cloudnative-pg icon indicating copy to clipboard operation
cloudnative-pg copied to clipboard
verified publisher icon cloudnative-pg

[Bug]: Backups using Azure Blob Storage don't work on Azure Government Cloud

Open Tyagdit opened this issue 1 year ago • 0 comments

Is there an existing issue already for this bug?

  • [X] I have searched for an existing issue, and could not find anything. I believe this is a new bug.

I have read the troubleshooting guide

  • [X] I have read the troubleshooting guide and I think this is a new bug.

I am running a supported version of CloudNativePG

  • [X] I have read the troubleshooting guide and I think this is a new bug.

Contact Details

No response

Version

1.23.2

What version of Kubernetes are you using?

1.29

What is your Kubernetes environment?

Cloud: Azure AKS

How did you install the operator?

Helm

What happened?

I'm trying to set up backups on azure blob storage in an azure government cloud tenant but that fails. I found a relevant issue on the barman repo here. I've tried with and without the storage-account secret

Cluster resource

apiVersion: postgresql.cnpg.io/v1
kind: Cluster
metadata:
  name: main-cluster
spec:
  instances: 2
  inheritedMetadata:
    labels:
      azure.workload.identity/use: "true"
  serviceAccountTemplate:
    metadata:
      labels:
        azure.workload.identity/use: "true"
      annotations:
        azure.workload.identity/client-id: "<client-id>"
  backup:
    barmanObjectStore:
      destinationPath: https://<account-name>.blob.core.usgovcloudapi.net/postgres/backup
      azureCredentials:
        inheritFromAzureAD: true
        # storageAccount:
        #   name: storage-account
        #   key: name
      wal:
        compression: gzip
        encryption: AES256
      data:
        compression: gzip
        encryption: AES256
        immediateCheckpoint: false
        jobs: 2
    retentionPolicy: "30d"

Relevant log output

{"level":"info","ts":"2024-08-02T10:44:08Z","logger":"barman-cloud-wal-archive","msg":"2024-08-02 10:44:08,917 [1321] ERROR: Barman cloud WAL archiver exception: A connection string must be provided when using emulated storage","pipe":"stderr","logging_pod":"main-cluster-2"}
{"level":"error","ts":"2024-08-02T10:44:08Z","msg":"Error invoking barman-cloud-wal-archive","logging_pod":"main-cluster-2","walName":"pg_wal/00000002.history","currentPrimary":"main-cluster-2","targetPrimary":"main-cluster-2","options":["--gzip","-e","AES256","--cloud-provider","azure-blob-storage","--credential","managed-identity","https://<account-name>.blob.core.usgovcloudapi.net/postgres/backup","main-cluster","pg_wal/00000002.history"],"exitCode":-1,"error":"exit status 4","stacktrace":"github.com/cloudnative-pg/cloudnative-pg/pkg/management/log.(*logger).Error\n\tpkg/management/log/log.go:125\ngithub.com/cloudnative-pg/cloudnative-pg/pkg/management/log.Error\n\tpkg/management/log/log.go:163\ngithub.com/cloudnative-pg/cloudnative-pg/pkg/management/barman/archiver.(*WALArchiver).Archive\n\tpkg/management/barman/archiver/archiver.go:186\ngithub.com/cloudnative-pg/cloudnative-pg/pkg/management/barman/archiver.(*WALArchiver).ArchiveList.func1\n\tpkg/management/barman/archiver/archiver.go:131"}

Code of Conduct

  • [X] I agree to follow this project's Code of Conduct

Tyagdit avatar Aug 02 '24 12:08 Tyagdit