From 9ece3ca388ef08c85c5b511f60d8111646c4e856 Mon Sep 17 00:00:00 2001 From: Stefan Reimer Date: Thu, 3 Nov 2022 13:19:57 +0100 Subject: [PATCH] Feat: introduce Percona XtraDB operator to SQL module --- charts/kubezero-sql/Chart.yaml | 15 +- charts/kubezero-sql/README.md | 19 +- charts/kubezero-sql/cr.yaml | 591 ++++++++++++++++++ charts/kubezero-sql/files/mariadb/my.cnf | 2 +- .../templates/mariadb/grafana-dashboards.yaml | 2 +- charts/kubezero-sql/update.sh | 3 +- charts/kubezero-sql/values.yaml | 24 +- 7 files changed, 636 insertions(+), 20 deletions(-) create mode 100644 charts/kubezero-sql/cr.yaml diff --git a/charts/kubezero-sql/Chart.yaml b/charts/kubezero-sql/Chart.yaml index 4b4a786..6840e27 100644 --- a/charts/kubezero-sql/Chart.yaml +++ b/charts/kubezero-sql/Chart.yaml @@ -1,14 +1,15 @@ apiVersion: v2 name: kubezero-sql -description: KubeZero umbrella chart for SQL databases like MariaDB, PostgreSQL +description: KubeZero umbrella chart for SQL databases, Percona XtraDB Cluster type: application -version: 0.2.1 +version: 0.3.0 home: https://kubezero.com icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png keywords: - kubezero - - mariadb - - postgresql + - mysql + - percona + # - postgresql maintainers: - name: Stefan Reimer email: stefan@zero-downtime.net @@ -16,8 +17,12 @@ dependencies: - name: kubezero-lib version: ">= 0.1.5" repository: https://cdn.zero-downtime.net/charts/ + - name: pxc-operator + version: 1.11.1 + repository: https://percona.github.io/percona-helm-charts/ + condition: pxc-operator.enabled - name: mariadb-galera - version: 7.4.3 + version: 7.4.7 repository: https://charts.bitnami.com/bitnami condition: mariadb-galera.enabled kubeVersion: ">= 1.20.0" diff --git a/charts/kubezero-sql/README.md b/charts/kubezero-sql/README.md index 7fdfdfa..daae4cb 100644 --- a/charts/kubezero-sql/README.md +++ b/charts/kubezero-sql/README.md @@ -1,8 +1,8 @@ # kubezero-sql -![Version: 0.2.1](https://img.shields.io/badge/Version-0.2.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) +![Version: 0.3.0](https://img.shields.io/badge/Version-0.3.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) -KubeZero umbrella chart for SQL databases like MariaDB, PostgreSQL +KubeZero umbrella chart for SQL databases, Percona XtraDB Cluster **Homepage:** @@ -19,25 +19,32 @@ Kubernetes: `>= 1.20.0` | Repository | Name | Version | |------------|------|---------| | https://cdn.zero-downtime.net/charts/ | kubezero-lib | >= 0.1.5 | -| https://charts.bitnami.com/bitnami | mariadb-galera | 7.4.3 | +| https://charts.bitnami.com/bitnami | mariadb-galera | 7.4.7 | +| https://percona.github.io/percona-helm-charts/ | pxc-operator | 1.11.1 | ## Values | Key | Type | Default | Description | |-----|------|---------|-------------| | mariadb-galera.configurationConfigMap | string | `"{{ .Release.Name }}-mariadb-galera-configuration"` | | -| mariadb-galera.db.password | string | `"12345qwert"` | | | mariadb-galera.db.user | string | `"mariadb"` | | | mariadb-galera.enabled | bool | `false` | | -| mariadb-galera.galera.mariabackup.password | string | `"12345qwert"` | | +| mariadb-galera.galera | string | `nil` | | | mariadb-galera.istio.enabled | bool | `false` | | | mariadb-galera.istio.gateway | string | `"istio-ingress/private-ingressgateway"` | | | mariadb-galera.istio.url | string | `"mariadb.example.com"` | | | mariadb-galera.metrics.enabled | bool | `false` | | +| mariadb-galera.metrics.installDashboard | bool | `true` | | | mariadb-galera.metrics.prometheusRules.enabled | bool | `false` | | | mariadb-galera.metrics.serviceMonitor.enabled | bool | `false` | | | mariadb-galera.replicaCount | int | `2` | | -| mariadb-galera.rootUser.password | string | `"12345qwert"` | | +| pxc-operator.enabled | bool | `false` | | +| pxc-operator.nodeSelector."node-role.kubernetes.io/control-plane" | string | `""` | | +| pxc-operator.tolerations[0].effect | string | `"NoSchedule"` | | +| pxc-operator.tolerations[0].key | string | `"node-role.kubernetes.io/master"` | | +| pxc-operator.tolerations[1].effect | string | `"NoSchedule"` | | +| pxc-operator.tolerations[1].key | string | `"node-role.kubernetes.io/control-plane"` | | +| pxc-operator.watchAllNamespaces | bool | `true` | | # Changes diff --git a/charts/kubezero-sql/cr.yaml b/charts/kubezero-sql/cr.yaml new file mode 100644 index 0000000..0561116 --- /dev/null +++ b/charts/kubezero-sql/cr.yaml @@ -0,0 +1,591 @@ +apiVersion: pxc.percona.com/v1-11-0 +kind: PerconaXtraDBCluster +metadata: + name: best-db + finalizers: + - delete-pxc-pods-in-order +# - delete-ssl +# - delete-proxysql-pvc +# - delete-pxc-pvc +# annotations: +# percona.com/issue-vault-token: "true" +spec: + crVersion: 1.11.0 +# secretsName: cluster1-secrets +# vaultSecretName: keyring-secret-vault +# sslSecretName: cluster1-ssl +# sslInternalSecretName: cluster1-ssl-internal +# logCollectorSecretName: cluster1-log-collector-secrets +# initImage: percona/percona-xtradb-cluster-operator:1.12.0 +# enableCRValidationWebhook: true +# tls: +# SANs: +# - pxc-1.example.com +# - pxc-2.example.com +# - pxc-3.example.com +# issuerConf: +# name: special-selfsigned-issuer +# kind: ClusterIssuer +# group: cert-manager.io + allowUnsafeConfigurations: true +# pause: false + updateStrategy: SmartUpdate + upgradeOptions: + versionServiceEndpoint: https://check.percona.com + apply: disabled + schedule: "0 4 * * *" + pxc: + size: 1 + image: percona/percona-xtradb-cluster:8.0.27-18.1 + autoRecovery: true +# expose: +# enabled: true +# type: LoadBalancer +# trafficPolicy: Local +# loadBalancerSourceRanges: +# - 10.0.0.0/8 +# annotations: +# networking.gke.io/load-balancer-type: "Internal" +# replicationChannels: +# - name: pxc1_to_pxc2 +# isSource: true +# - name: pxc2_to_pxc1 +# isSource: false +# configuration: +# sourceRetryCount: 3 +# sourceConnectRetry: 60 +# sourcesList: +# - host: 10.95.251.101 +# port: 3306 +# weight: 100 +# schedulerName: mycustom-scheduler +# readinessDelaySec: 15 +# livenessDelaySec: 600 +# configuration: | +# [mysqld] +# wsrep_debug=CLIENT +# wsrep_provider_options="gcache.size=1G; gcache.recover=yes" +# [sst] +# xbstream-opts=--decompress +# [xtrabackup] +# compress=lz4 +# for PXC 5.7 +# [xtrabackup] +# compress +# imagePullSecrets: +# - name: private-registry-credentials +# priorityClassName: high-priority +# annotations: +# iam.amazonaws.com/role: role-arn +# labels: +# rack: rack-22 +# readinessProbes: +# initialDelaySeconds: 15 +# timeoutSeconds: 15 +# periodSeconds: 30 +# successThreshold: 1 +# failureThreshold: 5 +# livenessProbes: +# initialDelaySeconds: 300 +# timeoutSeconds: 5 +# periodSeconds: 10 +# successThreshold: 1 +# failureThreshold: 3 +# containerSecurityContext: +# privileged: false +# podSecurityContext: +# runAsUser: 1001 +# runAsGroup: 1001 +# supplementalGroups: [1001] +# serviceAccountName: percona-xtradb-cluster-operator-workload +# imagePullPolicy: Always +# runtimeClassName: image-rc +# sidecars: +# - image: busybox +# command: ["/bin/sh"] +# args: ["-c", "while true; do trap 'exit 0' SIGINT SIGTERM SIGQUIT SIGKILL; done;"] +# name: my-sidecar-1 +# resources: +# requests: +# memory: 100M +# cpu: 100m +# limits: +# memory: 200M +# cpu: 200m +# envVarsSecret: my-env-var-secrets + resources: + requests: + memory: 512M + cpu: 200m +# ephemeral-storage: 1G +# limits: +# memory: 1G +# cpu: "1" +# ephemeral-storage: 1G +# nodeSelector: +# disktype: ssd + affinity: + antiAffinityTopologyKey: "kubernetes.io/hostname" +# advanced: +# nodeAffinity: +# requiredDuringSchedulingIgnoredDuringExecution: +# nodeSelectorTerms: +# - matchExpressions: +# - key: kubernetes.io/e2e-az-name +# operator: In +# values: +# - e2e-az1 +# - e2e-az2 +# tolerations: +# - key: "node.alpha.kubernetes.io/unreachable" +# operator: "Exists" +# effect: "NoExecute" +# tolerationSeconds: 6000 +# podDisruptionBudget: +# maxUnavailable: 1 +# minAvailable: 0 + volumeSpec: +# emptyDir: {} +# hostPath: +# path: /data +# type: Directory + persistentVolumeClaim: +# storageClassName: standard +# accessModes: [ "ReadWriteOnce" ] + resources: + requests: + storage: 2G + gracePeriod: 600 + haproxy: + enabled: true + size: 1 + image: perconalab/percona-xtradb-cluster-operator:main-haproxy +# imagePullPolicy: Always +# schedulerName: mycustom-scheduler +# readinessDelaySec: 15 +# livenessDelaySec: 600 +# configuration: | +# +# the actual default configuration file can be found here https://github.com/percona/percona-docker/blob/main/haproxy/dockerdir/etc/haproxy/haproxy-global.cfg +# +# global +# maxconn 2048 +# external-check +# insecure-fork-wanted +# stats socket /etc/haproxy/pxc/haproxy.sock mode 600 expose-fd listeners level admin +# +# defaults +# default-server init-addr last,libc,none +# log global +# mode tcp +# retries 10 +# timeout client 28800s +# timeout connect 100500 +# timeout server 28800s +# +# frontend galera-in +# bind *:3309 accept-proxy +# bind *:3306 +# mode tcp +# option clitcpka +# default_backend galera-nodes +# +# frontend galera-admin-in +# bind *:33062 +# mode tcp +# option clitcpka +# default_backend galera-admin-nodes +# +# frontend galera-replica-in +# bind *:3307 +# mode tcp +# option clitcpka +# default_backend galera-replica-nodes +# +# frontend galera-mysqlx-in +# bind *:33060 +# mode tcp +# option clitcpka +# default_backend galera-mysqlx-nodes +# +# frontend stats +# bind *:8404 +# mode http +# option http-use-htx +# http-request use-service prometheus-exporter if { path /metrics } +# imagePullSecrets: +# - name: private-registry-credentials +# annotations: +# iam.amazonaws.com/role: role-arn +# labels: +# rack: rack-22 +# readinessProbes: +# initialDelaySeconds: 15 +# timeoutSeconds: 1 +# periodSeconds: 5 +# successThreshold: 1 +# failureThreshold: 3 +# livenessProbes: +# initialDelaySeconds: 60 +# timeoutSeconds: 5 +# periodSeconds: 30 +# successThreshold: 1 +# failureThreshold: 4 +# serviceType: ClusterIP +# externalTrafficPolicy: Cluster +# loadbalancersourceranges: +# - 10.0.0.0/8 +# loadBalancerIP: 127.0.0.1 +# serviceAnnotations: +# service.beta.kubernetes.io/aws-load-balancer-backend-protocol: http +# serviceLabels: +# rack: rack-23 +# replicasServiceEnabled: false +# replicasLoadBalancerSourceRanges: +# - 10.0.0.0/8 +# replicasLoadBalancerIP: 127.0.0.1 +# replicasServiceType: ClusterIP +# replicasExternalTrafficPolicy: Cluster +# replicasServiceAnnotations: +# service.beta.kubernetes.io/aws-load-balancer-backend-protocol: http +# replicasServiceLabels: +# rack: rack-23 +# runtimeClassName: image-rc +# sidecars: +# - image: busybox +# command: ["/bin/sh"] +# args: ["-c", "while true; do trap 'exit 0' SIGINT SIGTERM SIGQUIT SIGKILL; done;"] +# name: my-sidecar-1 +# resources: +# requests: +# memory: 100M +# cpu: 100m +# limits: +# memory: 200M +# cpu: 200m +# envVarsSecret: my-env-var-secrets + resources: + requests: + memory: 100M + cpu: 100m +# limits: +# memory: 1G +# cpu: 700m +# priorityClassName: high-priority +# nodeSelector: +# disktype: ssd +# sidecarResources: +# requests: +# memory: 1G +# cpu: 500m +# limits: +# memory: 2G +# cpu: 600m +# containerSecurityContext: +# privileged: false +# podSecurityContext: +# runAsUser: 1001 +# runAsGroup: 1001 +# supplementalGroups: [1001] +# serviceAccountName: percona-xtradb-cluster-operator-workload + affinity: + antiAffinityTopologyKey: "kubernetes.io/hostname" +# advanced: +# nodeAffinity: +# requiredDuringSchedulingIgnoredDuringExecution: +# nodeSelectorTerms: +# - matchExpressions: +# - key: kubernetes.io/e2e-az-name +# operator: In +# values: +# - e2e-az1 +# - e2e-az2 +# tolerations: +# - key: "node.alpha.kubernetes.io/unreachable" +# operator: "Exists" +# effect: "NoExecute" +# tolerationSeconds: 6000 +# podDisruptionBudget: +# maxUnavailable: 1 +# minAvailable: 0 + gracePeriod: 30 + proxysql: + enabled: false + size: 3 + image: perconalab/percona-xtradb-cluster-operator:main-proxysql +# imagePullPolicy: Always +# configuration: | +# datadir="/var/lib/proxysql" +# +# admin_variables = +# { +# admin_credentials="proxyadmin:admin_password" +# mysql_ifaces="0.0.0.0:6032" +# refresh_interval=2000 +# +# cluster_username="proxyadmin" +# cluster_password="admin_password" +# checksum_admin_variables=false +# checksum_ldap_variables=false +# checksum_mysql_variables=false +# cluster_check_interval_ms=200 +# cluster_check_status_frequency=100 +# cluster_mysql_query_rules_save_to_disk=true +# cluster_mysql_servers_save_to_disk=true +# cluster_mysql_users_save_to_disk=true +# cluster_proxysql_servers_save_to_disk=true +# cluster_mysql_query_rules_diffs_before_sync=1 +# cluster_mysql_servers_diffs_before_sync=1 +# cluster_mysql_users_diffs_before_sync=1 +# cluster_proxysql_servers_diffs_before_sync=1 +# } +# +# mysql_variables= +# { +# monitor_password="monitor" +# monitor_galera_healthcheck_interval=1000 +# threads=2 +# max_connections=2048 +# default_query_delay=0 +# default_query_timeout=10000 +# poll_timeout=2000 +# interfaces="0.0.0.0:3306" +# default_schema="information_schema" +# stacksize=1048576 +# connect_timeout_server=10000 +# monitor_history=60000 +# monitor_connect_interval=20000 +# monitor_ping_interval=10000 +# ping_timeout_server=200 +# commands_stats=true +# sessions_sort=true +# have_ssl=true +# ssl_p2s_ca="/etc/proxysql/ssl-internal/ca.crt" +# ssl_p2s_cert="/etc/proxysql/ssl-internal/tls.crt" +# ssl_p2s_key="/etc/proxysql/ssl-internal/tls.key" +# ssl_p2s_cipher="ECDHE-RSA-AES128-GCM-SHA256" +# } +# readinessDelaySec: 15 +# livenessDelaySec: 600 +# schedulerName: mycustom-scheduler +# imagePullSecrets: +# - name: private-registry-credentials +# annotations: +# iam.amazonaws.com/role: role-arn +# labels: +# rack: rack-22 +# serviceType: ClusterIP +# loadbalancersourceranges: +# - 10.0.0.0/8 +# loadBalancerIP: 127.0.0.1 +# externalTrafficPolicy: Cluster +# runtimeClassName: image-rc +# sidecars: +# - image: busybox +# command: ["/bin/sh"] +# args: ["-c", "while true; do trap 'exit 0' SIGINT SIGTERM SIGQUIT SIGKILL; done;"] +# name: my-sidecar-1 +# resources: +# requests: +# memory: 100M +# cpu: 100m +# limits: +# memory: 200M +# cpu: 200m +# envVarsSecret: my-env-var-secrets + resources: + requests: + memory: 1G + cpu: 600m +# limits: +# memory: 1G +# cpu: 700m +# priorityClassName: high-priority +# nodeSelector: +# disktype: ssd +# sidecarResources: +# requests: +# memory: 1G +# cpu: 500m +# limits: +# memory: 2G +# cpu: 600m +# containerSecurityContext: +# privileged: false +# podSecurityContext: +# runAsUser: 1001 +# runAsGroup: 1001 +# supplementalGroups: [1001] +# serviceAccountName: percona-xtradb-cluster-operator-workload + affinity: + antiAffinityTopologyKey: "kubernetes.io/hostname" +# advanced: +# nodeAffinity: +# requiredDuringSchedulingIgnoredDuringExecution: +# nodeSelectorTerms: +# - matchExpressions: +# - key: kubernetes.io/e2e-az-name +# operator: In +# values: +# - e2e-az1 +# - e2e-az2 +# tolerations: +# - key: "node.alpha.kubernetes.io/unreachable" +# operator: "Exists" +# effect: "NoExecute" +# tolerationSeconds: 6000 + volumeSpec: +# emptyDir: {} +# hostPath: +# path: /data +# type: Directory + persistentVolumeClaim: +# storageClassName: standard +# accessModes: [ "ReadWriteOnce" ] + resources: + requests: + storage: 2G + podDisruptionBudget: + maxUnavailable: 1 +# minAvailable: 0 + gracePeriod: 30 +# loadBalancerSourceRanges: +# - 10.0.0.0/8 +# serviceAnnotations: +# service.beta.kubernetes.io/aws-load-balancer-backend-protocol: http +# serviceLabels: +# rack: rack-23 + logcollector: + enabled: false + image: perconalab/percona-xtradb-cluster-operator:main-logcollector +# configuration: | +# [OUTPUT] +# Name es +# Match * +# Host 192.168.2.3 +# Port 9200 +# Index my_index +# Type my_type + resources: + requests: + memory: 100M + cpu: 200m + pmm: + enabled: false + image: percona/pmm-client:2.28.0 + serverHost: monitoring-service +# serverUser: admin +# pxcParams: "--disable-tablestats-limit=2000" +# proxysqlParams: "--custom-labels=CUSTOM-LABELS" + resources: + requests: + memory: 150M + cpu: 300m + backup: + enabled: false + image: perconalab/percona-xtradb-cluster-operator:main-pxc8.0-backup +# backoffLimit: 6 +# serviceAccountName: percona-xtradb-cluster-operator +# imagePullSecrets: +# - name: private-registry-credentials + pitr: + enabled: false + storageName: STORAGE-NAME-HERE + timeBetweenUploads: 60 +# resources: +# requests: +# memory: 0.1G +# cpu: 100m +# limits: +# memory: 1G +# cpu: 700m + storages: + s3-us-west: + type: s3 + verifyTLS: true +# nodeSelector: +# storage: tape +# backupWorker: 'True' +# resources: +# requests: +# memory: 1G +# cpu: 600m +# affinity: +# nodeAffinity: +# requiredDuringSchedulingIgnoredDuringExecution: +# nodeSelectorTerms: +# - matchExpressions: +# - key: backupWorker +# operator: In +# values: +# - 'True' +# tolerations: +# - key: "backupWorker" +# operator: "Equal" +# value: "True" +# effect: "NoSchedule" +# annotations: +# testName: scheduled-backup +# labels: +# backupWorker: 'True' +# schedulerName: 'default-scheduler' +# priorityClassName: 'high-priority' +# containerSecurityContext: +# privileged: true +# podSecurityContext: +# fsGroup: 1001 +# supplementalGroups: [1001, 1002, 1003] + s3: + bucket: S3-BACKUP-BUCKET-NAME-HERE + credentialsSecret: my-cluster-name-backup-s3 + region: us-west-2 + fs-pvc: + type: filesystem +# nodeSelector: +# storage: tape +# backupWorker: 'True' +# resources: +# requests: +# memory: 1G +# cpu: 600m +# affinity: +# nodeAffinity: +# requiredDuringSchedulingIgnoredDuringExecution: +# nodeSelectorTerms: +# - matchExpressions: +# - key: backupWorker +# operator: In +# values: +# - 'True' +# tolerations: +# - key: "backupWorker" +# operator: "Equal" +# value: "True" +# effect: "NoSchedule" +# annotations: +# testName: scheduled-backup +# labels: +# backupWorker: 'True' +# schedulerName: 'default-scheduler' +# priorityClassName: 'high-priority' +# containerSecurityContext: +# privileged: true +# podSecurityContext: +# fsGroup: 1001 +# supplementalGroups: [1001, 1002, 1003] + volume: + persistentVolumeClaim: +# storageClassName: standard + accessModes: [ "ReadWriteOnce" ] + resources: + requests: + storage: 6G + schedule: + - name: "sat-night-backup" + schedule: "0 0 * * 6" + keep: 3 + storageName: s3-us-west + - name: "daily-backup" + schedule: "0 0 * * *" + keep: 5 + storageName: fs-pvc diff --git a/charts/kubezero-sql/files/mariadb/my.cnf b/charts/kubezero-sql/files/mariadb/my.cnf index 34c89a0..7bd5a59 100644 --- a/charts/kubezero-sql/files/mariadb/my.cnf +++ b/charts/kubezero-sql/files/mariadb/my.cnf @@ -78,7 +78,7 @@ innodb_file_format=Barracuda ## log_error=/opt/bitnami/mariadb/logs/mysqld.log slow_query_log_file=/opt/bitnami/mariadb/logs/mysqld.log -log_queries_not_using_indexes=0 +log_queries_not_using_indexes=1 slow_query_log=1 ## SSL diff --git a/charts/kubezero-sql/templates/mariadb/grafana-dashboards.yaml b/charts/kubezero-sql/templates/mariadb/grafana-dashboards.yaml index e37e1d5..a24bae0 100644 --- a/charts/kubezero-sql/templates/mariadb/grafana-dashboards.yaml +++ b/charts/kubezero-sql/templates/mariadb/grafana-dashboards.yaml @@ -6,7 +6,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: grafana_dashboard: "1" -{{ include "kubezero-lib.labels" . | indent 4 }} + {{- include "kubezero-lib.labels" . | nindent 4 }} binaryData: mariadb-galera.json.gz: H4sIAAAAAAAC/+2dWW/buBaA3/MrBGFw0QJuKrtZOn1r0kmnmGSSTtKZe1EEBi3RMicyqZJUErfIf79ctJNeszkpX1qYlEmehed8XGL92PA8v99HOM048995X8Vnz/uh/hU1GIyhKPU/nPZP/jo++u3s99++nPqdojoBA5jI+pSSMeQjmLGqMoIspCjliGD5SFXBJ6lqNAIcMJLREFZ1aZLFCH+KpjWq6//Mh3VSPaEeuBH/nne0SBR+yxCFFqGK/lOAxejLppHqNAZZXBtPoYCPzeJLSFkhl+65Y+8jpmAIMDB6aReX/bQraj3tbvY2g9nd2UWiIB1Zu6oXLyySzWxoqsGwaSpbl93NYCXZGAfc7Oy0UbqwZNYeOBgkFoc4axabfZSuCDAmYjyiVvqi7tRPEOOlZ1ZDETWDDCX8k2yp26lKa0q3K1M8A7Ea0zuP0wzWykcospSikOB9khAqG6TxALwIOl6v2xX/bG93vO7LetOF1O8rWbz/eO8TSHljCJWPsNGAABr5ed2N+v98I1d+OziMAUUgGngxEE0CL0wyxiH1iFDrJYJXm54Ql6KQeUMhuTeesG9J5MHrlFDx2KYagQ8jxFsK8GMMuQom3TfdYEcXSbc/IyThKBUVgSpUpsZZkuhPolGQD627E3R/3Q223m4HO1uqNkH4QkUVbV7lNJYoM9di/hDBJNoneIji0jHyyDkEWcJZo1SUh0IrZNwqlR6WoBjXBKhVDYUzCWG0WoYgYbBWf1N/WNggTRGOWc0t285ZNErVKHy/065RegyMYg6vpbf7X07Mr3Bibyp3pa5RcQmSTOm06zeqbjq3GnV36qg/HP/z512OO2iNu/bpvGERPhL5a0SSiJk2HxM1qX0wYCTJOGwNRARGmJqmNNUi3aqIAjGFEBsS1YYuHaxVe9NZogMKo1nNB+22G5/PN2w1tf59GS6oCHZtuduqAzwcQWrotAz5g8mZNKJhQZIWUdzH2XggmpjlgDIdpiJAIrigHXTnepJvRoilCZgcSTPPUJnW7asBCC9iSjIc+SvYJ090lbfN6ND8+nxnnOOS08a1mPfMd9Epili022mzotVx196rpfR8Y95Tixst95YrFPHRLLP1glUmV1FajkcoA0UnpBmP/JH4uF2bh1dSHb1awXUzK/iT2mS/afJW+bXabKt1JRz06ncIIjV9W0TDBA3sTVRmNtrW64a/2zBdrUkAjSFvemcj9wrYUN6g2KOfpQ1l+0NCRVQxcVHLhQWlYm4MWFWJ7CxsZKSSsuYAhFz5YSOh+AmMIY4Oym6bX6ZwqJdQ76twUFj1vJIZjeGBTop1clDlpyM05GYFTzRfSywLoSc5u040nALMtC5y003RpnZeDScHEoPY3kQt6hpi2DwgV44gxMgWjhSp2oNMbofQGk//VvNkY9ZEvbHnH1OtOQNrT7AuOJ40G/7cjPLWQYpoOcOIz8QS5j9GSus4yHrekGXMvltR1gMTUKNgBgJtLYlA9w07cUIGIOkzlewF+kg+uG/8WQ+++dKU1fHNOvDNomQyBnLSvWmWIdzeoHpwgpkDGLfllwlMEnI1q4fuZhAE3dv0MRfCetYubkNK97kU3bbH4Z3ZcVjYMQvhsXUO+yFIQtMx/AQw7k/d71OTgpnhTmmVGZBe15VMCmeFIx/KY7ny+WlPHQF6IVLEoySRK0Zh2s+3+fsMfZ+eUEQA7jNIJaBOSSstKdc4r+zn5xqndYGXzSrq0JWdEZ1XFswoyoUOi+PaMlMsGfL14ahb0j6phDA3WK9tnDaAeUqgfjs7UCtNHOWG00LX2lXngUUtoBDUK/8VLoiGk7I646ReTURYwrw4KjSqV8kQYwjwvWQIeZrVkONRI35z4/DpB/TbbYQ+RkiXI0yFvxsrszLaq7sV1mAvIjBg6vIAaxC5PwDU4A51GeAQ4pjLSd8NGuXQ9vgaLB7ctubdJgGRmJP6IYYq+EhBhLQDBvPTxe6yWN8191dGKIogPtU42XY8fQ2gon4dWpoDAZexhavDjOYTqV2jF6FGqVqGtkspikf81HpZR4K7pVQ8+4/aJlW7ofVgT7gKlu0urHmiUk+CMGTtcCALr/JeKvtJfzwhIi4XOUUW+LMTsbzcw8v1x9SFBxRTX2TVGBoWmpehUjkg6VQZaxwlqnLT4MJmEaRqH80fJqR2ZUwvOI4bPl1VpiCEtoAmAmZ4YfQiw0EKo0OhRqNu4ZRKAYcvbHn1W6aG+rU7Pn/pr5gzf/zwivTh3dyslEHr4fLrYpn1LxgXufF8mZSr55r3+aR2EZWX97kaG6VARj3rOXErXKh50S8SH8IRukRRJnRneGftYmf99uQ1uEYtbx9k4YW2bXOhUuaP1j5qccmu9bR96pcT2RJrJ+AaznCpam0tmqa85Ro5T7TXVn5C4j3AjJtNeYAzHtcRziiuCWPLIus9TsPrJ6bRi7VpO/Cq8kN4WQ66cS/S8ZXjq/XnK2M5vhpgBbMBS06U9+zMfpXZ4VdVetFKnU+AyLafEZHZYEy4Wz9jMOqHBGMYaoUvv7F9R3fCClJ65S0NeJ0lZL+Ud/fFbNXir4XkR+B6Uan31gRrj6RKvX2L9hzcOrh1cLsWcPtkdr52VwGzntv5cui1GHrZg5qa2fL7VxS1lm3ViYhSD4wBR5fw1f9mZd/HoDo0daMNYUyiQV8GmD6FIGJfu4Gx5/aQkKMGcQ9wt5gKlIkfXQdqFE8N9ZRqPS9C7MLTRrxkntangz4HfQ76HPStth23EvVtOepz1Hcn1PeaiTG/fmbYN5iItCyAL4Ri4NHX7UdGPj2MB6U+rQFp20eWni2xmblerIchvyJU0l5uPwF8UhqHew73HO453KvfYc5xr7c1Z4+vt7UK7b19OrTn7rA9sztsnKQXL7Y73lTSCMl4DHDE+sr0ijZWvtO2T8Z9QQp5k+t/re2MpN5+Pth9kkk53W6QwwOHB/eABxEM0Rgkzfj6DJhh7rngm94KzNC7/YWtVuE8oGg9rn34bpjBmq0dMjy5a+8khRhGfTFnfqa770eT08+H3oEQ2jsWClBXax0jOEZwjOAYYVVGMI6RVoOEnoMEBwnrcxNb8oGmg1XBQCZYlWrZw12grkbdT9C49RN7q439ULazyqlJZ3ml5/eDcDa+A/1/Eo192POWN8P+WsFaNX5Hao7UHKndK6l1f6rdnK1V/vyut3V/oNZGsumcNutwyPajZQ7injvETb9/whJydSc/c3AqGvI+64Y8gr0nuPVTF8HxxCo88csvI5Fo/oAygPpk8C8M+btft6Zdalpv5rDKsr3msrhLKM9ps2g1BtlZi80iBxoONOqgAQbydXLlH+/fDjbe68aKv+hm3gvAORynnL2U7PGQF3hLuRIZCe5ILN2W90KmcZLxZYTaWyukahnK/en9XZJVL9h5PmjVC3Z/XrYqX2cqprGcoVLqN4GeKj4LR3AMqmyiE7yI15Mkfx0ovdBPimRUuZB/JHe+P+zlitMT0i97kuEyARzheJH3pi7yhlT989Dtn6MqXpBan7jlm41tb0E9yJupz6YLlH6hyekEhxbdFpMbRCMSTnslqpq2paDF2yoxuXrVLQJC/tJJUeY3vpYiERJoCbmq7DtRWdLP9V4EvY/qDauvc82LkH2cv2NVP5flb/L9b/w9+HbwMbda9Xbb3sbN/wH5nSdeM3oAAA== diff --git a/charts/kubezero-sql/update.sh b/charts/kubezero-sql/update.sh index 8cdcf32..a5e3feb 100755 --- a/charts/kubezero-sql/update.sh +++ b/charts/kubezero-sql/update.sh @@ -1,8 +1,9 @@ #!/bin/bash set -ex -### MariaDB +helm dep update +### MariaDB # Fetch dashboards ../kubezero-metrics/sync_grafana_dashboards.py dashboards-mariadb.yaml templates/mariadb/grafana-dashboards.yaml diff --git a/charts/kubezero-sql/values.yaml b/charts/kubezero-sql/values.yaml index 768a889..6366ff6 100644 --- a/charts/kubezero-sql/values.yaml +++ b/charts/kubezero-sql/values.yaml @@ -1,17 +1,27 @@ +pxc-operator: + enabled: false + + # we want a clusterwide operator + watchAllNamespaces: true + + # running on the control-plane + tolerations: + - key: node-role.kubernetes.io/master + effect: NoSchedule + - key: node-role.kubernetes.io/control-plane + effect: NoSchedule + nodeSelector: + node-role.kubernetes.io/control-plane: "" + + mariadb-galera: enabled: false replicaCount: 2 - # Passwords should be fixed otherwise helm will create random new ones each time we template|apply - rootUser: - password: 12345qwert db: user: mariadb - password: 12345qwert galera: - mariabackup: - password: 12345qwert # For a single node "cluster" force bootstrap #bootstrap: # bootstrapFromNode: 0 @@ -19,6 +29,8 @@ mariadb-galera: metrics: enabled: false + # set to false for any subsequent installation of the chart in the same cluster to prevent overwriting each other + installDashboard: true serviceMonitor: enabled: false