feat: use MariaDB operator for creating OpenStack oslo db connection string#698
Draft
feat: use MariaDB operator for creating OpenStack oslo db connection string#698
Conversation
Generate and inject the database connection info via a secret generated by the MariaDB operator to create a connection string that matches what oslo.config reads. Unfortunately OpenStack Helm doesn't always respect the mount for the db_sync job so this won't work until that's fixed upstream and we bump to releases with those fixes for all the services.
Since we're now using the MariaDB operator to generate the DB connection, we don't need to have this generated by OpenStack Helm. So that means we don't need to inject the passwords in via plain text since OpenStack Helm does not support passing secrets by reference. Instead we are using the db connection snippet of the prior commit. Keystone and Placement currently do not support mounting the DB connection snippet for the db_sync job currently so we must wait until that is fixed upstream and we bump to a new enough version. Placement fix: https://review.opendev.org/c/openstack/openstack-helm/+/942131
cardoe
force-pushed
the
mariadb-connections
branch
from
10d8272 to
641b51c
Compare
Contributor
Author
|
Based on upstream feedback, https://review.opendev.org/c/openstack/openstack-helm-infra/+/942294 will do it generically for all charts using the db-sync job. This isn't necessarily complete because there are other pods that have the config mounted and we'll need to see if those need the database credentials and then make sure to get that loaded into those pods. There might be more fixed needed upstream to get the loading working. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Rather than having to pass around the DB password in plain text to OpenStack Helm, let the MariaDB operator create a file snippet that contains the properly formatted db connection string for oslo.config to use and let each of our services load it.
Blocked until the following changes are merged and our chart is updated to a new enough version to have it: