcp(%s-tidb.%s:4000)/?charset=utf8mb4,utf8&multiStatements=true", tc.Name, tc.Namespace), nil -} - -func (bo *tidbMemberManager) OpenDB(ctx context.Context, dsn string) (*sql.DB, error) { - db, err := sql.Open("mysql", dsn) - if err != nil { - return nil, fmt.Errorf("open datasource failed, err: %v", err) - } - if err := db.PingContext(ctx); err != nil { - db.Close() - return nil, fmt.Errorf("cannot connect to mysql, err: %v", err) - } - return db, nil -} - func tidbStatefulSetIsUpgrading(podLister corelisters.PodLister, set *apps.StatefulSet, tc *v1alpha1.TidbCluster) (bool, error) { if mngerutils.StatefulSetIsUpgrading(set) { return true, nil diff --git a/pkg/util/util.go b/pkg/util/util.go index 2fccaa1b60..6dd6b05dd0 100644 --- a/pkg/util/util.go +++ b/pkg/util/util.go @@ -466,3 +466,8 @@ func SetPassword(ctx context.Context, db *sql.DB, password string) error { _, err := db.ExecContext(ctx, sql) return err } + +// GetDSN get tidb dsn +func GetDSN(tc *v1alpha1.TidbCluster) (string, error) { + return fmt.Sprintf("root:@tcp(%s-tidb.%s:4000)/?charset=utf8mb4,utf8&multiStatements=true", tc.Name, tc.Namespace), nil +} From 587fedf901feea7efa8c7bda5a310a895dc18709 Mon Sep 17 00:00:00 2001 From: mikechengwei <842725815@qq.com> Date: Fri, 21 Jan 2022 16:06:08 +0800 Subject: [PATCH 33/70] optimize code --- cmd/backup-manager/app/backup/manager.go | 2 +- docs/api-references/docs.md | 2 +- manifests/crd.yaml | 4 +-- .../crd/v1/pingcap.com_tidbclusters.yaml | 4 +-- .../crd/v1beta1/pingcap.com_tidbclusters.yaml | 4 +-- manifests/crd_v1beta1.yaml | 4 +-- pkg/apis/pingcap/v1alpha1/tidbcluster.go | 4 +++ pkg/apis/pingcap/v1alpha1/types.go | 2 +- pkg/manager/member/tidb_member_manager.go | 31 ++++++++++--------- 9 files changed, 31 insertions(+), 26 deletions(-) diff --git a/cmd/backup-manager/app/backup/manager.go b/cmd/backup-manager/app/backup/manager.go index 6995a02fca..356790f7cf 100644 --- a/cmd/backup-manager/app/backup/manager.go +++ b/cmd/backup-manager/app/backup/manager.go @@ -111,7 +111,7 @@ func (bm *Manager) ProcessBackup() error { klog.Errorf("can't get dsn of tidb cluster %s, err: %s", bm, err) return false, err } - db, err = util2.OpenDB(ctx, dsn) + db, err = pkgutil.OpenDB(ctx, dsn) if err != nil { klog.Warningf("can't connect to tidb cluster %s, err: %s", bm, err) if ctx.Err() != nil { diff --git a/docs/api-references/docs.md b/docs/api-references/docs.md index d2d683c7c2..40d60924c4 100644 --- a/docs/api-references/docs.md +++ b/docs/api-references/docs.md @@ -15269,7 +15269,7 @@ string -initPasswordPhase
+passwordInitialized
bool diff --git a/manifests/crd.yaml b/manifests/crd.yaml index d991820b1c..f9778e0e37 100644 --- a/manifests/crd.yaml +++ b/manifests/crd.yaml @@ -29150,8 +29150,6 @@ spec: type: object image: type: string - initPasswordPhase: - type: boolean members: additionalProperties: properties: @@ -29170,6 +29168,8 @@ spec: - name type: object type: object + passwordInitialized: + type: boolean phase: type: string resignDDLOwnerRetryCount: diff --git a/manifests/crd/v1/pingcap.com_tidbclusters.yaml b/manifests/crd/v1/pingcap.com_tidbclusters.yaml index fe567f5fa1..e90add30c7 100644 --- a/manifests/crd/v1/pingcap.com_tidbclusters.yaml +++ b/manifests/crd/v1/pingcap.com_tidbclusters.yaml @@ -17204,8 +17204,6 @@ spec: type: object image: type: string - initPasswordPhase: - type: boolean members: additionalProperties: properties: @@ -17224,6 +17222,8 @@ spec: - name type: object type: object + passwordInitialized: + type: boolean phase: type: string resignDDLOwnerRetryCount: diff --git a/manifests/crd/v1beta1/pingcap.com_tidbclusters.yaml b/manifests/crd/v1beta1/pingcap.com_tidbclusters.yaml index f5bf4219ec..faba1387de 100644 --- a/manifests/crd/v1beta1/pingcap.com_tidbclusters.yaml +++ b/manifests/crd/v1beta1/pingcap.com_tidbclusters.yaml @@ -17181,8 +17181,6 @@ spec: type: object image: type: string - initPasswordPhase: - type: boolean members: additionalProperties: properties: @@ -17201,6 +17199,8 @@ spec: - name type: object type: object + passwordInitialized: + type: boolean phase: type: string resignDDLOwnerRetryCount: diff --git a/manifests/crd_v1beta1.yaml b/manifests/crd_v1beta1.yaml index 7943d00015..affbcd3afe 100644 --- a/manifests/crd_v1beta1.yaml +++ b/manifests/crd_v1beta1.yaml @@ -29127,8 +29127,6 @@ spec: type: object image: type: string - initPasswordPhase: - type: boolean members: additionalProperties: properties: @@ -29147,6 +29145,8 @@ spec: - name type: object type: object + passwordInitialized: + type: boolean phase: type: string resignDDLOwnerRetryCount: diff --git a/pkg/apis/pingcap/v1alpha1/tidbcluster.go b/pkg/apis/pingcap/v1alpha1/tidbcluster.go index b4a48b2b17..53d7a66b6c 100644 --- a/pkg/apis/pingcap/v1alpha1/tidbcluster.go +++ b/pkg/apis/pingcap/v1alpha1/tidbcluster.go @@ -732,6 +732,10 @@ func (tc *TidbCluster) IsTLSClusterEnabled() bool { return tc.Spec.TLSCluster != nil && tc.Spec.TLSCluster.Enabled } +func (tc *TidbCluster) IsNeedToSyncInitializer() bool { + return tc.Spec.TiDB.Initializer != nil && tc.Spec.TiDB.Initializer.CreatePassword && !tc.Status.TiDB.PasswordInitialized +} + func (tc *TidbCluster) Scheme() string { if tc.IsTLSClusterEnabled() { return "https" diff --git a/pkg/apis/pingcap/v1alpha1/types.go b/pkg/apis/pingcap/v1alpha1/types.go index d81bf9c126..591e9d6296 100644 --- a/pkg/apis/pingcap/v1alpha1/types.go +++ b/pkg/apis/pingcap/v1alpha1/types.go @@ -1142,7 +1142,7 @@ type TiDBStatus struct { FailureMembers map[string]TiDBFailureMember `json:"failureMembers,omitempty"` ResignDDLOwnerRetryCount int32 `json:"resignDDLOwnerRetryCount,omitempty"` Image string `json:"image,omitempty"` - PasswordInitialized bool `json:"passwordInitialized,omitempty"` + PasswordInitialized bool `json:"passwordInitialized,omitempty"` } // TiDBMember is TiDB member diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index c67e5c07db..3b13b469f7 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -45,6 +45,7 @@ import ( "k8s.io/apimachinery/pkg/util/uuid" corelisters "k8s.io/client-go/listers/core/v1" "k8s.io/klog/v2" + // for sql/driver _ "github.com/go-sql-driver/mysql" ) @@ -115,13 +116,13 @@ func (m *tidbMemberManager) Sync(tc *v1alpha1.TidbCluster) error { } } - isSet, err := m.syncInitializer(tc) - if isSet { - return nil - } - if err != nil { - klog.Errorf("SyncInitializer err:%v", err) + if tc.IsNeedToSyncInitializer() { + err := m.syncInitializer(tc) + if err != nil { + klog.Errorf("SyncInitializer err:%v", err) + } } + // Sync TiDB StatefulSet return m.syncTiDBStatefulSetForTidbCluster(tc) } @@ -259,16 +260,16 @@ func (m *tidbMemberManager) syncTiDBStatefulSetForTidbCluster(tc *v1alpha1.TidbC return mngerutils.UpdateStatefulSet(m.deps.StatefulSetControl, tc, newTiDBSet, oldTiDBSet) } -func (m *tidbMemberManager) syncInitializer(tc *v1alpha1.TidbCluster) (bool, error) { +func (m *tidbMemberManager) syncInitializer(tc *v1alpha1.TidbCluster) error { // set random password ns := tc.Namespace tcName := tc.Name - if tc.Spec.TiDB.Initializer != nil && tc.Spec.TiDB.Initializer.CreatePassword && !tc.Status.TiDB.InitPasswordPhase { + if tc.Spec.TiDB.Initializer != nil && tc.Spec.TiDB.Initializer.CreatePassword && !tc.Status.TiDB.PasswordInitialized { //check endpoints ready isTiDBReady := false eps, epErr := m.deps.EndpointLister.Endpoints(tc.Namespace).Get(controller.TiDBMemberName(tc.Name)) if epErr != nil { - return false, fmt.Errorf("Failed to get endpoints %s for cluster %s/%s, err: %s", controller.PDMemberName(tc.Name), ns, tcName, epErr) + return fmt.Errorf("Failed to get endpoints %s for cluster %s/%s, err: %s", controller.PDMemberName(tc.Name), ns, tcName, epErr) } // pd service has no endpoints if eps != nil && len(eps.Subsets) > 0 { @@ -285,7 +286,7 @@ func (m *tidbMemberManager) syncInitializer(tc *v1alpha1.TidbCluster) (bool, err if errors.IsNotFound(err) { passwordSecretExist = false } else { - return false, err + return err } } @@ -295,7 +296,7 @@ func (m *tidbMemberManager) syncInitializer(tc *v1alpha1.TidbCluster) (bool, err secret, password = m.buildRandomPasswordSecret(tc) err := m.deps.TypedControl.Create(tc, secret) if err != nil { - return false, err + return err } } else { password = string(secret.Data[constants.TidbRootKey]) @@ -325,7 +326,7 @@ func (m *tidbMemberManager) syncInitializer(tc *v1alpha1.TidbCluster) (bool, err defer db.Close() if err != nil { klog.Errorf("Can't get TiDB connection of the TiDB cluster[%s:%s], err: %s", tc.Namespace, tc.Name, err) - return false, err + return err } else { ctx, cancel := context.WithTimeout(context.Background(), 1*time.Second) defer cancel() @@ -333,16 +334,16 @@ func (m *tidbMemberManager) syncInitializer(tc *v1alpha1.TidbCluster) (bool, err if err != nil { klog.Errorf("Fail to set TiDB password for [%s:%s], err: %s", tc.Namespace, tc.Name, err) } - tc.Status.TiDB.InitPasswordPhase = true + tc.Status.TiDB.PasswordInitialized = true klog.Infof("Set password successfully for tidb[%s:%s]", tc.Namespace, tc.Name) - return true, nil + return nil } } else { klog.Infof("Set password wait for tidb[%s:%s] endpoint ready", tc.Namespace, tc.Name) } } - return false, nil + return nil } From fb5f93ed5afc46627a2c39e69045598b1a1c33b6 Mon Sep 17 00:00:00 2001 From: Mike <842725815@qq.com> Date: Sun, 23 Jan 2022 16:15:55 +0800 Subject: [PATCH 34/70] Update pkg/manager/member/tidb_member_manager.go Co-authored-by: DanielZhangQD <36026334+DanielZhangQD@users.noreply.github.com> --- pkg/manager/member/tidb_member_manager.go | 1 - 1 file changed, 1 deletion(-) diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index 3bc6a31458..f30956a23d 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -28,7 +28,6 @@ import ( "k8s.io/utils/pointer" "github.com/pingcap/tidb-operator/pkg/backup/constants" - "github.com/pingcap/advanced-statefulset/client/apis/apps/v1/helper" "github.com/pingcap/tidb-operator/pkg/apis/label" "github.com/pingcap/tidb-operator/pkg/apis/pingcap/v1alpha1" From d87ff5221c13bb0233d6d20c58893e4a6359bfde Mon Sep 17 00:00:00 2001 From: Mike <842725815@qq.com> Date: Sun, 23 Jan 2022 16:19:29 +0800 Subject: [PATCH 35/70] Update pkg/apis/pingcap/v1alpha1/tidbcluster.go Co-authored-by: DanielZhangQD <36026334+DanielZhangQD@users.noreply.github.com> --- pkg/apis/pingcap/v1alpha1/tidbcluster.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkg/apis/pingcap/v1alpha1/tidbcluster.go b/pkg/apis/pingcap/v1alpha1/tidbcluster.go index 53d7a66b6c..030408af7c 100644 --- a/pkg/apis/pingcap/v1alpha1/tidbcluster.go +++ b/pkg/apis/pingcap/v1alpha1/tidbcluster.go @@ -732,8 +732,8 @@ func (tc *TidbCluster) IsTLSClusterEnabled() bool { return tc.Spec.TLSCluster != nil && tc.Spec.TLSCluster.Enabled } -func (tc *TidbCluster) IsNeedToSyncInitializer() bool { - return tc.Spec.TiDB.Initializer != nil && tc.Spec.TiDB.Initializer.CreatePassword && !tc.Status.TiDB.PasswordInitialized +func (tc *TidbCluster) NeedToSyncTiDBInitializer() bool { + return tc.Spec.TiDB != nil && tc.Spec.TiDB.Initializer != nil && tc.Spec.TiDB.Initializer.CreatePassword && !tc.Status.TiDB.PasswordInitialized } func (tc *TidbCluster) Scheme() string { From b9ae888b000ce7a1302df00bb8fc54a2b0fa96b1 Mon Sep 17 00:00:00 2001 From: Mike <842725815@qq.com> Date: Sun, 23 Jan 2022 16:19:43 +0800 Subject: [PATCH 36/70] Update cmd/backup-manager/app/restore/manager.go Co-authored-by: DanielZhangQD <36026334+DanielZhangQD@users.noreply.github.com> --- cmd/backup-manager/app/restore/manager.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cmd/backup-manager/app/restore/manager.go b/cmd/backup-manager/app/restore/manager.go index da489493cd..2f9119e851 100644 --- a/cmd/backup-manager/app/restore/manager.go +++ b/cmd/backup-manager/app/restore/manager.go @@ -26,7 +26,7 @@ import ( bkconstants "github.com/pingcap/tidb-operator/pkg/backup/constants" listers "github.com/pingcap/tidb-operator/pkg/client/listers/pingcap/v1alpha1" "github.com/pingcap/tidb-operator/pkg/controller" - util2 "github.com/pingcap/tidb-operator/pkg/util" + pkgutil "github.com/pingcap/tidb-operator/pkg/util" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" errorutils "k8s.io/apimachinery/pkg/util/errors" From 640b16f05026e14fe231fb86152bcdf48f189105 Mon Sep 17 00:00:00 2001 From: Mike <842725815@qq.com> Date: Sun, 23 Jan 2022 16:19:57 +0800 Subject: [PATCH 37/70] Update cmd/backup-manager/app/export/manager.go Co-authored-by: DanielZhangQD <36026334+DanielZhangQD@users.noreply.github.com> --- cmd/backup-manager/app/export/manager.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cmd/backup-manager/app/export/manager.go b/cmd/backup-manager/app/export/manager.go index 4e36f14f73..4cd8fb8856 100644 --- a/cmd/backup-manager/app/export/manager.go +++ b/cmd/backup-manager/app/export/manager.go @@ -28,7 +28,7 @@ import ( backuputil "github.com/pingcap/tidb-operator/pkg/backup/util" listers "github.com/pingcap/tidb-operator/pkg/client/listers/pingcap/v1alpha1" "github.com/pingcap/tidb-operator/pkg/controller" - util2 "github.com/pingcap/tidb-operator/pkg/util" + pkgutil "github.com/pingcap/tidb-operator/pkg/util" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" errorutils "k8s.io/apimachinery/pkg/util/errors" From 3dda6f1bda61def68b930ad5de67b10f3452a79a Mon Sep 17 00:00:00 2001 From: mikechengwei <842725815@qq.com> Date: Sun, 23 Jan 2022 16:27:02 +0800 Subject: [PATCH 38/70] optimize code --- examples/basic-random-password/README.md | 2 +- pkg/manager/member/tidb_member_manager.go | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/examples/basic-random-password/README.md b/examples/basic-random-password/README.md index 48036d1c45..896260382a 100644 --- a/examples/basic-random-password/README.md +++ b/examples/basic-random-password/README.md @@ -27,7 +27,7 @@ watch kubectl -n get pod Get the password from secret: ```bash -kubectl get secret basic-secret -o=jsonpath='{.data.root}' -n | base64 --decode +kubectl get secret basic-init -o=jsonpath='{.data.root}' -n | base64 --decode ``` Explore the TiDB SQL interface: diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index 3bc6a31458..e9643a00ae 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -25,7 +25,6 @@ import ( "k8s.io/apimachinery/pkg/util/wait" podutil "k8s.io/kubernetes/pkg/api/v1/pod" - "k8s.io/utils/pointer" "github.com/pingcap/tidb-operator/pkg/backup/constants" @@ -45,6 +44,7 @@ import ( "k8s.io/apimachinery/pkg/util/uuid" corelisters "k8s.io/client-go/listers/core/v1" "k8s.io/klog/v2" + "k8s.io/utils/pointer" // for sql/driver _ "github.com/go-sql-driver/mysql" From 6517afa7b4aab0dc4a538b35e8f634f1ccec31b3 Mon Sep 17 00:00:00 2001 From: mikechengwei <842725815@qq.com> Date: Sun, 23 Jan 2022 16:50:16 +0800 Subject: [PATCH 39/70] optimize code --- cmd/backup-manager/app/export/manager.go | 2 +- cmd/backup-manager/app/restore/manager.go | 2 +- pkg/manager/member/tidb_member_manager.go | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/cmd/backup-manager/app/export/manager.go b/cmd/backup-manager/app/export/manager.go index 4cd8fb8856..86df964627 100644 --- a/cmd/backup-manager/app/export/manager.go +++ b/cmd/backup-manager/app/export/manager.go @@ -122,7 +122,7 @@ func (bm *BackupManager) ProcessBackup() error { return false, err } - db, err = util2.OpenDB(ctx, dsn) + db, err = pkgutil.OpenDB(ctx, dsn) if err != nil { klog.Warningf("can't connect to tidb cluster %s, err: %s", bm, err) if ctx.Err() != nil { diff --git a/cmd/backup-manager/app/restore/manager.go b/cmd/backup-manager/app/restore/manager.go index 2f9119e851..2f72607b79 100644 --- a/cmd/backup-manager/app/restore/manager.go +++ b/cmd/backup-manager/app/restore/manager.go @@ -108,7 +108,7 @@ func (rm *Manager) ProcessRestore() error { return false, err } - db, err = util2.OpenDB(ctx, dsn) + db, err = pkgutil.OpenDB(ctx, dsn) if err != nil { klog.Warningf("can't connect to tidb cluster %s, err: %s", rm, err) if ctx.Err() != nil { diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index 927024d1f4..f0647f4345 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -26,10 +26,10 @@ import ( "k8s.io/apimachinery/pkg/util/wait" podutil "k8s.io/kubernetes/pkg/api/v1/pod" - "github.com/pingcap/tidb-operator/pkg/backup/constants" "github.com/pingcap/advanced-statefulset/client/apis/apps/v1/helper" "github.com/pingcap/tidb-operator/pkg/apis/label" "github.com/pingcap/tidb-operator/pkg/apis/pingcap/v1alpha1" + "github.com/pingcap/tidb-operator/pkg/backup/constants" "github.com/pingcap/tidb-operator/pkg/controller" "github.com/pingcap/tidb-operator/pkg/manager" mngerutils "github.com/pingcap/tidb-operator/pkg/manager/utils" @@ -115,7 +115,7 @@ func (m *tidbMemberManager) Sync(tc *v1alpha1.TidbCluster) error { } } - if tc.IsNeedToSyncInitializer() { + if tc.NeedToSyncTiDBInitializer() { err := m.syncInitializer(tc) if err != nil { klog.Errorf("SyncInitializer err:%v", err) From 427be40dabfd0e6537a005dad829bf29e90cfd21 Mon Sep 17 00:00:00 2001 From: Mike <842725815@qq.com> Date: Sun, 23 Jan 2022 17:26:01 +0800 Subject: [PATCH 40/70] Update pkg/manager/member/tidb_member_manager.go Co-authored-by: DanielZhangQD <36026334+DanielZhangQD@users.noreply.github.com> --- pkg/manager/member/tidb_member_manager.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index f0647f4345..b04ac48a7b 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -118,7 +118,7 @@ func (m *tidbMemberManager) Sync(tc *v1alpha1.TidbCluster) error { if tc.NeedToSyncTiDBInitializer() { err := m.syncInitializer(tc) if err != nil { - klog.Errorf("SyncInitializer err:%v", err) + klog.Errorf("SyncInitializer err: %v", err) } } From 0feac459156ac6cdbc8ee622c67bd2727e761dce Mon Sep 17 00:00:00 2001 From: Mike <842725815@qq.com> Date: Sun, 23 Jan 2022 17:26:07 +0800 Subject: [PATCH 41/70] Update pkg/manager/member/tidb_member_manager.go Co-authored-by: DanielZhangQD <36026334+DanielZhangQD@users.noreply.github.com> --- pkg/manager/member/tidb_member_manager.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index b04ac48a7b..3c4faf40e5 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -269,7 +269,7 @@ func (m *tidbMemberManager) syncInitializer(tc *v1alpha1.TidbCluster) error { isTiDBReady := false eps, epErr := m.deps.EndpointLister.Endpoints(tc.Namespace).Get(controller.TiDBMemberName(tc.Name)) if epErr != nil { - return fmt.Errorf("Failed to get endpoints %s for cluster %s/%s, err: %s", controller.PDMemberName(tc.Name), ns, tcName, epErr) + return fmt.Errorf("Failed to get endpoints %s for cluster %s/%s, err: %s", controller.TiDBMemberName(tc.Name), ns, tcName, epErr) } // pd service has no endpoints if eps != nil && len(eps.Subsets) > 0 { From 4ea3a08f932f54cf48be064a20b96ad739d4726c Mon Sep 17 00:00:00 2001 From: Mike <842725815@qq.com> Date: Sun, 23 Jan 2022 17:28:01 +0800 Subject: [PATCH 42/70] Update pkg/manager/member/tidb_member_manager.go Co-authored-by: DanielZhangQD <36026334+DanielZhangQD@users.noreply.github.com> --- pkg/manager/member/tidb_member_manager.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index 3c4faf40e5..d8c4c800b1 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -271,7 +271,7 @@ func (m *tidbMemberManager) syncInitializer(tc *v1alpha1.TidbCluster) error { if epErr != nil { return fmt.Errorf("Failed to get endpoints %s for cluster %s/%s, err: %s", controller.TiDBMemberName(tc.Name), ns, tcName, epErr) } - // pd service has no endpoints + // TiDB service has endpoints if eps != nil && len(eps.Subsets) > 0 { isTiDBReady = true } From 9f4495e69802e228a4bef3e7cf52251414a274e5 Mon Sep 17 00:00:00 2001 From: mikechengwei <842725815@qq.com> Date: Sun, 23 Jan 2022 17:28:54 +0800 Subject: [PATCH 43/70] optimize tls example --- pkg/manager/member/tidb_member_manager.go | 131 +++++++++++----------- 1 file changed, 63 insertions(+), 68 deletions(-) diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index f0647f4345..0a59b93d9f 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -24,7 +24,6 @@ import ( "time" "k8s.io/apimachinery/pkg/util/wait" - podutil "k8s.io/kubernetes/pkg/api/v1/pod" "github.com/pingcap/advanced-statefulset/client/apis/apps/v1/helper" "github.com/pingcap/tidb-operator/pkg/apis/label" @@ -43,6 +42,7 @@ import ( "k8s.io/apimachinery/pkg/util/uuid" corelisters "k8s.io/client-go/listers/core/v1" "k8s.io/klog/v2" + podutil "k8s.io/kubernetes/pkg/api/v1/pod" "k8s.io/utils/pointer" // for sql/driver @@ -264,84 +264,79 @@ func (m *tidbMemberManager) syncInitializer(tc *v1alpha1.TidbCluster) error { // set random password ns := tc.Namespace tcName := tc.Name - if tc.Spec.TiDB.Initializer != nil && tc.Spec.TiDB.Initializer.CreatePassword && !tc.Status.TiDB.PasswordInitialized { - //check endpoints ready - isTiDBReady := false - eps, epErr := m.deps.EndpointLister.Endpoints(tc.Namespace).Get(controller.TiDBMemberName(tc.Name)) - if epErr != nil { - return fmt.Errorf("Failed to get endpoints %s for cluster %s/%s, err: %s", controller.PDMemberName(tc.Name), ns, tcName, epErr) - } - // pd service has no endpoints - if eps != nil && len(eps.Subsets) > 0 { - isTiDBReady = true + //check endpoints ready + isTiDBReady := false + eps, epErr := m.deps.EndpointLister.Endpoints(tc.Namespace).Get(controller.TiDBMemberName(tc.Name)) + if epErr != nil { + return fmt.Errorf("Failed to get endpoints %s for cluster %s/%s, err: %s", controller.PDMemberName(tc.Name), ns, tcName, epErr) + } + // pd service has no endpoints + if eps != nil && len(eps.Subsets) > 0 { + isTiDBReady = true + } + + if isTiDBReady { + // sync password secret + var password string + secretName := controller.TiDBInitSecret(tc.Name) + secret, err := m.deps.SecretLister.Secrets(tc.Namespace).Get(secretName) + passwordSecretExist := true + if err != nil { + if errors.IsNotFound(err) { + passwordSecretExist = false + } else { + return err + } } - if isTiDBReady { - // sync password secret - var password string - secretName := controller.TiDBInitSecret(tc.Name) - secret, err := m.deps.SecretLister.Secrets(tc.Namespace).Get(secretName) - passwordSecretExist := true + if !passwordSecretExist { + klog.Infof("Create random password for cluster[%s:%s]", tc.Namespace, tc.Name) + var secret *corev1.Secret + secret, password = m.buildRandomPasswordSecret(tc) + err := m.deps.TypedControl.Create(tc, secret) if err != nil { - if errors.IsNotFound(err) { - passwordSecretExist = false - } else { - return err - } + return err } - - if !passwordSecretExist { - klog.Infof("Create random password for cluster[%s:%s]", tc.Namespace, tc.Name) - var secret *corev1.Secret - secret, password = m.buildRandomPasswordSecret(tc) - err := m.deps.TypedControl.Create(tc, secret) - if err != nil { - return err - } - } else { - password = string(secret.Data[constants.TidbRootKey]) + } else { + password = string(secret.Data[constants.TidbRootKey]) + } + // init password + var db *sql.DB + var dsn string + err = wait.PollImmediate(1*time.Second, 5*time.Second, func() (done bool, err error) { + dsn, err = util.GetDSN(tc) + if err != nil { + klog.Errorf("Can't get dsn of tidb cluster[%s:%s], err: %s", tc.Namespace, tc.Name, err) + return false, err } - // init password - var db *sql.DB - var dsn string - err = wait.PollImmediate(1*time.Second, 5*time.Second, func() (done bool, err error) { - dsn, err = util.GetDSN(tc) - if err != nil { - klog.Errorf("Can't get dsn of tidb cluster[%s:%s], err: %s", tc.Namespace, tc.Name, err) - return false, err - } - ctx, cancel := context.WithTimeout(context.Background(), 1*time.Second) - defer cancel() - db, err = util.OpenDB(ctx, dsn) - if err != nil { - klog.Warningf("Can't connect to the TiDB service of TiDB cluster[%s:%s], err: %s", tc.Namespace, tc.Name, err) - if ctx.Err() != nil { - return false, ctx.Err() - } - return false, nil - } - - return true, nil - }) - defer db.Close() + ctx, cancel := context.WithTimeout(context.Background(), 1*time.Second) + defer cancel() + db, err = util.OpenDB(ctx, dsn) if err != nil { - klog.Errorf("Can't get TiDB connection of the TiDB cluster[%s:%s], err: %s", tc.Namespace, tc.Name, err) - return err - } else { - ctx, cancel := context.WithTimeout(context.Background(), 1*time.Second) - defer cancel() - err = util.SetPassword(ctx, db, password) - if err != nil { - klog.Errorf("Fail to set TiDB password for [%s:%s], err: %s", tc.Namespace, tc.Name, err) + klog.Warningf("Can't connect to the TiDB service of TiDB cluster[%s:%s], err: %s", tc.Namespace, tc.Name, err) + if ctx.Err() != nil { + return false, ctx.Err() } - tc.Status.TiDB.PasswordInitialized = true - klog.Infof("Set password successfully for tidb[%s:%s]", tc.Namespace, tc.Name) - return nil + return false, nil } + return true, nil + }) + defer db.Close() + if err != nil { + klog.Errorf("Can't get TiDB connection of the TiDB cluster[%s:%s], err: %s", tc.Namespace, tc.Name, err) + return err } else { - klog.Infof("Set password wait for tidb[%s:%s] endpoint ready", tc.Namespace, tc.Name) + ctx, cancel := context.WithTimeout(context.Background(), 1*time.Second) + defer cancel() + err = util.SetPassword(ctx, db, password) + if err != nil { + klog.Errorf("Fail to set TiDB password for [%s:%s], err: %s", tc.Namespace, tc.Name, err) + } + tc.Status.TiDB.PasswordInitialized = true + klog.Infof("Set password successfully for tidb[%s:%s]", tc.Namespace, tc.Name) } + } return nil From e1cf3fdcf860fa952eb0cf9db7cf5760ad3b6277 Mon Sep 17 00:00:00 2001 From: mikechengwei <842725815@qq.com> Date: Sun, 23 Jan 2022 17:33:59 +0800 Subject: [PATCH 44/70] optimize code --- pkg/manager/member/tidb_member_manager.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index 81abbb6eb6..b4ff3a0482 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -270,7 +270,7 @@ func (m *tidbMemberManager) syncInitializer(tc *v1alpha1.TidbCluster) error { if epErr != nil { return fmt.Errorf("Failed to get endpoints %s for cluster %s/%s, err: %s", controller.PDMemberName(tc.Name), ns, tcName, epErr) } - // TiDB service has no endpoints + // TiDB service has endpoints if eps != nil && len(eps.Subsets) > 0 { isTiDBReady = true } From f58ba691bfc5c5ee5d98caf6af7b3a088966071a Mon Sep 17 00:00:00 2001 From: mikechengwei <842725815@qq.com> Date: Sun, 23 Jan 2022 18:06:11 +0800 Subject: [PATCH 45/70] optimize code --- pkg/manager/member/tidb_member_manager.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index b4ff3a0482..e992ea81ef 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -322,11 +322,11 @@ func (m *tidbMemberManager) syncInitializer(tc *v1alpha1.TidbCluster) error { return true, nil }) - defer db.Close() if err != nil { klog.Errorf("Can't get TiDB connection of the TiDB cluster[%s:%s], err: %s", tc.Namespace, tc.Name, err) return err } else { + defer db.Close() ctx, cancel := context.WithTimeout(context.Background(), 1*time.Second) defer cancel() err = util.SetPassword(ctx, db, password) From 9c89860dc81046257db1b350f0fbdc10ad245706 Mon Sep 17 00:00:00 2001 From: Mike <842725815@qq.com> Date: Sun, 23 Jan 2022 18:06:33 +0800 Subject: [PATCH 46/70] Update pkg/manager/member/tidb_member_manager.go Co-authored-by: DanielZhangQD <36026334+DanielZhangQD@users.noreply.github.com> --- pkg/manager/member/tidb_member_manager.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index e992ea81ef..7b5ffa1b0b 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -271,7 +271,7 @@ func (m *tidbMemberManager) syncInitializer(tc *v1alpha1.TidbCluster) error { return fmt.Errorf("Failed to get endpoints %s for cluster %s/%s, err: %s", controller.PDMemberName(tc.Name), ns, tcName, epErr) } // TiDB service has endpoints - if eps != nil && len(eps.Subsets) > 0 { + if eps != nil && len(eps.Subsets[0].Addresses) > 0 { isTiDBReady = true } From 49e7afcee72760a249ad8eee6dd7deb6796cf8f3 Mon Sep 17 00:00:00 2001 From: Mike <842725815@qq.com> Date: Sun, 23 Jan 2022 18:07:16 +0800 Subject: [PATCH 47/70] Update pkg/manager/member/tidb_member_manager.go Co-authored-by: DanielZhangQD <36026334+DanielZhangQD@users.noreply.github.com> --- pkg/manager/member/tidb_member_manager.go | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index 7b5ffa1b0b..3909e99d2e 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -275,7 +275,10 @@ func (m *tidbMemberManager) syncInitializer(tc *v1alpha1.TidbCluster) error { isTiDBReady = true } - if isTiDBReady { + if !isTiDBReady { + klog.Infof("Wait for TiDB ready for cluster %s/%s", ns, tcName) + return nil + } // sync password secret var password string secretName := controller.TiDBInitSecret(tc.Name) From a542c0a9031300095f8cab7443f32a8171ffda13 Mon Sep 17 00:00:00 2001 From: mikechengwei <842725815@qq.com> Date: Sun, 23 Jan 2022 18:07:58 +0800 Subject: [PATCH 48/70] optimize code --- pkg/manager/member/tidb_member_manager.go | 108 +++++++++++----------- 1 file changed, 53 insertions(+), 55 deletions(-) diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index 3909e99d2e..dd2da595a8 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -276,70 +276,68 @@ func (m *tidbMemberManager) syncInitializer(tc *v1alpha1.TidbCluster) error { } if !isTiDBReady { - klog.Infof("Wait for TiDB ready for cluster %s/%s", ns, tcName) - return nil + klog.Infof("Wait for TiDB ready for cluster %s/%s", ns, tcName) + return nil } - // sync password secret - var password string - secretName := controller.TiDBInitSecret(tc.Name) - secret, err := m.deps.SecretLister.Secrets(tc.Namespace).Get(secretName) - passwordSecretExist := true - if err != nil { - if errors.IsNotFound(err) { - passwordSecretExist = false - } else { - return err - } - } - - if !passwordSecretExist { - klog.Infof("Create random password for cluster[%s:%s]", tc.Namespace, tc.Name) - var secret *corev1.Secret - secret, password = m.buildRandomPasswordSecret(tc) - err := m.deps.TypedControl.Create(tc, secret) - if err != nil { - return err - } + // sync password secret + var password string + secretName := controller.TiDBInitSecret(tc.Name) + secret, err := m.deps.SecretLister.Secrets(tc.Namespace).Get(secretName) + passwordSecretExist := true + if err != nil { + if errors.IsNotFound(err) { + passwordSecretExist = false } else { - password = string(secret.Data[constants.TidbRootKey]) + return err } - // init password - var db *sql.DB - var dsn string - err = wait.PollImmediate(1*time.Second, 5*time.Second, func() (done bool, err error) { - dsn, err = util.GetDSN(tc) - if err != nil { - klog.Errorf("Can't get dsn of tidb cluster[%s:%s], err: %s", tc.Namespace, tc.Name, err) - return false, err - } - ctx, cancel := context.WithTimeout(context.Background(), 1*time.Second) - defer cancel() - db, err = util.OpenDB(ctx, dsn) - if err != nil { - klog.Warningf("Can't connect to the TiDB service of TiDB cluster[%s:%s], err: %s", tc.Namespace, tc.Name, err) - if ctx.Err() != nil { - return false, ctx.Err() - } - return false, nil - } + } - return true, nil - }) + if !passwordSecretExist { + klog.Infof("Create random password for cluster[%s:%s]", tc.Namespace, tc.Name) + var secret *corev1.Secret + secret, password = m.buildRandomPasswordSecret(tc) + err := m.deps.TypedControl.Create(tc, secret) if err != nil { - klog.Errorf("Can't get TiDB connection of the TiDB cluster[%s:%s], err: %s", tc.Namespace, tc.Name, err) return err - } else { - defer db.Close() - ctx, cancel := context.WithTimeout(context.Background(), 1*time.Second) - defer cancel() - err = util.SetPassword(ctx, db, password) - if err != nil { - klog.Errorf("Fail to set TiDB password for [%s:%s], err: %s", tc.Namespace, tc.Name, err) + } + } else { + password = string(secret.Data[constants.TidbRootKey]) + } + // init password + var db *sql.DB + var dsn string + err = wait.PollImmediate(1*time.Second, 5*time.Second, func() (done bool, err error) { + dsn, err = util.GetDSN(tc) + if err != nil { + klog.Errorf("Can't get dsn of tidb cluster[%s:%s], err: %s", tc.Namespace, tc.Name, err) + return false, err + } + ctx, cancel := context.WithTimeout(context.Background(), 1*time.Second) + defer cancel() + db, err = util.OpenDB(ctx, dsn) + if err != nil { + klog.Warningf("Can't connect to the TiDB service of TiDB cluster[%s:%s], err: %s", tc.Namespace, tc.Name, err) + if ctx.Err() != nil { + return false, ctx.Err() } - tc.Status.TiDB.PasswordInitialized = true - klog.Infof("Set password successfully for tidb[%s:%s]", tc.Namespace, tc.Name) + return false, nil } + return true, nil + }) + if err != nil { + klog.Errorf("Can't get TiDB connection of the TiDB cluster[%s:%s], err: %s", tc.Namespace, tc.Name, err) + return err + } else { + defer db.Close() + ctx, cancel := context.WithTimeout(context.Background(), 1*time.Second) + defer cancel() + err = util.SetPassword(ctx, db, password) + if err != nil { + klog.Errorf("Fail to set TiDB password for [%s:%s], err: %s", tc.Namespace, tc.Name, err) + } + tc.Status.TiDB.PasswordInitialized = true + klog.Infof("Set password successfully for tidb[%s:%s]", tc.Namespace, tc.Name) } return nil From a961848d320f457d26f45d3d58c2ebdfa24f9b62 Mon Sep 17 00:00:00 2001 From: Mike <842725815@qq.com> Date: Sun, 23 Jan 2022 18:08:34 +0800 Subject: [PATCH 49/70] Update pkg/manager/member/tidb_member_manager.go Co-authored-by: DanielZhangQD <36026334+DanielZhangQD@users.noreply.github.com> --- pkg/manager/member/tidb_member_manager.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index dd2da595a8..874ecd08d7 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -268,7 +268,7 @@ func (m *tidbMemberManager) syncInitializer(tc *v1alpha1.TidbCluster) error { isTiDBReady := false eps, epErr := m.deps.EndpointLister.Endpoints(tc.Namespace).Get(controller.TiDBMemberName(tc.Name)) if epErr != nil { - return fmt.Errorf("Failed to get endpoints %s for cluster %s/%s, err: %s", controller.PDMemberName(tc.Name), ns, tcName, epErr) + return fmt.Errorf("fail to get endpoints %s for cluster %s/%s, err: %s", controller.TiDBMemberName(tc.Name), ns, tcName, epErr) } // TiDB service has endpoints if eps != nil && len(eps.Subsets[0].Addresses) > 0 { From 44c7591d06259b12682c5fa2bd447a318d0bd4d1 Mon Sep 17 00:00:00 2001 From: mikechengwei <842725815@qq.com> Date: Sun, 23 Jan 2022 18:13:43 +0800 Subject: [PATCH 50/70] optimize code --- pkg/manager/member/tidb_member_manager.go | 1 + 1 file changed, 1 insertion(+) diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index 874ecd08d7..734b55d1c2 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -335,6 +335,7 @@ func (m *tidbMemberManager) syncInitializer(tc *v1alpha1.TidbCluster) error { err = util.SetPassword(ctx, db, password) if err != nil { klog.Errorf("Fail to set TiDB password for [%s:%s], err: %s", tc.Namespace, tc.Name, err) + return err } tc.Status.TiDB.PasswordInitialized = true klog.Infof("Set password successfully for tidb[%s:%s]", tc.Namespace, tc.Name) From 2707cfb99772711b76aff2f45a3c3f273236540d Mon Sep 17 00:00:00 2001 From: mikechengwei <842725815@qq.com> Date: Sun, 23 Jan 2022 18:18:05 +0800 Subject: [PATCH 51/70] optimize code --- pkg/manager/member/tidb_member_manager.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index 734b55d1c2..8150b59b21 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -316,11 +316,11 @@ func (m *tidbMemberManager) syncInitializer(tc *v1alpha1.TidbCluster) error { defer cancel() db, err = util.OpenDB(ctx, dsn) if err != nil { - klog.Warningf("Can't connect to the TiDB service of TiDB cluster[%s:%s], err: %s", tc.Namespace, tc.Name, err) + msg := fmt.Sprintf("can't connect to the TiDB service of TiDB cluster[%s:%s], err: %s", tc.Namespace, tc.Name, err) if ctx.Err() != nil { - return false, ctx.Err() + msg = fmt.Sprintf("%s, context error: %s", msg, ctx.Err()) } - return false, nil + return false, fmt.Errorf(msg) } return true, nil From 0b7d43840451485c0166415758d956d5a09a39a7 Mon Sep 17 00:00:00 2001 From: Mike <842725815@qq.com> Date: Sun, 23 Jan 2022 18:20:00 +0800 Subject: [PATCH 52/70] Update pkg/manager/member/tidb_member_manager.go Co-authored-by: DanielZhangQD <36026334+DanielZhangQD@users.noreply.github.com> --- pkg/manager/member/tidb_member_manager.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index 8150b59b21..d644c405cf 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -330,7 +330,7 @@ func (m *tidbMemberManager) syncInitializer(tc *v1alpha1.TidbCluster) error { return err } else { defer db.Close() - ctx, cancel := context.WithTimeout(context.Background(), 1*time.Second) + ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second) defer cancel() err = util.SetPassword(ctx, db, password) if err != nil { From d7190ea1dd284e38009770f4355fa67dc5495b08 Mon Sep 17 00:00:00 2001 From: mikechengwei <842725815@qq.com> Date: Sun, 23 Jan 2022 18:32:09 +0800 Subject: [PATCH 53/70] optimize code --- pkg/manager/member/tidb_member_manager.go | 24 +++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index 8150b59b21..1d81d24da1 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -116,10 +116,7 @@ func (m *tidbMemberManager) Sync(tc *v1alpha1.TidbCluster) error { } if tc.NeedToSyncTiDBInitializer() { - err := m.syncInitializer(tc) - if err != nil { - klog.Errorf("SyncInitializer err: %v", err) - } + m.syncInitializer(tc) } // Sync TiDB StatefulSet @@ -260,7 +257,7 @@ func (m *tidbMemberManager) syncTiDBStatefulSetForTidbCluster(tc *v1alpha1.TidbC return mngerutils.UpdateStatefulSetWithPrecheck(m.deps, tc, "FailedUpdateTiDBSTS", newTiDBSet, oldTiDBSet) } -func (m *tidbMemberManager) syncInitializer(tc *v1alpha1.TidbCluster) error { +func (m *tidbMemberManager) syncInitializer(tc *v1alpha1.TidbCluster) { // set random password ns := tc.Namespace tcName := tc.Name @@ -268,7 +265,8 @@ func (m *tidbMemberManager) syncInitializer(tc *v1alpha1.TidbCluster) error { isTiDBReady := false eps, epErr := m.deps.EndpointLister.Endpoints(tc.Namespace).Get(controller.TiDBMemberName(tc.Name)) if epErr != nil { - return fmt.Errorf("fail to get endpoints %s for cluster %s/%s, err: %s", controller.TiDBMemberName(tc.Name), ns, tcName, epErr) + klog.Errorf("Failed to get endpoints %s for cluster %s/%s, err: %s", controller.TiDBMemberName(tc.Name), ns, tcName, epErr) + return } // TiDB service has endpoints if eps != nil && len(eps.Subsets[0].Addresses) > 0 { @@ -277,7 +275,7 @@ func (m *tidbMemberManager) syncInitializer(tc *v1alpha1.TidbCluster) error { if !isTiDBReady { klog.Infof("Wait for TiDB ready for cluster %s/%s", ns, tcName) - return nil + return } // sync password secret var password string @@ -288,7 +286,8 @@ func (m *tidbMemberManager) syncInitializer(tc *v1alpha1.TidbCluster) error { if errors.IsNotFound(err) { passwordSecretExist = false } else { - return err + klog.Errorf("Failed to get endpoints %s for cluster %s/%s, err: %s", controller.TiDBMemberName(tc.Name), ns, tcName, epErr) + return } } @@ -298,7 +297,8 @@ func (m *tidbMemberManager) syncInitializer(tc *v1alpha1.TidbCluster) error { secret, password = m.buildRandomPasswordSecret(tc) err := m.deps.TypedControl.Create(tc, secret) if err != nil { - return err + klog.Errorf("Failed to create secret[%s:%s], err: %s", secret.Namespace, secret.Name, err) + return } } else { password = string(secret.Data[constants.TidbRootKey]) @@ -327,7 +327,7 @@ func (m *tidbMemberManager) syncInitializer(tc *v1alpha1.TidbCluster) error { }) if err != nil { klog.Errorf("Can't get TiDB connection of the TiDB cluster[%s:%s], err: %s", tc.Namespace, tc.Name, err) - return err + return } else { defer db.Close() ctx, cancel := context.WithTimeout(context.Background(), 1*time.Second) @@ -335,12 +335,12 @@ func (m *tidbMemberManager) syncInitializer(tc *v1alpha1.TidbCluster) error { err = util.SetPassword(ctx, db, password) if err != nil { klog.Errorf("Fail to set TiDB password for [%s:%s], err: %s", tc.Namespace, tc.Name, err) - return err + return } tc.Status.TiDB.PasswordInitialized = true klog.Infof("Set password successfully for tidb[%s:%s]", tc.Namespace, tc.Name) } - return nil + return } From aecf90ad7253025f84e521e0daba2bf78c42134d Mon Sep 17 00:00:00 2001 From: mikechengwei <842725815@qq.com> Date: Sun, 23 Jan 2022 18:46:08 +0800 Subject: [PATCH 54/70] optimize code --- pkg/manager/member/tidb_member_manager.go | 2 -- 1 file changed, 2 deletions(-) diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index d432429d05..b1624ebf18 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -340,8 +340,6 @@ func (m *tidbMemberManager) syncInitializer(tc *v1alpha1.TidbCluster) { tc.Status.TiDB.PasswordInitialized = true klog.Infof("Set password successfully for tidb[%s:%s]", tc.Namespace, tc.Name) } - return - } func (m *tidbMemberManager) buildRandomPasswordSecret(tc *v1alpha1.TidbCluster) (*corev1.Secret, string) { From 0f4a01a7988d53da408300192d57f40b53edcf9d Mon Sep 17 00:00:00 2001 From: Mike <842725815@qq.com> Date: Mon, 24 Jan 2022 11:53:37 +0800 Subject: [PATCH 55/70] Update pkg/manager/member/tidb_member_manager.go Co-authored-by: DanielZhangQD <36026334+DanielZhangQD@users.noreply.github.com> --- pkg/manager/member/tidb_member_manager.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index b1624ebf18..6d3c1efb54 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -286,7 +286,7 @@ func (m *tidbMemberManager) syncInitializer(tc *v1alpha1.TidbCluster) { if errors.IsNotFound(err) { passwordSecretExist = false } else { - klog.Errorf("Failed to get endpoints %s for cluster %s/%s, err: %s", controller.TiDBMemberName(tc.Name), ns, tcName, epErr) + klog.Errorf("Failed to get secret %s for cluster %s/%s, err: %s", secretName, ns, tcName, epErr) return } } From 56f3fc8b28f8b55195e3cfaf2f4f86c3b332afd9 Mon Sep 17 00:00:00 2001 From: Mike <842725815@qq.com> Date: Mon, 24 Jan 2022 11:53:52 +0800 Subject: [PATCH 56/70] Update pkg/manager/member/tidb_member_manager.go Co-authored-by: DanielZhangQD <36026334+DanielZhangQD@users.noreply.github.com> --- pkg/manager/member/tidb_member_manager.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index 6d3c1efb54..8ff1ba2c4f 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -297,7 +297,7 @@ func (m *tidbMemberManager) syncInitializer(tc *v1alpha1.TidbCluster) { secret, password = m.buildRandomPasswordSecret(tc) err := m.deps.TypedControl.Create(tc, secret) if err != nil { - klog.Errorf("Failed to create secret[%s:%s], err: %s", secret.Namespace, secret.Name, err) + klog.Errorf("Failed to create secret %s for cluster %s:%s, err: %s", secretName, ns, tcName, err) return } } else { From f36f667b428f8466dc904e1d2a68523840581fab Mon Sep 17 00:00:00 2001 From: Mike <842725815@qq.com> Date: Mon, 24 Jan 2022 11:54:07 +0800 Subject: [PATCH 57/70] Update pkg/manager/member/tidb_member_manager.go Co-authored-by: DanielZhangQD <36026334+DanielZhangQD@users.noreply.github.com> --- pkg/manager/member/tidb_member_manager.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index 8ff1ba2c4f..32d94c5c44 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -312,7 +312,7 @@ func (m *tidbMemberManager) syncInitializer(tc *v1alpha1.TidbCluster) { klog.Errorf("Can't get dsn of tidb cluster[%s:%s], err: %s", tc.Namespace, tc.Name, err) return false, err } - ctx, cancel := context.WithTimeout(context.Background(), 1*time.Second) + ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second) defer cancel() db, err = util.OpenDB(ctx, dsn) if err != nil { From fdb2411ff5bfac2cf03a0518d9d171552ab44778 Mon Sep 17 00:00:00 2001 From: mikechengwei <842725815@qq.com> Date: Mon, 24 Jan 2022 12:02:31 +0800 Subject: [PATCH 58/70] optimize code --- pkg/manager/member/tidb_member_manager.go | 49 +++++++++-------------- 1 file changed, 20 insertions(+), 29 deletions(-) diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index b1624ebf18..7b6bab4313 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -23,8 +23,6 @@ import ( "strings" "time" - "k8s.io/apimachinery/pkg/util/wait" - "github.com/pingcap/advanced-statefulset/client/apis/apps/v1/helper" "github.com/pingcap/tidb-operator/pkg/apis/label" "github.com/pingcap/tidb-operator/pkg/apis/pingcap/v1alpha1" @@ -263,9 +261,9 @@ func (m *tidbMemberManager) syncInitializer(tc *v1alpha1.TidbCluster) { tcName := tc.Name //check endpoints ready isTiDBReady := false - eps, epErr := m.deps.EndpointLister.Endpoints(tc.Namespace).Get(controller.TiDBMemberName(tc.Name)) + eps, epErr := m.deps.EndpointLister.Endpoints(ns).Get(controller.TiDBMemberName(tcName)) if epErr != nil { - klog.Errorf("Failed to get endpoints %s for cluster %s/%s, err: %s", controller.TiDBMemberName(tc.Name), ns, tcName, epErr) + klog.Errorf("Failed to get endpoints %s for cluster %s/%s, err: %s", controller.TiDBMemberName(tcName), ns, tcName, epErr) return } // TiDB service has endpoints @@ -279,20 +277,20 @@ func (m *tidbMemberManager) syncInitializer(tc *v1alpha1.TidbCluster) { } // sync password secret var password string - secretName := controller.TiDBInitSecret(tc.Name) - secret, err := m.deps.SecretLister.Secrets(tc.Namespace).Get(secretName) + secretName := controller.TiDBInitSecret(tcName) + secret, err := m.deps.SecretLister.Secrets(ns).Get(secretName) passwordSecretExist := true if err != nil { if errors.IsNotFound(err) { passwordSecretExist = false } else { - klog.Errorf("Failed to get endpoints %s for cluster %s/%s, err: %s", controller.TiDBMemberName(tc.Name), ns, tcName, epErr) + klog.Errorf("Failed to get endpoints %s for cluster %s/%s, err: %s", controller.TiDBMemberName(tcName), ns, tcName, epErr) return } } if !passwordSecretExist { - klog.Infof("Create random password for cluster[%s:%s]", tc.Namespace, tc.Name) + klog.Infof("Create random password for cluster[%s:%s]", ns, tcName) var secret *corev1.Secret secret, password = m.buildRandomPasswordSecret(tc) err := m.deps.TypedControl.Create(tc, secret) @@ -306,27 +304,20 @@ func (m *tidbMemberManager) syncInitializer(tc *v1alpha1.TidbCluster) { // init password var db *sql.DB var dsn string - err = wait.PollImmediate(1*time.Second, 5*time.Second, func() (done bool, err error) { - dsn, err = util.GetDSN(tc) - if err != nil { - klog.Errorf("Can't get dsn of tidb cluster[%s:%s], err: %s", tc.Namespace, tc.Name, err) - return false, err - } - ctx, cancel := context.WithTimeout(context.Background(), 1*time.Second) - defer cancel() - db, err = util.OpenDB(ctx, dsn) - if err != nil { - msg := fmt.Sprintf("can't connect to the TiDB service of TiDB cluster[%s:%s], err: %s", tc.Namespace, tc.Name, err) - if ctx.Err() != nil { - msg = fmt.Sprintf("%s, context error: %s", msg, ctx.Err()) - } - return false, fmt.Errorf(msg) - } + dsn, err = util.GetDSN(tc) + if err != nil { + klog.Errorf("Can't get dsn of tidb cluster[%s:%s], err: %s", ns, tcName, err) + return + } + ctx, cancel := context.WithTimeout(context.Background(), 1*time.Second) + defer cancel() + db, err = util.OpenDB(ctx, dsn) - return true, nil - }) if err != nil { - klog.Errorf("Can't get TiDB connection of the TiDB cluster[%s:%s], err: %s", tc.Namespace, tc.Name, err) + klog.Errorf("Can't connect to the TiDB service of the TiDB cluster[%s:%s], err: %s", ns, tcName, err) + if ctx.Err() != nil { + klog.Errorf("Can't connect to the TiDB service of the TiDB cluster[%s:%s],context error: %s", ns, tcName, ctx.Err()) + } return } else { defer db.Close() @@ -334,11 +325,11 @@ func (m *tidbMemberManager) syncInitializer(tc *v1alpha1.TidbCluster) { defer cancel() err = util.SetPassword(ctx, db, password) if err != nil { - klog.Errorf("Fail to set TiDB password for [%s:%s], err: %s", tc.Namespace, tc.Name, err) + klog.Errorf("Fail to set TiDB password for [%s:%s], err: %s", ns, tcName, err) return } tc.Status.TiDB.PasswordInitialized = true - klog.Infof("Set password successfully for tidb[%s:%s]", tc.Namespace, tc.Name) + klog.Infof("Set password successfully for tidb[%s:%s]", ns, tcName) } } From 9186b3d4845af4427a1115ebf9a8c561df06fd79 Mon Sep 17 00:00:00 2001 From: mikechengwei <842725815@qq.com> Date: Mon, 24 Jan 2022 12:11:06 +0800 Subject: [PATCH 59/70] optimize code --- pkg/manager/member/tidb_member_manager.go | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index d6b5084dd2..5e382d6fe2 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -320,7 +320,12 @@ func (m *tidbMemberManager) syncInitializer(tc *v1alpha1.TidbCluster) { } return } else { - defer db.Close() + defer func(db *sql.DB) { + err := db.Close() + if err != nil { + klog.Errorf("Closed db connection for TiDB cluster[%s:%s], err:%v", ns, tcName, err) + } + }(db) ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second) defer cancel() err = util.SetPassword(ctx, db, password) @@ -339,6 +344,7 @@ func (m *tidbMemberManager) buildRandomPasswordSecret(tc *v1alpha1.TidbCluster) ObjectMeta: metav1.ObjectMeta{ Name: controller.TiDBInitSecret(tc.Name), Namespace: tc.Namespace, + Labels: label.New().Instance(tc.Name).Labels(), }, } password := util.FixedLengthRandomPasswordBytes() From 6629a53e9019f1db8e82a9066ee0585bf93736f5 Mon Sep 17 00:00:00 2001 From: Mike <842725815@qq.com> Date: Mon, 24 Jan 2022 13:54:19 +0800 Subject: [PATCH 60/70] Update pkg/manager/member/tidb_member_manager.go Co-authored-by: DanielZhangQD <36026334+DanielZhangQD@users.noreply.github.com> --- pkg/manager/member/tidb_member_manager.go | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index 5e382d6fe2..8620c3960c 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -314,9 +314,10 @@ func (m *tidbMemberManager) syncInitializer(tc *v1alpha1.TidbCluster) { db, err = util.OpenDB(ctx, dsn) if err != nil { - klog.Errorf("Can't connect to the TiDB service of the TiDB cluster[%s:%s], err: %s", ns, tcName, err) if ctx.Err() != nil { - klog.Errorf("Can't connect to the TiDB service of the TiDB cluster[%s:%s],context error: %s", ns, tcName, ctx.Err()) + klog.Errorf("Can't connect to the TiDB service of the TiDB cluster [%s:%s], error: %s, context error: %s", ns, tcName, err, ctx.Err()) + } else { + klog.Errorf("Can't connect to the TiDB service of the TiDB cluster [%s:%s], error: %s", ns, tcName, err) } return } else { From 1d7408717a04ac03f4758bbf7c50388cb8c2c7b2 Mon Sep 17 00:00:00 2001 From: Mike <842725815@qq.com> Date: Mon, 24 Jan 2022 13:54:26 +0800 Subject: [PATCH 61/70] Update pkg/manager/member/tidb_member_manager.go Co-authored-by: DanielZhangQD <36026334+DanielZhangQD@users.noreply.github.com> --- pkg/manager/member/tidb_member_manager.go | 1 + 1 file changed, 1 insertion(+) diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index 8620c3960c..c21419c7d5 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -321,6 +321,7 @@ func (m *tidbMemberManager) syncInitializer(tc *v1alpha1.TidbCluster) { } return } else { + klog.Infof("Set random password for cluster %s/%s", ns, tcName) defer func(db *sql.DB) { err := db.Close() if err != nil { From be13332dc4fb6a8299c40ad09625792b7860e910 Mon Sep 17 00:00:00 2001 From: Mike <842725815@qq.com> Date: Mon, 24 Jan 2022 13:54:33 +0800 Subject: [PATCH 62/70] Update pkg/manager/member/tidb_member_manager.go Co-authored-by: DanielZhangQD <36026334+DanielZhangQD@users.noreply.github.com> --- pkg/manager/member/tidb_member_manager.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index c21419c7d5..7b9f107a6e 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -336,7 +336,7 @@ func (m *tidbMemberManager) syncInitializer(tc *v1alpha1.TidbCluster) { return } tc.Status.TiDB.PasswordInitialized = true - klog.Infof("Set password successfully for tidb[%s:%s]", ns, tcName) + klog.Infof("Set password successfully for TiDB cluster %s/%s", ns, tcName) } } From 066e0641ec9056caf7063441f6efced015d021b4 Mon Sep 17 00:00:00 2001 From: Mike <842725815@qq.com> Date: Mon, 24 Jan 2022 13:54:40 +0800 Subject: [PATCH 63/70] Update pkg/manager/member/tidb_member_manager.go Co-authored-by: DanielZhangQD <36026334+DanielZhangQD@users.noreply.github.com> --- pkg/manager/member/tidb_member_manager.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index 7b9f107a6e..6d45a4dbb1 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -332,7 +332,7 @@ func (m *tidbMemberManager) syncInitializer(tc *v1alpha1.TidbCluster) { defer cancel() err = util.SetPassword(ctx, db, password) if err != nil { - klog.Errorf("Fail to set TiDB password for [%s:%s], err: %s", ns, tcName, err) + klog.Errorf("Fail to set TiDB password for TiDB cluster %s/%s, err: %s", ns, tcName, err) return } tc.Status.TiDB.PasswordInitialized = true From d753684543691a59cef075c173e5692b3532a15e Mon Sep 17 00:00:00 2001 From: Mike <842725815@qq.com> Date: Mon, 24 Jan 2022 13:54:45 +0800 Subject: [PATCH 64/70] Update pkg/manager/member/tidb_member_manager.go Co-authored-by: DanielZhangQD <36026334+DanielZhangQD@users.noreply.github.com> --- pkg/manager/member/tidb_member_manager.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index 6d45a4dbb1..6f5960cad9 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -325,7 +325,7 @@ func (m *tidbMemberManager) syncInitializer(tc *v1alpha1.TidbCluster) { defer func(db *sql.DB) { err := db.Close() if err != nil { - klog.Errorf("Closed db connection for TiDB cluster[%s:%s], err:%v", ns, tcName, err) + klog.Errorf("Closed db connection for TiDB cluster %s/%s, err: %v", ns, tcName, err) } }(db) ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second) From 993e9c6d1142af2184d9bf138c2dcfac107a0896 Mon Sep 17 00:00:00 2001 From: Mike <842725815@qq.com> Date: Mon, 24 Jan 2022 13:54:51 +0800 Subject: [PATCH 65/70] Update pkg/manager/member/tidb_member_manager.go Co-authored-by: DanielZhangQD <36026334+DanielZhangQD@users.noreply.github.com> --- pkg/manager/member/tidb_member_manager.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index 6f5960cad9..325e12d952 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -290,7 +290,7 @@ func (m *tidbMemberManager) syncInitializer(tc *v1alpha1.TidbCluster) { } if !passwordSecretExist { - klog.Infof("Create random password for cluster[%s:%s]", ns, tcName) + klog.Infof("Create random password secret for cluster %s/%s", ns, tcName) var secret *corev1.Secret secret, password = m.buildRandomPasswordSecret(tc) err := m.deps.TypedControl.Create(tc, secret) From 8bb1e6d646ec84a67c18660f521a64878ae31d8c Mon Sep 17 00:00:00 2001 From: Mike <842725815@qq.com> Date: Mon, 24 Jan 2022 13:54:58 +0800 Subject: [PATCH 66/70] Update pkg/util/util.go Co-authored-by: DanielZhangQD <36026334+DanielZhangQD@users.noreply.github.com> --- pkg/util/util.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkg/util/util.go b/pkg/util/util.go index 6dd6b05dd0..51caf5ba0b 100644 --- a/pkg/util/util.go +++ b/pkg/util/util.go @@ -468,6 +468,6 @@ func SetPassword(ctx context.Context, db *sql.DB, password string) error { } // GetDSN get tidb dsn -func GetDSN(tc *v1alpha1.TidbCluster) (string, error) { - return fmt.Sprintf("root:@tcp(%s-tidb.%s:4000)/?charset=utf8mb4,utf8&multiStatements=true", tc.Name, tc.Namespace), nil +func GetDSN(tc *v1alpha1.TidbCluster) string { + return fmt.Sprintf("root:@tcp(%s-tidb.%s:4000)/?charset=utf8mb4,utf8&multiStatements=true", tc.Name, tc.Namespace) } From 590785c0ddff5bda1cb2a19cd57eb937ee8ddb0d Mon Sep 17 00:00:00 2001 From: mikechengwei <842725815@qq.com> Date: Mon, 24 Jan 2022 17:28:00 +0800 Subject: [PATCH 67/70] optimize code --- pkg/manager/member/tidb_member_manager.go | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index 325e12d952..75926747fe 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -304,11 +304,7 @@ func (m *tidbMemberManager) syncInitializer(tc *v1alpha1.TidbCluster) { // init password var db *sql.DB var dsn string - dsn, err = util.GetDSN(tc) - if err != nil { - klog.Errorf("Can't get dsn of tidb cluster[%s:%s], err: %s", ns, tcName, err) - return - } + dsn = util.GetDSN(tc) ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second) defer cancel() db, err = util.OpenDB(ctx, dsn) @@ -344,9 +340,10 @@ func (m *tidbMemberManager) buildRandomPasswordSecret(tc *v1alpha1.TidbCluster) s := &corev1.Secret{ ObjectMeta: metav1.ObjectMeta{ - Name: controller.TiDBInitSecret(tc.Name), - Namespace: tc.Namespace, - Labels: label.New().Instance(tc.Name).Labels(), + Name: controller.TiDBInitSecret(tc.Name), + Namespace: tc.Namespace, + Labels: label.New().Instance(tc.Name).Labels(), + OwnerReferences: []metav1.OwnerReference{controller.GetOwnerRef(tc)}, }, } password := util.FixedLengthRandomPasswordBytes() From 86c50fbc09377feb5bfe6a87485e953f495a7d7c Mon Sep 17 00:00:00 2001 From: mikechengwei <842725815@qq.com> Date: Mon, 24 Jan 2022 18:50:07 +0800 Subject: [PATCH 68/70] optimize code --- pkg/manager/member/tidb_member_manager.go | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index 75926747fe..f174eab3c0 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -303,8 +303,7 @@ func (m *tidbMemberManager) syncInitializer(tc *v1alpha1.TidbCluster) { } // init password var db *sql.DB - var dsn string - dsn = util.GetDSN(tc) + dsn := util.GetDSN(tc) ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second) defer cancel() db, err = util.OpenDB(ctx, dsn) From 1a7dd1b6b3d3e4a25145d95e299904e134113d00 Mon Sep 17 00:00:00 2001 From: mikechengwei <842725815@qq.com> Date: Tue, 25 Jan 2022 17:37:11 +0800 Subject: [PATCH 69/70] optimize code --- pkg/apis/pingcap/v1alpha1/tidbcluster.go | 2 +- pkg/apis/pingcap/v1alpha1/types.go | 2 +- pkg/apis/pingcap/v1alpha1/zz_generated.deepcopy.go | 5 +++++ pkg/manager/member/tidb_member_manager.go | 9 ++++++++- pkg/util/util.go | 2 +- 5 files changed, 16 insertions(+), 4 deletions(-) diff --git a/pkg/apis/pingcap/v1alpha1/tidbcluster.go b/pkg/apis/pingcap/v1alpha1/tidbcluster.go index 030408af7c..6d05bd2e12 100644 --- a/pkg/apis/pingcap/v1alpha1/tidbcluster.go +++ b/pkg/apis/pingcap/v1alpha1/tidbcluster.go @@ -733,7 +733,7 @@ func (tc *TidbCluster) IsTLSClusterEnabled() bool { } func (tc *TidbCluster) NeedToSyncTiDBInitializer() bool { - return tc.Spec.TiDB != nil && tc.Spec.TiDB.Initializer != nil && tc.Spec.TiDB.Initializer.CreatePassword && !tc.Status.TiDB.PasswordInitialized + return tc.Spec.TiDB != nil && tc.Spec.TiDB.Initializer != nil && tc.Spec.TiDB.Initializer.CreatePassword && tc.Status.TiDB.PasswordInitialized == nil } func (tc *TidbCluster) Scheme() string { diff --git a/pkg/apis/pingcap/v1alpha1/types.go b/pkg/apis/pingcap/v1alpha1/types.go index 591e9d6296..5229a61ced 100644 --- a/pkg/apis/pingcap/v1alpha1/types.go +++ b/pkg/apis/pingcap/v1alpha1/types.go @@ -1142,7 +1142,7 @@ type TiDBStatus struct { FailureMembers map[string]TiDBFailureMember `json:"failureMembers,omitempty"` ResignDDLOwnerRetryCount int32 `json:"resignDDLOwnerRetryCount,omitempty"` Image string `json:"image,omitempty"` - PasswordInitialized bool `json:"passwordInitialized,omitempty"` + PasswordInitialized *bool `json:"passwordInitialized,omitempty"` } // TiDBMember is TiDB member diff --git a/pkg/apis/pingcap/v1alpha1/zz_generated.deepcopy.go b/pkg/apis/pingcap/v1alpha1/zz_generated.deepcopy.go index 91281b1f8a..9c475dfdad 100644 --- a/pkg/apis/pingcap/v1alpha1/zz_generated.deepcopy.go +++ b/pkg/apis/pingcap/v1alpha1/zz_generated.deepcopy.go @@ -5630,6 +5630,11 @@ func (in *TiDBStatus) DeepCopyInto(out *TiDBStatus) { (*out)[key] = *val.DeepCopy() } } + if in.PasswordInitialized != nil { + in, out := &in.PasswordInitialized, &out.PasswordInitialized + *out = new(bool) + **out = **in + } return } diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index f174eab3c0..c45acc1d85 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -309,6 +309,12 @@ func (m *tidbMemberManager) syncInitializer(tc *v1alpha1.TidbCluster) { db, err = util.OpenDB(ctx, dsn) if err != nil { + if strings.Contains(fmt.Sprint(err), "Access denied") { + klog.Errorf("Can't connect to the TiDB service of the TiDB cluster [%s:%s], error: %s", ns, tcName, err) + val := false + tc.Status.TiDB.PasswordInitialized = &val + return + } if ctx.Err() != nil { klog.Errorf("Can't connect to the TiDB service of the TiDB cluster [%s:%s], error: %s, context error: %s", ns, tcName, err, ctx.Err()) } else { @@ -330,7 +336,8 @@ func (m *tidbMemberManager) syncInitializer(tc *v1alpha1.TidbCluster) { klog.Errorf("Fail to set TiDB password for TiDB cluster %s/%s, err: %s", ns, tcName, err) return } - tc.Status.TiDB.PasswordInitialized = true + val := true + tc.Status.TiDB.PasswordInitialized = &val klog.Infof("Set password successfully for TiDB cluster %s/%s", ns, tcName) } } diff --git a/pkg/util/util.go b/pkg/util/util.go index 51caf5ba0b..6961f60f5e 100644 --- a/pkg/util/util.go +++ b/pkg/util/util.go @@ -454,7 +454,7 @@ func OpenDB(ctx context.Context, dsn string) (*sql.DB, error) { } if err := db.PingContext(ctx); err != nil { db.Close() - return nil, fmt.Errorf("cannot connect to mysql, err: %v", err) + return nil, fmt.Errorf("cannot connect to tidb cluster, err: %v", err) } return db, nil } From 1fda0592db0a499fca50bd297be06b5b45d9efab Mon Sep 17 00:00:00 2001 From: mikechengwei <842725815@qq.com> Date: Tue, 25 Jan 2022 17:49:22 +0800 Subject: [PATCH 70/70] optimize code --- pkg/manager/member/tidb_member_manager.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/manager/member/tidb_member_manager.go b/pkg/manager/member/tidb_member_manager.go index c45acc1d85..251739fbf4 100644 --- a/pkg/manager/member/tidb_member_manager.go +++ b/pkg/manager/member/tidb_member_manager.go @@ -311,7 +311,7 @@ func (m *tidbMemberManager) syncInitializer(tc *v1alpha1.TidbCluster) { if err != nil { if strings.Contains(fmt.Sprint(err), "Access denied") { klog.Errorf("Can't connect to the TiDB service of the TiDB cluster [%s:%s], error: %s", ns, tcName, err) - val := false + val := true tc.Status.TiDB.PasswordInitialized = &val return }