Skip to content

Commit

Permalink
backup: fix issue pingcap#2028
Browse files Browse the repository at this point in the history
  • Loading branch information
shuijing198799 committed Mar 30, 2020
1 parent 1284e54 commit 6e8a0bb
Show file tree
Hide file tree
Showing 16 changed files with 48 additions and 57 deletions.
2 changes: 1 addition & 1 deletion cmd/backup-manager/app/backup/backup.go
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ func (bo *Options) backupData(backup *v1alpha1.Backup) (string, error) {
return "", err
}
args = append(args, fmt.Sprintf("--pd=%s-pd.%s:2379", backup.Spec.BR.Cluster, clusterNamespace))
if backup.Spec.BR.TLSCluster != nil && backup.Spec.BR.TLSCluster.Enabled {
if bo.TLSCluster {
args = append(args, fmt.Sprintf("--ca=%s", path.Join(util.ClusterClientTLSPath, corev1.ServiceAccountRootCAKey)))
args = append(args, fmt.Sprintf("--cert=%s", path.Join(util.ClusterClientTLSPath, corev1.TLSCertKey)))
args = append(args, fmt.Sprintf("--key=%s", path.Join(util.ClusterClientTLSPath, corev1.TLSPrivateKeyKey)))
Expand Down
7 changes: 1 addition & 6 deletions cmd/backup-manager/app/backup/manager.go
Original file line number Diff line number Diff line change
Expand Up @@ -80,11 +80,6 @@ func (bm *Manager) ProcessBackup() error {
})
}

enableTLSClient := false
if backup.Spec.From.TLSClient != nil && backup.Spec.From.TLSClient.Enabled {
enableTLSClient = true
}

if backup.Spec.BR == nil {
return fmt.Errorf("no br config in %s", bm)
}
Expand All @@ -94,7 +89,7 @@ func (bm *Manager) ProcessBackup() error {
var db *sql.DB
var dsn string
err = wait.PollImmediate(constants.PollInterval, constants.CheckTimeout, func() (done bool, err error) {
dsn, err = bm.GetDSN(enableTLSClient)
dsn, err = bm.GetDSN(bm.TLSClient)
if err != nil {
klog.Errorf("can't get dsn of tidb cluster %s, err: %s", bm, err)
return false, err
Expand Down
2 changes: 2 additions & 0 deletions cmd/backup-manager/app/cmd/backup.go
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,8 @@ func NewBackupCommand() *cobra.Command {

cmd.Flags().StringVar(&bo.Namespace, "namespace", "", "Backup CR's namespace")
cmd.Flags().StringVar(&bo.ResourceName, "backupName", "", "Backup CRD object name")
cmd.Flags().BoolVar(&bo.TLSClient, "client-tls", false, "trigger of client tls")
cmd.Flags().BoolVar(&bo.TLSCluster, "cluster-tls", false, "trigger of cluster tls")
return cmd
}

Expand Down
2 changes: 2 additions & 0 deletions cmd/backup-manager/app/cmd/restore.go
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,8 @@ func NewRestoreCommand() *cobra.Command {

cmd.Flags().StringVar(&ro.Namespace, "namespace", "", "Restore CR's namespace")
cmd.Flags().StringVar(&ro.ResourceName, "restoreName", "", "Restore CRD object name")
cmd.Flags().BoolVar(&ro.TLSClient, "tls-client", false, "trigger of client tls")
cmd.Flags().BoolVar(&ro.TLSCluster, "tls-cluster", false, "trigger of cluster tls")
return cmd
}

Expand Down
7 changes: 1 addition & 6 deletions cmd/backup-manager/app/restore/manager.go
Original file line number Diff line number Diff line change
Expand Up @@ -82,17 +82,12 @@ func (rm *Manager) ProcessRestore() error {
return fmt.Errorf("no br config in %s", rm)
}

enableTLSClient := false
if restore.Spec.To.TLSClient != nil && restore.Spec.To.TLSClient.Enabled {
enableTLSClient = true
}

rm.setOptions(restore)

var db *sql.DB
var dsn string
err = wait.PollImmediate(constants.PollInterval, constants.CheckTimeout, func() (done bool, err error) {
dsn, err = rm.GetDSN(enableTLSClient)
dsn, err = rm.GetDSN(rm.TLSClient)
if err != nil {
klog.Errorf("can't get dsn of tidb cluster %s, err: %s", rm, err)
return false, err
Expand Down
2 changes: 1 addition & 1 deletion cmd/backup-manager/app/restore/restore.go
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ func (ro *Options) restoreData(restore *v1alpha1.Restore) error {
return err
}
args = append(args, fmt.Sprintf("--pd=%s-pd.%s:2379", restore.Spec.BR.Cluster, clusterNamespace))
if restore.Spec.BR.TLSCluster != nil && restore.Spec.BR.TLSCluster.Enabled {
if ro.TLSCluster {
args = append(args, fmt.Sprintf("--ca=%s", path.Join(util.ClusterClientTLSPath, corev1.ServiceAccountRootCAKey)))
args = append(args, fmt.Sprintf("--cert=%s", path.Join(util.ClusterClientTLSPath, corev1.TLSCertKey)))
args = append(args, fmt.Sprintf("--key=%s", path.Join(util.ClusterClientTLSPath, corev1.TLSPrivateKeyKey)))
Expand Down
2 changes: 2 additions & 0 deletions cmd/backup-manager/app/util/generic.go
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,8 @@ type GenericOptions struct {
Namespace string
// ResourceName can be the name of a backup or restore resource
ResourceName string
TLSClient bool
TLSCluster bool
Host string
Port int32
Password string
Expand Down
16 changes: 0 additions & 16 deletions docs/api-references/docs.html
Original file line number Diff line number Diff line change
Expand Up @@ -1546,21 +1546,6 @@ <h3 id="pingcap.com/v1alpha1.BRConfig">BRConfig
<tbody>
<tr>
<td>
<code>tlsCluster</code></br>
<em>
<a href="#pingcap.com/v1alpha1.TLSCluster">
TLSCluster
</a>
</em>
</td>
<td>
<em>(Optional)</em>
<p>Whether enable the TLS connection between TiDB server components
Optional: Defaults to nil</p>
</td>
</tr>
<tr>
<td>
<code>cluster</code></br>
<em>
string
Expand Down Expand Up @@ -6988,7 +6973,6 @@ <h3 id="pingcap.com/v1alpha1.TLSCluster">TLSCluster
</h3>
<p>
(<em>Appears on:</em>
<a href="#pingcap.com/v1alpha1.BRConfig">BRConfig</a>,
<a href="#pingcap.com/v1alpha1.TidbClusterSpec">TidbClusterSpec</a>)
</p>
<p>
Expand Down
3 changes: 0 additions & 3 deletions manifests/crd.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -7282,7 +7282,6 @@ spec:
description: TimeAgo is the history version of the backup task,
e.g. 1m, 1h
type: string
tlsCluster: {}
required:
- cluster
type: object
Expand Down Expand Up @@ -8125,7 +8124,6 @@ spec:
description: TimeAgo is the history version of the backup task,
e.g. 1m, 1h
type: string
tlsCluster: {}
required:
- cluster
type: object
Expand Down Expand Up @@ -9011,7 +9009,6 @@ spec:
description: TimeAgo is the history version of the backup task,
e.g. 1m, 1h
type: string
tlsCluster: {}
required:
- cluster
type: object
Expand Down
8 changes: 0 additions & 8 deletions pkg/apis/pingcap/v1alpha1/openapi_generated.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 0 additions & 4 deletions pkg/apis/pingcap/v1alpha1/types.go
Original file line number Diff line number Diff line change
Expand Up @@ -850,10 +850,6 @@ type BackupSpec struct {
// +k8s:openapi-gen=true
// BRConfig contains config for BR
type BRConfig struct {
// Whether enable the TLS connection between TiDB server components
// Optional: Defaults to nil
// +optional
TLSCluster *TLSCluster `json:"tlsCluster,omitempty"`
// ClusterName of backup/restore cluster
Cluster string `json:"cluster"`
// Namespace of backup/restore cluster
Expand Down
5 changes: 0 additions & 5 deletions pkg/apis/pingcap/v1alpha1/zz_generated.deepcopy.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

20 changes: 17 additions & 3 deletions pkg/backup/backup/backup_manager.go
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@ import (
"github.com/pingcap/tidb-operator/pkg/backup"
"github.com/pingcap/tidb-operator/pkg/backup/constants"
backuputil "github.com/pingcap/tidb-operator/pkg/backup/util"
v1alpha1listers "github.com/pingcap/tidb-operator/pkg/client/listers/pingcap/v1alpha1"
"github.com/pingcap/tidb-operator/pkg/controller"
"github.com/pingcap/tidb-operator/pkg/label"
"github.com/pingcap/tidb-operator/pkg/util"
Expand All @@ -39,6 +40,7 @@ type backupManager struct {
jobLister batchlisters.JobLister
jobControl controller.JobControlInterface
pvcLister corelisters.PersistentVolumeClaimLister
tcLister v1alpha1listers.TidbClusterLister
pvcControl controller.GeneralPVCControlInterface
}

Expand All @@ -50,6 +52,7 @@ func NewBackupManager(
jobLister batchlisters.JobLister,
jobControl controller.JobControlInterface,
pvcLister corelisters.PersistentVolumeClaimLister,
tcLister v1alpha1listers.TidbClusterLister,
pvcControl controller.GeneralPVCControlInterface,
) backup.BackupManager {
return &backupManager{
Expand All @@ -59,6 +62,7 @@ func NewBackupManager(
jobLister,
jobControl,
pvcLister,
tcLister,
pvcControl,
}
}
Expand Down Expand Up @@ -255,6 +259,14 @@ func (bm *backupManager) makeExportJob(backup *v1alpha1.Backup) (*batchv1.Job, s
func (bm *backupManager) makeBackupJob(backup *v1alpha1.Backup) (*batchv1.Job, string, error) {
ns := backup.GetNamespace()
name := backup.GetName()
backupNamespace := ns
if backup.Spec.BR.ClusterNamespace != "" {
backupNamespace = backup.Spec.BR.ClusterNamespace
}
tc, err := bm.tcLister.TidbClusters(backupNamespace).Get(backup.Spec.BR.Cluster)
if err != nil {
return nil, fmt.Sprintf("failed to fetch tidbcluster %s/%s", backup.Spec.BR.Cluster, backupNamespace), err
}

envVars, reason, err := backuputil.GenerateTidbPasswordEnv(ns, name, backup.Spec.From.SecretName, backup.Spec.UseKMS, bm.secretLister)
if err != nil {
Expand All @@ -277,7 +289,8 @@ func (bm *backupManager) makeBackupJob(backup *v1alpha1.Backup) (*batchv1.Job, s
backupLabel := label.NewBackup().Instance(backup.GetInstanceName()).BackupJob().Backup(name)
volumeMounts := []corev1.VolumeMount{}
volumes := []corev1.Volume{}
if backup.Spec.BR.TLSCluster != nil && backup.Spec.BR.TLSCluster.Enabled {
if tc.Spec.TLSCluster != nil && tc.Spec.TLSCluster.Enabled {
args = append(args, "--cluster-tls=true")
volumeMounts = append(volumeMounts, corev1.VolumeMount{
Name: "cluster-client-tls",
ReadOnly: true,
Expand All @@ -292,9 +305,10 @@ func (bm *backupManager) makeBackupJob(backup *v1alpha1.Backup) (*batchv1.Job, s
},
})
}
if backup.Spec.From.TLSClient != nil && backup.Spec.From.TLSClient.Enabled {
if tc.Spec.TiDB.TLSClient != nil && tc.Spec.TiDB.TLSClient.Enabled {
args = append(args, "--client-tls=true")
clientSecretName := util.TiDBClientTLSSecretName(backup.Spec.BR.Cluster)
if backup.Spec.From.TLSClient.TLSSecret != "" {
if backup.Spec.From.TLSClient != nil && backup.Spec.From.TLSClient.TLSSecret != "" {
clientSecretName = backup.Spec.From.TLSClient.TLSSecret
}
volumeMounts = append(volumeMounts, corev1.VolumeMount{
Expand Down
21 changes: 17 additions & 4 deletions pkg/backup/restore/restore_manager.go
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@ import (
"github.com/pingcap/tidb-operator/pkg/backup/constants"
backuputil "github.com/pingcap/tidb-operator/pkg/backup/util"
listers "github.com/pingcap/tidb-operator/pkg/client/listers/pingcap/v1alpha1"
v1alpha1listers "github.com/pingcap/tidb-operator/pkg/client/listers/pingcap/v1alpha1"
"github.com/pingcap/tidb-operator/pkg/controller"
"github.com/pingcap/tidb-operator/pkg/label"
"github.com/pingcap/tidb-operator/pkg/util"
Expand All @@ -40,6 +41,7 @@ type restoreManager struct {
jobLister batchlisters.JobLister
jobControl controller.JobControlInterface
pvcLister corelisters.PersistentVolumeClaimLister
tcLister v1alpha1listers.TidbClusterLister
pvcControl controller.GeneralPVCControlInterface
}

Expand All @@ -51,6 +53,7 @@ func NewRestoreManager(
jobLister batchlisters.JobLister,
jobControl controller.JobControlInterface,
pvcLister corelisters.PersistentVolumeClaimLister,
tcLister v1alpha1listers.TidbClusterLister,
pvcControl controller.GeneralPVCControlInterface,
) backup.RestoreManager {
return &restoreManager{
Expand All @@ -60,6 +63,7 @@ func NewRestoreManager(
jobLister,
jobControl,
pvcLister,
tcLister,
pvcControl,
}
}
Expand Down Expand Up @@ -240,6 +244,14 @@ func (rm *restoreManager) makeImportJob(restore *v1alpha1.Restore) (*batchv1.Job
func (rm *restoreManager) makeRestoreJob(restore *v1alpha1.Restore) (*batchv1.Job, string, error) {
ns := restore.GetNamespace()
name := restore.GetName()
restoreNamespace := ns
if restore.Spec.BR.ClusterNamespace != "" {
restoreNamespace = restore.Spec.BR.ClusterNamespace
}
tc, err := rm.tcLister.TidbClusters(restoreNamespace).Get(restore.Spec.BR.Cluster)
if err != nil {
return nil, fmt.Sprintf("failed to fetch tidbcluster %s/%s", restore.Spec.BR.Cluster, restoreNamespace), err
}

envVars, reason, err := backuputil.GenerateTidbPasswordEnv(ns, name, restore.Spec.To.SecretName, restore.Spec.UseKMS, rm.secretLister)
if err != nil {
Expand All @@ -261,7 +273,8 @@ func (rm *restoreManager) makeRestoreJob(restore *v1alpha1.Restore) (*batchv1.Jo
restoreLabel := label.NewBackup().Instance(restore.GetInstanceName()).RestoreJob().Restore(name)
volumeMounts := []corev1.VolumeMount{}
volumes := []corev1.Volume{}
if restore.Spec.BR.TLSCluster != nil && restore.Spec.BR.TLSCluster.Enabled {
if tc.Spec.TLSCluster != nil && tc.Spec.TLSCluster.Enabled {
args = append(args, "--cluster-tls=true")
volumeMounts = append(volumeMounts, corev1.VolumeMount{
Name: "cluster-client-tls",
ReadOnly: true,
Expand All @@ -276,10 +289,10 @@ func (rm *restoreManager) makeRestoreJob(restore *v1alpha1.Restore) (*batchv1.Jo
},
})
}

if restore.Spec.To.TLSClient != nil && restore.Spec.To.TLSClient.Enabled {
if tc.Spec.TiDB.TLSClient != nil && tc.Spec.TiDB.TLSClient.Enabled {
args = append(args, "--client-tls=true")
clientSecretName := util.TiDBClientTLSSecretName(restore.Spec.BR.Cluster)
if restore.Spec.To.TLSClient.TLSSecret != "" {
if restore.Spec.To.TLSClient != nil && restore.Spec.To.TLSClient.TLSSecret != "" {
clientSecretName = restore.Spec.To.TLSClient.TLSSecret
}
volumeMounts = append(volumeMounts, corev1.VolumeMount{
Expand Down
2 changes: 2 additions & 0 deletions pkg/controller/backup/backup_controller.go
Original file line number Diff line number Diff line change
Expand Up @@ -68,6 +68,7 @@ func NewController(
recorder := eventBroadcaster.NewRecorder(v1alpha1.Scheme, corev1.EventSource{Component: "backup"})

backupInformer := informerFactory.Pingcap().V1alpha1().Backups()
tcInformer := informerFactory.Pingcap().V1alpha1().TidbClusters()
jobInformer := kubeInformerFactory.Batch().V1().Jobs()
pvcInformer := kubeInformerFactory.Core().V1().PersistentVolumeClaims()
secretInformer := kubeInformerFactory.Core().V1().Secrets()
Expand All @@ -88,6 +89,7 @@ func NewController(
jobInformer.Lister(),
jobControl,
pvcInformer.Lister(),
tcInformer.Lister(),
pvcControl,
),
),
Expand Down
2 changes: 2 additions & 0 deletions pkg/controller/restore/restore_controller.go
Original file line number Diff line number Diff line change
Expand Up @@ -68,6 +68,7 @@ func NewController(
recorder := eventBroadcaster.NewRecorder(v1alpha1.Scheme, corev1.EventSource{Component: "restore"})

restoreInformer := informerFactory.Pingcap().V1alpha1().Restores()
tcInformer := informerFactory.Pingcap().V1alpha1().TidbClusters()
backupInformer := informerFactory.Pingcap().V1alpha1().Backups()
jobInformer := kubeInformerFactory.Batch().V1().Jobs()
pvcInformer := kubeInformerFactory.Core().V1().PersistentVolumeClaims()
Expand All @@ -87,6 +88,7 @@ func NewController(
jobInformer.Lister(),
jobControl,
pvcInformer.Lister(),
tcInformer.Lister(),
pvcControl,
),
),
Expand Down

0 comments on commit 6e8a0bb

Please sign in to comment.