-
Notifications
You must be signed in to change notification settings - Fork 25
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Adding https checks for HAproxy and Galera #494
Conversation
111da2f
to
791c20f
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I thought about that approach for a while now, and I don't think this is a good idea to use the metrics exporter for this:
- The result from the exporter can get "huge" for really big instances with loads of databases and tables and the
300k
intune.bufsize
might not be enough. - It puts a lot of strain on the haproxy if he has to parse the result every time for that
mysql_global_status_wsrep_ready
string. Especially for big clusters with loads of metrics - It puts unnecessary strain on the cluster as it queries the endpoint every second.
- If the exporter fails (or the query is too slow or too big), the whole instance goes down.
so what do You suggest? should we write custom sidecar? how is that solution better? |
Also using |
I took info from docs:
Ready to receive queries sounds like it should be ready to receive queries :D the only reason why I like solution with sidecar is this buffer which is hard to estimate and 244kB is not that small amout. but saving memory in haproxy would cause that we need to run 3 sidecars on each database engine consuming resources as well. It's Your call @TheBigLee I'm OK with both solutions |
Can this be some kind of an alternative solution ? |
unfortunately not, whole thing is to detect when galera is ready, not mariadb itself :/ |
But MariaDB will not respond ok if galera cluster is not working on that node no? |
It can actually. MariaDB can respond ok but not accept queries (eg. when in DONOR mode) |
Unfortunately I have limited knowledge with reverse proxies / load balancers such as HAProxy and Nginx. Nevertheless I took some time and read relevant docs and some blogs. There are 2 facts:
Now my 2 cents on these:
Conclusion: @Kidswiss we might also want to hear from you on this sensitive topic. |
I agree with the consent here, given that the output of the exporter is so huge and we need to adjust not recommended settings, we should look for an alternative. IMHO a script check would be the optimal solution here, the script could connect to the instance, query the wsrep status (or other relevant things, like donor status) and return back the readiness of a given node. I would not go with webserver that exports that information again. Then we'll have yet another long running thing that could break. Also the indirect nature of that approach would probably introduce new edge cases. |
Short summary:
I'd be very happy to get some critic as I'm very inexperienced in helm charts development and I don't even know what should I look for. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm also no helm expert.
Just one nit, the rest looks good.
kind: ConfigMap | ||
apiVersion: v1 | ||
data: | ||
script.sh: "#!/bin/bash\n\n# Run the MySQL query and store the result in a Bash |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can't helm read from a file and insert the string here?
Having the script separate in a readable form would greatly help the reviewability/maintainability of this script.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
+1 on that. I would try to do this via file if possible.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
As a compromise I fixed formatting - wdyt?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
A separate file would make it easier to check with shellcheck.
There's a way to read files in helm: https://helm.sh/docs/chart_template_guide/accessing_files/
Something like this should do the trick:
data:
script.sh: |-
{{ .Files.Get "script.sh" }}
kind: ConfigMap | ||
apiVersion: v1 | ||
data: | ||
script.sh: "#!/bin/bash\n\n# Run the MySQL query and store the result in a Bash |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
+1 on that. I would try to do this via file if possible.
The script doesn't seem to work in the current state:
|
appuio/haproxy/README.md
Outdated
@@ -1,6 +1,6 @@ | |||
# haproxy | |||
|
|||
![Version: 2.3.1](https://img.shields.io/badge/Version-2.3.1-informational?style=flat-square) ![AppVersion: 2.7.3](https://img.shields.io/badge/AppVersion-2.7.3-informational?style=flat-square) | |||
![Version: 2.3.2](https://img.shields.io/badge/Version-2.3.2-informational?style=flat-square) ![AppVersion: 2.7.3](https://img.shields.io/badge/AppVersion-2.7.3-informational?style=flat-square) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would set the version of the helm chart to 2.4.0
.
appuio/haproxy/files/galera-check.sh
Outdated
fi | ||
|
||
if [ $wsrep_ready != "ON" ]; then | ||
echo Error: wsrep_ready is not ON, actual status is: $WSREP_READY |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
echo Error: wsrep_ready is not ON, actual status is: $WSREP_READY | |
echo Error: wsrep_ready is not ON, actual status is: $wsrep_ready |
Please run your script through shellcheck when the script is finished to catch some bash specific issues. |
What this PR does / why we need it:
Checklist
make docs
chart/<chart-name>
[
bug
,enhancement
,documentation
,change
,breaking
,dependency
]