feat: add custom my.cnf for MariaDB to kubezero-sql
This commit is contained in:
parent
567a7f94ff
commit
2e72673c01
@ -2,7 +2,7 @@ apiVersion: v2
|
|||||||
name: kubezero-sql
|
name: kubezero-sql
|
||||||
description: KubeZero umbrella chart for SQL databases like MariaDB, PostgreSQL
|
description: KubeZero umbrella chart for SQL databases like MariaDB, PostgreSQL
|
||||||
type: application
|
type: application
|
||||||
version: 0.1.0
|
version: 0.1.1
|
||||||
home: https://kubezero.com
|
home: https://kubezero.com
|
||||||
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
|
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
|
||||||
keywords:
|
keywords:
|
||||||
@ -18,5 +18,5 @@ dependencies:
|
|||||||
- name: mariadb-galera
|
- name: mariadb-galera
|
||||||
version: 5.8.0
|
version: 5.8.0
|
||||||
repository: https://charts.bitnami.com/bitnami
|
repository: https://charts.bitnami.com/bitnami
|
||||||
condition: mariadb.enabled
|
condition: mariadb-galera.enabled
|
||||||
kubeVersion: ">= 1.18.0"
|
kubeVersion: ">= 1.18.0"
|
||||||
|
@ -1,8 +1,8 @@
|
|||||||
# kubezero-mq
|
# kubezero-sql
|
||||||
|
|
||||||
![Version: 0.2.0](https://img.shields.io/badge/Version-0.2.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
|
![Version: 0.1.1](https://img.shields.io/badge/Version-0.1.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
|
||||||
|
|
||||||
KubeZero umbrella chart for MQ systems like NATS, RabbitMQ
|
KubeZero umbrella chart for SQL databases like MariaDB, PostgreSQL
|
||||||
|
|
||||||
**Homepage:** <https://kubezero.com>
|
**Homepage:** <https://kubezero.com>
|
||||||
|
|
||||||
@ -18,41 +18,33 @@ Kubernetes: `>= 1.18.0`
|
|||||||
|
|
||||||
| Repository | Name | Version |
|
| Repository | Name | Version |
|
||||||
|------------|------|---------|
|
|------------|------|---------|
|
||||||
| | nats | 0.8.3 |
|
| https://charts.bitnami.com/bitnami | mariadb-galera | 5.8.0 |
|
||||||
| https://charts.bitnami.com/bitnami | rabbitmq | 8.13.1 |
|
|
||||||
| https://zero-down-time.github.io/kubezero/ | kubezero-lib | >= 0.1.3 |
|
| https://zero-down-time.github.io/kubezero/ | kubezero-lib | >= 0.1.3 |
|
||||||
|
|
||||||
## Values
|
## Values
|
||||||
|
|
||||||
| Key | Type | Default | Description |
|
| Key | Type | Default | Description |
|
||||||
|-----|------|---------|-------------|
|
|-----|------|---------|-------------|
|
||||||
| nats.enabled | bool | `false` | |
|
| mariadb-galera.configurationConfigMap | string | `"{{ .Release.Name }}-mariadb-galera-configuration"` | |
|
||||||
| nats.exporter.serviceMonitor.enabled | bool | `false` | |
|
| mariadb-galera.db.password | string | `"12345qwert"` | |
|
||||||
| nats.nats.advertise | bool | `false` | |
|
| mariadb-galera.db.user | string | `"mariadb"` | |
|
||||||
| nats.nats.image | string | `"nats:2.2.1-alpine3.13"` | |
|
| mariadb-galera.enabled | bool | `true` | |
|
||||||
| nats.nats.jetstream.enabled | bool | `true` | |
|
| mariadb-galera.galera.mariabackup.password | string | `"12345qwert"` | |
|
||||||
| nats.natsbox.enabled | bool | `false` | |
|
| mariadb-galera.istio.enabled | bool | `false` | |
|
||||||
| rabbitmq.auth.erlangCookie | string | `"randomlongerlangcookie"` | |
|
| mariadb-galera.istio.gateway | string | `"istio-ingress/private-ingressgateway"` | |
|
||||||
| rabbitmq.auth.password | string | `"supersecret"` | |
|
| mariadb-galera.istio.url | string | `"mariadb.example.com"` | |
|
||||||
| rabbitmq.auth.tls.enabled | bool | `false` | |
|
| mariadb-galera.metrics.enabled | bool | `false` | |
|
||||||
| rabbitmq.auth.tls.existingSecret | string | `"rabbitmq-server-certificate"` | |
|
| mariadb-galera.metrics.prometheusRules.enabled | bool | `false` | |
|
||||||
| rabbitmq.auth.tls.existingSecretFullChain | bool | `true` | |
|
| mariadb-galera.metrics.serviceMonitor.enabled | bool | `false` | |
|
||||||
| rabbitmq.auth.tls.failIfNoPeerCert | bool | `false` | |
|
| mariadb-galera.replicaCount | int | `2` | |
|
||||||
| rabbitmq.clustering.forceBoot | bool | `true` | |
|
| mariadb-galera.rootUser.password | string | `"12345qwert"` | |
|
||||||
| rabbitmq.enabled | bool | `false` | |
|
|
||||||
| rabbitmq.hosts | list | `[]` | hostnames of rabbitmq services, used for Istio and TLS |
|
# Changes
|
||||||
| rabbitmq.istio.enabled | bool | `false` | |
|
|
||||||
| rabbitmq.istio.gateway | string | `"istio-ingress/private-ingressgateway"` | |
|
## MariaDB
|
||||||
| rabbitmq.metrics.enabled | bool | `false` | |
|
- custom my.cnf, source: https://github.com/bitnami/charts/blob/70d602fea38010145c20e1ca59be06e4cf32bf80/bitnami/mariadb-galera/values.yaml#L261
|
||||||
| rabbitmq.metrics.serviceMonitor.enabled | bool | `false` | |
|
|
||||||
| rabbitmq.pdb.create | bool | `true` | |
|
|
||||||
| rabbitmq.podAntiAffinityPreset | string | `""` | |
|
|
||||||
| rabbitmq.replicaCount | int | `1` | |
|
|
||||||
| rabbitmq.resources.requests.cpu | string | `"100m"` | |
|
|
||||||
| rabbitmq.resources.requests.memory | string | `"256Mi"` | |
|
|
||||||
| rabbitmq.topologySpreadConstraints | string | `"- maxSkew: 1\n topologyKey: topology.kubernetes.io/zone\n whenUnsatisfiable: DoNotSchedule\n labelSelector:\n matchLabels: {{- include \"common.labels.matchLabels\" . | nindent 6 }}\n- maxSkew: 1\n topologyKey: kubernetes.io/hostname\n whenUnsatisfiable: DoNotSchedule\n labelSelector:\n matchLabels: {{- include \"common.labels.matchLabels\" . | nindent 6 }}"` | |
|
|
||||||
|
|
||||||
## Resources
|
## Resources
|
||||||
|
|
||||||
### NATS
|
### MariaDB
|
||||||
- https://grafana.com/grafana/dashboards/13707
|
|
||||||
|
@ -15,6 +15,13 @@
|
|||||||
|
|
||||||
{{ template "chart.valuesSection" . }}
|
{{ template "chart.valuesSection" . }}
|
||||||
|
|
||||||
|
# Changes
|
||||||
|
|
||||||
|
## MariaDB
|
||||||
|
- custom my.cnf, source: https://github.com/bitnami/charts/blob/70d602fea38010145c20e1ca59be06e4cf32bf80/bitnami/mariadb-galera/values.yaml#L261
|
||||||
|
|
||||||
|
|
||||||
## Resources
|
## Resources
|
||||||
|
|
||||||
### MariaDB
|
### MariaDB
|
||||||
|
|
||||||
|
@ -17,9 +17,6 @@ spec:
|
|||||||
enabled: true
|
enabled: true
|
||||||
serviceMonitor:
|
serviceMonitor:
|
||||||
enabled: true
|
enabled: true
|
||||||
istio:
|
|
||||||
enabled: true
|
|
||||||
url: mariadb.dev.mayneinc.com
|
|
||||||
|
|
||||||
destination:
|
destination:
|
||||||
server: 'https://kubernetes.default.svc'
|
server: 'https://kubernetes.default.svc'
|
||||||
|
124
charts/kubezero-sql/files/mariadb/my.cnf
Normal file
124
charts/kubezero-sql/files/mariadb/my.cnf
Normal file
@ -0,0 +1,124 @@
|
|||||||
|
[client]
|
||||||
|
port=3306
|
||||||
|
socket=/opt/bitnami/mariadb/tmp/mysql.sock
|
||||||
|
plugin_dir=/opt/bitnami/mariadb/plugin
|
||||||
|
|
||||||
|
[mysqld]
|
||||||
|
default_storage_engine=InnoDB
|
||||||
|
basedir=/opt/bitnami/mariadb
|
||||||
|
datadir=/bitnami/mariadb/data
|
||||||
|
plugin_dir=/opt/bitnami/mariadb/plugin
|
||||||
|
tmpdir=/opt/bitnami/mariadb/tmp
|
||||||
|
socket=/opt/bitnami/mariadb/tmp/mysql.sock
|
||||||
|
pid_file=/opt/bitnami/mariadb/tmp/mysqld.pid
|
||||||
|
bind_address=0.0.0.0
|
||||||
|
|
||||||
|
## Character set
|
||||||
|
##
|
||||||
|
collation_server=utf8_unicode_ci
|
||||||
|
init_connect='SET NAMES utf8'
|
||||||
|
character_set_server=utf8
|
||||||
|
|
||||||
|
## MyISAM
|
||||||
|
##
|
||||||
|
key_buffer_size=32M
|
||||||
|
myisam_recover_options=FORCE,BACKUP
|
||||||
|
|
||||||
|
## Safety
|
||||||
|
##
|
||||||
|
skip_host_cache
|
||||||
|
skip_name_resolve
|
||||||
|
max_allowed_packet=16M
|
||||||
|
max_connect_errors=1000000
|
||||||
|
sql_mode=STRICT_TRANS_TABLES,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_AUTO_VALUE_ON_ZERO,NO_ENGINE_SUBSTITUTION,NO_ZERO_DATE,NO_ZERO_IN_DATE,ONLY_FULL_GROUP_BY
|
||||||
|
sysdate_is_now=1
|
||||||
|
|
||||||
|
## Binary Logging
|
||||||
|
##
|
||||||
|
log_bin=mysql-bin
|
||||||
|
expire_logs_days=14
|
||||||
|
# Disabling for performance per http://severalnines.com/blog/9-tips-going-production-galera-cluster-mysql
|
||||||
|
sync_binlog=0
|
||||||
|
# Required for Galera
|
||||||
|
binlog_format=row
|
||||||
|
|
||||||
|
## Caches and Limits
|
||||||
|
##
|
||||||
|
tmp_table_size=32M
|
||||||
|
max_heap_table_size=32M
|
||||||
|
# Re-enabling as now works with Maria 10.1.2
|
||||||
|
query_cache_type=1
|
||||||
|
query_cache_limit=4M
|
||||||
|
query_cache_size=256M
|
||||||
|
max_connections=500
|
||||||
|
thread_cache_size=50
|
||||||
|
open_files_limit=65535
|
||||||
|
table_definition_cache=4096
|
||||||
|
table_open_cache=4096
|
||||||
|
|
||||||
|
## InnoDB
|
||||||
|
##
|
||||||
|
innodb=FORCE
|
||||||
|
innodb_strict_mode=1
|
||||||
|
# Mandatory per https://github.com/codership/documentation/issues/25
|
||||||
|
innodb_autoinc_lock_mode=2
|
||||||
|
# Per https://www.percona.com/blog/2006/08/04/innodb-double-write/
|
||||||
|
innodb_doublewrite=1
|
||||||
|
innodb_flush_method=O_DIRECT
|
||||||
|
innodb_log_files_in_group=2
|
||||||
|
innodb_log_file_size=128M
|
||||||
|
innodb_flush_log_at_trx_commit=1
|
||||||
|
innodb_file_per_table=1
|
||||||
|
# 80% Memory is default reco.
|
||||||
|
# Need to re-evaluate when DB size grows
|
||||||
|
innodb_buffer_pool_size=2G
|
||||||
|
innodb_file_format=Barracuda
|
||||||
|
|
||||||
|
## Logging
|
||||||
|
##
|
||||||
|
log_error=/opt/bitnami/mariadb/logs/mysqld.log
|
||||||
|
slow_query_log_file=/opt/bitnami/mariadb/logs/mysqld.log
|
||||||
|
log_queries_not_using_indexes=0
|
||||||
|
slow_query_log=1
|
||||||
|
|
||||||
|
## SSL
|
||||||
|
## Use extraVolumes and extraVolumeMounts to mount /certs filesystem
|
||||||
|
# ssl_ca=/certs/ca.pem
|
||||||
|
# ssl_cert=/certs/server-cert.pem
|
||||||
|
# ssl_key=/certs/server-key.pem
|
||||||
|
|
||||||
|
[galera]
|
||||||
|
wsrep_on=ON
|
||||||
|
wsrep_provider=/opt/bitnami/mariadb/lib/libgalera_smm.so
|
||||||
|
wsrep_sst_method=mariabackup
|
||||||
|
wsrep_slave_threads=4
|
||||||
|
wsrep_cluster_address=gcomm://
|
||||||
|
wsrep_cluster_name=galera
|
||||||
|
wsrep_sst_auth="root:"
|
||||||
|
# Enabled for performance per https://mariadb.com/kb/en/innodb-system-variables/#innodb_flush_log_at_trx_commit
|
||||||
|
innodb_flush_log_at_trx_commit=2
|
||||||
|
# MYISAM REPLICATION SUPPORT #
|
||||||
|
wsrep_replicate_myisam=ON
|
||||||
|
|
||||||
|
[mariadb]
|
||||||
|
plugin_load_add=auth_pam
|
||||||
|
|
||||||
|
## Data-at-Rest Encryption
|
||||||
|
## Use extraVolumes and extraVolumeMounts to mount /encryption filesystem
|
||||||
|
# plugin_load_add=file_key_management
|
||||||
|
# file_key_management_filename=/encryption/keyfile.enc
|
||||||
|
# file_key_management_filekey=FILE:/encryption/keyfile.key
|
||||||
|
# file_key_management_encryption_algorithm=AES_CTR
|
||||||
|
# encrypt_binlog=ON
|
||||||
|
# encrypt_tmp_files=ON
|
||||||
|
|
||||||
|
## InnoDB/XtraDB Encryption
|
||||||
|
# innodb_encrypt_tables=ON
|
||||||
|
# innodb_encrypt_temporary_tables=ON
|
||||||
|
# innodb_encrypt_log=ON
|
||||||
|
# innodb_encryption_threads=4
|
||||||
|
# innodb_encryption_rotate_key_age=1
|
||||||
|
|
||||||
|
## Aria Encryption
|
||||||
|
# aria_encrypt_tables=ON
|
||||||
|
# encrypt_tmp_disk_tables=ON
|
9
charts/kubezero-sql/templates/mariadb/mycnf-cm.yaml
Normal file
9
charts/kubezero-sql/templates/mariadb/mycnf-cm.yaml
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
{{- if index .Values "mariadb-galera" "enabled" }}
|
||||||
|
apiVersion: v1
|
||||||
|
kind: ConfigMap
|
||||||
|
metadata:
|
||||||
|
name: {{ .Release.Name }}-mariadb-galera-configuration
|
||||||
|
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
||||||
|
data:
|
||||||
|
{{ (.Files.Glob "files/mariadb/my.cnf").AsConfig | indent 2 }}
|
||||||
|
{{- end }}
|
@ -25,3 +25,5 @@ mariadb-galera:
|
|||||||
enabled: false
|
enabled: false
|
||||||
gateway: istio-ingress/private-ingressgateway
|
gateway: istio-ingress/private-ingressgateway
|
||||||
url: mariadb.example.com
|
url: mariadb.example.com
|
||||||
|
|
||||||
|
configurationConfigMap: "{{ .Release.Name }}-mariadb-galera-configuration"
|
||||||
|
Loading…
Reference in New Issue
Block a user