k8s部署mysql踩坑 mysqladmin: [ERROR] unknown option ‘--“‘.
FQA问题记录
·
前言
环境:k8s、centos7.9
创建了一个mysql的deployment文件
[root@matser mysql]# vim deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: mysql
labels:
app: mysql
spec:
selector:
matchLabels:
app: mysql
strategy:
type: Recreate
template:
metadata:
labels:
app: mysql
spec:
nodeSelector:
kubernetes.io/hostname: node1
containers:
- image: mysql:8.0.31
name: mysql
env:
- name: MYSQL_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: myql-secret
key: MYSQL_ROOT_PASSWORD
ports:
- containerPort: 3306
name: mysql
securityContext:
privileged: true
运行之后发现pod日志一直报错:
[root@matser mysql]# kubectl logs mysql-59c5c64ff5-gw2q5
2022-12-11 07:08:43+00:00 [Note] [Entrypoint]: Entrypoint script for MySQL Server 8.0.31-1.el8 started.
2022-12-11 07:08:43+00:00 [Note] [Entrypoint]: Switching to dedicated user 'mysql'
2022-12-11 07:08:43+00:00 [Note] [Entrypoint]: Entrypoint script for MySQL Server 8.0.31-1.el8 started.
2022-12-11 07:08:43+00:00 [Note] [Entrypoint]: Initializing database files
2022-12-11T07:08:43.378696Z 0 [Warning] [MY-011068] [Server] The syntax '--skip-host-cache' is deprecated and will be removed in a future release. Please use SET GLOBAL host_cache_size=0 instead.
2022-12-11T07:08:43.378759Z 0 [System] [MY-013169] [Server] /usr/sbin/mysqld (mysqld 8.0.31) initializing of server in progress as process 80
2022-12-11T07:08:43.382332Z 1 [System] [MY-013576] [InnoDB] InnoDB initialization has started.
2022-12-11T07:08:43.623727Z 1 [System] [MY-013577] [InnoDB] InnoDB initialization has ended.
2022-12-11T07:08:44.223350Z 6 [Warning] [MY-010453] [Server] root@localhost is created with an empty password ! Please consider switching off the --initialize-insecure option.
2022-12-11 07:08:46+00:00 [Note] [Entrypoint]: Database files initialized
2022-12-11 07:08:46+00:00 [Note] [Entrypoint]: Starting temporary server
2022-12-11T07:08:46.798760Z 0 [Warning] [MY-011068] [Server] The syntax '--skip-host-cache' is deprecated and will be removed in a future release. Please use SET GLOBAL host_cache_size=0 instead.
2022-12-11T07:08:46.801381Z 0 [System] [MY-010116] [Server] /usr/sbin/mysqld (mysqld 8.0.31) starting as process 131
2022-12-11T07:08:46.810709Z 1 [System] [MY-013576] [InnoDB] InnoDB initialization has started.
2022-12-11T07:08:47.299450Z 1 [System] [MY-013577] [InnoDB] InnoDB initialization has ended.
2022-12-11T07:08:47.533405Z 0 [Warning] [MY-010068] [Server] CA certificate ca.pem is self signed.
2022-12-11T07:08:47.533435Z 0 [System] [MY-013602] [Server] Channel mysql_main configured to support TLS. Encrypted connections are now supported for this channel.
2022-12-11T07:08:47.534510Z 0 [Warning] [MY-011810] [Server] Insecure configuration for --pid-file: Location '/var/run/mysqld' in the path is accessible to all OS users. Consider choosing a different directory.
2022-12-11T07:08:47.558040Z 0 [System] [MY-011323] [Server] X Plugin ready for connections. Socket: /var/run/mysqld/mysqlx.sock
2022-12-11T07:08:47.558184Z 0 [System] [MY-010931] [Server] /usr/sbin/mysqld: ready for connections. Version: '8.0.31' socket: '/var/run/mysqld/mysqld.sock' port: 0 MySQL Community Server - GPL.
2022-12-11 07:08:47+00:00 [Note] [Entrypoint]: Temporary server started.
'/var/lib/mysql/mysql.sock' -> '/var/run/mysqld/mysqld.sock'
Warning: Unable to load '/usr/share/zoneinfo/iso3166.tab' as time zone. Skipping it.
Warning: Unable to load '/usr/share/zoneinfo/leapseconds' as time zone. Skipping it.
Warning: Unable to load '/usr/share/zoneinfo/tzdata.zi' as time zone. Skipping it.
Warning: Unable to load '/usr/share/zoneinfo/zone.tab' as time zone. Skipping it.
Warning: Unable to load '/usr/share/zoneinfo/zone1970.tab' as time zone. Skipping it.
2022-12-11 07:08:49+00:00 [Note] [Entrypoint]: Stopping temporary server
mysqladmin: [ERROR] unknown option '--"'.
2022-12-11 07:08:49+00:00 [ERROR] [Entrypoint]: Unable to shut down server.
经排查发现是secret存在问题,因为secret是使用yaml 创建的,
[root@matser mysql]# cat mysql-secret.yaml
apiVersion: v1
kind: Secret
metadata:
name: myql-secret
type: Opaque
data:
MYSQL_ROOT_PASSWORD: aHVhZnUxMjM0NTYK
[root@matser mysql]#
而正式这个密码存在问题,记得当时是直接在命令行页面使用如下命令生成了加密后的密码填写的yaml文件:
如下:这看似没有没有什么问题,但是却存在很大的问题,最致命的是存在回车符了
[root@matser mysql]# echo "123456" | base64
MTIzNDU2Cg==
[root@matser mysql]#
我们来看一下使用kubectl create secret
命令来创建secret看看加密的secret是什么样子的:
[root@matser mysql]# kubectl create secret generic myql-secret1 --from-literal=MYSQL_ROOT_PASSWORD=123456 --dry-run=client -oyaml
apiVersion: v1
data:
MYSQL_ROOT_PASSWORD: MTIzNDU2
kind: Secret
metadata:
creationTimestamp: null
name: myql-secret1
[root@matser mysql]# echo "MTIzNDU2" | base64 -d #解码出来是没有回车符的
123456[root@matser mysql]#
以上,我们建议生成secret 使用 kubectl create secret generic myql-secret1 --from-literal=MYSQL_ROOT_PASSWORD=123456 --dry-run=client -oyaml >> mysql-secret.yaml
的形式来避免出现这种问题。
更多推荐
已为社区贡献32条内容
所有评论(0)