mariadb: Bump to 11.4

11.4 is the next LTS release (see [1]) New variable ``VERIFY_DB_SERVER_CERT`` is added to mitigate the MariaDB client variable ``ssl-verify-server-cert`` change from ``FALSE`` to ``TRUE``. [2] This variable can be overidden by assigning ``TRUE`` to environment variable with the same name. [1]: https://mariadb.org/11-4-lts/ [2]: https://jira.mariadb.org/browse/MDEV-31857 Depends-On: https://review.opendev.org/c/openstack/kolla-ansible/+/928487 Depends-On: https://review.opendev.org/c/openstack/kolla-ansible/+/958281 Change-Id: Ifb41c0c48c4743e70e95fa7e1d329e91362e966c Signed-off-by: Seunghun Lee <seunghun@stackhpc.com>
2026-01-16 23:10:33 +00:00 · 2024-08-23 08:37:13 +02:00 · 2024-08-23 08:37:13 +02:00 · c245289176
commit c245289176
parent f71ab2be35
5 changed files with 18 additions and 13 deletions
--- a/docker/mariadb-server/Dockerfile.j2
+++ b/docker/mariadb-server/Dockerfile.j2
@ -43,7 +43,7 @@ RUN ln -s /usr/lib64/galera-4 /usr/lib64/galera
 {{ macros.install_packages(mariadb_packages | customizable("packages")) }}

 {% block mariadb_healthcheck %}
-ENV MARIADB_VERSION=10.11
+ENV MARIADB_VERSION=11.4
 ADD plugins-archive /
 RUN install -m 755 /plugins/mariadb-server-plugin-mariadb-docker-archive*/$MARIADB_VERSION/healthcheck.sh /usr/bin/healthcheck.sh
 {% endblock %}
--- a/docker/mariadb-server/backup_replica.sh
+++ b/docker/mariadb-server/backup_replica.sh
@ -8,6 +8,7 @@ DEFAULT_MY_CNF="/etc/mysql/my.cnf"
 REPLICA_MY_CNF="$(mktemp)"
 RETRY_INTERVAL=5  # Interval between retries (in seconds)
 MAX_RETRIES=12    # Max retries (12 retries * 5 seconds = 60 seconds)
+VERIFY_DB_SERVER_CERT="${VERIFY_DB_SERVER_CERT:=FALSE}"

 # Cleanup function to remove the REPLICA_MY_CNF file
 cleanup() {
@ -74,7 +75,7 @@ retry_mysql_query() {
    local attempt=1

    while [ ${attempt} -le ${MAX_RETRIES} ]; do
-        result=$(mysql -h "${HOST}" -u "${USER}" -p"${PASS}" -s -N -e "${query}" 2>/dev/null || true)
+        result=$(mariadb --ssl-verify-server-cert="${VERIFY_DB_SERVER_CERT}" -h "${HOST}" -u "${USER}" -p"${PASS}" -s -N -e "${query}" 2>/dev/null || true)
        if [ -n "${result}" ]; then
            echo "${result}"
            return 0
--- a/docker/mariadb-server/extend_start.sh
+++ b/docker/mariadb-server/extend_start.sh
@ -3,7 +3,7 @@
 : ${MARIADB_LOG_DIR:=/var/log/kolla/mariadb}

 function bootstrap_db {
-    mysqld_safe --wsrep-new-cluster --skip-networking --wsrep-on=OFF --pid-file=/var/lib/mysql/mariadb.pid &
+    mariadbd-safe --wsrep-new-cluster --skip-networking --wsrep-on=OFF --pid-file=/var/lib/mysql/mariadb.pid &
    # Wait for the mariadb server to be "Ready" before starting the security reset with a max timeout
    # NOTE(huikang): the location of mysql's socket file varies depending on the OS distributions.
    # Querying the cluster status has to be executed after the existence of mysql.sock and mariadb.pid.
@ -22,9 +22,9 @@ function bootstrap_db {
    sudo -E kolla_security_reset

    set +o xtrace
-    mysql -u root --password="${DB_ROOT_PASSWORD}" -e "GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' IDENTIFIED BY '${DB_ROOT_PASSWORD}' WITH GRANT OPTION;"
-    mysql -u root --password="${DB_ROOT_PASSWORD}" -e "GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY '${DB_ROOT_PASSWORD}' WITH GRANT OPTION;"
-    mysqladmin -uroot -p"${DB_ROOT_PASSWORD}" shutdown
+    mariadb -u root --password="${DB_ROOT_PASSWORD}" -e "GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' IDENTIFIED BY '${DB_ROOT_PASSWORD}' WITH GRANT OPTION;"
+    mariadb -u root --password="${DB_ROOT_PASSWORD}" -e "GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY '${DB_ROOT_PASSWORD}' WITH GRANT OPTION;"
+    mariadb-admin -uroot -p"${DB_ROOT_PASSWORD}" shutdown
    set -o xtrace
 }

@ -38,21 +38,21 @@ fi

 # This catches all cases of the BOOTSTRAP variable being set, including empty
 if [[ "${!KOLLA_BOOTSTRAP[@]}" ]]; then
-    mysql_install_db 2>&1 | tee -a ${MARIADB_LOG_DIR}/mariadb-bootstrap.log
+    mariadb-install-db 2>&1 | tee -a ${MARIADB_LOG_DIR}/mariadb-bootstrap.log
    bootstrap_db 2>&1 | tee -a ${MARIADB_LOG_DIR}/mariadb-bootstrap.log
    exit 0
 fi

 # This catches all cases of the KOLLA_UPGRADE variable being set, including empty
 if [[ "${!KOLLA_UPGRADE[@]}" ]]; then
-    # The mysql_upgrade command treats any directories under /var/lib/mysql as
+    # The mariadb-upgrade command treats any directories under /var/lib/mysql as
    # databases. Somehow we can end up with a .pki directory, which causes the
    # command to fail with this error:
    # Incorrect database name '#mysql50#.pki' when selecting the database
    # There doesn't seem to be anything in the directory, so remove it.
    rm -rf /var/lib/mysql/.pki

-    mysql_upgrade --host=${DB_HOST} --port=${DB_PORT} --user=root --password="${DB_ROOT_PASSWORD}" 2>&1 | tee -a ${MARIADB_LOG_DIR}/mariadb-upgrade.log
+    mariadb-upgrade --host=${DB_HOST} --port=${DB_PORT} --user=root --password="${DB_ROOT_PASSWORD}" 2>&1 | tee -a ${MARIADB_LOG_DIR}/mariadb-upgrade.log
    exit 0
 fi

--- a/kolla/template/repos.yaml
+++ b/kolla/template/repos.yaml
@ -41,7 +41,7 @@ debian:
    component: "contrib"
    gpg_key: "fluentd.asc"
  mariadb:
-    url: "https://dlm.mariadb.com/repo/mariadb-server/10.11/repo/debian"
+    url: "https://dlm.mariadb.com/repo/mariadb-server/11.4/repo/debian"
    suite: "bookworm"
    component: "main"
    gpg_key: "mariadb.gpg"
@ -83,7 +83,7 @@ ubuntu:
    component: "contrib"
    gpg_key: "fluentd.asc"
  mariadb:
-    url: "https://dlm.mariadb.com/repo/mariadb-server/10.11/repo/ubuntu"
+    url: "https://dlm.mariadb.com/repo/mariadb-server/11.4/repo/ubuntu"
    suite: "noble"
    component: "main"
    gpg_key: "mariadb.gpg"
@ -153,7 +153,7 @@ rpm:
    gpgkey: "https://download.copr.fedorainfracloud.org/results/@openstack-kolla/el10-missing/pubkey.gpg"
    name: "kolla_el10"
  mariadb:
-    baseurl: "https://dlm.mariadb.com/repo/mariadb-server/10.11/yum/rhel/$releasever/$basearch"
+    baseurl: "https://dlm.mariadb.com/repo/mariadb-server/11.4/yum/rhel/$releasever/$basearch"
    gpgkey: "https://downloads.mariadb.com/MariaDB/RPM-GPG-KEY-MariaDB"
    name: "mariadb"
  opensearch:
@ -197,4 +197,3 @@ rocky-aarch64:
    baseurl: "https://download.copr.fedorainfracloud.org/results/@openstack-kolla/rabbitmq-erlang-27/rhel-$releasever-aarch64/"
    gpgkey: "https://download.copr.fedorainfracloud.org/results/@openstack-kolla/rabbitmq-erlang-27/pubkey.gpg"
    name: "copr-rabbitmq-erlang"
-
--- a/releasenotes/notes/mariadb-11.4-b66b5baf9f5e6cd0.yaml
+++ b/releasenotes/notes/mariadb-11.4-b66b5baf9f5e6cd0.yaml
@ -0,0 +1,5 @@
+---
+features:
+  - |
+    ``MariaDB`` version has been updated to ``11.4 LTS``.
+    This version will be supported until 29th May 2029.