From 93a5b49185695a7960ada82f5899265b5bc2e504 Mon Sep 17 00:00:00 2001 From: Sylvain Desbureaux Date: Fri, 27 Nov 2020 11:07:42 +0100 Subject: [COMMON][MARIADB] Upgrade Mariadb DB galera version Mariadb DB Galera containers version is outdated and unmaintained. We need them to move to a new image provider. As new image provider is not compatible with our old templates, we also update the templates (by reworking bitnami mariadb-galera chart). An update of global mariadb image is also done in order to match mariadb galera version. Issue-ID: OOM-1720 Signed-off-by: Sylvain Desbureaux Change-Id: Ib9976227759e90022183d4f37fc655143be4d6ac --- .../common/mariadb-galera/templates/NOTES.txt | 28 +- .../mariadb-galera/templates/backup/cronjob.yaml | 237 ++++++++-------- .../common/mariadb-galera/templates/backup/pv.yaml | 24 +- .../mariadb-galera/templates/backup/pvc.yaml | 24 +- .../common/mariadb-galera/templates/configmap.yaml | 66 +---- .../common/mariadb-galera/templates/job.yaml | 109 ------- .../mariadb-galera/templates/metrics-svc.yaml | 34 +++ .../common/mariadb-galera/templates/pdb.yaml | 30 ++ .../mariadb-galera/templates/prometheusrules.yaml | 31 ++ kubernetes/common/mariadb-galera/templates/pv.yaml | 34 +-- .../common/mariadb-galera/templates/secrets.yaml | 3 +- .../common/mariadb-galera/templates/service.yaml | 24 +- .../mariadb-galera/templates/servicemonitor.yaml | 51 ++++ .../mariadb-galera/templates/statefulset.yaml | 314 ++++++++++++++------- 14 files changed, 524 insertions(+), 485 deletions(-) delete mode 100644 kubernetes/common/mariadb-galera/templates/job.yaml create mode 100644 kubernetes/common/mariadb-galera/templates/metrics-svc.yaml create mode 100644 kubernetes/common/mariadb-galera/templates/pdb.yaml create mode 100644 kubernetes/common/mariadb-galera/templates/prometheusrules.yaml create mode 100644 kubernetes/common/mariadb-galera/templates/servicemonitor.yaml (limited to 'kubernetes/common/mariadb-galera/templates') diff --git a/kubernetes/common/mariadb-galera/templates/NOTES.txt b/kubernetes/common/mariadb-galera/templates/NOTES.txt index 96f2fd8c63..d6a9ac0079 100644 --- a/kubernetes/common/mariadb-galera/templates/NOTES.txt +++ b/kubernetes/common/mariadb-galera/templates/NOTES.txt @@ -1,18 +1,24 @@ +{{/* # Copyright © 2018 Amdocs, Bell Canada +# Copyright © 2020 Bitnami, Orange # -# This file is licensed under the CREATIVE COMMONS ATTRIBUTION 4.0 INTERNATIONAL LICENSE +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at # -# Full license text at https://creativecommons.org/licenses/by/4.0/legalcode - -MariaDB-Galera service can be accessed via port 3306 on the following DNS name from within your cluster: -{{ include "common.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local - -To connect to your database: +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} -1. Run a pod that you can use as a client: +** Please be patient while the chart is being deployed ** - kubectl run {{ include "common.fullname" . }}-client --rm --tty -i --image mariadb --command -- bash +Tip: -2. Connect using the mysql cli, then provide your password: - $ mysql -h {{ include "common.fullname" . }} {{- if .Values.mysqlRootPassword }} -p {{ .Values.mysqlRootPassword }}{{- end -}} + Watch the deployment status using the command: + kubectl get sts -w --namespace {{ .Release.Namespace }} -l app.kubernetes.io/instance={{ .Release.Name }} diff --git a/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml b/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml index 1c780179be..210fbd02ba 100644 --- a/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml +++ b/kubernetes/common/mariadb-galera/templates/backup/cronjob.yaml @@ -1,5 +1,6 @@ {{/* # Copyright © 2019 Amdocs, Bell Canada, Samsung Electronics +# Copyright © 2020 Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,17 +14,14 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} + {{- if .Values.backup.enabled }} apiVersion: batch/v1beta1 kind: CronJob metadata: name: {{ include "common.fullname" . }}-backup namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.fullname" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} + labels: {{- include "common.labels" . | nindent 4 }} spec: schedule: {{ .Values.backup.cron | quote }} concurrencyPolicy: Forbid @@ -32,141 +30,130 @@ spec: spec: template: spec: + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} + {{ include "common.podSecurityContext" . | indent 10 | trim}} restartPolicy: Never - initContainers: - - command: - - /app/ready.py - args: - - --container-name - - {{ include "common.name" . }} - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: {{ include "repositoryGenerator.image.readiness" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness - - name: mariadb-galera-backup-init - image: {{ include "repositoryGenerator.image.mariadb" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: - - /bin/bash - - -c - - | - remove_dir(){ - dirToRemove=$1 - rm -rf $dirToRemove - echo "Failed" > /backup/backup.log - echo "Backup failed!!!" - } + initContainers: {{- include "common.readinessCheck.waitFor" . | nindent 12 }} + - name: mariadb-galera-backup-init + image: {{ include "repositoryGenerator.image.mariadb" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + {{ include "common.containerSecurityContext" . | indent 14 | trim }} + command: + - /bin/bash + - -c + - | + remove_dir(){ + dirToRemove=$1 + rm -rf $dirToRemove + echo "Failed" > /backup/backup.log + echo "Backup failed!!!" + } - target_dir=/backup/backup-`date +%s` - mkdir -p $target_dir + target_dir=/backup/backup-`date +%s` + mkdir -p $target_dir - mysqlhost={{ include "common.fullname" . }}-{{ sub .Values.replicaCount 1 }}.{{ .Values.service.name }} + mysqlhost={{ include "common.servicename" . }}.{{ include "common.namespace" . }} - mariabackup --backup --target-dir=$target_dir --user=root --password=$DB_PASS --host=$mysqlhost + mariabackup --backup --target-dir=$target_dir --user=root --password=$DB_PASS --host=$mysqlhost - ret_code=$? - if [ $ret_code -ne 0 ]; then - remove_dir $target_dir - exit 0 - fi + ret_code=$? + if [ $ret_code -ne 0 ]; then + remove_dir $target_dir + exit 0 + fi - echo "Starting Backup Preparation!!!" - mariabackup --prepare --target-dir=$target_dir - ret_code=$? - if [ $ret_code -ne 0 ]; then - remove_dir $target_dir - exit 0 - fi - echo "Success" > /backup/backup.log - echo "Backup Successful!!!" - env: - - name: DB_PASS - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" (include "common.mariadb.secret.rootPassUID" .) "key" "password") | indent 14}} - volumeMounts: - - name: backup-dir - mountPath: /backup - - name: db-data - mountPath: /var/lib/mysql + echo "Starting Backup Preparation!!!" + mariabackup --prepare --target-dir=$target_dir + ret_code=$? + if [ $ret_code -ne 0 ]; then + remove_dir $target_dir + exit 0 + fi + echo "Success" > /backup/backup.log + echo "Backup Successful!!!" + env: + - name: DB_PASS + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" (include "common.mariadb.secret.rootPassUID" .) "key" "password") | indent 18 }} + resources: {{ include "common.resources" . | nindent 12 }} + volumeMounts: + - name: backup-dir + mountPath: /backup containers: - - name: mariadb-backup-validate - image: {{ include "repositoryGenerator.image.mariadb" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - env: - - name: MYSQL_ROOT_PASSWORD - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" (include "common.mariadb.secret.rootPassUID" .) "key" "password") | indent 14}} - command: - - /bin/bash - - -c - - | - remove_dir(){ - dirToRemove=$1 - rm -rf $dirToRemove - echo "Validation Failed!!!"; - } + - name: mariadb-backup-validate + image: {{ include "repositoryGenerator.image.mariadb" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + {{ include "common.containerSecurityContext" . | indent 14 | trim }} + env: + - name: MYSQL_ROOT_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" (include "common.mariadb.secret.rootPassUID" .) "key" "password") | indent 18 }} + command: + - /bin/bash + - -c + - | + remove_dir(){ + dirToRemove=$1 + rm -rf $dirToRemove + echo "Validation Failed!!!"; + } - backup_result=`cat /backup/backup.log` - rm -rf /backup/backup.log + backup_result=`cat /backup/backup.log` + rm -rf /backup/backup.log - if [ "$backup_result" == "Failed" ]; then - echo "Backup Failed!!! So Validation Failed!!!"; - exit 0 - fi + if [ "$backup_result" == "Failed" ]; then + echo "Backup Failed!!! Validation Failed!!!"; + exit 0 + fi - target_dir=$(ls -td -- /backup/backup-* | head -n 1) - cp -Ra $target_dir/* /var/lib/mysql/ + target_dir=$(ls -td -- /backup/backup-* | head -n 1) + cp -Ra $target_dir/* /var/lib/mysql/ - if [ ! "$(ls -A /var/lib/mysql)" ]; then - remove_dir $target_dir - exit 0 - fi + if [ ! "$(ls -A /var/lib/mysql)" ]; then + remove_dir $target_dir + exit 0 + fi - /docker-entrypoint.sh mysqld & + /docker-entrypoint.sh mysqld & - count=0 - until mysql --user=root --password=$MYSQL_ROOT_PASSWORD -e "SELECT 1"; - do sleep 3; - count=`expr $count + 1`; - if [ $count -ge 30 ]; then - remove_dir $target_dir - exit 0; - fi; - done + count=0 + until mysql --user=root --password=$MYSQL_ROOT_PASSWORD -e "SELECT 1"; + do sleep 3; + count=`expr $count + 1`; + if [ $count -ge 30 ]; then + remove_dir $target_dir + exit 0; + fi; + done - mysqlcheck -A --user=root --password=$MYSQL_ROOT_PASSWORD > /tmp/output.log - error_lines=`cat /tmp/output.log| grep -v "OK" | wc -l` + mysqlcheck -A --user=root --password=$MYSQL_ROOT_PASSWORD > /tmp/output.log + error_lines=`cat /tmp/output.log| grep -v "OK" | wc -l` - cat /tmp/output.log + cat /tmp/output.log - if [ $error_lines -gt 1 ];then - remove_dir $target_dir - else - echo "Validation successful!!!" - cd /backup - totalFiles=`ls -t | grep "backup-" | wc -l` - if [ $totalFiles -gt {{ .Values.backup.retentionPeriod }} ]; then - filestoDelete=`expr $totalFiles - {{ .Values.backup.retentionPeriod }}` - ls -tr | grep backup | head -$filestoDelete | xargs rm -rf - fi - fi - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - name: backup-dir - mountPath: /backup + if [ $error_lines -gt 1 ];then + remove_dir $target_dir + else + echo "Validation successful!!!" + cd /backup + totalFiles=`ls -t | grep "backup-" | wc -l` + if [ $totalFiles -gt {{ .Values.backup.retentionPeriod }} ]; then + filestoDelete=`expr $totalFiles - {{ .Values.backup.retentionPeriod }}` + ls -tr | grep backup | head -$filestoDelete | xargs rm -rf + fi + fi + resources: {{ include "common.resources" . | nindent 12 }} + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - name: backup-dir + mountPath: /backup + imagePullSecrets: + - name: {{ include "common.namespace" . }}-docker-registry-key volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: backup-dir - persistentVolumeClaim: - claimName: {{ include "common.fullname" . }}-backup-data - - name: db-data - persistentVolumeClaim: - claimName: {{ include "common.fullname" . }}-data-{{ include "common.fullname" . }}-{{ sub .Values.replicaCount 1 }} + - name: localtime + hostPath: + path: /etc/localtime + - name: backup-dir + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }}-backup-data {{- end }} diff --git a/kubernetes/common/mariadb-galera/templates/backup/pv.yaml b/kubernetes/common/mariadb-galera/templates/backup/pv.yaml index ec6f44d955..30eb74b059 100644 --- a/kubernetes/common/mariadb-galera/templates/backup/pv.yaml +++ b/kubernetes/common/mariadb-galera/templates/backup/pv.yaml @@ -1,5 +1,6 @@ {{/* -# Copyright © 2019 Amdocs, Bell Canada, Orange +# Copyright © 2019 Amdocs, Bell Canada +# Copyright © 2019-2020 Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -14,28 +15,29 @@ # limitations under the License. */}} {{- if .Values.backup.enabled }} -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if and .Values.backup.persistence.enabled (not .Values.backup.persistence.existingClaim) -}} {{- if eq "True" (include "common.needPV" .) -}} --- apiVersion: v1 kind: PersistentVolume metadata: - name: {{ include "common.fullname" . }}-backup-data + name: {{ include "common.fullname" . }}-backup namespace: {{ include "common.namespace" . }} labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - heritage: {{ .Release.Service }} - name: {{ include "common.fullname" . }}-backup-data + app: {{ include "common.fullname" . }}-backup + app.kubernetes.io/name: {{ include "common.name" . }} + helm.sh/chart: {{ include "common.chart" . }} + app.kubernetes.io/instance: {{ include "common.release" . }}-backup + app.kubernetes.io/managed-by: {{ .Release.Service }} spec: capacity: - storage: {{ .Values.persistence.size }} + storage: {{ .Values.backup.persistence.size }} accessModes: - - {{ .Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + - {{ .Values.backup.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.backup.persistence.volumeReclaimPolicy }} storageClassName: "{{ include "common.fullname" . }}-data-backup" hostPath: - path: {{ .Values.global.persistence.backup.mountPath | default .Values.persistence.backup.mountPath }}/{{ include "common.namespace" $ }}/{{ include "common.fullname" $ }} + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ include "common.namespace" . }}/{{ include "common.fullname" . }} {{- end -}} {{- end -}} {{- end -}} diff --git a/kubernetes/common/mariadb-galera/templates/backup/pvc.yaml b/kubernetes/common/mariadb-galera/templates/backup/pvc.yaml index 807833ae93..5dd8a3f52f 100644 --- a/kubernetes/common/mariadb-galera/templates/backup/pvc.yaml +++ b/kubernetes/common/mariadb-galera/templates/backup/pvc.yaml @@ -1,5 +1,6 @@ {{/* -# Copyright © 2019 Amdocs, Bell Canada, Orange +# Copyright © 2019 Amdocs, Bell Canada +# Copyright © 2019-2020 Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -14,7 +15,7 @@ # limitations under the License. */}} {{- if .Values.backup.enabled }} -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }} --- kind: PersistentVolumeClaim apiVersion: v1 @@ -22,21 +23,22 @@ metadata: name: {{ include "common.fullname" . }}-backup-data namespace: {{ include "common.namespace" . }} labels: - app: {{ include "common.name" . }}-backup - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ include "common.release" . }}" - heritage: "{{ .Release.Service }}" -{{- if .Values.persistence.annotations }} + app: {{ include "common.fullname" . }}-backup + app.kubernetes.io/name: {{ include "common.name" . }} + helm.sh/chart: {{ include "common.chart" . }} + app.kubernetes.io/instance: {{ include "common.release" . }}-backup + app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- if .Values.backup.persistence.annotations }} annotations: -{{ toYaml .Values.persistence.annotations | indent 4 }} +{{ toYaml .Values.backup.persistence.annotations | indent 4 }} {{- end }} spec: accessModes: - - {{ .Values.persistence.accessMode }} + - {{ .Values.backup.persistence.accessMode }} resources: requests: - storage: {{ .Values.persistence.size }} -{{- if eq "True" (include "common.needPV" .) -}} + storage: {{ .Values.backup.persistence.size }} +{{- if (include "common.needPV" .) }} storageClassName: "{{ include "common.fullname" . }}-data-backup" {{- else }} storageClassName: {{ include "common.storageClass" . }} diff --git a/kubernetes/common/mariadb-galera/templates/configmap.yaml b/kubernetes/common/mariadb-galera/templates/configmap.yaml index 685901fa95..c95a234fb7 100644 --- a/kubernetes/common/mariadb-galera/templates/configmap.yaml +++ b/kubernetes/common/mariadb-galera/templates/configmap.yaml @@ -1,6 +1,6 @@ {{/* # Copyright © 2018 Amdocs, Bell Canada -# Copyright © 2020 Samsung Electronics, and TATA Communications +# Copyright © 2020 Samsung Electronics, TATA Communications, Bitnami, Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -14,65 +14,15 @@ # See the License for the specific language governing permissions and # limitations under the License. */}} -{{- if .Values.externalConfig }} + +{{ if .Values.mariadbConfiguration }} apiVersion: v1 kind: ConfigMap metadata: - name: {{ include "common.fullname" . }}-external-config + name: {{ printf "%s-configuration" (include "common.fullname" .) }} namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} + labels: {{- include "common.labels" . | nindent 4 }} data: - my_extra.cnf: | -{{ .Values.externalConfig | indent 4 }} -{{- end }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-upgrade-deployment - annotations: - "helm.sh/hook": "pre-upgrade" - "helm.sh/hook-weight": "0" - "helm.sh/hook-delete-policy": hook-succeeded - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-post-upgrade-deployment - annotations: - "helm.sh/hook": "post-upgrade" - "helm.sh/hook-weight": "0" - "helm.sh/hook-delete-policy": hook-succeeded - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/post-upgrade-script.sh").AsConfig . | indent 2 }} + my.cnf: | +{{ .Values.mariadbConfiguration | indent 4 }} +{{- end }} \ No newline at end of file diff --git a/kubernetes/common/mariadb-galera/templates/job.yaml b/kubernetes/common/mariadb-galera/templates/job.yaml deleted file mode 100644 index 250279ace2..0000000000 --- a/kubernetes/common/mariadb-galera/templates/job.yaml +++ /dev/null @@ -1,109 +0,0 @@ -apiVersion: batch/v1 -kind: Job -metadata: - name: {{ include "common.fullname" . }}-pre-upgrade - annotations: - "helm.sh/hook": "pre-upgrade" - "helm.sh/hook-weight": "1" - "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded -spec: - template: - spec: - securityContext: - fsGroup: 1001 - runAsUser: 1001 - containers: - - name: mariadb-job-pre-upgrade - image: {{ include "repositoryGenerator.image.kubectl" . }} - imagePullPolicy: IfNotPresent - env: - - name: NAMESPACE_ENV - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - command: ["/bin/bash", "-c", "--"] - args: ["/upgrade/upgrade-scripts.sh"] - volumeMounts: - - name: config-mariadb-upgrade - mountPath: /upgrade - volumes: - - name: config-mariadb-upgrade - configMap: - name: {{ include "common.fullname" . }}-upgrade-deployment - defaultMode: 0777 - restartPolicy: OnFailure ---- -apiVersion: batch/v1 -kind: Job -metadata: - name: {{ include "common.fullname" . }}-post-upgrade - annotations: - "helm.sh/hook": "post-upgrade" - "helm.sh/hook-weight": "1" - "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded -spec: - template: - spec: - securityContext: - fsGroup: 1001 - runAsUser: 0 - initContainers: - - image: {{ include "repositoryGenerator.image.readiness" . }} - name: mariadb-galera-upgrade-readiness - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - command: - - /app/ready.py - args: - - --container-name - - mariadb-galera - containers: - - name: mariadb-job-post-upgrade - image: {{ include "repositoryGenerator.image.kubectl" . }} - imagePullPolicy: IfNotPresent - env: - - name: NAMESPACE_ENV - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: REPLICA_COUNT - value: "{{ .Values.replicaCount }}" - command: ["/bin/bash", "-c", "--"] - args: ["/upgrade/post-upgrade-script.sh"] - volumeMounts: - - name: config-mariadb-upgrade - mountPath: /upgrade - volumes: - - name: config-mariadb-upgrade - configMap: - name: {{ include "common.fullname" . }}-post-upgrade-deployment - defaultMode: 0777 - restartPolicy: OnFailure ---- -apiVersion: batch/v1 -kind: Job -metadata: - name: {{ include "common.fullname" . }}-post-delete - annotations: - "helm.sh/hook": "post-delete" - "helm.sh/hook-weight": "1" - "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded -spec: - template: - spec: - containers: - - name: mariadb-job-post-delete - image: {{ include "repositoryGenerator.image.kubectl" . }} - imagePullPolicy: IfNotPresent - command: ["/bin/bash", "-c", "--"] - args: - - for ((index=0;index<{{ $.Values.replicaCount }};index+=1)); - do kubectl delete pvc "{{ include "common.fullname" . }}-data-{{ include "common.fullname" . }}-$index"; - done; kubectl delete deployment {{ include "common.fullname" . }}-upgrade-deployment; - restartPolicy: OnFailure diff --git a/kubernetes/common/mariadb-galera/templates/metrics-svc.yaml b/kubernetes/common/mariadb-galera/templates/metrics-svc.yaml new file mode 100644 index 0000000000..e71351e9cb --- /dev/null +++ b/kubernetes/common/mariadb-galera/templates/metrics-svc.yaml @@ -0,0 +1,34 @@ +{{/* +# Copyright © 2020 Bitnami, Orange +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if default false .Values.global.metrics.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ printf "%s-metrics" (include "common.fullname" .) }} + namespace: {{ include "common.namespace" . }} + labels: {{- include "common.labels" . | nindent 4 }} + {{- if .Values.metrics.service.annotations }} + annotations: {{- include "common.tplValue" (dict "value" .Values.metrics.service.annotations "context" .) | nindent 4 }} + {{- end }} +spec: + type: {{ .Values.metrics.service.type }} + ports: + - name: metrics + port: {{ .Values.metrics.service.port }} + targetPort: metrics + selector: {{- include "common.matchLabels" . | nindent 4 }} +{{- end }} diff --git a/kubernetes/common/mariadb-galera/templates/pdb.yaml b/kubernetes/common/mariadb-galera/templates/pdb.yaml new file mode 100644 index 0000000000..4697934879 --- /dev/null +++ b/kubernetes/common/mariadb-galera/templates/pdb.yaml @@ -0,0 +1,30 @@ +{{/* +# Copyright © 2020 Bitnami, Orange +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if .Values.podDisruptionBudget.create }} +apiVersion: policy/v1beta1 +kind: PodDisruptionBudget +metadata: {{- include "common.resourceMetadata" . | nindent 2 }} +spec: +{{- if .Values.podDisruptionBudget.minAvailable }} + minAvailable: {{ .Values.podDisruptionBudget.minAvailable }} +{{- end }} +{{- if .Values.podDisruptionBudget.maxUnavailable }} + maxUnavailable: {{ .Values.podDisruptionBudget.maxUnavailable }} +{{- end }} + selector: + matchLabels: {{- include "common.matchLabels" . | nindent 6 }} +{{- end }} diff --git a/kubernetes/common/mariadb-galera/templates/prometheusrules.yaml b/kubernetes/common/mariadb-galera/templates/prometheusrules.yaml new file mode 100644 index 0000000000..cf0ab566a4 --- /dev/null +++ b/kubernetes/common/mariadb-galera/templates/prometheusrules.yaml @@ -0,0 +1,31 @@ +{{/* +# Copyright © 2020 Bitnami, Orange +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if default false (and .Values.global.metrics.enabled .Values.global.metrics.custom_resources) }} +apiVersion: monitoring.coreos.com/v1 +kind: PrometheusRule +metadata: + name: {{ template "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: {{- include "common.labels" . | nindent 4 }} + {{- toYaml .Values.metrics.prometheusRules.selector | nindent 4 }} +spec: + groups: + - name: {{ template "common.fullname" . }} + rules: + {{- toYaml .Values.metrics.prometheusRules.rules | nindent 6 }} +{{- end }} + diff --git a/kubernetes/common/mariadb-galera/templates/pv.yaml b/kubernetes/common/mariadb-galera/templates/pv.yaml index 579b3475d1..54a02cf2db 100644 --- a/kubernetes/common/mariadb-galera/templates/pv.yaml +++ b/kubernetes/common/mariadb-galera/templates/pv.yaml @@ -1,5 +1,6 @@ {{/* -# Copyright © 2019 Amdocs, Bell Canada, Orange +# Copyright © 2018 Amdocs, Bell Canada +# Copyright © 2019-2020 Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -14,33 +15,4 @@ # limitations under the License. */}} -{{- $global := . }} -{{- if and $global.Values.persistence.enabled (not $global.Values.persistence.existingClaim) }} -{{- if eq "True" (include "common.needPV" .) -}} -{{- range $i := until (int $global.Values.replicaCount)}} -kind: PersistentVolume -apiVersion: v1 -metadata: - name: {{ include "common.fullname" $global }}-data-{{ $i }} - namespace: {{ include "common.namespace" $global }} - labels: - app: {{ include "common.fullname" $global }} - chart: "{{ $global.Chart.Name }}-{{ $global.Chart.Version | replace "+" "_" }}" - release: "{{ include "common.release" $global }}" - heritage: "{{ $global.Release.Service }}" - name: {{ include "common.fullname" $global }} -spec: - capacity: - storage: {{ $global.Values.persistence.size}} - accessModes: - - {{ $global.Values.persistence.accessMode }} - persistentVolumeReclaimPolicy: {{ $global.Values.persistence.volumeReclaimPolicy }} - storageClassName: "{{ include "common.fullname" $global }}-data" - hostPath: - path: {{ $global.Values.global.persistence.mountPath | default $global.Values.persistence.mountPath }}/{{ include "common.release" $global }}/{{ $global.Values.persistence.mountSubPath }}-{{$i}} -{{if ne $i (int $global.Values.replicaCount) }} ---- -{{- end -}} -{{- end -}} -{{- end -}} -{{- end -}} +{{ include "common.replicaPV" . }} diff --git a/kubernetes/common/mariadb-galera/templates/secrets.yaml b/kubernetes/common/mariadb-galera/templates/secrets.yaml index 27c9a3aaee..527f41266d 100644 --- a/kubernetes/common/mariadb-galera/templates/secrets.yaml +++ b/kubernetes/common/mariadb-galera/templates/secrets.yaml @@ -1,6 +1,7 @@ {{/* # Copyright © 2018 Amdocs, Bell Canada # Copyright © 2019 Samsung Electronics +# Copyright © 2019-2020 Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -15,4 +16,4 @@ # limitations under the License. */}} -{{ include "common.secretFast" . }} +{{ include "common.secretFast" . }} \ No newline at end of file diff --git a/kubernetes/common/mariadb-galera/templates/service.yaml b/kubernetes/common/mariadb-galera/templates/service.yaml index 69d8999f67..75aff985e5 100644 --- a/kubernetes/common/mariadb-galera/templates/service.yaml +++ b/kubernetes/common/mariadb-galera/templates/service.yaml @@ -1,5 +1,6 @@ {{/* # Copyright © 2018 Amdocs, Bell Canada +# Copyright © 2020 Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -14,23 +15,6 @@ # limitations under the License. */}} -apiVersion: v1 -kind: Service -metadata: - annotations: - service.alpha.kubernetes.io/tolerate-unready-endpoints: "true" -# name: {{ include "common.servicename" . }} - name: {{ .Values.service.name }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.fullname" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ include "common.release" . }}" - heritage: "{{ .Release.Service }}" -spec: - ports: - - name: {{ .Values.service.portName }} - port: {{ .Values.service.internalPort }} - clusterIP: None - selector: - app: {{ include "common.fullname" . }} +{{ include "common.service" . }} +--- +{{ include "common.headlessService" . }} diff --git a/kubernetes/common/mariadb-galera/templates/servicemonitor.yaml b/kubernetes/common/mariadb-galera/templates/servicemonitor.yaml new file mode 100644 index 0000000000..6c3b41f5a5 --- /dev/null +++ b/kubernetes/common/mariadb-galera/templates/servicemonitor.yaml @@ -0,0 +1,51 @@ +{{/* +# Copyright © 2020 Bitnami, Orange +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if default false (and .Values.global.metrics.enabled .Values.global.metrics.custom_resources) }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ template "common.fullname" . }} + {{- if .Values.metrics.serviceMonitor.namespace }} + namespace: {{ .Values.metrics.serviceMonitor.namespace }} + {{- else }} + namespace: {{ include "common.namespace" . }} + {{- end }} + labels: {{- include "common.labels" . | nindent 4 }} + {{- range $key, $value := .Values.metrics.serviceMonitor.selector }} + {{ $key }}: {{ $value | quote }} + {{- end }} +spec: + selector: + matchLabels: {{- include "common.matchLabels" . | nindent 6 }} + endpoints: + - port: metrics + {{- if .Values.metrics.serviceMonitor.interval }} + interval: {{ .Values.metrics.serviceMonitor.interval }} + {{- end }} + {{- if .Values.metrics.serviceMonitor.scrapeTimeout }} + scrapeTimeout: {{ .Values.metrics.serviceMonitor.scrapeTimeout }} + {{- end }} + {{- if .Values.metrics.serviceMonitor.relabelings }} + relabelings: {{- include "common.tplValue" ( dict "value" .Values.metrics.serviceMonitor.relabelings "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.metrics.serviceMonitor.metricRelabelings }} + metricRelabelings: {{- include "common.tplValue" ( dict "value" .Values.metrics.serviceMonitor.metricRelabelings "context" $) | nindent 8 }} + {{- end }} + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} +{{- end }} diff --git a/kubernetes/common/mariadb-galera/templates/statefulset.yaml b/kubernetes/common/mariadb-galera/templates/statefulset.yaml index eb21fe3182..0dcb8e3e1c 100644 --- a/kubernetes/common/mariadb-galera/templates/statefulset.yaml +++ b/kubernetes/common/mariadb-galera/templates/statefulset.yaml @@ -1,5 +1,8 @@ {{/* -# Copyright © 2019 Amdocs, Bell Canada, Orange, Samsung Electronics +# Copyright © 2018 Amdocs, Bell Canada +# Copyright © 2019 Samsung Electronics +# Copyright © 2019-2020 Orange +# Copyright © 2020 Bitnami # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -16,128 +19,223 @@ apiVersion: apps/v1 kind: StatefulSet -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.fullname" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ include "common.release" . }}" - heritage: "{{ .Release.Service }}" +metadata: {{- include "common.resourceMetadata" . | nindent 2 }} spec: - serviceName: {{ .Values.service.name }} + podManagementPolicy: {{ .Values.podManagementPolicy }} replicas: {{ .Values.replicaCount }} - selector: - matchLabels: - app: {{ include "common.fullname" . }} + selector: {{- include "common.selectors" . | nindent 4 }} + serviceName: {{ include "common.servicename" . }}-headless + updateStrategy: + type: {{ .Values.updateStrategy.type }} + {{- if (eq "Recreate" .Values.updateStrategy.type) }} + rollingUpdate: null + {{- end }} template: - metadata: - labels: - app: {{ include "common.fullname" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ include "common.release" . }}" - heritage: "{{ .Release.Service }}" - annotations: - pod.alpha.kubernetes.io/initialized: "true" + metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 8 }} - {{- end }} - volumes: - {{- if .Values.externalConfig }} - - name: config - configMap: - name: {{ include "common.fullname" . }}-external-config - {{- end}} - - name: init-script - configMap: - name: {{ include "common.fullname" . }} - defaultMode: 0755 - - name: localtime - hostPath: - path: /etc/localtime - imagePullSecrets: - - name: {{ include "common.namespace" . }}-docker-registry-key + {{ include "common.podSecurityContext" . | indent 6 | trim }} + initContainers: + # we shouldn't need this but for unknown reason, it's fsGroup is not + # applied + - name: fix-permission + command: + - /bin/sh + args: + - -c + - | + chown -R {{ .Values.securityContext.user_id }}:{{ .Values.securityContext.group_id }} /data + chown -R {{ .Values.securityContext.user_id }}:{{ .Values.securityContext.group_id }} /bootstrap/ + chown -R {{ .Values.securityContext.user_id }}:{{ .Values.securityContext.group_id }} /tmp/ + {{- if .Values.mariadbConfiguration }} + cp /config/my.cnf /actual/my.cnf + chown -R {{ .Values.securityContext.user_id }}:{{ .Values.securityContext.group_id }} /actual + {{- end }} + image: {{ include "repositoryGenerator.image.busybox" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + securityContext: + runAsUser: 0 + volumeMounts: + - name: previous-boot + mountPath: /bootstrap + - name: mariadb-tmp-folder + mountPath: /tmp + - name: {{ include "common.fullname" . }} + mountPath: /data + {{- if .Values.mariadbConfiguration }} + - name: mariadb-galera-starting-config + mountPath: /config/my.cnf + subPath: my.cnf + - name: mariadb-galera-actual-config + mountPath: /actual + {{- end }} containers: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy | quote}} + command: + - bash + - -ec + - | + {{- if (not (empty (.Values.galera.bootstrap.bootstrapFromNode | quote)))}} + {{- $fullname := include "common.names.fullname" . }} + {{- $bootstrapFromNode := int .Values.galera.bootstrap.bootstrapFromNode }} + # Bootstrap from the indicated node + NODE_ID="${MY_POD_NAME#"{{ $fullname }}-"}" + if [[ "$NODE_ID" -eq "{{ $bootstrapFromNode }}" ]]; then + export MARIADB_GALERA_CLUSTER_BOOTSTRAP=yes + export MARIADB_GALERA_FORCE_SAFETOBOOTSTRAP={{ ternary "yes" "no" .Values.galera.bootstrap.forceSafeToBootstrap }} + fi + {{- end }} + exec /opt/bitnami/scripts/mariadb-galera/entrypoint.sh /opt/bitnami/scripts/mariadb-galera/run.sh env: - - name: POD_NAMESPACE + - name: MY_POD_NAME valueFrom: fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: MYSQL_USER - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" (include "common.mariadb.secret.userCredentialsUID" .) "key" "login") | indent 14}} - - name: MYSQL_PASSWORD - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" (include "common.mariadb.secret.userCredentialsUID" .) "key" "password") | indent 14}} - - name: MYSQL_DATABASE - value: {{ default "" .Values.config.mysqlDatabase | quote }} - - name: MYSQL_ROOT_PASSWORD - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" (include "common.mariadb.secret.rootPassUID" .) "key" "password") | indent 14}} - ports: - - containerPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - - containerPort: {{ .Values.service.sstPort }} - name: {{ .Values.service.sstPortName }} - - containerPort: {{ .Values.service.replicationPort }} - name: {{ .Values.service.replicationName }} - - containerPort: {{ .Values.service.istPort }} - name: {{ .Values.service.istPortName }} + fieldPath: metadata.name + - name: BITNAMI_DEBUG + value: {{ ternary "true" "false" .Values.debug | quote }} + - name: DB_INIT_SLEEP_TIME + value: {{ .Values.init_sleep_time | quote }} + - name: MARIADB_GALERA_CLUSTER_NAME + value: {{ .Values.galera.name | quote }} + - name: MARIADB_GALERA_CLUSTER_ADDRESS + value: "gcomm://{{ template "common.name" . }}-headless.{{ include "common.namespace" . }}.svc.{{ .Values.global.clusterDomain }}" + - name: MARIADB_ROOT_USER + value: {{ .Values.rootUser.user | quote }} + - name: MARIADB_ROOT_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" (include "common.mariadb.secret.rootPassUID" .) "key" "password") | indent 14 }} + - name: MARIADB_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" (include "common.mariadb.secret.userCredentialsUID" .) "key" "login") | indent 14 }} + - name: MARIADB_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" (include "common.mariadb.secret.userCredentialsUID" .) "key" "password") | indent 14 }} + - name: MARIADB_DATABASE + value: {{ .Values.db.name | quote }} + - name: MARIADB_GALERA_MARIABACKUP_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" (include "common.mariadb.secret.backupCredentialsUID" .) "key" "login") | indent 14 }} + - name: MARIADB_GALERA_MARIABACKUP_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" (include "common.mariadb.secret.backupCredentialsUID" .) "key" "password") | indent 14 }} + {{- if .Values.extraFlags }} + - name: MARIADB_EXTRA_FLAGS + value: {{ .Values.extraFlags | quote }} + {{- end }} + ports: {{ include "common.containerPorts" . | nindent 12 }} + {{- if .Values.livenessProbe.enabled }} + livenessProbe: + exec: + command: + - bash + - -ec + - | + exec mysqladmin status -u$MARIADB_ROOT_USER -p$MARIADB_ROOT_PASSWORD + initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.livenessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }} + successThreshold: {{ .Values.livenessProbe.successThreshold }} + failureThreshold: {{ .Values.livenessProbe.failureThreshold }} + {{- end }} + {{- if .Values.readinessProbe.enabled }} readinessProbe: exec: command: - - /usr/share/container-scripts/mysql/readiness-probe.sh - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - timeoutSeconds: {{ .Values.readiness.timeoutSeconds }} - {{- if eq .Values.liveness.enabled true }} + - bash + - -ec + - | + exec mysqladmin status -u$MARIADB_ROOT_USER -p$MARIADB_ROOT_PASSWORD + initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.readinessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }} + successThreshold: {{ .Values.readinessProbe.successThreshold }} + failureThreshold: {{ .Values.readinessProbe.failureThreshold }} + {{- end }} + resources: {{ include "common.resources" . | nindent 12 }} + volumeMounts: + - name: previous-boot + mountPath: /opt/bitnami/mariadb/.bootstrap + - name: {{ include "common.fullname" . }} + mountPath: /bitnami/mariadb + - name: mariadb-tmp-folder + mountPath: /opt/bitnami/mariadb/tmp + {{- if .Values.mariadbConfiguration }} + - name: mariadb-galera-actual-config + mountPath: /opt/bitnami/mariadb/conf + {{- end }} + {{- if default false .Values.global.metrics.enabled }} + - name: {{ include "common.name" . }}-metrics + image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.metrics.image }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.metrics.pullPolicy | quote}} + env: + - name: MARIADB_METRICS_EXTRA_FLAGS + value: {{ default "" (join " " .Values.metrics.extraFlags) | quote }} + - name: MARIADB_ROOT_USER + value: {{ .Values.rootUser.user | quote }} + - name: MARIADB_ROOT_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" (include "common.mariadb.secret.rootPassUID" .) "key" "password") | indent 14}} + command: + - sh + - -c + - | + DATA_SOURCE_NAME="$MARIADB_ROOT_USER:$MARIADB_ROOT_PASSWORD@(localhost:3306)/" /bin/mysqld_exporter $MARIADB_METRICS_EXTRA_FLAGS + ports: + - name: metrics + containerPort: 9104 livenessProbe: - exec: - command: ["mysqladmin", "ping"] - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - timeoutSeconds: {{ .Values.liveness.timeoutSeconds }} + httpGet: + path: /metrics + port: metrics + initialDelaySeconds: 30 + timeoutSeconds: 5 + readinessProbe: + httpGet: + path: /metrics + port: metrics + initialDelaySeconds: 5 + timeoutSeconds: 1 + {{ include "common.containerSecurityContext" . | indent 10 | trim }} + resources: {{- toYaml .Values.metrics.resources | nindent 12 }} + {{- end }} + imagePullSecrets: + - name: {{ include "common.namespace" . }}-docker-registry-key + {{- if .Values.schedulerName }} + schedulerName: {{ .Values.schedulerName | quote }} {{- end }} - resources: -{{ include "common.resources" . | indent 12 }} - volumeMounts: - {{- if .Values.externalConfig }} - - mountPath: /etc/config - name: config - {{- end}} - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /usr/share/container-scripts/mysql/configure-mysql.sh - subPath: configure-mysql.sh - name: init-script -{{- if .Values.persistence.enabled }} - - mountPath: /var/lib/mysql - name: {{ include "common.fullname" . }}-data - initContainers: - - name: {{ include "common.name" . }}-prepare - image: {{ include "repositoryGenerator.image.busybox" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy | quote}} - command: ["sh", "-c", "chown -R 27:27 /var/lib/mysql"] - volumeMounts: - - name: {{ include "common.fullname" . }}-data - mountPath: /var/lib/mysql + {{- if .Values.priorityClassName }} + priorityClassName: {{ .Values.priorityClassName }} + {{- end }} + serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} + {{- if .Values.affinity }} + affinity: {{- include "common.tplvalues" ( dict "value" .Values.affinity "context" $) | nindent 8 }} + {{- else }} + affinity: + podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.podAffinityPreset "context" $) | nindent 10 }} + podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.podAntiAffinityPreset "context" $) | nindent 10 }} + nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.nodeAffinityPreset.type "key" .Values.nodeAffinityPreset.key "values" .Values.nodeAffinityPreset.values) | nindent 10 }} + {{- end }} + {{- if .Values.nodeSelector }} + nodeSelector: {{- include "common.tplvalues" ( dict "value" .Values.nodeSelector "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.tolerations }} + tolerations: {{- include "common.tplvalues" (dict "value" .Values.tolerations "context" .) | nindent 8 }} + {{- end }} + volumes: + - name: previous-boot + emptyDir: {} + - name: mariadb-tmp-folder + emptyDir: {} + {{- if .Values.mariadbConfiguration }} + - name: mariadb-galera-actual-config + emptyDir: {} + - name: mariadb-galera-starting-config + configMap: + name: {{ printf "%s-configuration" (include "common.fullname" .) }} + {{- end }} +{{- if and .Values.persistence.enabled .Values.persistence.existingClaim }} + - name: {{ include "common.fullname" . }} + persistentVolumeClaim: + claimName: {{ .Values.persistence.existingClaim }} +{{- else if not .Values.persistence.enabled }} + - name: {{ include "common.fullname" . }} + emptyDir: {} +{{- else if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }} volumeClaimTemplates: - - metadata: - name: {{ include "common.fullname" . }}-data - labels: - name: {{ include "common.fullname" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ include "common.release" . }}" - heritage: "{{ .Release.Service }}" - spec: - accessModes: - - {{ .Values.persistence.accessMode | quote }} - storageClassName: {{ include "common.storageClass" . }} - resources: - requests: - storage: {{ .Values.persistence.size | quote }} + - {{ include "common.PVCTemplate" (dict "dot" . "suffix" "data" "persistenceInfos" .Values.persistence) | indent 6 | trim }} {{- end }} -- cgit 1.2.3-korg