galera: support mariabackup SST method

Make the SST method configurable in the galera custom resource, and
allow both rsync and mariabackup methods.
Mariabackup requires a database user's credentials to operate, so
reuse the root db user for the time being.

The ability to inject passwords in template galera config files has
been implemented. We benefit from that to generate the usual
.my.cnf config file for mysql CLI running in the galera container.

api/bases/mariadb.openstack.org_galeras.yaml

@@ -78,6 +78,13 @@ spec:
               secret:
                 description: Name of the secret to look for password keys
                 type: string
+              sst:
+                default: rsync
+                description: Snapshot State Transfer method to use for full node synchronization
+                enum:
+                - rsync
+                - mariabackup
+                type: string
               storageClass:
                 description: Storage class to host the mariadb databases
                 type: string

api/v1beta1/galera_types.go

@@ -26,6 +26,7 @@ const (
 	CustomServiceConfigFile = "galera_custom.cnf.in"
 )
 
+
 // GaleraSpec defines the desired state of Galera
 type GaleraSpec struct {
 	// Name of the secret to look for password keys
@@ -56,8 +57,20 @@ type GaleraSpec struct {
 	// +kubebuilder:validation:Optional
 	// Adoption configuration
 	AdoptionRedirect AdoptionRedirectSpec `json:"adoptionRedirect"`
+	// +kubebuilder:validation:Optional
+	// +kubebuilder:default=rsync
+	// +kubebuilder:validation:Enum=rsync;mariabackup
+	// Snapshot State Transfer method to use for full node synchronization
+	SST GaleraSST `json:"sst"`
 }
 
+// Supported SST type
+type GaleraSST string
+const (
+	RSync GaleraSST = "rsync"
+	MariaBackup     = "mariabackup"
+)
+
 // GaleraAttributes holds startup information for a Galera host
 type GaleraAttributes struct {
 	// Last recorded replication sequence number in the DB

config/crd/bases/mariadb.openstack.org_galeras.yaml

@@ -78,6 +78,13 @@ spec:
               secret:
                 description: Name of the secret to look for password keys
                 type: string
+              sst:
+                default: rsync
+                description: Snapshot State Transfer method to use for full node synchronization
+                enum:
+                - rsync
+                - mariabackup
+                type: string
               storageClass:
                 description: Storage class to host the mariadb databases
                 type: string

config/samples/mariadb_v1beta1_galera_sst.yaml

@@ -0,0 +1,10 @@
+apiVersion: mariadb.openstack.org/v1beta1
+kind: Galera
+metadata:
+  name: openstack
+spec:
+  secret: osp-secret
+  storageClass: local-storage
+  storageRequest: 500M
+  replicas: 3
+  sst: mariabackup

pkg/mariadb/statefulset.go

@@ -53,25 +53,7 @@ func StatefulSet(g *mariadbv1.Galera) *appsv1.StatefulSet {
 								},
 							},
 						}},
-						VolumeMounts: []corev1.VolumeMount{{
-							MountPath: "/var/lib/mysql",
-							Name:      "mysql-db",
-						}, {
-							MountPath: "/var/lib/config-data",
-							ReadOnly:  true,
-							Name:      "config-data",
-						}, {
-							MountPath: "/var/lib/pod-config-data",
-							Name:      "pod-config-data",
-						}, {
-							MountPath: "/var/lib/operator-scripts",
-							ReadOnly:  true,
-							Name:      "operator-scripts",
-						}, {
-							MountPath: "/var/lib/kolla/config_files",
-							ReadOnly:  true,
-							Name:      "kolla-config",
-						}},
+						VolumeMounts: getGaleraInitVolumeMounts(g),
 					}},
 					Containers: []corev1.Container{{
 						Image: g.Spec.ContainerImage,
@@ -84,16 +66,6 @@ func StatefulSet(g *mariadbv1.Galera) *appsv1.StatefulSet {
 						}, {
 							Name:  "KOLLA_CONFIG_STRATEGY",
 							Value: "COPY_ALWAYS",
-						}, {
-							Name: "DB_ROOT_PASSWORD",
-							ValueFrom: &corev1.EnvVarSource{
-								SecretKeyRef: &corev1.SecretKeySelector{
-									LocalObjectReference: corev1.LocalObjectReference{
-										Name: g.Spec.Secret,
-									},
-									Key: "DbRootPassword",
-								},
-							},
 						}},
 						Ports: []corev1.ContainerPort{{
 							ContainerPort: 3306,
@@ -102,29 +74,7 @@ func StatefulSet(g *mariadbv1.Galera) *appsv1.StatefulSet {
 							ContainerPort: 4567,
 							Name:          "galera",
 						}},
-						VolumeMounts: []corev1.VolumeMount{{
-							MountPath: "/var/lib/mysql",
-							Name:      "mysql-db",
-						}, {
-							MountPath: "/var/lib/config-data",
-							ReadOnly:  true,
-							Name:      "config-data",
-						}, {
-							MountPath: "/var/lib/pod-config-data",
-							Name:      "pod-config-data",
-						}, {
-							MountPath: "/var/lib/secrets",
-							ReadOnly:  true,
-							Name:      "secrets",
-						}, {
-							MountPath: "/var/lib/operator-scripts",
-							ReadOnly:  true,
-							Name:      "operator-scripts",
-						}, {
-							MountPath: "/var/lib/kolla/config_files",
-							ReadOnly:  true,
-							Name:      "kolla-config",
-						}},
+						VolumeMounts: getGaleraVolumeMounts(g),
 						StartupProbe: &corev1.Probe{
 							ProbeHandler: corev1.ProbeHandler{
 								Exec: &corev1.ExecAction{
@@ -149,92 +99,7 @@ func StatefulSet(g *mariadbv1.Galera) *appsv1.StatefulSet {
 							},
 						},
 					}},
-					Volumes: []corev1.Volume{
-						{
-							Name: "secrets",
-							VolumeSource: corev1.VolumeSource{
-								Secret: &corev1.SecretVolumeSource{
-									SecretName: g.Spec.Secret,
-									Items: []corev1.KeyToPath{
-										{
-											Key:  "DbRootPassword",
-											Path: "dbpassword",
-										},
-									},
-								},
-							},
-						},
-						{
-							Name: "kolla-config",
-							VolumeSource: corev1.VolumeSource{
-								ConfigMap: &corev1.ConfigMapVolumeSource{
-									LocalObjectReference: corev1.LocalObjectReference{
-										Name: g.Name + "-config-data",
-									},
-									Items: []corev1.KeyToPath{
-										{
-											Key:  "config.json",
-											Path: "config.json",
-										},
-									},
-								},
-							},
-						},
-						{
-							Name: "pod-config-data",
-							VolumeSource: corev1.VolumeSource{
-								EmptyDir: &corev1.EmptyDirVolumeSource{},
-							},
-						},
-						{
-							Name: "config-data",
-							VolumeSource: corev1.VolumeSource{
-								ConfigMap: &corev1.ConfigMapVolumeSource{
-									LocalObjectReference: corev1.LocalObjectReference{
-										Name: g.Name + "-config-data",
-									},
-									Items: []corev1.KeyToPath{
-										{
-											Key:  "galera.cnf.in",
-											Path: "galera.cnf.in",
-										},
-										{
-											Key:  mariadbv1.CustomServiceConfigFile,
-											Path: mariadbv1.CustomServiceConfigFile,
-										},
-									},
-								},
-							},
-						},
-						{
-							Name: "operator-scripts",
-							VolumeSource: corev1.VolumeSource{
-								ConfigMap: &corev1.ConfigMapVolumeSource{
-									LocalObjectReference: corev1.LocalObjectReference{
-										Name: g.Name + "-scripts",
-									},
-									Items: []corev1.KeyToPath{
-										{
-											Key:  "mysql_bootstrap.sh",
-											Path: "mysql_bootstrap.sh",
-										},
-										{
-											Key:  "mysql_probe.sh",
-											Path: "mysql_probe.sh",
-										},
-										{
-											Key:  "detect_last_commit.sh",
-											Path: "detect_last_commit.sh",
-										},
-										{
-											Key:  "detect_gcomm_and_start.sh",
-											Path: "detect_gcomm_and_start.sh",
-										},
-									},
-								},
-							},
-						},
-					},
+					Volumes: getGaleraVolumes(g),
 				},
 			},
 			VolumeClaimTemplates: []corev1.PersistentVolumeClaim{