feat: add custom my.cnf for MariaDB to kubezero-sql

This commit is contained in:
Stefan Reimer 2021-05-13 17:39:02 +02:00
parent 567a7f94ff
commit 2e72673c01
7 changed files with 168 additions and 37 deletions

View File

@ -2,7 +2,7 @@ apiVersion: v2
name: kubezero-sql
description: KubeZero umbrella chart for SQL databases like MariaDB, PostgreSQL
type: application
version: 0.1.0
version: 0.1.1
home: https://kubezero.com
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
keywords:
@ -18,5 +18,5 @@ dependencies:
- name: mariadb-galera
version: 5.8.0
repository: https://charts.bitnami.com/bitnami
condition: mariadb.enabled
condition: mariadb-galera.enabled
kubeVersion: ">= 1.18.0"

View File

@ -1,8 +1,8 @@
# kubezero-mq
# kubezero-sql
![Version: 0.2.0](https://img.shields.io/badge/Version-0.2.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
![Version: 0.1.1](https://img.shields.io/badge/Version-0.1.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
KubeZero umbrella chart for MQ systems like NATS, RabbitMQ
KubeZero umbrella chart for SQL databases like MariaDB, PostgreSQL
**Homepage:** <https://kubezero.com>
@ -18,41 +18,33 @@ Kubernetes: `>= 1.18.0`
| Repository | Name | Version |
|------------|------|---------|
| | nats | 0.8.3 |
| https://charts.bitnami.com/bitnami | rabbitmq | 8.13.1 |
| https://charts.bitnami.com/bitnami | mariadb-galera | 5.8.0 |
| https://zero-down-time.github.io/kubezero/ | kubezero-lib | >= 0.1.3 |
## Values
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| nats.enabled | bool | `false` | |
| nats.exporter.serviceMonitor.enabled | bool | `false` | |
| nats.nats.advertise | bool | `false` | |
| nats.nats.image | string | `"nats:2.2.1-alpine3.13"` | |
| nats.nats.jetstream.enabled | bool | `true` | |
| nats.natsbox.enabled | bool | `false` | |
| rabbitmq.auth.erlangCookie | string | `"randomlongerlangcookie"` | |
| rabbitmq.auth.password | string | `"supersecret"` | |
| rabbitmq.auth.tls.enabled | bool | `false` | |
| rabbitmq.auth.tls.existingSecret | string | `"rabbitmq-server-certificate"` | |
| rabbitmq.auth.tls.existingSecretFullChain | bool | `true` | |
| rabbitmq.auth.tls.failIfNoPeerCert | bool | `false` | |
| rabbitmq.clustering.forceBoot | bool | `true` | |
| rabbitmq.enabled | bool | `false` | |
| rabbitmq.hosts | list | `[]` | hostnames of rabbitmq services, used for Istio and TLS |
| rabbitmq.istio.enabled | bool | `false` | |
| rabbitmq.istio.gateway | string | `"istio-ingress/private-ingressgateway"` | |
| rabbitmq.metrics.enabled | bool | `false` | |
| rabbitmq.metrics.serviceMonitor.enabled | bool | `false` | |
| rabbitmq.pdb.create | bool | `true` | |
| rabbitmq.podAntiAffinityPreset | string | `""` | |
| rabbitmq.replicaCount | int | `1` | |
| rabbitmq.resources.requests.cpu | string | `"100m"` | |
| rabbitmq.resources.requests.memory | string | `"256Mi"` | |
| rabbitmq.topologySpreadConstraints | string | `"- maxSkew: 1\n topologyKey: topology.kubernetes.io/zone\n whenUnsatisfiable: DoNotSchedule\n labelSelector:\n matchLabels: {{- include \"common.labels.matchLabels\" . | nindent 6 }}\n- maxSkew: 1\n topologyKey: kubernetes.io/hostname\n whenUnsatisfiable: DoNotSchedule\n labelSelector:\n matchLabels: {{- include \"common.labels.matchLabels\" . | nindent 6 }}"` | |
| mariadb-galera.configurationConfigMap | string | `"{{ .Release.Name }}-mariadb-galera-configuration"` | |
| mariadb-galera.db.password | string | `"12345qwert"` | |
| mariadb-galera.db.user | string | `"mariadb"` | |
| mariadb-galera.enabled | bool | `true` | |
| mariadb-galera.galera.mariabackup.password | string | `"12345qwert"` | |
| mariadb-galera.istio.enabled | bool | `false` | |
| mariadb-galera.istio.gateway | string | `"istio-ingress/private-ingressgateway"` | |
| mariadb-galera.istio.url | string | `"mariadb.example.com"` | |
| mariadb-galera.metrics.enabled | bool | `false` | |
| mariadb-galera.metrics.prometheusRules.enabled | bool | `false` | |
| mariadb-galera.metrics.serviceMonitor.enabled | bool | `false` | |
| mariadb-galera.replicaCount | int | `2` | |
| mariadb-galera.rootUser.password | string | `"12345qwert"` | |
# Changes
## MariaDB
- custom my.cnf, source: https://github.com/bitnami/charts/blob/70d602fea38010145c20e1ca59be06e4cf32bf80/bitnami/mariadb-galera/values.yaml#L261
## Resources
### NATS
- https://grafana.com/grafana/dashboards/13707
### MariaDB

View File

@ -15,6 +15,13 @@
{{ template "chart.valuesSection" . }}
# Changes
## MariaDB
- custom my.cnf, source: https://github.com/bitnami/charts/blob/70d602fea38010145c20e1ca59be06e4cf32bf80/bitnami/mariadb-galera/values.yaml#L261
## Resources
### MariaDB

View File

@ -17,9 +17,6 @@ spec:
enabled: true
serviceMonitor:
enabled: true
istio:
enabled: true
url: mariadb.dev.mayneinc.com
destination:
server: 'https://kubernetes.default.svc'

View File

@ -0,0 +1,124 @@
[client]
port=3306
socket=/opt/bitnami/mariadb/tmp/mysql.sock
plugin_dir=/opt/bitnami/mariadb/plugin
[mysqld]
default_storage_engine=InnoDB
basedir=/opt/bitnami/mariadb
datadir=/bitnami/mariadb/data
plugin_dir=/opt/bitnami/mariadb/plugin
tmpdir=/opt/bitnami/mariadb/tmp
socket=/opt/bitnami/mariadb/tmp/mysql.sock
pid_file=/opt/bitnami/mariadb/tmp/mysqld.pid
bind_address=0.0.0.0
## Character set
##
collation_server=utf8_unicode_ci
init_connect='SET NAMES utf8'
character_set_server=utf8
## MyISAM
##
key_buffer_size=32M
myisam_recover_options=FORCE,BACKUP
## Safety
##
skip_host_cache
skip_name_resolve
max_allowed_packet=16M
max_connect_errors=1000000
sql_mode=STRICT_TRANS_TABLES,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_AUTO_VALUE_ON_ZERO,NO_ENGINE_SUBSTITUTION,NO_ZERO_DATE,NO_ZERO_IN_DATE,ONLY_FULL_GROUP_BY
sysdate_is_now=1
## Binary Logging
##
log_bin=mysql-bin
expire_logs_days=14
# Disabling for performance per http://severalnines.com/blog/9-tips-going-production-galera-cluster-mysql
sync_binlog=0
# Required for Galera
binlog_format=row
## Caches and Limits
##
tmp_table_size=32M
max_heap_table_size=32M
# Re-enabling as now works with Maria 10.1.2
query_cache_type=1
query_cache_limit=4M
query_cache_size=256M
max_connections=500
thread_cache_size=50
open_files_limit=65535
table_definition_cache=4096
table_open_cache=4096
## InnoDB
##
innodb=FORCE
innodb_strict_mode=1
# Mandatory per https://github.com/codership/documentation/issues/25
innodb_autoinc_lock_mode=2
# Per https://www.percona.com/blog/2006/08/04/innodb-double-write/
innodb_doublewrite=1
innodb_flush_method=O_DIRECT
innodb_log_files_in_group=2
innodb_log_file_size=128M
innodb_flush_log_at_trx_commit=1
innodb_file_per_table=1
# 80% Memory is default reco.
# Need to re-evaluate when DB size grows
innodb_buffer_pool_size=2G
innodb_file_format=Barracuda
## Logging
##
log_error=/opt/bitnami/mariadb/logs/mysqld.log
slow_query_log_file=/opt/bitnami/mariadb/logs/mysqld.log
log_queries_not_using_indexes=0
slow_query_log=1
## SSL
## Use extraVolumes and extraVolumeMounts to mount /certs filesystem
# ssl_ca=/certs/ca.pem
# ssl_cert=/certs/server-cert.pem
# ssl_key=/certs/server-key.pem
[galera]
wsrep_on=ON
wsrep_provider=/opt/bitnami/mariadb/lib/libgalera_smm.so
wsrep_sst_method=mariabackup
wsrep_slave_threads=4
wsrep_cluster_address=gcomm://
wsrep_cluster_name=galera
wsrep_sst_auth="root:"
# Enabled for performance per https://mariadb.com/kb/en/innodb-system-variables/#innodb_flush_log_at_trx_commit
innodb_flush_log_at_trx_commit=2
# MYISAM REPLICATION SUPPORT #
wsrep_replicate_myisam=ON
[mariadb]
plugin_load_add=auth_pam
## Data-at-Rest Encryption
## Use extraVolumes and extraVolumeMounts to mount /encryption filesystem
# plugin_load_add=file_key_management
# file_key_management_filename=/encryption/keyfile.enc
# file_key_management_filekey=FILE:/encryption/keyfile.key
# file_key_management_encryption_algorithm=AES_CTR
# encrypt_binlog=ON
# encrypt_tmp_files=ON
## InnoDB/XtraDB Encryption
# innodb_encrypt_tables=ON
# innodb_encrypt_temporary_tables=ON
# innodb_encrypt_log=ON
# innodb_encryption_threads=4
# innodb_encryption_rotate_key_age=1
## Aria Encryption
# aria_encrypt_tables=ON
# encrypt_tmp_disk_tables=ON

View File

@ -0,0 +1,9 @@
{{- if index .Values "mariadb-galera" "enabled" }}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ .Release.Name }}-mariadb-galera-configuration
labels: {{- include "common.labels.standard" . | nindent 4 }}
data:
{{ (.Files.Glob "files/mariadb/my.cnf").AsConfig | indent 2 }}
{{- end }}

View File

@ -25,3 +25,5 @@ mariadb-galera:
enabled: false
gateway: istio-ingress/private-ingressgateway
url: mariadb.example.com
configurationConfigMap: "{{ .Release.Name }}-mariadb-galera-configuration"