-
Notifications
You must be signed in to change notification settings - Fork 3.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
IMPORT PGDUMP cannot import from Azure Blob Storage in Government #47163
Labels
A-disaster-recovery
C-enhancement
Solution expected to add code/behavior + preserve backward-compat (pg compat issues are exception)
T-disaster-recovery
Comments
mwang1026
added
the
C-enhancement
Solution expected to add code/behavior + preserve backward-compat (pg compat issues are exception)
label
May 27, 2021
nlowe-sx
added a commit
to nlowe-sx/cockroach
that referenced
this issue
Apr 25, 2022
The Azure Storage cloud provider learned a new parameter, AZURE_ENVIRONMENT, which specifies which azure environment the storage account in question belongs to. This allows cockroach to backup and restore data to Azure Storage Accounts outside the main Azure Public Cloud. For backwards compatibility, this defaults to "AzurePublicCloud" if AZURE_ENVIRONMENT is not specified. Fixes cockroachdb#47163
nlowe-sx
added a commit
to nlowe-sx/cockroach
that referenced
this issue
Apr 26, 2022
The Azure Storage cloud provider learned a new parameter, AZURE_ENVIRONMENT, which specifies which azure environment the storage account in question belongs to. This allows cockroach to backup and restore data to Azure Storage Accounts outside the main Azure Public Cloud. For backwards compatibility, this defaults to "AzurePublicCloud" if AZURE_ENVIRONMENT is not specified. Fixes cockroachdb#47163 Release note (general): When using Azure Cloud Storage for data operations, cockroach now calculates the Storage Account URL from the provided AZURE_ENVIRONMENT query parameter. This defaults to AzurePublicCloud if not specified to maintain backwards compatibility.
blathers-crl bot
pushed a commit
that referenced
this issue
Apr 29, 2022
The Azure Storage cloud provider learned a new parameter, AZURE_ENVIRONMENT, which specifies which azure environment the storage account in question belongs to. This allows cockroach to backup and restore data to Azure Storage Accounts outside the main Azure Public Cloud. For backwards compatibility, this defaults to "AzurePublicCloud" if AZURE_ENVIRONMENT is not specified. Fixes #47163 Release note (general): When using Azure Cloud Storage for data operations, cockroach now calculates the Storage Account URL from the provided AZURE_ENVIRONMENT query parameter. This defaults to AzurePublicCloud if not specified to maintain backwards compatibility.
blathers-crl bot
pushed a commit
that referenced
this issue
Apr 29, 2022
The Azure Storage cloud provider learned a new parameter, AZURE_ENVIRONMENT, which specifies which azure environment the storage account in question belongs to. This allows cockroach to backup and restore data to Azure Storage Accounts outside the main Azure Public Cloud. For backwards compatibility, this defaults to "AzurePublicCloud" if AZURE_ENVIRONMENT is not specified. Fixes #47163 Release note (general): When using Azure Cloud Storage for data operations, cockroach now calculates the Storage Account URL from the provided AZURE_ENVIRONMENT query parameter. This defaults to AzurePublicCloud if not specified to maintain backwards compatibility.
adityamaru
pushed a commit
that referenced
this issue
May 2, 2022
The Azure Storage cloud provider learned a new parameter, AZURE_ENVIRONMENT, which specifies which azure environment the storage account in question belongs to. This allows cockroach to backup and restore data to Azure Storage Accounts outside the main Azure Public Cloud. For backwards compatibility, this defaults to "AzurePublicCloud" if AZURE_ENVIRONMENT is not specified. Fixes #47163 Release note (sql change): When using Azure Cloud Storage for data operations, cockroach now calculates the Storage Account URL from the provided AZURE_ENVIRONMENT query parameter. This defaults to AzurePublicCloud if not specified to maintain backwards compatibility. This parameter should not be used when the cluster is in a mixed version or upgrading state, as nodes that have not been upgraded will continue to send requests to the AzurePublicCloud even in the presence of this parameter.
adityamaru
pushed a commit
that referenced
this issue
May 4, 2022
The Azure Storage cloud provider learned a new parameter, AZURE_ENVIRONMENT, which specifies which azure environment the storage account in question belongs to. This allows cockroach to backup and restore data to Azure Storage Accounts outside the main Azure Public Cloud. For backwards compatibility, this defaults to "AzurePublicCloud" if AZURE_ENVIRONMENT is not specified. Fixes #47163 Release note (sql change): When using Azure Cloud Storage for data operations, cockroach now calculates the Storage Account URL from the provided AZURE_ENVIRONMENT query parameter. This defaults to AzurePublicCloud if not specified to maintain backwards compatibility. This parameter should not be used when the cluster is in a mixed version or upgrading state, as nodes that have not been upgraded will continue to send requests to the AzurePublicCloud even in the presence of this parameter.
adityamaru
pushed a commit
that referenced
this issue
May 4, 2022
The Azure Storage cloud provider learned a new parameter, AZURE_ENVIRONMENT, which specifies which azure environment the storage account in question belongs to. This allows cockroach to backup and restore data to Azure Storage Accounts outside the main Azure Public Cloud. For backwards compatibility, this defaults to "AzurePublicCloud" if AZURE_ENVIRONMENT is not specified. Fixes #47163 Release note (general): When using Azure Cloud Storage for data operations, cockroach now calculates the Storage Account URL from the provided AZURE_ENVIRONMENT query parameter. This defaults to AzurePublicCloud if not specified to maintain backwards compatibility. This parameter should not be used when the cluster is in a mixed version or upgrading state, as nodes that have not been upgraded will continue to send requests to the AzurePublicCloud even in the presence of this parameter.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
A-disaster-recovery
C-enhancement
Solution expected to add code/behavior + preserve backward-compat (pg compat issues are exception)
T-disaster-recovery
Describe the problem
It would appear that the Account Base URL for Azure Storage is hard-coded to the Azure Public Cloud end-point:
cockroach/pkg/ccl/storageccl/export_storage.go
Line 767 in f0dd1dc
(more recently:
cockroach/pkg/storage/cloud/azure_storage.go
Line 59 in c257a8e
This prevents consumers with blob storage in Azure Government Cloud from restoring backups from their blob storage accounts.
To Reproduce
Setup a Secure CockroachDB Cluster in Azure AKS in following https://github.com/cockroachdb/cockroach/tree/master/cloud/kubernetes
Create an Azure Storage Blob Account
Create an Azure Storage Blob Container in the account created in step 2
Upload
backup.sql
taken fromcockroach dump
to the storage containerCreate the database via
cockroach sql
:Attempt to restore the database:
Expected behavior
A user is either able to specify the full path to their storage account or force CockroachDB to look for storage accounts in different azure environments like US Government Cloud.
Additional data / screenshots
I also tried specifying the full account URL:
but that clearly wasn't interpreted correctly:
After finding this Stack Overflow Post about using the Azure GO SDKs with Azure Government, I even tried setting
AZURE_ENVIRONMENT
toAZUREUSGOVERNMENTCLOUD
on all of my nodes including the client I was using to execute theIMPORT PGDUMP
. This had no effect.Environment:
v2.1.0
cockroach sql
Additional context
Another method like HTTP or Node Local files will have to be used for backup/restore.
Jira issue: CRDB-5033
The text was updated successfully, but these errors were encountered: