I've created a custom image based on timescaledb where I've installed wal2json and I'm trying to deploy it on my kubernetes cluster using the crunchydata-postgres-operator. I've managed to set everything up except credentials to access the database.
I'm trying to create the pgo cluster with the following command:
pgo create cluster my-db --ccp-image-prefix="eu.gcr.io/<project-id>" --ccp-image="timescale-custom" -c latest -d <dbname> -u <username> --password="<my_password>"
This command executes successfully, but the database deployment enters a CrashLoopBackOff because of the following error:
Error: Database is uninitialized and superuser password is not specified.
You must specify POSTGRES_PASSWORD to a non-empty value for the
superuser. For example, "-e POSTGRES_PASSWORD=password" on "docker run".
You may also use "POSTGRES_HOST_AUTH_METHOD=trust" to allow all
connections without a password. This is *not* recommended.
See PostgreSQL documentation about "trust":
https://www.postgresql.org/docs/current/auth-trust.html
Seeing this I tried to set the POSTGRES_PASSWORD and POSTGRES_USER in the Dockerfile, but this does not alleviate the problem?
I know that usually these environment variables are set in the k8s deployment.yaml or in docker-compose.yml. But even though the postgres operator has some default credentials they don't seem to be applied to the container?
Dockerfile:
FROM postgres:12 AS build
ENV VERSION 1_0
RUN buildDeps="curl build-essential ca-certificates git pkg-config glib2.0 postgresql-server-dev-$PG_MAJOR"
&& apt-get update
&& apt-get install -y --no-install-recommends ${buildDeps}
&& echo "deb http://apt.postgresql.org/pub/repos/apt/ stretch-pgdg main" > /etc/apt/sources.list.d/pgdg.list
&& curl https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add -
&& apt-get update
&& apt-get install -y --no-install-recommends libc++1 postgresql-server-dev-$PG_MAJOR
&& mkdir -p /tmp/build
&& curl -o /tmp/build/${VERSIONN}.tar.gz -SL "https://github.com/eulerto/wal2json/archive/wal2json_${VERSION}.tar.gz"
&& cd /tmp/build/
&& tar -xzf /tmp/build/${VERSIONN}.tar.gz -C /tmp/build/
&& cd /tmp/build/wal2json-wal2json_${VERSION}
&& make && make install
&& mkdir /outputs
&& cp wal2json.so /outputs/
&& cd /
&& rm -rf /tmp/build
&& apt-get remove -y --purge ${buildDeps}
&& apt-get autoremove -y --purge
&& rm -rf /var/lib/apt/lists/
FROM timescale/timescaledb:1.7.4-pg12
COPY --from=build /outputs/wal2json.so /usr/local/lib/postgresql/
RUN echo "host replication all 127.0.0.1/32 trust" >> /var/lib/postgresql/data/pg_hba.conf
ENV POSTGRES_USER=<username> POSTGRES_PASSWORD=<password>
Edit:
After running the same command with the --debug flag I've received this output:
DEBU[0000] debug flag is set to true
DEBU[0000] in initConfig with url=https://127.0.0.1:8443
DEBU[0000] using PGO_NAMESPACE env var pgo
DEBU[0000] GetSessionCredentials called
DEBU[0000] PGOUSER environment variable is being used at /home/mycloud/.pgo/pgo/pgouser
DEBU[0000] pgouser file found at /home/mycloud/.pgo/pgo/pgouser contains admin:examplepassword
DEBU[0000] [admin examplepassword]
DEBU[0000] username=[admin] password=[examplepassword]
DEBU[0000] setting up httpclient with TLS
DEBU[0000] GetTLSTransport called
DEBU[0000] create cluster called
DEBU[0000] IsValidForResourceName: my-db
DEBU[0000] createCluster called...[https://127.0.0.1:8443/clusters]
DEBU[0000] &{200 OK 200 HTTP/1.1 1 1 map[Content-Length:[193] Content-Type:[application/json] Date:[Sat, 09 Jan 2021 19:56:05 GMT] Www-Authenticate:[Basic realm="Restricted"]] 0xc00017c080 193 [] false false map[]
question from:
https://stackoverflow.com/questions/65646105/error-deploying-a-custom-image-with-the-crunchydata-postgres-operator 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
