|
Testing the client .GET() method: https://github.com/kubernetes-sigs/controller-runtime/blob/master/pkg/client/example_test.go in case where secret exists in a cluster
$ kubectl get secrets
|
NAME TYPE DATA AGE
|
default-token-hqpn5 kubernetes.io/service-account-token 3 14d
|
mariadb-sample-secret Opaque 1 40m
|
- Testing returned error and the object
root_secret := &corev1.Secret{}
|
err := r.Get(ctx, req.Namespace, root_secret)
|
log.Info("Get()", "error: ", err, "root_secret", *root_secret)
|
|
2022-06-17T01:59:20.696-0700 INFO controllers.MariaDB1 Get() {"MariaDB: ": "default/mariadb-sample", "error: ": "Secret \"mariadb-sample\" not found", "root_secret": {"metadata":{"creationTimestamp":null}}}
|
We can see that the object is not nil and there is creationTime Null (what we can use to check), also err is not nil
- Update the code with typed object (have to stop controller and run make run again to have visible changes)
err := r.Get(ctx, client.ObjectKey{
|
Namespace: req.Namespace,
|
Name: req.Name + "-secret",
|
}, root_secret)
|
log.Info("Get()", "error: ", err, "root_secret", *root_secret)
|
|
2022-06-17T01:59:56.279-0700 INFO controllers.MariaDB1 Get() {"MariaDB: ": "default/mariadb-sample", "error: ": null, "root_secret": {"kind":"Secret","apiVersion":"v1","metadata":{"name":"mariadb-sample-secret","namespace":"default","uid":"8fda9ce2-d7e2-425d-81e3-33e6a779175a","resourceVersion":"82748","creationTimestamp":"2022-06-17T08:25:44Z","managedFields":[{"manager":"main","operation":"Update","apiVersion":"v1","time":"2022-06-17T08:25:44Z","fieldsType":"FieldsV1","fieldsV1":{"f:data":{".":{},"f:mariadb-root-password":{}},"f:type":{}}}]},"data":{"mariadb-root-password":"bXlzZWNyZXQ="},"type":"Opaque"}}
|
Note here that err is nil and we got the object
- After making changes use make install build run
- Testing
# Default password
|
$ kubectl exec svc/mariadb-sample-server-service -- mariadb -uroot -pmysecret -e "select version()"
|
version()
|
10.5.17-MariaDB-1:10.5.17+maria~focal
|
|
# Update password
|
$ echo -n "newsecret"|base64
|
bmV3c2VjcmV0
|
|
$ kubectl edit secret mariadb-sample-secret
|
secret/mariadb-sample-secret edited
|
# doesn't work dynamically, had to manually stop minikube
|
$ minikube stop
|
$ kubectl exec svc/mariadb-sample-server-service -- mariadb -uroot -pmysecret -e "select version()"
|
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES)
|
command terminated with exit code 1
|
$ kubectl exec svc/mariadb-sample-server-service -- mariadb -uroot -pnewsecret -e "select version()"
|
version()
|
10.5.17-MariaDB-1:10.5.17+maria~focal
|
Commits
1. https://github.com/an3l/mariadb-k8s/commit/11a426113c88e0f9259b568c6c43828f77905293
2. https://github.com/an3l/mariadb-k8s/commit/2f309f174360b9eb8074a7f92efe4df9ef2081ad
There is small bug using client.create() that exists when creating the secret file first tim. This needs to be verified in reconciliation loop, but is minor and not affecting functionallity
2022-06-17T02:24:38.071-0700 INFO controllers.MariaDB1 Root secret doesn't exist, let me creat it:... {"MariaDB: ": "default/mariadb-sample"}
|
2022-06-17T02:24:38.076-0700 INFO controllers.MariaDB1 Secret Created successfully, RequeueAfter 5 sec {"MariaDB: ": "default/mariadb-sample"}
|
2022-06-17T02:24:38.076-0700 INFO controllers.MariaDB1 Reconciling MariaDB kind {"MariaDB: ": "default/mariadb-sample", "mariadb": ""}
|
2022-06-17T02:24:38.076-0700 INFO controllers.MariaDB1 Root secret doesn't exist, let me creat it:... {"MariaDB: ": "default/mariadb-sample"}
|
2022-06-17T02:24:38.079-0700 ERROR controllers.MariaDB1 failed to reconcile root secret! {"MariaDB: ": "default/mariadb-sample", "error": "secrets \"mariadb-sample-secret\" already exists"}
|
sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler
|
/home/anel/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.10.0/pkg/internal/controller/controller.go:311
|
sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem
|
/home/anel/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.10.0/pkg/internal/controller/controller.go:266
|
sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2
|
/home/anel/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.10.0/pkg/internal/controller/controller.go:227
|
2022-06-17T02:24:38.079-0700 ERROR controller.mariadb Reconciler error {"reconciler group": "mariak8g.mariadb.org", "reconciler kind": "MariaDB", "name": "mariadb-sample", "namespace": "default", "error": "secrets \"mariadb-sample-secret\" already exists"}
|
sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2
|
/home/anel/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.10.0/pkg/internal/controller/controller.go:227
|
|
# However secret is created
|
$ kubectl exec svc/mariadb-sample-server-service -- mariadb -uroot -pmysecret -e "select version()"
|
version()
|
10.5.17-MariaDB-1:10.5.17+maria~focal
|
|
[MDBF-378]