From cb7b093c85ac8da7d586d88f8427646a64340560 Mon Sep 17 00:00:00 2001 From: Manan Gupta Date: Tue, 18 Jul 2023 15:18:37 +0530 Subject: [PATCH 1/3] feat: fix upgrade-downgrade test setup and fix the init_db.sql Signed-off-by: Manan Gupta --- .../upgrade_downgrade_test_backups_e2e_next_release.yml | 4 ++-- config/init_db.sql | 9 +++++++++ 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/.github/workflows/upgrade_downgrade_test_backups_e2e_next_release.yml b/.github/workflows/upgrade_downgrade_test_backups_e2e_next_release.yml index 38581eeb8d3..d97b677110b 100644 --- a/.github/workflows/upgrade_downgrade_test_backups_e2e_next_release.yml +++ b/.github/workflows/upgrade_downgrade_test_backups_e2e_next_release.yml @@ -185,8 +185,8 @@ jobs: source build.env rm -f $PWD/bin/vtbackup $PWD/bin/vttablet - cp /tmp/vitess-build-current/bin/vtbackup $PWD/bin/vtbackup - cp /tmp/vitess-build-other/bin/vttablet $PWD/bin/vttablet + cp /tmp/vitess-build-other/bin/vtbackup $PWD/bin/vtbackup + cp /tmp/vitess-build-current/bin/vttablet $PWD/bin/vttablet vtbackup --version vttablet --version diff --git a/config/init_db.sql b/config/init_db.sql index 7be4de6f7ea..67e3e2cc779 100644 --- a/config/init_db.sql +++ b/config/init_db.sql @@ -11,6 +11,12 @@ ############################################################################### # Equivalent of mysql_secure_installation ############################################################################### +# We need to ensure that super_read_only is disabled so that we can execute +# these commands. Note that disabling it does NOT disable read_only. +# We save the current value so that we only re-enable it at the end if it was +# enabled before. +SET @original_super_read_only=IF(@@global.super_read_only=1, 'ON', 'OFF'); +SET GLOBAL super_read_only='OFF'; # Changes during the init db should not make it to the binlog. # They could potentially create errant transactions on replicas. @@ -77,3 +83,6 @@ FLUSH PRIVILEGES; RESET SLAVE ALL; RESET MASTER; + +# We need to set super_read_only back to what it was before +SET GLOBAL super_read_only=IFNULL(@original_super_read_only, 'ON'); From be50cf3eb4bd95305d0e7a2ca4db9f53657a784e Mon Sep 17 00:00:00 2001 From: Manan Gupta Date: Tue, 18 Jul 2023 17:59:32 +0530 Subject: [PATCH 2/3] feat: password creation should be at the correct spot in the init_db.sql file for upgrade-downgrade tests to work Signed-off-by: Manan Gupta --- config/init_db.sql | 3 +++ go/test/endtoend/backup/vtbackup/main_test.go | 7 ++++++- go/test/endtoend/utils/utils.go | 20 +++++++++++++++++++ 3 files changed, 29 insertions(+), 1 deletion(-) diff --git a/config/init_db.sql b/config/init_db.sql index 67e3e2cc779..47ac4a04749 100644 --- a/config/init_db.sql +++ b/config/init_db.sql @@ -84,5 +84,8 @@ FLUSH PRIVILEGES; RESET SLAVE ALL; RESET MASTER; +# custom sql is used to add custom scripts like creating users/passwords. We use it in our tests +# {{custom_sql}} + # We need to set super_read_only back to what it was before SET GLOBAL super_read_only=IFNULL(@original_super_read_only, 'ON'); diff --git a/go/test/endtoend/backup/vtbackup/main_test.go b/go/test/endtoend/backup/vtbackup/main_test.go index 069f83fbba5..39dfc834728 100644 --- a/go/test/endtoend/backup/vtbackup/main_test.go +++ b/go/test/endtoend/backup/vtbackup/main_test.go @@ -25,6 +25,7 @@ import ( "testing" "vitess.io/vitess/go/test/endtoend/cluster" + "vitess.io/vitess/go/test/endtoend/utils" "vitess.io/vitess/go/vt/log" ) @@ -89,8 +90,12 @@ func TestMain(m *testing.M) { dbCredentialFile = cluster.WriteDbCredentialToTmp(localCluster.TmpDirectory) initDb, _ := os.ReadFile(path.Join(os.Getenv("VTROOT"), "/config/init_db.sql")) sql := string(initDb) + // The original init_db.sql does not have any passwords. Here we update the init file with passwords + sql, err = utils.GetInitDBSQL(sql, cluster.GetPasswordUpdateSQL(localCluster), "") + if err != nil { + return 1, err + } newInitDBFile = path.Join(localCluster.TmpDirectory, "init_db_with_passwords.sql") - sql = sql + cluster.GetPasswordUpdateSQL(localCluster) err = os.WriteFile(newInitDBFile, []byte(sql), 0666) if err != nil { return 1, err diff --git a/go/test/endtoend/utils/utils.go b/go/test/endtoend/utils/utils.go index d2f4255f2bf..b78877f36ce 100644 --- a/go/test/endtoend/utils/utils.go +++ b/go/test/endtoend/utils/utils.go @@ -306,3 +306,23 @@ func TimeoutAction(t *testing.T, timeout time.Duration, errMsg string, action fu } } } + +func GetInitDBSQL(initDBSQL string, updatedPasswords string, oldAlterTableMode string) (string, error) { + // Since password update is DML we need to insert it before we disable + // super_read_only therefore doing the split below. + splitString := strings.Split(initDBSQL, "# {{custom_sql}}") + if len(splitString) != 2 { + return "", fmt.Errorf("missing `# {{custom_sql}}` in init_db.sql file") + } + var builder strings.Builder + builder.WriteString(splitString[0]) + builder.WriteString(updatedPasswords) + + // https://github.com/vitessio/vitess/issues/8315 + if oldAlterTableMode != "" { + builder.WriteString(oldAlterTableMode) + } + builder.WriteString(splitString[1]) + + return builder.String(), nil +} From 9685939cbac96e11c25264753024922f489e5b3f Mon Sep 17 00:00:00 2001 From: Manan Gupta Date: Wed, 19 Jul 2023 10:01:42 +0530 Subject: [PATCH 3/3] feat: use an init file without super_read_only changes for mariadb version Signed-off-by: Manan Gupta --- go/test/endtoend/cluster/mysqlctl_process.go | 24 ++++- .../testdata/config/init_testserver_db.sql | 91 +++++++++++++++++++ 2 files changed, 114 insertions(+), 1 deletion(-) create mode 100644 go/test/endtoend/vreplication/testdata/config/init_testserver_db.sql diff --git a/go/test/endtoend/cluster/mysqlctl_process.go b/go/test/endtoend/cluster/mysqlctl_process.go index eafc8f6b98f..32e8f27e050 100644 --- a/go/test/endtoend/cluster/mysqlctl_process.go +++ b/go/test/endtoend/cluster/mysqlctl_process.go @@ -30,6 +30,7 @@ import ( "vitess.io/vitess/go/mysql" "vitess.io/vitess/go/vt/log" + "vitess.io/vitess/go/vt/mysqlctl" "vitess.io/vitess/go/vt/tlstest" ) @@ -236,11 +237,15 @@ func (mysqlctl *MysqlctlProcess) Connect(ctx context.Context, username string) ( // MysqlCtlProcessInstanceOptionalInit returns a Mysqlctl handle for mysqlctl process // configured with the given Config. func MysqlCtlProcessInstanceOptionalInit(tabletUID int, mySQLPort int, tmpDirectory string, initMySQL bool) *MysqlctlProcess { + initFile, err := getInitDBFileUsed() + if err != nil { + log.Errorf("Couldn't find init db file - %v", err) + } mysqlctl := &MysqlctlProcess{ Name: "mysqlctl", Binary: "mysqlctl", LogDirectory: tmpDirectory, - InitDBFile: path.Join(os.Getenv("VTROOT"), "/config/init_db.sql"), + InitDBFile: initFile, } mysqlctl.MySQLPort = mySQLPort mysqlctl.TabletUID = tabletUID @@ -249,6 +254,23 @@ func MysqlCtlProcessInstanceOptionalInit(tabletUID int, mySQLPort int, tmpDirect return mysqlctl } +func getInitDBFileUsed() (string, error) { + versionStr, err := mysqlctl.GetVersionString() + if err != nil { + return "", err + } + flavor, _, err := mysqlctl.ParseVersionString(versionStr) + if err != nil { + return "", err + } + if flavor == mysqlctl.FlavorMySQL || flavor == mysqlctl.FlavorPercona { + return path.Join(os.Getenv("VTROOT"), "/config/init_db.sql"), nil + } + // Non-MySQL instances for example MariaDB, will use init_testserver_db.sql which does not contain super_read_only global variable. + // Even though MariaDB support is deprecated (https://github.com/vitessio/vitess/issues/9518) but we still support migration scenario. + return path.Join(os.Getenv("VTROOT"), "go/test/endtoend/vreplication/testdata/config/init_testserver_db.sql"), nil +} + // MysqlCtlProcessInstance returns a Mysqlctl handle for mysqlctl process // configured with the given Config. func MysqlCtlProcessInstance(tabletUID int, mySQLPort int, tmpDirectory string) *MysqlctlProcess { diff --git a/go/test/endtoend/vreplication/testdata/config/init_testserver_db.sql b/go/test/endtoend/vreplication/testdata/config/init_testserver_db.sql new file mode 100644 index 00000000000..03df754ea21 --- /dev/null +++ b/go/test/endtoend/vreplication/testdata/config/init_testserver_db.sql @@ -0,0 +1,91 @@ +# This file is for testing purpose only. +# This file is executed immediately after initializing a fresh data directory. +# It is equivalent of init_db.sql. Given init_db.sql is for mysql which has super_read_only +# related stuff therefore for testing purpose we avoid setting `super_read_only` during initialization. + +############################################################################### +# WARNING: Any change to init_db.sql should gets reflected in this file as well. +############################################################################### + +############################################################################### +# WARNING: This sql is *NOT* safe for production use, +# as it contains default well-known users and passwords. +# Care should be taken to change these users and passwords +# for production. +############################################################################### + +############################################################################### +# Equivalent of mysql_secure_installation +############################################################################### +# We need to ensure that read_only is disabled so that we can execute +# these commands. +SET GLOBAL read_only='OFF'; + +# Changes during the init db should not make it to the binlog. +# They could potentially create errant transactions on replicas. +SET sql_log_bin = 0; +# Remove anonymous users. +DELETE FROM mysql.user WHERE User = ''; + +# Disable remote root access (only allow UNIX socket). +DELETE FROM mysql.user WHERE User = 'root' AND Host != 'localhost'; + +# Remove test database. +DROP DATABASE IF EXISTS test; + +############################################################################### +# Vitess defaults +############################################################################### + +# Admin user with all privileges. +CREATE USER 'vt_dba'@'localhost'; +GRANT ALL ON *.* TO 'vt_dba'@'localhost'; +GRANT GRANT OPTION ON *.* TO 'vt_dba'@'localhost'; + +# User for app traffic, with global read-write access. +CREATE USER 'vt_app'@'localhost'; +GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, PROCESS, FILE, + REFERENCES, INDEX, ALTER, SHOW DATABASES, CREATE TEMPORARY TABLES, + LOCK TABLES, EXECUTE, REPLICATION CLIENT, CREATE VIEW, + SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER, EVENT, TRIGGER + ON *.* TO 'vt_app'@'localhost'; + +# User for app debug traffic, with global read access. +CREATE USER 'vt_appdebug'@'localhost'; +GRANT SELECT, SHOW DATABASES, PROCESS ON *.* TO 'vt_appdebug'@'localhost'; + +# User for administrative operations that need to be executed as non-SUPER. +# Same permissions as vt_app here. +CREATE USER 'vt_allprivs'@'localhost'; +GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, PROCESS, FILE, + REFERENCES, INDEX, ALTER, SHOW DATABASES, CREATE TEMPORARY TABLES, + LOCK TABLES, EXECUTE, REPLICATION SLAVE, REPLICATION CLIENT, CREATE VIEW, + SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER, EVENT, TRIGGER + ON *.* TO 'vt_allprivs'@'localhost'; + +# User for slave replication connections. +CREATE USER 'vt_repl'@'%'; +GRANT REPLICATION SLAVE ON *.* TO 'vt_repl'@'%'; + +# User for Vitess VReplication (base vstreamers and vplayer). +CREATE USER 'vt_filtered'@'localhost'; +GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, PROCESS, FILE, + REFERENCES, INDEX, ALTER, SHOW DATABASES, CREATE TEMPORARY TABLES, + LOCK TABLES, EXECUTE, REPLICATION SLAVE, REPLICATION CLIENT, CREATE VIEW, + SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER, EVENT, TRIGGER + ON *.* TO 'vt_filtered'@'localhost'; + +# User for general MySQL monitoring. +CREATE USER 'vt_monitoring'@'localhost'; +GRANT SELECT, PROCESS, SUPER, REPLICATION CLIENT, RELOAD + ON *.* TO 'vt_monitoring'@'localhost'; +GRANT SELECT, UPDATE, DELETE, DROP + ON performance_schema.* TO 'vt_monitoring'@'localhost'; + +FLUSH PRIVILEGES; + +RESET SLAVE ALL; +RESET MASTER; + +# custom sql is used to add custom scripts like creating users/passwords. We use it in our tests +# {{custom_sql}}