diff options
Diffstat (limited to 'kubernetes/common')
35 files changed, 523 insertions, 87 deletions
diff --git a/kubernetes/common/cassandra/Chart.yaml b/kubernetes/common/cassandra/Chart.yaml index c861b1a8c8..75e07a1373 100644 --- a/kubernetes/common/cassandra/Chart.yaml +++ b/kubernetes/common/cassandra/Chart.yaml @@ -30,3 +30,4 @@ dependencies: - name: serviceAccount version: ~13.x-0 repository: 'file://../serviceAccount' + condition: global.cassandra.enableServiceAccount
\ No newline at end of file diff --git a/kubernetes/common/cassandra/templates/backup/configmap.yaml b/kubernetes/common/cassandra/templates/backup/configmap.yaml index b566b6107e..2c85a1a01f 100644 --- a/kubernetes/common/cassandra/templates/backup/configmap.yaml +++ b/kubernetes/common/cassandra/templates/backup/configmap.yaml @@ -13,7 +13,7 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} -{{- if not .Values.k8ssandraOperator.enabled }} +{{- if not .Values.global.cassandra.useOperator }} {{- if .Values.backup.enabled }} apiVersion: v1 kind: ConfigMap diff --git a/kubernetes/common/cassandra/templates/backup/cronjob.yaml b/kubernetes/common/cassandra/templates/backup/cronjob.yaml index e2f675a384..06bb7434c5 100644 --- a/kubernetes/common/cassandra/templates/backup/cronjob.yaml +++ b/kubernetes/common/cassandra/templates/backup/cronjob.yaml @@ -14,7 +14,7 @@ # limitations under the License. */}} {{- if .Values.backup.enabled }} -{{- if .Values.k8ssandraOperator.enabled }} +{{- if .Values.global.cassandra.useOperator }} {{ else }} apiVersion: batch/v1beta1 kind: CronJob @@ -39,7 +39,7 @@ spec: - command: - /app/ready.py args: - - --container-name + - --app-name - {{ include "common.name" . }} env: - name: NAMESPACE diff --git a/kubernetes/common/cassandra/templates/backup/pv.yaml b/kubernetes/common/cassandra/templates/backup/pv.yaml index 23e4551c10..e7218fae7d 100644 --- a/kubernetes/common/cassandra/templates/backup/pv.yaml +++ b/kubernetes/common/cassandra/templates/backup/pv.yaml @@ -14,7 +14,7 @@ # limitations under the License. */}} {{- if .Values.backup.enabled }} -{{- if .Values.k8ssandraOperator.enabled }} +{{- if .Values.global.cassandra.useOperator }} {{ else }} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} {{- if eq "True" (include "common.needPV" .) -}} diff --git a/kubernetes/common/cassandra/templates/backup/pvc.yaml b/kubernetes/common/cassandra/templates/backup/pvc.yaml index e60a1db510..56b3ba8b02 100644 --- a/kubernetes/common/cassandra/templates/backup/pvc.yaml +++ b/kubernetes/common/cassandra/templates/backup/pvc.yaml @@ -14,7 +14,7 @@ # limitations under the License. */}} {{- if .Values.backup.enabled }} -{{- if .Values.k8ssandraOperator.enabled }} +{{- if .Values.global.cassandra.useOperator }} {{ else }} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} --- diff --git a/kubernetes/common/cassandra/templates/cassOp.yaml b/kubernetes/common/cassandra/templates/cassOp.yaml index cb6ce4adc5..9f463adf08 100644 --- a/kubernetes/common/cassandra/templates/cassOp.yaml +++ b/kubernetes/common/cassandra/templates/cassOp.yaml @@ -1,5 +1,5 @@ {{/* -# Copyright © 2018 Amdocs, AT&T, Bell Canada +# Copyright © 2023 Deutsche Telekom AG # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -14,6 +14,6 @@ # limitations under the License. */}} -{{- if .Values.k8ssandraOperator.enabled }} +{{- if .Values.global.cassandra.useOperator }} {{ include "common.k8ssandraCluster" . }} {{- end }}
\ No newline at end of file diff --git a/kubernetes/common/cassandra/templates/configmap.yaml b/kubernetes/common/cassandra/templates/configmap.yaml index 8f2b39e1a1..5510986e54 100644 --- a/kubernetes/common/cassandra/templates/configmap.yaml +++ b/kubernetes/common/cassandra/templates/configmap.yaml @@ -1,4 +1,4 @@ -{{- if not .Values.k8ssandraOperator.enabled }} +{{- if not .Values.global.cassandra.useOperator }} {{- if .Values.configOverrides }} apiVersion: v1 kind: ConfigMap diff --git a/kubernetes/common/cassandra/templates/pv.yaml b/kubernetes/common/cassandra/templates/pv.yaml index 8e2ad663c3..d18e51d2f4 100644 --- a/kubernetes/common/cassandra/templates/pv.yaml +++ b/kubernetes/common/cassandra/templates/pv.yaml @@ -13,6 +13,6 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} -{{- if not .Values.k8ssandraOperator.enabled }} +{{- if not .Values.global.cassandra.useOperator }} {{ include "common.replicaPV" . }} {{- end }}
\ No newline at end of file diff --git a/kubernetes/common/cassandra/templates/secrets.yaml b/kubernetes/common/cassandra/templates/secrets.yaml index b776caf6b6..5a611a9bef 100644 --- a/kubernetes/common/cassandra/templates/secrets.yaml +++ b/kubernetes/common/cassandra/templates/secrets.yaml @@ -16,6 +16,6 @@ # limitations under the License. */}} -{{- if .Values.k8ssandraOperator.enabled }} +{{- if .Values.global.cassandra.useOperator }} {{ include "common.secretFast" . }} {{- end }}
\ No newline at end of file diff --git a/kubernetes/common/cassandra/templates/service.yaml b/kubernetes/common/cassandra/templates/service.yaml index 092c677812..8b2e534a5f 100644 --- a/kubernetes/common/cassandra/templates/service.yaml +++ b/kubernetes/common/cassandra/templates/service.yaml @@ -14,6 +14,6 @@ # limitations under the License. */}} -{{- if not .Values.k8ssandraOperator.enabled }} +{{- if not .Values.global.cassandra.useOperator }} {{ include "common.headlessService" . }} {{- end }}
\ No newline at end of file diff --git a/kubernetes/common/cassandra/templates/servicemonitor.yaml b/kubernetes/common/cassandra/templates/servicemonitor.yaml index 759586fcdb..078107393a 100644 --- a/kubernetes/common/cassandra/templates/servicemonitor.yaml +++ b/kubernetes/common/cassandra/templates/servicemonitor.yaml @@ -14,7 +14,7 @@ # limitations under the License. */}} -{{- if not .Values.k8ssandraOperator.enabled }} +{{- if not .Values.global.cassandra.useOperator }} {{- if .Values.metrics.serviceMonitor.enabled }} {{ include "common.serviceMonitor" . }} {{- end }} diff --git a/kubernetes/common/cassandra/templates/statefulset.yaml b/kubernetes/common/cassandra/templates/statefulset.yaml index dff70820e9..4815d14594 100644 --- a/kubernetes/common/cassandra/templates/statefulset.yaml +++ b/kubernetes/common/cassandra/templates/statefulset.yaml @@ -14,7 +14,7 @@ # limitations under the License. */}} -{{- if not .Values.k8ssandraOperator.enabled }} +{{- if not .Values.global.cassandra.useOperator }} apiVersion: apps/v1 kind: StatefulSet metadata: {{- include "common.resourceMetadata" . | nindent 2 }} diff --git a/kubernetes/common/cassandra/values.yaml b/kubernetes/common/cassandra/values.yaml index 2f24750072..930fe9b2d3 100644 --- a/kubernetes/common/cassandra/values.yaml +++ b/kubernetes/common/cassandra/values.yaml @@ -21,9 +21,14 @@ global: # global defaults mountPath: /dockerdata-nfs backup: mountPath: /dockerdata-nfs/backup + cassandra: + # flag to enable the DB creation via k8ssandra-operator + useOperator: true + # if useOperator set to "true", set "enableServiceAccount to "false" + # as the SA is created by the Operator + enableServiceAccount: false k8ssandraOperator: - enabled: true cassandraVersion: 4.0.1 persistence: #storageClassName: default diff --git a/kubernetes/common/common/Chart.yaml b/kubernetes/common/common/Chart.yaml index e134fe8048..4025924f80 100644 --- a/kubernetes/common/common/Chart.yaml +++ b/kubernetes/common/common/Chart.yaml @@ -16,4 +16,4 @@ apiVersion: v2 description: Common templates for inclusion in other charts name: common -version: 13.0.1 +version: 13.0.2 diff --git a/kubernetes/common/common/templates/_cassOp.tpl b/kubernetes/common/common/templates/_cassOp.tpl index c360a0f626..d0f23877a4 100644 --- a/kubernetes/common/common/templates/_cassOp.tpl +++ b/kubernetes/common/common/templates/_cassOp.tpl @@ -1,3 +1,19 @@ +{{/* +# Copyright © 2022 Deutsche Telekom AG +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + {{/* Cassandra Data Center. */}} {{- define "common.k8ssandraCluster" -}} {{- $global := .Values.global }} @@ -10,7 +26,6 @@ spec: reaper: containerImage: registry: {{ include "repositoryGenerator.dockerHubRepository" . }} - heapSize: 512Mi autoScheduling: enabled: true stargate: @@ -67,5 +82,8 @@ spec: pods: annotations: {{ toYaml .Values.podAnnotations | nindent 10 }} + commonLabels: + app: {{ .Values.k8ssandraOperator.config.clusterName }} + version: {{ .Values.k8ssandraOperator.cassandraVersion }} {{- end }} {{ end }} diff --git a/kubernetes/common/common/templates/_mariadb.tpl b/kubernetes/common/common/templates/_mariadb.tpl index 5021c500b0..7e127e2437 100644 --- a/kubernetes/common/common/templates/_mariadb.tpl +++ b/kubernetes/common/common/templates/_mariadb.tpl @@ -59,6 +59,17 @@ {{- end -}} {{/* + Choose the name of the mariadb app label to use. +*/}} +{{- define "common.mariadbAppName" -}} + {{- if .Values.global.mariadbGalera.localCluster -}} + {{- index .Values "mariadb-galera" "nameOverride" -}} + {{- else -}} + {{- .Values.global.mariadbGalera.nameOverride -}} + {{- end -}} +{{- end -}} + +{{/* Choose the name of the mariadb service to use. */}} {{- define "common.mariadbService" -}} @@ -97,3 +108,246 @@ {{- define "common.mariadbSecretParam" -}} {{ printf "password" -}} {{- end -}} + +{{/* + Create MariDB Database via mariadb-operator +*/}} +{{- define "common.mariadbOpDatabase" -}} +{{- $dot := default . .dot -}} +{{- $dbname := (required "'dbame' param, is required." .dbname) -}} +{{- $dbinst := (required "'dbinst' param, is required." .dbinst) -}} +--- +apiVersion: mariadb.mmontes.io/v1alpha1 +kind: Database +metadata: + name: {{ $dbname }} +spec: + mariaDbRef: + name: {{ $dbinst }} + characterSet: utf8 + collate: utf8_general_ci +{{- end -}} + +{{/* + Create MariaDB User via mariadb-operator +*/}} +{{- define "common.mariadbOpUser" -}} +{{- $dot := default . .dot -}} +{{- $dbuser := (required "'dbuser' param, is required." .dbuser) -}} +{{- $dbinst := (required "'dbinst' param, is required." .dbinst) -}} +{{- $dbsecret := (required "'dbsecret' param, is required." .dbsecret) -}} +--- +apiVersion: mariadb.mmontes.io/v1alpha1 +kind: User +metadata: + name: {{ $dbuser }} +spec: + # If you want the user to be created with a different name than the resource name + # name: user-custom + mariaDbRef: + name: {{ $dbinst }} + passwordSecretKeyRef: + name: {{ $dbsecret }} + key: password + # This field is immutable and defaults to 10 + maxUserConnections: 100 +{{- end -}} + +{{/* + Grant rights to a MariaDB User via mariadb-operator +*/}} +{{- define "common.mariadbOpGrants" -}} +{{- $dot := default . .dot -}} +{{- $dbuser := (required "'dbuser' param, is required." .dbuser) -}} +{{- $dbname := (required "'dbame' param, is required." .dbname) -}} +{{- $dbinst := (required "'dbinst' param, is required." .dbinst) -}} +--- +apiVersion: mariadb.mmontes.io/v1alpha1 +kind: Grant +metadata: + name: {{ $dbuser }}-{{ $dbname }}-{{ $dbinst }} +spec: + mariaDbRef: + name: {{ $dbinst }} + privileges: + - "ALL" + database: {{ $dbname }} + table: "*" + username: {{ $dbuser }} + grantOption: true +{{- end -}} + +{{/* + MariaDB Backup via mariadb-operator +*/}} +{{- define "common.mariadbOpBackup" -}} +{{- $dot := default . .dot -}} +{{- $dbinst := include "common.name" $dot -}} +kind: Backup +metadata: + name: backup-scheduled +spec: + mariaDbRef: + name: {{ $dbinst }} + schedule: + cron: "*/1 * * * *" + suspend: false + maxRetentionDays: 30 + storage: + persistentVolumeClaim: + resources: + requests: + storage: 100Mi + {{- if .Values.mariadbOperator.storageClassName }} + storageClassName: {{ .Values.mariadbOperator.storageClassName }} + {{- end }} + accessModes: + - ReadWriteOnce + resources: + requests: + cpu: 100m + memory: 128Mi + limits: + cpu: 300m + memory: 512Mi +{{- end -}} + +{{/* + Create a MariaDB instance via mariadb-operator +*/}} +{{- define "common.mariadbOpInstance" -}} +{{- $dot := default . .dot -}} +{{- $global := $dot.Values.global -}} +{{- $dbinst := include "common.name" $dot -}} +{{- $dbrootsecret := tpl (default (include "common.mariadb.secret.rootPassSecretName" (dict "dot" $dot "chartName" "")) $dot.Values.rootUser.externalSecret) $dot -}} +{{- $dbusersecret := tpl (default (include "common.mariadb.secret.userCredentialsSecretName" (dict "dot" $dot "chartName" "")) $dot.Values.db.externalSecret) $dot -}} +--- +apiVersion: mariadb.mmontes.io/v1alpha1 +kind: MariaDB +metadata: + name: {{ $dbinst }} +spec: + podSecurityContext: + runAsUser: 10001 + runAsGroup: 10001 + fsGroup: 10001 + inheritMetadata: + {{ if .Values.podAnnotations -}} + annotations: {{ toYaml .Values.podAnnotations | nindent 6 }} + {{- end }} + labels: + app: {{ $dbinst }} + version: {{ .Values.mariadbOperator.appVersion }} + rootPasswordSecretKeyRef: + name: {{ $dbrootsecret }} + key: password + image: + repository: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.mariadbOperator.image }} + tag: {{ $dot.Values.mariadbOperator.appVersion }} + pullPolicy: IfNotPresent + imagePullSecrets: + - name: {{ include "common.namespace" . }}-docker-registry-key + port: 3306 + replicas: {{ $dot.Values.replicaCount }} + galera: + {{- if eq (int $dot.Values.replicaCount) 1 }} + enabled: false + {{- else }} + enabled: {{ $dot.Values.mariadbOperator.galera.enabled }} + {{- end }} + sst: mariabackup + replicaThreads: 1 + agent: + image: + repository: {{ include "repositoryGenerator.githubContainerRegistry" . }}/{{ .Values.mariadbOperator.galera.agentImage }} + tag: {{ $dot.Values.mariadbOperator.galera.agentVersion }} + pullPolicy: IfNotPresent + port: 5555 + kubernetesAuth: + enabled: true + authDelegatorRoleName: {{ $dbinst }}-auth + gracefulShutdownTimeout: 5s + recovery: + enabled: true + clusterHealthyTimeout: 5m + clusterBootstrapTimeout: 10m + podRecoveryTimeout: 5m + podSyncTimeout: 10m + initContainer: + image: + repository: {{ include "repositoryGenerator.githubContainerRegistry" . }}/{{ $dot.Values.mariadbOperator.galera.initImage }} + tag: {{ $dot.Values.mariadbOperator.galera.initVersion }} + pullPolicy: IfNotPresent + volumeClaimTemplate: + resources: + requests: + storage: 50Mi + accessModes: + - ReadWriteOnce + livenessProbe: + exec: + command: + - bash + - '-c' + - mariadb -u root -p"${MARIADB_ROOT_PASSWORD}" -e "SELECT 1;" + initialDelaySeconds: 20 + periodSeconds: 10 + timeoutSeconds: 5 + readinessProbe: + exec: + command: + - bash + - '-c' + - mariadb -u root -p"${MARIADB_ROOT_PASSWORD}" -e "SELECT 1;" + initialDelaySeconds: 20 + periodSeconds: 10 + timeoutSeconds: 5 + affinity: + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - topologyKey: kubernetes.io/hostname + tolerations: + - key: mariadb.mmontes.io/ha + operator: Exists + effect: NoSchedule + podDisruptionBudget: + maxUnavailable: 50% + updateStrategy: + type: RollingUpdate + #myCnf: | + # [mysqld] + # bind-address=0.0.0.0 + # default_storage_engine=InnoDB + # binlog_format=row + # innodb_autoinc_lock_mode=2 + # max_allowed_packet=256M + # lower_case_table_names = 1 + + # ## Character set + # collation_server=utf8_unicode_ci + # init_connect='SET NAMES utf8' + # character_set_server=utf8 + + myCnfConfigMapKeyRef: + key: my.cnf + name: {{ printf "%s-configuration" (include "common.fullname" $dot) }} + resources: {{ include "common.resources" . | nindent 4 }} + volumeClaimTemplate: + {{- if $dot.Values.mariadbOperator.storageClassName }} + storageClassName: {{ $dot.Values.k8ssandraOperator.persistence.storageClassName }} + {{- end }} + resources: + requests: + storage: {{ $dot.Values.persistence.size | quote }} + accessModes: + - ReadWriteOnce +{{- if $dot.Values.db.user }} +{{ include "common.mariadbOpUser" (dict "dot" . "dbuser" $dot.Values.db.user "dbinst" $dbinst "dbsecret" $dbusersecret) }} +{{- end }} +{{- if $dot.Values.db.name }} +{{ include "common.mariadbOpDatabase" (dict "dot" . "dbname" $dot.Values.db.name "dbinst" $dbinst) }} +{{- end }} +{{- if and $dot.Values.db.user $dot.Values.db.name }} +{{ include "common.mariadbOpGrants" (dict "dot" . "dbuser" $dot.Values.db.user "dbname" $dot.Values.db.name "dbinst" $dbinst) }} +{{- end }} +{{- end -}} diff --git a/kubernetes/common/dgbuilder/templates/deployment.yaml b/kubernetes/common/dgbuilder/templates/deployment.yaml index 92fc13d21a..84d6bc1d47 100644 --- a/kubernetes/common/dgbuilder/templates/deployment.yaml +++ b/kubernetes/common/dgbuilder/templates/deployment.yaml @@ -61,7 +61,7 @@ spec: - command: - /app/ready.py args: - - --container-name + - --app-name - {{ .Values.config.dbPodName }} env: - name: NAMESPACE diff --git a/kubernetes/common/mariadb-galera/Chart.yaml b/kubernetes/common/mariadb-galera/Chart.yaml index 92eac6f837..71ff421d7b 100644 --- a/kubernetes/common/mariadb-galera/Chart.yaml +++ b/kubernetes/common/mariadb-galera/Chart.yaml @@ -18,7 +18,7 @@ apiVersion: v2 description: Chart for MariaDB Galera cluster name: mariadb-galera -version: 13.0.0 +version: 13.0.1 keywords: - mariadb - mysql @@ -39,4 +39,5 @@ dependencies: repository: 'file://../repositoryGenerator' - name: serviceAccount version: ~13.x-0 - repository: 'file://../serviceAccount'
\ No newline at end of file + repository: 'file://../serviceAccount' + condition: global.mariadbGalera.enableServiceAccount
\ No newline at end of file diff --git a/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml b/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml index e2a9ca64cf..4548626dd3 100644 --- a/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml +++ b/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml @@ -15,6 +15,9 @@ # limitations under the License. */}} +{{- if and .Values.backup.enabled .Values.global.mariadbGalera.useOperator }} +{{ include "common.mariadbOpBackup" . }} +{{ else }} {{- if and .Values.backup.enabled .Values.persistence.enabled }} apiVersion: batch/v1beta1 kind: CronJob @@ -180,3 +183,4 @@ spec: - name: tmp emptyDir: {} {{- end }} +{{- end }} diff --git a/kubernetes/common/mariadb-galera/templates/backup/pv.yaml b/kubernetes/common/mariadb-galera/templates/backup/pv.yaml index 30eb74b059..d5e26109e7 100644 --- a/kubernetes/common/mariadb-galera/templates/backup/pv.yaml +++ b/kubernetes/common/mariadb-galera/templates/backup/pv.yaml @@ -14,6 +14,8 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} + +{{- if not .Values.global.mariadbGalera.useOperator }} {{- if .Values.backup.enabled }} {{- if and .Values.backup.persistence.enabled (not .Values.backup.persistence.existingClaim) -}} {{- if eq "True" (include "common.needPV" .) -}} @@ -41,3 +43,4 @@ spec: {{- end -}} {{- end -}} {{- end -}} +{{- end -}} diff --git a/kubernetes/common/mariadb-galera/templates/backup/pvc.yaml b/kubernetes/common/mariadb-galera/templates/backup/pvc.yaml index 5dd8a3f52f..4c2bfcd389 100644 --- a/kubernetes/common/mariadb-galera/templates/backup/pvc.yaml +++ b/kubernetes/common/mariadb-galera/templates/backup/pvc.yaml @@ -14,6 +14,8 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} + +{{- if not .Values.global.mariadbGalera.useOperator }} {{- if .Values.backup.enabled }} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }} --- @@ -45,3 +47,4 @@ spec: {{- end -}} {{- end -}} {{- end -}} +{{- end -}}
\ No newline at end of file diff --git a/kubernetes/common/mariadb-galera/templates/configmap.yaml b/kubernetes/common/mariadb-galera/templates/configmap.yaml index c95a234fb7..0aa0a63f0a 100644 --- a/kubernetes/common/mariadb-galera/templates/configmap.yaml +++ b/kubernetes/common/mariadb-galera/templates/configmap.yaml @@ -15,7 +15,20 @@ # limitations under the License. */}} -{{ if .Values.mariadbConfiguration }} +{{- if .Values.global.mariadbGalera.useOperator }} +{{ if .Values.mariadbOpConfiguration }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ printf "%s-configuration" (include "common.fullname" .) }} + namespace: {{ include "common.namespace" . }} + labels: {{- include "common.labels" . | nindent 4 }} +data: + my.cnf: | +{{ .Values.mariadbOpConfiguration | indent 4 }} +{{- end }} +{{- else }} +{{ if .Values.mariadbConfiguration }} apiVersion: v1 kind: ConfigMap metadata: @@ -25,4 +38,5 @@ metadata: data: my.cnf: | {{ .Values.mariadbConfiguration | indent 4 }} +{{- end }} {{- end }}
\ No newline at end of file diff --git a/kubernetes/common/mariadb-galera/templates/mariadb.yaml b/kubernetes/common/mariadb-galera/templates/mariadb.yaml new file mode 100644 index 0000000000..ce09c9ff06 --- /dev/null +++ b/kubernetes/common/mariadb-galera/templates/mariadb.yaml @@ -0,0 +1,19 @@ +{{/* +# Copyright © 2023 Deutsche Telekom AG +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if .Values.global.mariadbGalera.useOperator }} +{{ include "common.mariadbOpInstance" . }} +{{- end }}
\ No newline at end of file diff --git a/kubernetes/common/mariadb-galera/templates/metrics-svc.yaml b/kubernetes/common/mariadb-galera/templates/metrics-svc.yaml index 841aab3e17..d37aeb1751 100644 --- a/kubernetes/common/mariadb-galera/templates/metrics-svc.yaml +++ b/kubernetes/common/mariadb-galera/templates/metrics-svc.yaml @@ -14,7 +14,9 @@ # limitations under the License. */}} -{{- if default false .Values.global.metrics.enabled }} +{{- if not .Values.global.mariadbGalera.useOperator }} +{{- if default false .Values.global.metrics.enabled }} +--- apiVersion: v1 kind: Service metadata: @@ -31,4 +33,5 @@ spec: port: {{ .Values.metrics.service.port }} targetPort: tcp-metrics selector: {{- include "common.matchLabels" . | nindent 4 }} -{{- end }} +{{- end }} +{{- end }}
\ No newline at end of file diff --git a/kubernetes/common/mariadb-galera/templates/pdb.yaml b/kubernetes/common/mariadb-galera/templates/pdb.yaml index 1d9d4141ab..734f03f237 100644 --- a/kubernetes/common/mariadb-galera/templates/pdb.yaml +++ b/kubernetes/common/mariadb-galera/templates/pdb.yaml @@ -14,17 +14,19 @@ # limitations under the License. */}} -{{- if .Values.podDisruptionBudget.create }} +{{- if not .Values.global.mariadbGalera.useOperator }} +{{- if .Values.podDisruptionBudget.create }} apiVersion: policy/v1 kind: PodDisruptionBudget metadata: {{- include "common.resourceMetadata" . | nindent 2 }} spec: -{{- if .Values.podDisruptionBudget.minAvailable }} +{{- if .Values.podDisruptionBudget.minAvailable }} minAvailable: {{ .Values.podDisruptionBudget.minAvailable }} -{{- end }} -{{- if .Values.podDisruptionBudget.maxUnavailable }} +{{- end }} +{{- if .Values.podDisruptionBudget.maxUnavailable }} maxUnavailable: {{ .Values.podDisruptionBudget.maxUnavailable }} -{{- end }} +{{- end }} selector: matchLabels: {{- include "common.matchLabels" . | nindent 6 }} -{{- end }} +{{- end }} +{{- end }}
\ No newline at end of file diff --git a/kubernetes/common/mariadb-galera/templates/pv.yaml b/kubernetes/common/mariadb-galera/templates/pv.yaml index 54a02cf2db..129b5b26c7 100644 --- a/kubernetes/common/mariadb-galera/templates/pv.yaml +++ b/kubernetes/common/mariadb-galera/templates/pv.yaml @@ -15,4 +15,6 @@ # limitations under the License. */}} +{{- if not .Values.global.mariadbGalera.useOperator }} {{ include "common.replicaPV" . }} +{{- end }}
\ No newline at end of file diff --git a/kubernetes/common/mariadb-galera/templates/service.yaml b/kubernetes/common/mariadb-galera/templates/service.yaml index 6af9135367..4cabde1e4d 100644 --- a/kubernetes/common/mariadb-galera/templates/service.yaml +++ b/kubernetes/common/mariadb-galera/templates/service.yaml @@ -15,11 +15,13 @@ # limitations under the License. */}} +{{- if not .Values.global.mariadbGalera.useOperator }} {{ include "common.service" . }} --- {{ include "common.headlessService" . }} +{{- end }} {{- if (include "common.onServiceMesh" .) }} -{{- if eq (default "istio" .Values.global.serviceMesh.engine) "istio" }} +{{- if eq (default "istio" .Values.global.serviceMesh.engine) "istio" }} --- apiVersion: security.istio.io/v1beta1 kind: PeerAuthentication @@ -29,9 +31,9 @@ metadata: spec: selector: matchLabels: - app.kubernetes.io/name: {{ include "common.servicename" . }} + app: {{ include "common.servicename" . }} portLevelMtls: '{{ .Values.service.internalPort }}': mode: DISABLE -{{- end}} -{{- end}} +{{- end }} +{{- end }} diff --git a/kubernetes/common/mariadb-galera/templates/servicemonitor.yaml b/kubernetes/common/mariadb-galera/templates/servicemonitor.yaml index 6d1ed40e13..4cbf7b394f 100644 --- a/kubernetes/common/mariadb-galera/templates/servicemonitor.yaml +++ b/kubernetes/common/mariadb-galera/templates/servicemonitor.yaml @@ -14,6 +14,8 @@ # limitations under the License. */}} -{{- if .Values.metrics.serviceMonitor.enabled }} +{{- if not .Values.global.mariadbGalera.useOperator }} +{{- if .Values.metrics.serviceMonitor.enabled }} {{ include "common.serviceMonitor" . }} -{{- end }} +{{- end }} +{{- end }}
\ No newline at end of file diff --git a/kubernetes/common/mariadb-galera/templates/statefulset.yaml b/kubernetes/common/mariadb-galera/templates/statefulset.yaml index c95b572465..2f5b33fd97 100644 --- a/kubernetes/common/mariadb-galera/templates/statefulset.yaml +++ b/kubernetes/common/mariadb-galera/templates/statefulset.yaml @@ -18,6 +18,7 @@ # limitations under the License. */}} +{{- if not .Values.global.mariadbGalera.useOperator }} apiVersion: apps/v1 kind: StatefulSet metadata: {{- include "common.resourceMetadata" . | nindent 2 }} @@ -266,3 +267,4 @@ spec: volumeClaimTemplates: - {{ include "common.PVCTemplate" (dict "dot" . "suffix" "data" "persistenceInfos" .Values.persistence) | indent 6 | trim }} {{- end }} +{{- end }}
\ No newline at end of file diff --git a/kubernetes/common/mariadb-galera/values.yaml b/kubernetes/common/mariadb-galera/values.yaml index e9fe577233..a749c0959c 100644 --- a/kubernetes/common/mariadb-galera/values.yaml +++ b/kubernetes/common/mariadb-galera/values.yaml @@ -15,6 +15,25 @@ # See the License for the specific language governing permissions and # limitations under the License. +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + persistence: + mountPath: /dockerdata-nfs + backup: + mountPath: /dockerdata-nfs/backup + clusterDomain: cluster.local + metrics: {} + mariadbGalera: + # flag to enable the DB creation via mariadb-operator + useOperator: true + # if useOperator set to "true", set "enableServiceAccount to "false" + # as the SA is created by the Operator + enableServiceAccount: false + nameOverride: mariadb-galera + service: mariadb-galera ################################################################# # Secrets metaconfig @@ -35,21 +54,108 @@ secrets: login: '{{ .Values.galera.mariabackup.user }}' password: '{{ .Values.galera.mariabackup.password }}' +mariadbOperator: + image: mariadb + appVersion: 11.1.2 + galera: + enabled: true + agentImage: mariadb-operator/agent + agentVersion: v0.0.2 + initImage: mariadb-operator/init + initVersion: v0.0.5 + +## String to partially override common.names.fullname template (will maintain the release name) +## +nameOverride: mariadb-galera + +## Custom db configuration +## +db: + ## MariaDB username and password + ## Password is ignored if externalSecret is specified. + ## If not set, password will be "randomly" generated + ## ref: https://github.com/bitnami/bitnami-docker-mariadb-galera#creating-a-database-user-on-first-run + ## + user: my-user + # password: + # externalSecret: + ## Database to create + ## ref: https://github.com/bitnami/bitnami-docker-mariadb-galera#creating-a-database-on-first-run + ## + # name: my_database + +## Desired number of cluster nodes +## +replicaCount: 3 + +## Additional pod annotations for MariaDB Galera pods +## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ +## -> here required to enable mariadb-galera in istio +## +podAnnotations: + # sidecar.istio.io/inject: "false" + traffic.sidecar.istio.io/excludeInboundPorts: "4444,4567,4568" + traffic.sidecar.istio.io/includeInboundPorts: '*' + traffic.sidecar.istio.io/excludeOutboundPorts: "4444,4567,4568" + +mariadbOpConfiguration: |- + [mysqld] + max_allowed_packet=256M + lower_case_table_names = 1 + + ## Character set + collation_server=utf8_unicode_ci + init_connect='SET NAMES utf8' + character_set_server=utf8 + + ## MyISAM + key_buffer_size=32M + myisam_recover_options=FORCE,BACKUP + + ## Safety + skip_host_cache + skip_name_resolve + max_allowed_packet=16M + max_connect_errors=1000000 + sql_mode=STRICT_TRANS_TABLES,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_AUTO_VALUE_ON_ZERO,NO_ENGINE_SUBSTITUTION,NO_ZERO_DATE,NO_ZERO_IN_DATE,ONLY_FULL_GROUP_BY + sysdate_is_now=1 + + ## Caches and Limits + tmp_table_size=32M + max_heap_table_size=32M + # Re-enabling as now works with Maria 10.1.2 + query_cache_type=1 + query_cache_limit=4M + query_cache_size=256M + max_connections=500 + thread_cache_size=50 + open_files_limit=65535 + table_definition_cache=4096 + table_open_cache=4096 + + ## InnoDB + innodb=FORCE + innodb_strict_mode=1 + # Mandatory per https://github.com/codership/documentation/issues/25 + innodb_autoinc_lock_mode=2 + # Per https://www.percona.com/blog/2006/08/04/innodb-double-write/ + innodb_doublewrite=1 + innodb_flush_method=O_DIRECT + innodb_log_files_in_group=2 + innodb_log_file_size=128M + innodb_flush_log_at_trx_commit=1 + innodb_file_per_table=1 + # 80% Memory is default reco. + # Need to re-evaluate when DB size grows + innodb_buffer_pool_size=2G + innodb_file_format=Barracuda + +########################################################################################## +# !!! the following configuration entries are ignored, when mariadbOperator is enabled !!! +########################################################################################## # bitnami image doesn't support well single quote in password passwordStrengthOverride: basic -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 302 - persistence: - mountPath: /dockerdata-nfs - backup: - mountPath: /dockerdata-nfs/backup - clusterDomain: cluster.local - metrics: {} - image: bitnami/mariadb-galera:10.5.8 ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -66,10 +172,6 @@ debug: true ## actions performed on the databases are tried to be done before actual start. init_sleep_time: 5 -## String to partially override common.names.fullname template (will maintain the release name) -## -nameOverride: mariadb-galera - ## Use an alternate scheduler, e.g. "stork". ## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ ## @@ -129,22 +231,6 @@ rootUser: # password: # externalSecret: -## Custom db configuration -## -db: - ## MariaDB username and password - ## Password is ignored if externalSecret is specified. - ## If not set, password will be "randomly" generated - ## ref: https://github.com/bitnami/bitnami-docker-mariadb-galera#creating-a-database-user-on-first-run - ## - user: my-user - # password: - # externalSecret: - ## Database to create - ## ref: https://github.com/bitnami/bitnami-docker-mariadb-galera#creating-a-database-on-first-run - ## - # name: my_database - ## Galera configuration ## galera: @@ -212,7 +298,8 @@ backup: readinessCheck: wait_for: - - '{{ include "common.name" . }}' + apps: + - '{{ include "common.name" . }}' ## TLS configuration ## @@ -368,26 +455,12 @@ mariadbConfiguration: |- ## ## extraFlags: "--max-connect-errors=1000 --max_connections=155" -## Desired number of cluster nodes -## -replicaCount: 3 - ## updateStrategy for MariaDB Master StatefulSet ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies ## updateStrategy: type: RollingUpdate -## Additional pod annotations for MariaDB Galera pods -## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ -## -> here required to enable mariadb-galera in istio -## -podAnnotations: - # sidecar.istio.io/inject: "false" - traffic.sidecar.istio.io/excludeInboundPorts: "4444,4567,4568" - traffic.sidecar.istio.io/includeInboundPorts: '*' - traffic.sidecar.istio.io/excludeOutboundPorts: "4444,4567,4568" - ## Pod affinity preset ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity ## Allowed values: soft, hard diff --git a/kubernetes/common/mariadb-init/templates/job.yaml b/kubernetes/common/mariadb-init/templates/job.yaml index a899d93a28..f41f5232a9 100644 --- a/kubernetes/common/mariadb-init/templates/job.yaml +++ b/kubernetes/common/mariadb-init/templates/job.yaml @@ -41,7 +41,7 @@ spec: command: - /app/ready.py args: - - --container-name + - --app-name - {{ default .Values.global.mariadbGalera.nameOverride .Values.mariadbGalera.containerName }} env: - name: NAMESPACE diff --git a/kubernetes/common/network-name-gen/templates/deployment.yaml b/kubernetes/common/network-name-gen/templates/deployment.yaml index b170c8fea6..1eed35c0c5 100644 --- a/kubernetes/common/network-name-gen/templates/deployment.yaml +++ b/kubernetes/common/network-name-gen/templates/deployment.yaml @@ -29,7 +29,7 @@ spec: - /app/ready.py args: {{- if .Values.global.mariadbGalera.localCluster }} - - --container-name + - --app-name - {{ index .Values "mariadb-galera" "nameOverride" }} {{- else }} - --job-name diff --git a/kubernetes/common/network-name-gen/values.yaml b/kubernetes/common/network-name-gen/values.yaml index 5858e84389..adfa468d6e 100644 --- a/kubernetes/common/network-name-gen/values.yaml +++ b/kubernetes/common/network-name-gen/values.yaml @@ -30,7 +30,7 @@ global: #as the dependency check will not work otherwise (Chart.yaml) localCluster: false globalCluster: true - service: mariadb-galera + service: mariadb-galera-primary internalPort: 3306 nameOverride: mariadb-galera @@ -63,6 +63,10 @@ mariadb-galera: name: nengdb portName: nengdbport replicaCount: 1 + mariadbOperator: + galera: + enabled: false + persistence: enabled: true mountSubPath: network-name-gen/data diff --git a/kubernetes/common/readinessCheck/templates/_readinessCheck.tpl b/kubernetes/common/readinessCheck/templates/_readinessCheck.tpl index 90c278e4c5..879be1288f 100644 --- a/kubernetes/common/readinessCheck/templates/_readinessCheck.tpl +++ b/kubernetes/common/readinessCheck/templates/_readinessCheck.tpl @@ -35,6 +35,20 @@ - aaf-cm - aaf-service + the powerful one allows also to wait for pod names with this + (has to start with the given pod name): + wait_for: + name: myname + pods: + - test-pod + + the powerful one allows also to wait for pods with the + given "app" label: + wait_for: + name: myname + apps: + - mariadb-galera + the powerful one allows also to wait for jobs with this: wait_for: name: myname @@ -48,7 +62,7 @@ - .dot : environment (.) - .initRoot : the root dictionary of readinessCheck submodule (default to .Values.readinessCheck) - - .wait_for : list of containers / jobs to wait for (default to + - .wait_for : list of containers / pods /apps / jobs to wait for (default to .Values.wait_for) Example calls: @@ -62,6 +76,8 @@ {{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }} {{- $wait_for := default $initRoot.wait_for .wait_for -}} {{- $containers := index (ternary (dict "containers" $wait_for) $wait_for (kindIs "slice" $wait_for)) "containers" -}} +{{- $pods := index (ternary (dict) $wait_for (kindIs "slice" $wait_for)) "pods" -}} +{{- $apps := index (ternary (dict) $wait_for (kindIs "slice" $wait_for)) "apps" -}} {{- $namePart := index (ternary (dict) $wait_for (kindIs "slice" $wait_for)) "name" -}} {{- $jobs := index (ternary (dict) $wait_for (kindIs "slice" $wait_for)) "jobs" -}} - name: {{ include "common.name" $dot }}{{ ternary "" (printf "-%s" $namePart) (empty $namePart) }}-readiness @@ -77,6 +93,14 @@ - --container-name - {{ tpl $container $dot }} {{- end }} + {{- range $pod := default (list) $pods }} + - --pod-name + - {{ tpl $pod $dot }} + {{- end }} + {{- range $app := default (list) $apps }} + - --app-name + - {{ tpl $app $dot }} + {{- end }} {{- range $job := $jobs }} - --job-name - {{ tpl $job $dot }} diff --git a/kubernetes/common/repositoryGenerator/values.yaml b/kubernetes/common/repositoryGenerator/values.yaml index 66ab4e239e..03ffddafd1 100644 --- a/kubernetes/common/repositoryGenerator/values.yaml +++ b/kubernetes/common/repositoryGenerator/values.yaml @@ -39,10 +39,10 @@ global: mariadbImage: bitnami/mariadb:10.5.8 nginxImage: bitnami/nginx:1.21.4 postgresImage: crunchydata/crunchy-postgres:centos8-13.2-4.6.1 - readinessImage: onap/oom/readiness:3.0.1 + readinessImage: onap/oom/readiness:5.0.1 dcaePolicySyncImage: onap/org.onap.dcaegen2.deployments.dcae-services-policy-sync:1.0.1 drProvClientImage: onap/dmaap/datarouter-prov-client:2.1.15 - quitQuitImage: onap/oom/readiness:4.1.0 + quitQuitImage: onap/oom/readiness:5.0.1 # Default credentials # they're optional. If the target repository doesn't need them, comment them |