From aac921e58a9e40ee35ca65e019b04ec988d3cbd0 Mon Sep 17 00:00:00 2001
From: Damien Ciabrini <dciabrin@redhat.com>
Date: Wed, 29 Mar 2023 12:43:03 +0000
Subject: [PATCH] mariadb: allow mysqld to set max_connections at startup

Mariadb pods are started as user mysql, which has no specific right
to configure file descriptor limits. This prevents the server from
honoring the requested max_connections of 4096.

Make the pod start mysqld as root, and let the mysqld server drop
privileges to user mysql explicitly. This way, the server can
configure limits prior to accepting connections.
---
 pkg/pod.go | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/pkg/pod.go b/pkg/pod.go
index f525a840..186a3577 100644
--- a/pkg/pod.go
+++ b/pkg/pod.go
@@ -9,6 +9,7 @@ import (
 // Pod -
 func Pod(db *databasev1beta1.MariaDB, configHash string) *corev1.Pod {
 
+	runAsUser := int64(0)
 	pod := &corev1.Pod{
 		ObjectMeta: metav1.ObjectMeta{
 			Name:      "mariadb-" + db.Name,
@@ -21,6 +22,9 @@ func Pod(db *databasev1beta1.MariaDB, configHash string) *corev1.Pod {
 				{
 					Name:  "mariadb",
 					Image: db.Spec.ContainerImage,
+					SecurityContext: &corev1.SecurityContext{
+						RunAsUser: &runAsUser,
+					},
 					Env: []corev1.EnvVar{
 						{
 							Name:  "KOLLA_CONFIG_STRATEGY",