charts icon indicating copy to clipboard operation
charts copied to clipboard
verified publisher icon cloudnative-pg

Backup on Azure using ConnectionString is not working

Open dannyyy opened this issue 1 year ago • 0 comments

I configured the values.yaml accordingly to the documentation by providing an existing secret azure-backup and the destinationPath. One of the given configuration tuples should be enought: Image

backups:
  # -- You need to configure backups manually, so backups are disabled by default.
  enabled: true

  # -- Overrides the provider specific default endpoint. Defaults to:
  # S3: https://s3.<region>.amazonaws.com"
  endpointURL: ""  # Leave empty if using the default S3 endpoint
  # -- Specifies a CA bundle to validate a privately signed certificate.
  endpointCA:
    # -- Creates a secret with the given value if true, otherwise uses an existing secret.
    create: false
    name: ""
    key: ""
    value: ""

  # -- Overrides the provider specific default path. Defaults to:
  # S3: s3://<bucket><path>
  # Azure: https://<storageAccount>.<serviceName>.core.windows.net/<containerName><path>
  # Google: gs://<bucket><path>
  destinationPath: "https://myaccount.blob.core.windows.net/postgresql"
  # -- One of `s3`, `azure` or `google`
  provider: azure
  s3:
    region: ""
    bucket: ""
    path: "/"
    accessKey: ""
    secretKey: ""
  azure:
    path: "/"
    connectionString: ""
    storageAccount: ""
    storageKey: ""
    storageSasToken: ""
    containerName: ""
    serviceName: blob
    inheritFromAzureAD: false
  google:
    path: "/"
    bucket: ""
    gkeEnvironment: false
    applicationCredentials: ""
  secret:
    # -- Whether to create a secret for the backup credentials
    create: true
    # -- Name of the backup credentials secret
    name: "azure-backup"

The secret looks like this:

apiVersion: v1
data:
  AZURE_STORAGE_CONNECTION_STRING: <MY_BASE64_CONNECTION_STRING>
kind: Secret
metadata:
  name: azure-backup
  namespace: postgresql
type: Opaque

I also played around setting create: false. But this setting is either obsolete in the current version or preview for a future release. A change doesn't has any impact on the generated manifests from Helm!

Error:

postgres {"level":"error","ts":"2025-01-04T15:39:26.483500899Z","msg":"while getting backup credentials","logger":"instance-manager","logging_pod":"cnpg-cluster-test-1","controller":"instance-cluster","controllerGroup":"postgresql.cnpg.io","controllerKind":"Cluster","Cluster":{"name":"cnpg-cluster-test","namespace":"postgresql"},"namespace":"postgresql","name":"cnpg-cluster-test","reconcileID":"09b2e04a-b4d2-4c0e-9e14-113dbbeff0b5","logging_pod":"cnpg-cluster-test-1","error":"missing key AZURE_STORAGE_ACCOUNT, inside secret azure-backup","stacktrace":"github.com/cloudnative-pg/machinery/pkg/log.(*logger).Error\n\tpkg/mod/github.com/cloudnative-pg/[email protected]/pkg/log/log.go:125\ngithub.com/cloudnative-pg/cloudnative-pg/internal/management/controller.(*InstanceReconciler).shouldUpdateWALArchiveSettingsCache\n\tinternal/management/controller/cache.go:104\ngithub.com/cloudnative-pg/cloudnative-pg/internal/management/controller.(*InstanceReconciler).updateCacheFromCluster\n\tinternal/management/controller/cache.go:40\ngithub.com/cloudnative-pg/cloudnative-pg/internal/management/controller.(*InstanceReconciler).Reconcile\n\tinternal/management/controller/instance_controller.go:125\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...[]).Reconcile\n\tpkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:116\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...[]).reconcileHandler\n\tpkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:303\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...[]).processNextWorkItem\n\tpkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:263\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...[]).Start.func2.2\n\tpkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:224"}
postgres {"level":"error","ts":"2025-01-04T15:39:26.484315753Z","msg":"while getting recover credentials","logger":"instance-manager","logging_pod":"cnpg-cluster-test-1","controller":"instance-cluster","controllerGroup":"postgresql.cnpg.io","controllerKind":"Cluster","Cluster":{"name":"cnpg-cluster-test","namespace":"postgresql"},"namespace":"postgresql","name":"cnpg-cluster-test","reconcileID":"09b2e04a-b4d2-4c0e-9e14-113dbbeff0b5","logging_pod":"cnpg-cluster-test-1","error":"missing key AZURE_STORAGE_ACCOUNT, inside secret azure-backup-","stacktrace":"github.com/cloudnative-pg/machinery/pkg/log.(*logger).Error\n\tpkg/mod/github.com/cloudnative-pg/[email protected]/pkg/log/log.go:125\ngithub.com/cloudnative-pg/cloudnative-pg/internal/management/controller.(*InstanceReconciler).updateWALRestoreSettingsCache\n\tinternal/management/controller/cache.go:71\ngithub.com/cloudnative-pg/cloudnative-pg/internal/management/controller.(*InstanceReconciler).updateCacheFromCluster\n\tinternal/management/controller/cache.go:45\ngithub.com/cloudnative-pg/cloudnative-pg/internal/management/controller.(*InstanceReconciler).Reconcile\n\tinternal/management/controller/instance_controller.go:125\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...[]).Reconcile\n\tpkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:116\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...[]).reconcileHandler\n\tpkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:303\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...[]).processNextWorkItem\n\tpkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:263\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...[]).Start.func2.2\n\tpkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:224"}

dannyyy avatar Jan 04 '25 16:01 dannyyy