Uploaded image for project: 'Percona Monitoring and Management'
  1. Percona Monitoring and Management
  2. PMM-7701

DBaaS: PSMDB clusters stuck in initializing due to special characters in secrets

    XMLWordPrintable

Details

    • 0.5
    • 05 - Server Integrations, 06 - Server Integrations
    • Yes
    • Yes
    • Server Integrations

    Description

      User impact:

      If MONGODB_USER_ADMIN_PASSWORD contains any special characters (~=+%^*/()[]{}/[email protected]#$?|) the cluster will be stuck in initializing. This will be fixed with 1.8.0 operator https://jira.percona.com/browse/K8SPSMDB-364. Workaround is to edit the password in dbaas-<psmdb-name>-psmdb-secret and start new cluster with the same name. But in this case new secrets are generated too.

      STR:

      Run EKS cluster
      Install PSMDB operator 1.7.0

      curl -sSf -m 30 https://raw.githubusercontent.com/percona/percona-server-mongodb-operator/v1.7.0/deploy/bundle.yaml \
| kubectl apply -f -
curl -sSf -m 30 https://raw.githubusercontent.com/percona/percona-server-mongodb-operator/v1.7.0/deploy/secrets.yaml \
| sed "s/PMM_SERVER_USER:.*$/PMM_SERVER_USER: ${PMM_USER}/g;s/PMM_SERVER_PASSWORD:.*$/PMM_SERVER_PASSWORD: ${PMM_PASS}/g;" \
| kubectl apply -f -

      Register the EKS and create a new MongoDB cluster in DBaaS; cluster should be stuck in init because secrets contain unsupported chars

      kubectl get secrets dbaas-qwer2-psmdb-secrets -o json | jq -r .data.MONGODB_USER_ADMIN_PASSWORD
NUV9K3l2bEdsUjEqcFM5bj1IREV8Yykx

echo 'NUV9K3l2bEdsUjEqcFM5bj1IREV8Yykx' | base64 --decode
5E}+yvlGlR1*pS9n=HDE|c)1

      Delete the MongoDB cluster

      kubectl delete perconaservermongodbs.psmdb.percona.com qwer2

      Edit MONGODB_USER_ADMIN_PASSWORD to 'dXNlckFkbWluMTIzNDU2'

      kubectl edit secret dbaas-qwer2-psmdb-secrets

      Create new MongoDB cluster with same name in DBaaS and check secrets again

      Result:

      New secrets generated

      kubectl get secrets dbaas-qwer2-psmdb-secrets -o json | jq -r .data.MONGODB_USER_ADMIN_PASSWORD
bFhMNEJFIWQqOFlUK0tlVGRQL2p0UGFD
echo 'bFhMNEJFIWQqOFlUK0tlVGRQL2p0UGFD' | base64 --decode
lXL4BE!d*8YT+KeTdP/jtPaC

      Suggested implementation:

      Special characters could be removed temporarily until 1.8.0 operator is released
      https://github.com/percona-platform/dbaas-controller/blob/main/service/k8sclient/k8sclient.go#L348 ** 

      Attachments

        Issue Links

          mentioned in

          Page Loading...

          Activity

            People

              jan.prukner Jan Prukner (Inactive)
              beata.handzelova1 Beata Handzelova (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Smart Checklist