Search code examples
mysqlkuberneteskubernetes-helm

Db migration in Helm mysql.initializationFiles causes the pod to crash

I'm building a helm chart with a MySQL dependency. It's being set up okay when empty, but I want to run an sh file on the pod that would copy some data from somewhere else. For this I want to use the initializationFiles constructions from the documentation https://github.com/helm/charts/tree/master/stable/mysql

My values.yaml part related to this dependendency looks like this:

mysql:
  mysqlRootPassword: somePass
  mysqlPassword : somePass
  mysqlUser: user
  appPassword: somePass
  initializationFiles:
    db.sh: |-
      #!/bin/sh
      touch dump.sql

Looks like the code under initializationFiles stanza is tried to be executed and causes the pod to fail. Since this stanza is executed only once by design, the second attempt succeeds, and when the pod is running I don't see any new file when I do kubectl exec -it pod_name -- bash -c ls

I have tried this:

...
  initializationFiles:
    - db.sh

and put the db.sh file in the same folder as values.yaml, but this still didn't work. What is the correct way to execute an sh file when the dependency MySQL pod is being set up? Kubernetes version 1.17, helm 3.5.0

I see that the file is actually copied to the docker-entrypoint-initdb.d, but it's not executed, no new file created.

root@mypod:/docker-entrypoint-initdb.d# ls -la
lrwxrwxrwx 1 root root 12 Mar  6 00:14 db.sh -> ..data/db.sh
root@mypod:/docker-entrypoint-initdb.d# cat db.sh
#!/bin/sh
touch dump.sql

I've tried to run the file manually, and got permission denied:

root@mypod:/# ./docker-entrypoint-initdb.d/db.sh
bash: ./docker-entrypoint-initdb.d/db.sh: Permission denied

If I change my command to echo test then the sh file is executed, I can see this in the logs of the pod. Looks like changing the filesystem is prohibited, but doing touch /dump.sql or touch /home/dump.sql doesn't work either.

Solution

  • MUAHAHA I did it. The scripts inside ./docker-entrypoint-initdb.d/ are executed by the mysql user.

    After poking around inside the pod I've found a directory for which the mysql user has write permissions. So I just write the file there and delete afterwards to initialize the dbs. Now the whole stanza looks like this:

    mysql:
  mysqlRootPassword: myPass
  mysqlPassword : myPass
  mysqlUser: user
  appPassword: myPass
  initializationFiles:
    db.sh: |-
      #!/bin/sh
      mysqldump -h remoteDbUrl -u remoteUser -pRemotePass --databases db1 db2 > /var/lib/mysql/dump.sql
      mysql -uroot -pmyPass < /var/lib/mysql/dump.sql
      rm /var/lib/mysql/dump.sql
      echo "GRANT ALL PRIVILEGES ON *.* TO 'user'@'%' IDENTIFIED BY 'myPass';" | mysql -uroot -pmyPass