Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

backup has started to fail, and now fails each time

Description

The backup was working but is now failing.

 

I havn't made any changes to the configuration so I don't know how to resolve, apart from re-creating the cluster.  Any hints ?

 

Logs are attached

Environment

None

Attachments

2
  • 22 Feb 2023, 08:25 AM
  • 22 Feb 2023, 08:22 AM

Activity

Sveta Smirnova December 13, 2023 at 9:12 PM

Thank you for the report.

Due to the no feedback from a long time on requested details we are closing this bug. Please report a new bug with the repeatable test case, if you are still able to reproduce the issue.

Slava Sarzhan October 12, 2023 at 4:07 PM

Hi  

  • is the operator meant to manage certificate expiration, and re-issue when required ?
    In the case of cert-manager deployment certificates will be re-issue automatically 

  • are the certificates meant to be necessary to connect from the backup pod to the pxc pod ?
    Yes, the operator runs an additional pod and this pod should be able to connect to the cluster.

  • why did the restore pod not have the same connection issues as the backup pod ?
    In the case of restoration, we do not have any additional pods in the cluster. 

Cameron Braid April 9, 2023 at 11:25 PM

Some more information - I was able to perform a restore from backup - so it is only backup pods that can't connect to the pxc pod.

Also I discovered that the issue with the backup pod connecting to the pxc pod was due to a certificate expired error reported in the pcx logs container.

2023-04-09T09:35:25.061830Z 0 [Warning] [MY-000000] [Galera] Handshake failed: sslv3 alert certificate expired

Since this was a staging database, I tried deleting the xtradb-ssl and xtradb-ssl-internal secrets (my cluster name is xtradb) hoping that the operator would re-issue them, however it just started working without the secrets, and the backup is now working fine.

So a couple of questions arise from this

  • is the operator meant to manage certificate expiration, and re-issue when required ?

  • are the certificates meant to be necessary to connect from the backup pod to the pxc pod ?

  • why did the restore pod not have the same connection issues as the backup pod ?

Anyway, I'm glad to at least have a workaround if I was to face this issue in production

 

Cheers

 

Cameron

Slava Sarzhan March 14, 2023 at 11:52 AM

, We need to have your CR and log from the logs container as well. As I can see you have a full cluster crush and your backup pod can't connect to your pxc-0 pod.

Cameron Braid February 22, 2023 at 8:25 AM

i've added the logs for the 'pcx' container of the pcx-0 pod as well

Not a Bug

Details

Assignee

Reporter

Needs QA

Yes

Affects versions

Priority

Smart Checklist

Created February 22, 2023 at 8:21 AM
Updated December 13, 2023 at 9:12 PM
Resolved December 13, 2023 at 9:12 PM