Bitnami/charts
2
0
Fork 0
mirror of https://github.com/bitnami/charts.git synced 2026-03-05 06:47:25 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1340 from sameersbn/mariadb-galera

Browse Source 
[bitnami/mariadb-galera] new chart for MariaDB Galera Deployment
This commit is contained in:
Juan Ariza Toledano
2019-08-12 14:58:14 +02:00
committed by GitHub
parent 16fa3078c5 ae8dac1206
commit 6bfe13c062
22 changed files with 1997 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
bitnami/mariadb-galera/.helmignore Normal file
View File

@@ -0,0 +1 @@
.git

22
bitnami/mariadb-galera/Chart.yaml Normal file
View File

@@ -0,0 +1,22 @@
apiVersion: v1
name: mariadb-galera
version: 0.0.1
appVersion: 10.3.17
description: MariaDB Galera is a multi-master database cluster solution for synchronous replication and high availability.
keywords:
- mariadb
- mysql
- database
- sql
- prometheus
- galera
- percona
home: https://mariadb.org
icon: https://bitnami.com/assets/stacks/mariadb-galera/img/mariadb-galera-stack-220x234.png
sources:
- https://github.com/bitnami/bitnami-docker-mariadb-galera
- https://github.com/prometheus/mysqld_exporter
maintainers:
- name: Bitnami
email: containers@bitnami.com
engine: gotpl

280
bitnami/mariadb-galera/README.md Normal file
View File

@@ -0,0 +1,280 @@
# MariaDB Galera
[MariaDB Galera](https://mariadb.com/kb/en/library/what-is-mariadb-galera-cluster/) is a multi-master database cluster solution for synchronous replication and high availability.
## TL;DR
```bash
$ helm install bitnami/mariadb-galera
```
## Introduction
This chart bootstraps a [MariaDB Galera](https://github.com/bitnami/bitnami-docker-mariadb-galera) cluster on [Kubernetes](http://kubernetes.io) using the [Helm](https://helm.sh) package manager.
Bitnami charts can be used with [Kubeapps](https://kubeapps.com/) for deployment and management of Helm Charts in clusters. This chart has been tested to work with fluentd and Prometheus on top of [BKPR](https://kubeprod.io/).
## Prerequisites
- Kubernetes 1.10+
- PV provisioner support in the underlying infrastructure
## Installing the Chart
Add the `bitnami` charts repo to Helm:
```bash
$ helm repo add bitnami https://charts.bitnami.com/bitnami
```
To install the chart with the release name `my-release`:
```bash
$ helm install --name my-release bitnami/mariadb-galera
```
The command deploys MariaDB Galera on the Kubernetes cluster in the default configuration. The [configuration](#configuration) section lists the parameters that can be configured during installation.
> **Tip**: List all releases using `helm list`
## Uninstalling the Chart
For a graceful termination, set the replica count of the Pods in the `mariadb-galera` StatefulSet to `0`:
```bash
$ kubectl scale sts my-release-mariadb-galera --replicas=0
```
To uninstall/delete the `my-release` release:
```bash
$ helm delete --purge my-release
```
The command removes all the Kubernetes components associated with the chart and deletes the release.
## Configuration
The following table lists the configurable parameters of the MariaDB Galera chart and their default values.
| Parameter | Description | Default |
|--------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------|
| `global.imageRegistry` | Global Docker image registry | `nil` |
| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) |
| `image.registry` | MariaDB Galera image registry | `docker.io` |
| `image.repository` | MariaDB Galera Image name | `bitnami/mariadb-galera` |
| `image.tag` | MariaDB Galera Image tag | `{TAG_NAME}` |
| `image.pullPolicy` | MariaDB Galera image pull policy | `IfNotPresent` |
| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) |
| `image.debug` | Specify if debug logs should be enabled | `false` |
| `nameOverride` | String to partially override mariadb-galera.fullname template with a string (will prepend the release name) | `nil` |
| `fullnameOverride` | String to fully override mariadb-galera.fullname template with a string | `nil` |
| `schedulerName` | Name of the k8s scheduler (other than default) | `nil` |
| `service.type` | Kubernetes service type | `ClusterIP` |
| `service.port` | MariaDB service port | `3306` |
| `service.clusterIP` | Specific cluster IP when service type is cluster IP. Use `None` for headless service | `nil` |
| `service.nodePort` | Kubernetes Service nodePort | `nil` |
| `service.loadBalancerIP` | `loadBalancerIP` if service type is `LoadBalancer` | `nil` |
| `service.loadBalancerSourceRanges` | Address that are allowed when svc is `LoadBalancer` | `[]` |
| `service.annotations` | Additional annotations for MariaDB Galera service | `{}` |
| `serviceAccount.create` | Specify whether a ServiceAccount should be created | `false` |
| `serviceAccount.name` | The name of the ServiceAccount to create | Generated using the mariadb-galera.fullname template |
| `rbac.create` | Specify whether RBAC resources should be created and used | `false` |
| `securityContext.enabled` | Enable security context | `false` |
| `securityContext.fsGroup` | Group ID for the container filesystem | `1001` |
| `securityContext.runAsUser` | User ID for the container | `1001` |
| `existingSecret` | Use existing secret for password details (`rootUser.password`, `db.password`, `galera.mariabackup.password` will be ignored and picked up from this secret) | `nil` |
| `rootUser.password` | Password for the `root` user. Ignored if existing secret is provided. | _random 10 character alphanumeric string_ |
| `rootUser.forcePassword` | Force users to specify a password | `false` |
| `db.user` | Username of new user to create | `nil` |
| `db.password` | Password for the new user. Ignored if existing secret is provided. | _random 10 character alphanumeric string if `db.user` is defined_ |
| `db.name` | Name for new database to create | `my_database` |
| `db.forcePassword` | Force users to specify a password | `false` |
| `galera.name` | Galera cluster name | `galera` |
| `galera.mariabackup.user` | Galera mariabackup user | `mariabackup` |
| `galera.mariabackup.password` | Galera mariabackup password | _random 10 character alphanumeric string_ |
| `galera.mariabackup.forcePassword` | Force users to specify a password | `false` |
| `ldap.enabled` | Enable LDAP support | `false` |
| `ldap.uri` | LDAP URL beginning in the form `ldap[s]://<hostname>:<port>` | `nil` |
| `ldap.base` | LDAP base DN | `nil` |
| `ldap.binddn` | LDAP bind DN | `nil` |
| `ldap.bindpw` | LDAP bind password | `nil` |
| `ldap.bslookup` | LDAP base lookup | `nil` |
| `mariadbConfiguration` | Configuration for the MariaDB server | `_default values in the values.yaml file_` |
| `configurationConfigMap` | ConfigMap with the MariaDB configuration files (Note: Overrides `mariadbConfiguration`). The value is evaluated as a template. | `nil` |
| `initdbScripts` | Dictionary of initdb scripts | `nil` |
| `initdbScriptsConfigMap` | ConfigMap with the initdb scripts (Note: Overrides `initdbScripts`) | `nil` |
| `extraFlags` | MariaDB additional command line flags | `nil` |
| `annotations[].key` | key for the the annotation list item | `nil` |
| `annotations[].value` | value for the the annotation list item | `nil` |
| `replicaCount` | Desired number of cluster nodes | `3` |
| `updateStrategy` | Statefulset update strategy policy | `RollingUpdate` |
| `nodeAffinity` | Node Affinity (this value is evaluated as a template) | `{}` |
| `podAntiAffinity` | Pod anti-affinity policy | `soft` |
| `podAffinity` | Affinity, in addition to antiAffinity (this value is evaluated as a template) | `{}` |
| `nodeSelector` | Node labels for pod assignment (this value is evaluated as a template) | `{}` |
| `tolerations` | List of node taints to tolerate (this value is evaluated as a template) | `[]` |
| `persistence.enabled` | Enable persistence using PVC | `true` |
| `persistence.existingClaim` | Provide an existing `PersistentVolumeClaim` | `nil` |
| `persistence.subPath` | Subdirectory of the volume to mount | `nil` |
| `persistence.mountPath` | Path to mount the volume at | `/bitnami/mariadb` |
| `persistence.annotations` | Persistent Volume Claim annotations | `{}` |
| `persistence.storageClass` | Persistent Volume Storage Class | `nil` |
| `persistence.accessModes` | Persistent Volume Access Modes | `[ReadWriteOnce]` |
| `persistence.size` | Persistent Volume Size | `8Gi` |
| `extraInitContainers` | Additional init containers (this value is evaluated as a template) | `nil` |
| `resources` | CPU/Memory resource requests/limits for node | `{}` |
| `livenessProbe.enabled` | Turn on and off liveness probe | `true` |
| `livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `120` |
| `livenessProbe.periodSeconds` | How often to perform the probe | `10` |
| `livenessProbe.timeoutSeconds` | When the probe times out | `1` |
| `livenessProbe.successThreshold` | Minimum consecutive successes for the probe | `1` |
| `livenessProbe.failureThreshold` | Minimum consecutive failures for the probe | `3` |
| `readinessProbe.enabled` | Turn on and off readiness probe | `true` |
| `readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `30` |
| `readinessProbe.periodSeconds` | How often to perform the probe | `10` |
| `readinessProbe.timeoutSeconds` | When the probe times out | `1` |
| `readinessProbe.successThreshold` | Minimum consecutive successes for the probe | `1` |
| `readinessProbe.failureThreshold` | Minimum consecutive failures for the probe | `3` |
| `podDisruptionBudget.create` | If true, create a pod disruption budget for pods. | `false` |
| `podDisruptionBudget.minAvailable` | Minimum number / percentage of pods that should remain scheduled | `1` |
| `podDisruptionBudget.maxUnavailable` | Maximum number / percentage of pods that may be made unavailable | `nil` |
| `metrics.enabled` | Start a side-car prometheus exporter | `false` |
| `metrics.image.registry` | MariaDB Prometheus exporter image registry | `docker.io` |
| `metrics.image.repository` | MariaDB Prometheus exporter image name | `bitnami/mysqld-exporter` |
| `metrics.image.tag` | MariaDB Prometheus exporter image tag | `{TAG_NAME}` |
| `metrics.image.pullPolicy` | MariaDB Prometheus exporter image pull policy | `IfNotPresent` |
| `metrics.resources` | Prometheus exporter resource requests/limits | `{}` |
| `metrics.service.annotations` | Prometheus exporter svc annotations | `{prometheus.io/scrape: "true", prometheus.io/port: "9104"}` |
| `metrics.serviceMonitor.enabled` | if `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`) | `false` |
| `metrics.serviceMonitor.namespace` | Optional namespace which Prometheus is running in | `nil` |
| `metrics.serviceMonitor.interval` | How frequently to scrape metrics (use by default, falling back to Prometheus' default) | `nil` |
| `metrics.serviceMonitor.selector` | Default to kube-prometheus install (CoreOS recommended), but should be set according to Prometheus install | `{prometheus: "kube-prometheus"}` |
The above parameters map to the env variables defined in [bitnami/mariadb-galera](http://github.com/bitnami/bitnami-docker-mariadb-galera). For more information please refer to the [bitnami/mariadb-galera](http://github.com/bitnami/bitnami-docker-mariadb-galera) image documentation.
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
```bash
$ helm install --name my-release \
--set rootUser.password=secretpassword,
--set db.user=app_database \
bitnami/mariadb-galera
```
The above command sets the MariaDB `root` account password to `secretpassword`. Additionally it creates a database named `my_database`.
Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example,
```bash
$ helm install --name my-release -f values.yaml bitnami/mariadb-galera
```
> **Tip**: You can use the default [values.yaml](values.yaml)
### LDAP
LDAP support can be enabled in the chart by specifying the `ldap.` parameters while creating a release. The following parameters should be configured to properly enable the LDAP support in the chart.
- `ldap.enabled`: Enable LDAP support. Defaults to `false`.
- `ldap.uri`: LDAP URL beginning in the form `ldap[s]://<hostname>:<port>`. No defaults.
- `ldap.base`: LDAP base DN. No defaults.
- `ldap.binddn`: LDAP bind DN. No defaults.
- `ldap.bindpw`: LDAP bind password. No defaults.
- `ldap.bslookup`: LDAP base lookup. No defaults.
For example:
```bash
$ helm install --name my-release bitnami/mariadb-galera \
--set ldap.enabled="true" \
--set ldap.url="ldap://my_ldap_server" \
--set ldap.base="dc=example,dc=org" \
--set ldap.binddn="cn=admin,dc=example,dc=org" \
--set ldap.bindpw="admin" \
--set ldap.bslookup="ou=group-ok,dc=example,dc=org"
```
Next, login to the MariaDB server using the `mysql` client and add the PAM authenticated LDAP users.
For example,
```mysql
CREATE USER 'bitnami'@'localhost' IDENTIFIED VIA pam USING 'mariadb';
```
With the above example, when the `bitnami` user attempts to login to the MariaDB server, he/she will be authenticated against the LDAP server.
### Production configuration
This chart includes a `values-production.yaml` file where you can find some parameters oriented to production configuration in comparison to the regular `values.yaml`.
```console
$ helm install --name my-release -f ./values-production.yaml bitnami/mariadb-galera
```
- Force users to specify a password:
```diff
- rootUser.forcePassword: false
+ rootUser.forcePassword: true
- db.forcePassword: false
+ db.forcePassword: true
- galera.mariabackup.forcePassword: false
+ galera.mariabackup..forcePassword: true
```
- Start a side-car prometheus exporter:
```diff
- metrics.enabled: false
+ metrics.enabled: true
```
### [Rolling VS Immutable tags](https://docs.bitnami.com/containers/how-to/understand-rolling-tags-containers/)
It is strongly recommended to use immutable tags in a production environment. This ensures your deployment does not change automatically if the same tag is updated with a different image.
Bitnami will release a new chart updating its containers if a new version of the main container, significant changes, or critical vulnerabilities exist.
## Initialize a fresh instance
The [Bitnami MariaDB Galera](https://github.com/bitnami/bitnami-docker-mariadb-galera) image allows you to use your custom scripts to initialize a fresh instance. In order to execute the scripts, they must be located inside the chart folder `files/docker-entrypoint-initdb.d` so they can be consumed as a ConfigMap.
Alternatively, you can specify custom scripts using the `initdbScripts` parameter as dict.
In addition to these options, you can also set an external ConfigMap with all the initialization scripts. This is done by setting the `initdbScriptsConfigMap` parameter. Note that this will override the two previous options.
The allowed extensions are `.sh`, `.sql` and `.sql.gz`.
## Persistence
The [Bitnami MariaDB Galera](https://github.com/bitnami/bitnami-docker-mariadb-galera) image stores the MariaDB data and configurations at the `/bitnami/mariadb` path of the container.
The chart mounts a [Persistent Volume](kubernetes.io/docs/user-guide/persistent-volumes/) volume at this location. The volume is created using dynamic volume provisioning, by default. An existing PersistentVolumeClaim can be defined.
## Extra Init Containers
The feature allows for specifying a template string for a initContainer in the pod. Usecases include situations when you need some pre-run setup. For example, in IKS (IBM Cloud Kubernetes Service), non-root users do not have write permission on the volume mount path for NFS-powered file storage. So, you could use a initcontainer to `chown` the mount. See a example below, where we add an initContainer on the pod that reports to an external resource that the db is going to starting.
`values.yaml`
```yaml
extraInitContainers: |
- name: initcontainer
image: bitnami/minideb:latest
command: ["/bin/sh", "-c"]
args:
- install_packages curl && curl http://api-service.local/db/starting;
```
## Upgrading
It's necessary to specify the existing passwords while performing a upgrade to ensure the secrets are not updated with invalid randomly generated passwords. Remember to specify the existing values of the `rootUser.password`, `db.password` and `galera.mariabackup.password` parameters when upgrading the chart:
```bash
$ helm upgrade my-release bitnami/mariadb-galera \
--set rootUser.password=[ROOT_PASSWORD] \
--set db.password=[MARIADB_PASSWORD] \
--set galera.mariabackup.password=[GALERA_MARIABACKUP_PASSWORD]
```
| Note: you need to substitute the placeholders _[ROOT_PASSWORD]_, _[MARIADB_PASSWORD]_ and _[MARIABACKUP_PASSWORD]_ with the values obtained from instructions in the installation notes.

3
bitnami/mariadb-galera/files/docker-entrypoint-initdb.d/README.md Normal file
View File

@@ -0,0 +1,3 @@
You can copy here your custom .sh, .sql or .sql.gz file so they are executed during the first boot of the image.
More info in the [bitnami-docker-mariadb-galera](https://github.com/bitnami/bitnami-docker-mariadb-galera#initializing-a-new-instance) repository.

62
bitnami/mariadb-galera/templates/NOTES.txt Normal file
View File

@@ -0,0 +1,62 @@
** Please be patient while the chart is being deployed **
Tip:
Watch the deployment status using the command:
kubectl get sts -w --namespace {{ .Release.Namespace }} -l app.kubernetes.io/instance={{ .Release.Name }}
MariaDB can be accessed via port "{{ .Values.service.port }}" on the following DNS name from within your cluster:
{{ template "mariadb-galera.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local
To obtain the password for the MariaDB "root" user run the following command:
kubectl get secret --namespace {{ .Release.Namespace }} {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{ else }}{{ template "mariadb-galera.fullname" . }}{{ end }} -o jsonpath="{.data.mariadb-root-password}" | base64 --decode
To connect to your database run the following command:
kubectl run {{ template "mariadb-galera.fullname" . }}-client --rm --tty -i --restart='Never' --namespace {{ .Release.Namespace }} --image {{ template "mariadb-galera.image" . }} --command \
-- mysql -h {{ template "mariadb-galera.fullname" . }} -P {{ .Values.service.port }} -u{{ if .Values.db.user }}{{ .Values.db.user }}{{ else }}root{{ end }} -p{{ if .Values.db.user }}$(kubectl get secret --namespace {{ .Release.Namespace }} {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{ else }}{{ template "mariadb-galera.fullname" . }}{{ end }} -o jsonpath="{.data.mariadb-password}" | base64 --decode){{ else }}$(kubectl get secret --namespace {{ .Release.Namespace }} {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{ else }}{{ template "mariadb-galera.fullname" . }}{{ end }} -o jsonpath="{.data.mariadb-root-password}" | base64 --decode){{ end }} {{ .Values.db.name }}
To connect to your database from outside the cluster execute the following commands:
{{- if contains "NodePort" .Values.service.type }}
export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "mariadb-galera.fullname" . }})
mysql -h $NODE_IP -P $NODE_PORT -u{{ if .Values.db.user }}{{ .Values.db.user }}{{ else }}root{{ end }} -p{{ if .Values.db.user }}$(kubectl get secret --namespace {{ .Release.Namespace }} {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{ else }}{{ template "mariadb-galera.fullname" . }}{{ end }} -o jsonpath="{.data.mariadb-password}" | base64 --decode){{ else }}$(kubectl get secret --namespace {{ .Release.Namespace }} {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{ else }}{{ template "mariadb-galera.fullname" . }}{{ end }} -o jsonpath="{.data.mariadb-root-password}" | base64 --decode){{ end }} {{ .Values.db.name }}
{{- else if contains "LoadBalancer" .Values.service.type }}
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
Watch the status with: 'kubectl get svc --namespace {{ .Release.Namespace }} -w {{ template "mariadb-galera.fullname" . }}'
export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "mariadb-galera.fullname" . }} --template "{{ "{{ range (index .status.loadBalancer.ingress 0) }}{{ . }}{{ end }}" }}")
mysql -h $SERVICE_IP -P {{ .Values.service.port }} -u{{ if .Values.db.user }}{{ .Values.db.user }}{{ else }}root{{ end }} -p{{ if .Values.db.user }}$(kubectl get secret --namespace {{ .Release.Namespace }} {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{ else }}{{ template "mariadb-galera.fullname" . }}{{ end }} -o jsonpath="{.data.mariadb-password}" | base64 --decode){{ else }}$(kubectl get secret --namespace {{ .Release.Namespace }} {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{ else }}{{ template "mariadb-galera.fullname" . }}{{ end }} -o jsonpath="{.data.mariadb-root-password}" | base64 --decode){{ end }} {{ .Values.db.name }}
{{- else if contains "ClusterIP" .Values.service.type }}
kubectl port-forward --namespace {{ .Release.Namespace }} svc/{{ template "mariadb-galera.fullname" . }} {{ .Values.service.port }}:{{ .Values.service.port }} &
mysql -h 127.0.0.1 -P {{ .Values.service.port }} -u{{ if .Values.db.user }}{{ .Values.db.user }}{{ else }}root{{ end }} -p{{ if .Values.db.user }}$(kubectl get secret --namespace {{ .Release.Namespace }} {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{ else }}{{ template "mariadb-galera.fullname" . }}{{ end }} -o jsonpath="{.data.mariadb-password}" | base64 --decode){{ else }}$(kubectl get secret --namespace {{ .Release.Namespace }} {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{ else }}{{ template "mariadb-galera.fullname" . }}{{ end }} -o jsonpath="{.data.mariadb-root-password}" | base64 --decode){{ end }} {{ .Values.db.name }}
{{- end }}
{{- if .Values.metrics.enabled }}
To access the MariaDB Prometheus metrics from outside the cluster execute the following commands:
kubectl port-forward --namespace {{ .Release.Namespace }} svc/{{ template "mariadb-galera.fullname" . }}-metrics {{ .Values.metrics.service.port }}:{{ .Values.metrics.service.port }} &
curl 127.0.0.1:{{ .Values.metrics.service.port }}/metrics
{{- end }}
To upgrade this helm chart:
helm upgrade --namespace {{ .Release.Namespace }} {{ .Release.Name }} bitnami/mariadb-galera \
--set rootUser.password=$(kubectl get secret {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{ else }}{{ template "mariadb-galera.fullname" . }}{{ end }} -o jsonpath="{.data.mariadb-root-password}" | base64 --decode) \
{{ if .Values.db.user }}--set db.user={{ .Values.db.user }} --set db.password=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{ else }}{{ template "mariadb-galera.fullname" . }}{{ end }} -o jsonpath="{.data.mariadb-password}" | base64 --decode) {{ end }}--set db.name={{ .Values.db.name }} \
--set galera.mariabackup.password=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{ else }}{{ template "mariadb-galera.fullname" . }}{{ end }} -o jsonpath="{.data.mariadb-galera-mariabackup-password}" | base64 --decode)
{{ include "mariadb-galera.checkRollingTags" . }}

151
bitnami/mariadb-galera/templates/_helpers.tpl Normal file
View File

@@ -0,0 +1,151 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "mariadb-galera.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "mariadb-galera.fullname" -}}
{{- if .Values.fullnameOverride -}}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- if contains $name .Release.Name -}}
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{- define "mariadb-galera.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Return the proper MariaDB Galera image name
*/}}
{{- define "mariadb-galera.image" -}}
{{- $registryName := .Values.image.registry -}}
{{- $repositoryName := .Values.image.repository -}}
{{- $tag := .Values.image.tag | toString -}}
{{/*
Helm 2.11 supports the assignment of a value to a variable defined in a different scope,
but Helm 2.9 and 2.10 doesn't support it, so we need to implement this if-else logic.
Also, we can't use a single if because lazy evaluation is not an option
*/}}
{{- if .Values.global }}
{{- if .Values.global.imageRegistry }}
{{- printf "%s/%s:%s" .Values.global.imageRegistry $repositoryName $tag -}}
{{- else -}}
{{- printf "%s/%s:%s" $registryName $repositoryName $tag -}}
{{- end -}}
{{- else -}}
{{- printf "%s/%s:%s" $registryName $repositoryName $tag -}}
{{- end -}}
{{- end -}}
{{/*
Return the proper metrics image name
*/}}
{{- define "mariadb-galera.metrics.image" -}}
{{- $registryName := .Values.metrics.image.registry -}}
{{- $repositoryName := .Values.metrics.image.repository -}}
{{- $tag := .Values.metrics.image.tag | toString -}}
{{/*
Helm 2.11 supports the assignment of a value to a variable defined in a different scope,
but Helm 2.9 and 2.10 doesn't support it, so we need to implement this if-else logic.
Also, we can't use a single if because lazy evaluation is not an option
*/}}
{{- if .Values.global }}
{{- if .Values.global.imageRegistry }}
{{- printf "%s/%s:%s" .Values.global.imageRegistry $repositoryName $tag -}}
{{- else -}}
{{- printf "%s/%s:%s" $registryName $repositoryName $tag -}}
{{- end -}}
{{- else -}}
{{- printf "%s/%s:%s" $registryName $repositoryName $tag -}}
{{- end -}}
{{- end -}}
{{/*
Get the configuration ConfigMap name.
*/}}
{{- define "mariadb-galera.configurationCM" -}}
{{- if .Values.configurationConfigMap -}}
{{- printf "%s" (tpl .Values.configurationConfigMap $) -}}
{{- else -}}
{{- printf "%s-configuration" (include "mariadb-galera.fullname" .) -}}
{{- end -}}
{{- end -}}
{{ template "mariadb-galera.initdbScriptsCM" . }}
{{/*
Get the initialization scripts ConfigMap name.
*/}}
{{- define "mariadb-galera.initdbScriptsCM" -}}
{{- if .Values.initdbScriptsConfigMap -}}
{{- printf "%s" .Values.initdbScriptsConfigMap -}}
{{- else -}}
{{- printf "%s-init-scripts" (include "mariadb-galera.fullname" .) -}}
{{- end -}}
{{- end -}}
{{/*
Create the name of the service account to use
*/}}
{{- define "mariadb-galera.serviceAccountName" -}}
{{- if .Values.serviceAccount.create -}}
{{ default (include "mariadb.fullname" .) .Values.serviceAccount.name }}
{{- else -}}
{{ default "default" .Values.serviceAccount.name }}
{{- end -}}
{{- end -}}
{{/*
Return the proper Docker Image Registry Secret Names
*/}}
{{- define "mariadb-galera.imagePullSecrets" -}}
{{/*
Helm 2.11 supports the assignment of a value to a variable defined in a different scope,
but Helm 2.9 and 2.10 does not support it, so we need to implement this if-else logic.
Also, we can not use a single if because lazy evaluation is not an option
*/}}
{{- if .Values.global }}
{{- if .Values.global.imagePullSecrets }}
imagePullSecrets:
{{- range .Values.global.imagePullSecrets }}
- name: {{ . }}
{{- end }}
{{- else if or .Values.image.pullSecrets .Values.metrics.image.pullSecrets }}
imagePullSecrets:
{{- range .Values.image.pullSecrets }}
- name: {{ . }}
{{- end }}
{{- range .Values.metrics.image.pullSecrets }}
- name: {{ . }}
{{- end }}
{{- end -}}
{{- else if or .Values.image.pullSecrets .Values.metrics.image.pullSecrets }}
imagePullSecrets:
{{- range .Values.image.pullSecrets }}
- name: {{ . }}
{{- end }}
{{- range .Values.metrics.image.pullSecrets }}
- name: {{ . }}
{{- end }}
{{- end -}}
{{- end -}}
{{/* Check if there are rolling tags in the images */}}
{{- define "mariadb-galera.checkRollingTags" -}}
{{- if and (contains "bitnami/" .Values.image.repository) (not (.Values.image.tag | toString | regexFind "-r\\d+$|sha256:")) }}
WARNING: Rolling tag detected ({{ .Values.image.repository }}:{{ .Values.image.tag }}), please note that it is strongly recommended to avoid using rolling tags in a production environment.
+info https://docs.bitnami.com/containers/how-to/understand-rolling-tags-containers/
{{- end }}
{{- end -}}

18
bitnami/mariadb-galera/templates/configmap.yaml Normal file
View File

@@ -0,0 +1,18 @@
{{ if and (or (.Files.Glob "files/my.cnf") .Values.mariadbConfiguration) (not .Values.configurationConfigMap) }}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ template "mariadb-galera.fullname" . }}-configuration
labels:
app.kubernetes.io/name: {{ include "mariadb-galera.name" . }}
helm.sh/chart: {{ include "mariadb-galera.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
data:
{{- if (.Files.Glob "files/my.cnf") }}
{{ (.Files.Glob "files/my.cnf").AsConfig | indent 2 }}
{{- else if .Values.mariadbConfiguration }}
my.cnf: |
{{ .Values.mariadbConfiguration | indent 4 }}
{{- end }}
{{ end }}

25
bitnami/mariadb-galera/templates/headless-svc.yaml Normal file
View File

@@ -0,0 +1,25 @@
apiVersion: v1
kind: Service
metadata:
name: {{ template "mariadb-galera.fullname" . }}-headless
labels:
app.kubernetes.io/name: {{ include "mariadb-galera.name" . }}
helm.sh/chart: {{ include "mariadb-galera.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
spec:
type: ClusterIP
clusterIP: None
ports:
- name: galera
port: 4567
targetPort: galera
- name: ist
port: 4568
targetPort: ist
- name: sst
port: 4444
targetPort: sst
selector:
app.kubernetes.io/name: {{ include "mariadb-galera.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}

25
bitnami/mariadb-galera/templates/initialization-configmap.yaml Normal file
View File

@@ -0,0 +1,25 @@
{{- if and (or (.Files.Glob "files/docker-entrypoint-initdb.d/*.{sh,sql,sql.gz}") .Values.initdbScripts) (not .Values.initdbScriptsConfigMap) }}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ template "mariadb-galera.fullname" . }}-init-scripts
labels:
app.kubernetes.io/name: {{ include "mariadb-galera.name" . }}
helm.sh/chart: {{ include "mariadb-galera.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- if and (.Files.Glob "files/docker-entrypoint-initdb.d/*.sql.gz") (not .Values.initdbScriptsConfigMap) }}
binaryData:
{{- $root := . }}
{{- range $path, $bytes := .Files.Glob "files/docker-entrypoint-initdb.d/*.sql.gz" }}
{{ base $path }}: {{ $root.Files.Get $path | b64enc | quote }}
{{- end }}
{{- end }}
data:
{{- if and (.Files.Glob "files/docker-entrypoint-initdb.d/*.{sh,sql}") (not .Values.initdbScriptsConfigMap) }}
{{ (.Files.Glob "files/docker-entrypoint-initdb.d/*.{sh,sql}").AsConfig | indent 2 }}
{{- end }}
{{- with .Values.initdbScripts }}
{{ toYaml . | indent 2 }}
{{- end }}
{{ end }}

21
bitnami/mariadb-galera/templates/metrics-svc.yaml Normal file
View File

@@ -0,0 +1,21 @@
{{- if .Values.metrics.enabled }}
apiVersion: v1
kind: Service
metadata:
name: {{ template "mariadb-galera.fullname" . }}-metrics
labels:
app.kubernetes.io/name: {{ include "mariadb-galera.name" . }}
helm.sh/chart: {{ include "mariadb-galera.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
annotations: {{ toYaml .Values.metrics.service.annotations | nindent 4 }}
spec:
type: {{ .Values.metrics.service.type }}
ports:
- name: metrics
port: {{ .Values.metrics.service.port }}
targetPort: metrics
selector:
app.kubernetes.io/name: {{ include "mariadb-galera.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}

22
bitnami/mariadb-galera/templates/pdb.yaml Normal file
View File

@@ -0,0 +1,22 @@
{{- if .Values.podDisruptionBudget.create }}
apiVersion: policy/v1beta1
kind: PodDisruptionBudget
metadata:
name: {{ template "mariadb-galera.fullname" . }}
labels:
app.kubernetes.io/name: {{ include "mariadb-galera.name" . }}
helm.sh/chart: {{ include "mariadb-galera.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
spec:
{{- if .Values.podDisruptionBudget.minAvailable }}
minAvailable: {{ .Values.podDisruptionBudget.minAvailable }}
{{- end }}
{{- if .Values.podDisruptionBudget.maxUnavailable }}
maxUnavailable: {{ .Values.podDisruptionBudget.maxUnavailable }}
{{- end }}
selector:
matchLabels:
app.kubernetes.io/name: {{ include "mariadb-galera.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}

18
bitnami/mariadb-galera/templates/role.yaml Normal file
View File

@@ -0,0 +1,18 @@
{{- if and .Values.serviceAccount.create .Values.rbac.create }}
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: {{ template "mariadb-galera.fullname" . }}
labels:
app.kubernetes.io/name: {{ include "mariadb-galera.name" . }}
helm.sh/chart: {{ include "mariadb-galera.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
rules:
- apiGroups:
- ""
resources:
- endpoints
verbs:
- get
{{- end }}

18
bitnami/mariadb-galera/templates/rolebinding.yaml Normal file
View File

@@ -0,0 +1,18 @@
{{- if and .Values.serviceAccount.create .Values.rbac.create }}
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: {{ template "mariadb-galera.fullname" . }}
labels:
app.kubernetes.io/name: {{ include "mariadb-galera.name" . }}
helm.sh/chart: {{ include "mariadb-galera.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
subjects:
- kind: ServiceAccount
name: {{ template "mariadb-galera.serviceAccountName" . }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: {{ template "mariadb-galera.fullname" . }}
{{- end }}

43
bitnami/mariadb-galera/templates/secrets.yaml Normal file
View File

@@ -0,0 +1,43 @@
{{- if (not .Values.existingSecret) -}}
apiVersion: v1
kind: Secret
metadata:
name: {{ template "mariadb-galera.fullname" . }}
labels:
app.kubernetes.io/name: {{ include "mariadb-galera.name" . }}
helm.sh/chart: {{ include "mariadb-galera.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
type: Opaque
data:
{{- if .Values.rootUser.password }}
mariadb-root-password: {{ .Values.rootUser.password | b64enc | quote }}
{{- else if (not .Values.rootUser.forcePassword) }}
mariadb-root-password: {{ randAlphaNum 10 | b64enc | quote }}
{{ else }}
mariadb-root-password: {{ required "A MariaDB Root Password is required!" .Values.rootUser.password }}
{{- end }}
{{- if .Values.db.user }}
{{- if .Values.db.password }}
mariadb-password: {{ .Values.db.password | b64enc | quote }}
{{- else if (not .Values.db.forcePassword) }}
mariadb-password: {{ randAlphaNum 10 | b64enc | quote }}
{{- else }}
mariadb-password: {{ required "A MariaDB Database Password is required!" .Values.db.password }}
{{- end }}
{{- end }}
{{- if .Values.galera.mariabackup.password }}
mariadb-galera-mariabackup-password: {{ .Values.galera.mariabackup.password | b64enc | quote }}
{{- else if (not .Values.galera.mariabackup.forcePassword) }}
mariadb-galera-mariabackup-password: {{ randAlphaNum 10 | b64enc | quote }}
{{ else }}
mariadb-galera-mariabackup-password: {{ required "A MariaBackup Password is required!" .Values.galera.mariabackup.password }}
{{- end }}
{{- if .Values.ldap.enabled }}
{{- if .Values.ldap.bindpw }}
ldap-bindpw: {{ .Values.ldap.bindpw | b64enc | quote }}
{{ else }}
ldap-bindpw: {{ required "LDAP Password is required!" .Values.ldap.bindpw }}
{{- end }}
{{- end }}
{{- end }}

11
bitnami/mariadb-galera/templates/serviceaccount.yaml Normal file
View File

@@ -0,0 +1,11 @@
{{- if .Values.serviceAccount.create }}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ template "mariadb-galera.serviceAccountName" . }}
labels:
app.kubernetes.io/name: {{ include "mariadb-galera.name" . }}
helm.sh/chart: {{ include "mariadb-galera.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}

33
bitnami/mariadb-galera/templates/servicemonitor.yaml Normal file
View File

@@ -0,0 +1,33 @@
{{- if and .Values.metrics.enabled .Values.metrics.serviceMonitor.enabled }}
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
name: {{ template "mariadb-galera.fullname" . }}
{{- if .Values.metrics.serviceMonitor.namespace }}
namespace: {{ .Values.metrics.serviceMonitor.namespace }}
{{- end }}
labels:
app.kubernetes.io/name: {{ include "mariadb-galera.name" . }}
helm.sh/chart: {{ include "mariadb-galera.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- range $key, $value := .Values.metrics.serviceMonitor.selector }}
{{ $key }}: {{ $value | quote }}
{{- end }}
spec:
selector:
matchLabels:
app.kubernetes.io/name: {{ include "mariadb-galera.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
endpoints:
- port: metrics
{{- if .Values.metrics.serviceMonitor.interval }}
interval: {{ .Values.metrics.serviceMonitor.interval }}
{{- end }}
{{- if .Values.metrics.serviceMonitor.scrapeTimeout }}
scrapeTimeout: {{ .Values.metrics.serviceMonitor.scrapeTimeout }}
{{- end }}
namespaceSelector:
matchNames:
- {{ .Release.Namespace }}
{{- end }}

284
bitnami/mariadb-galera/templates/statefulset.yaml Normal file
View File

@@ -0,0 +1,284 @@
apiVersion: apps/v1beta1
kind: StatefulSet
metadata:
name: {{ template "mariadb-galera.fullname" . }}
labels:
app.kubernetes.io/name: {{ include "mariadb-galera.name" . }}
helm.sh/chart: {{ include "mariadb-galera.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
spec:
replicas: {{ .Values.replicaCount }}
selector:
matchLabels:
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/name: {{ include "mariadb-galera.name" . }}
serviceName: {{ template "mariadb-galera.fullname" . }}
updateStrategy:
type: {{ .Values.updateStrategy.type }}
{{- if (eq "Recreate" .Values.updateStrategy.type) }}
rollingUpdate: null
{{- end }}
template:
metadata:
{{- if .Values.annotations }}
annotations:
{{- range $key, $value := .Values.annotations }}
{{ $key }}: '{{ $value }}'
{{- end }}
{{- end }}
labels:
app.kubernetes.io/name: {{ include "mariadb-galera.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
helm.sh/chart: {{ include "mariadb-galera.chart" . }}
spec:
{{- if .Values.schedulerName }}
schedulerName: {{ .Values.schedulerName | quote }}
{{- end }}
serviceAccountName: {{ template "mariadb-galera.serviceAccountName" . }}
{{- if .Values.securityContext.enabled }}
securityContext:
fsGroup: {{ .Values.securityContext.fsGroup }}
runAsUser: {{ .Values.securityContext.runAsUser }}
{{- end }}
affinity:
{{- with .Values.nodeAffinity }}
nodeAffinity: {{ tpl (toYaml .) $ | nindent 10 }}
{{- end }}
{{- if eq .Values.podAntiAffinity "hard" }}
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- topologyKey: "kubernetes.io/hostname"
labelSelector:
matchLabels:
app.kubernetes.io/name: {{ include "mariadb-galera.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- else if eq .Values.podAntiAffinity "soft" }}
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 1
podAffinityTerm:
topologyKey: "kubernetes.io/hostname"
labelSelector:
matchLabels:
app.kubernetes.io/name: {{ include "mariadb-galera.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}
{{- with .Values.podAffinity }}
podAffinity: {{ tpl (toYaml .) $ | nindent 10 }}
{{- end }}
{{- with .Values.nodeSelector }}
nodeSelector: {{ tpl (toYaml .) $ | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations: {{ tpl (toYaml .) $ | nindent 8 }}
{{- end }}
{{- include "mariadb-galera.imagePullSecrets" . | indent 6 }}
{{- if .Values.extraInitContainers }}
initContainers:
{{ tpl .Values.extraInitContainers . | indent 6}}
{{- end }}
containers:
- name: "mariadb-galera"
image: {{ template "mariadb-galera.image" . }}
imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
env:
{{- if .Values.image.debug}}
- name: BITNAMI_DEBUG
value: "true"
{{- end }}
- name: MARIADB_GALERA_CLUSTER_NAME
value: {{ .Values.galera.name | quote }}
- name: MARIADB_GALERA_CLUSTER_ADDRESS
value: "gcomm://{{ template "mariadb-galera.fullname" . }}-headless.{{ .Release.Namespace }}.svc.cluster.local"
- name: MARIADB_ROOT_PASSWORD
valueFrom:
secretKeyRef:
{{- if .Values.existingSecret }}
name: {{ .Values.existingSecret }}
{{- else }}
name: {{ template "mariadb-galera.fullname" . }}
{{- end }}
key: mariadb-root-password
{{- if .Values.db.user }}
- name: MARIADB_USER
value: {{ .Values.db.user | quote }}
- name: MARIADB_PASSWORD
valueFrom:
secretKeyRef:
{{- if .Values.existingSecret }}
name: {{ .Values.existingSecret }}
{{- else }}
name: {{ template "mariadb-galera.fullname" . }}
{{- end }}
key: mariadb-password
{{- end }}
- name: MARIADB_DATABASE
value: {{ .Values.db.name | quote }}
- name: MARIADB_GALERA_MARIABACKUP_USER
value: {{ .Values.galera.mariabackup.user }}
- name: MARIADB_GALERA_MARIABACKUP_PASSWORD
valueFrom:
secretKeyRef:
{{- if .Values.existingSecret }}
name: {{ .Values.existingSecret }}
{{- else }}
name: {{ template "mariadb-galera.fullname" . }}
{{- end }}
key: mariadb-galera-mariabackup-password
{{- if .Values.ldap.enabled }}
- name: MARIADB_LDAP_URI
{{- if .Values.ldap.uri }}
value: {{ .Values.ldap.uri }}
{{ else }}
value: {{ required "LDAP uri is required!" .Values.ldap.uri }}
{{- end }}
- name: MARIADB_LDAP_BASE
{{- if .Values.ldap.base }}
value: {{ .Values.ldap.base }}
{{ else }}
value: {{ required "LDAP base is required!" .Values.ldap.base }}
{{- end }}
- name: MARIADB_LDAP_BIND_DN
{{- if .Values.ldap.binddn }}
value: {{ .Values.ldap.binddn }}
{{ else }}
value: {{ required "LDAP binddn is required!" .Values.ldap.binddn }}
{{- end }}
- name: MARIADB_LDAP_BIND_PASSWORD
valueFrom:
secretKeyRef:
{{- if .Values.existingSecret }}
name: {{ .Values.existingSecret }}
{{- else }}
name: {{ template "mariadb-galera.fullname" . }}
{{- end }}
key: ldap-bindpw
- name: MARIADB_LDAP_BASE_LOOKUP
value: {{ .Values.ldap.bslookup }}
{{- end }}
{{- if .Values.extraFlags }}
- name: MARIADB_EXTRA_FLAGS
value: {{ .Values.extraFlags | quote }}
{{- end }}
ports:
- name: mysql
containerPort: 3306
- name: galera
containerPort: 4567
- name: ist
containerPort: 4568
- name: sst
containerPort: 4444
{{- if .Values.livenessProbe.enabled }}
livenessProbe:
exec:
command: ["sh", "-c", "exec mysqladmin status -uroot -p$MARIADB_ROOT_PASSWORD"]
initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.livenessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }}
successThreshold: {{ .Values.livenessProbe.successThreshold }}
failureThreshold: {{ .Values.livenessProbe.failureThreshold }}
{{- end }}
{{- if .Values.readinessProbe.enabled }}
readinessProbe:
exec:
command: ["sh", "-c", "exec mysqladmin status -uroot -p$MARIADB_ROOT_PASSWORD"]
initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.readinessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }}
successThreshold: {{ .Values.readinessProbe.successThreshold }}
failureThreshold: {{ .Values.readinessProbe.failureThreshold }}
{{- end }}
resources:
{{ toYaml .Values.resources | indent 10 }}
volumeMounts:
- name: data
mountPath: {{ .Values.persistence.mountPath }}
{{- if .Values.persistence.subPath }}
subPath: {{ .Values.persistence.subPath }}
{{- end }}
{{- if or (.Files.Glob "files/docker-entrypoint-initdb.d/*.{sh,sql,sql.gz}") .Values.initdbScriptsConfigMap .Values.initdbScripts }}
- name: custom-init-scripts
mountPath: /docker-entrypoint-initdb.d
{{- end }}
{{- if or (.Files.Glob "files/my.cnf") .Values.mariadbConfiguration .Values.configurationConfigMap }}
- name: mariadb-galera-config
mountPath: /opt/bitnami/mariadb/conf/my.cnf
subPath: my.cnf
{{- end }}
{{- if .Values.metrics.enabled }}
- name: metrics
image: {{ template "mariadb-galera.metrics.image" . }}
imagePullPolicy: {{ .Values.metrics.image.pullPolicy | quote }}
env:
- name: MARIADB_ROOT_PASSWORD
valueFrom:
secretKeyRef:
{{- if .Values.existingSecret }}
name: {{ .Values.existingSecret }}
{{- else }}
name: {{ template "mariadb-galera.fullname" . }}
{{- end }}
key: mariadb-root-password
command: [ 'sh', '-c', 'DATA_SOURCE_NAME="root:$MARIADB_ROOT_PASSWORD@(localhost:3306)/" /bin/mysqld_exporter' ]
ports:
- name: metrics
containerPort: 9104
livenessProbe:
httpGet:
path: /metrics
port: metrics
initialDelaySeconds: 30
timeoutSeconds: 5
readinessProbe:
httpGet:
path: /metrics
port: metrics
initialDelaySeconds: 5
timeoutSeconds: 1
resources:
{{ toYaml .Values.metrics.resources | indent 10 }}
{{- end }}
volumes:
{{- if or (.Files.Glob "files/my.cnf") .Values.mariadbConfiguration .Values.configurationConfigMap }}
- name: mariadb-galera-config
configMap:
name: {{ template "mariadb-galera.configurationCM" . }}
{{- end }}
{{- if or (.Files.Glob "files/docker-entrypoint-initdb.d/*.{sh,sql,sql.gz}") .Values.initdbScriptsConfigMap .Values.initdbScripts }}
- name: custom-init-scripts
configMap:
name: {{ template "mariadb-galera.initdbScriptsCM" . }}
{{- end }}
{{- if and .Values.persistence.enabled .Values.persistence.existingClaim }}
- name: data
persistentVolumeClaim:
claimName: {{ .Values.persistence.existingClaim }}
{{- else if not .Values.persistence.enabled }}
- name: data
emptyDir: {}
{{- else if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }}
volumeClaimTemplates:
- metadata:
name: data
labels:
app.kubernetes.io/name: {{ include "mariadb-galera.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
spec:
accessModes:
{{- range .Values.persistence.accessModes }}
- {{ . | quote }}
{{- end }}
resources:
requests:
storage: {{ .Values.persistence.size | quote }}
{{- if .Values.persistence.storageClass }}
{{- if (eq "-" .Values.persistence.storageClass) }}
storageClassName: ""
{{- else }}
storageClassName: {{ .Values.persistence.storageClass | quote }}
{{- end }}
{{- end }}
{{- end }}

35
bitnami/mariadb-galera/templates/svc.yaml Normal file
View File

@@ -0,0 +1,35 @@
apiVersion: v1
kind: Service
metadata:
name: {{ template "mariadb-galera.fullname" . }}
labels:
app.kubernetes.io/name: {{ include "mariadb-galera.name" . }}
helm.sh/chart: {{ include "mariadb-galera.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- with .Values.service.annotations }}
annotations: {{ toYaml . | nindent 4 }}
{{- end }}
spec:
type: {{ .Values.service.type }}
{{- if and .Values.service.loadBalancerIP (eq .Values.service.type "LoadBalancer") }}
loadBalancerIP: {{ .Values.service.loadBalancerIP }}
{{- end }}
{{- if and (eq .Values.service.type "LoadBalancer") .Values.service.loadBalancerSourceRanges }}
{{- with .Values.service.loadBalancerSourceRanges }}
loadBalancerSourceRanges: {{ toYaml . | nindent 4 }}
{{- end }}
{{- end }}
{{- if and (eq .Values.service.type "ClusterIP") .Values.service.clusterIP }}
clusterIP: {{ .Values.service.clusterIP }}
{{- end }}
ports:
- name: mysql
port: {{ .Values.service.port }}
targetPort: mysql
{{- if and .Values.service.nodePort (or (eq .Values.service.type "NodePort") (eq .Values.service.type "LoadBalancer")) }}
nodePort: {{ .Values.service.nodePort }}
{{- end }}
selector:
app.kubernetes.io/name: {{ include "mariadb-galera.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}

48
bitnami/mariadb-galera/templates/test-runner.yaml Normal file
View File

@@ -0,0 +1,48 @@
apiVersion: v1
kind: Pod
metadata:
name: {{ template "mariadb-galera.fullname" . }}-test-{{ randAlphaNum 5 | lower }}
annotations:
"helm.sh/hook": test-success
spec:
initContainers:
- name: "test-framework"
image: "dduportal/bats:0.4.0"
command:
- "bash"
- "-c"
- |
set -ex
# copy bats to tools dir
cp -R /usr/local/libexec/ /tools/bats/
volumeMounts:
- mountPath: /tools
name: tools
containers:
- name: mariadb-galera-test
image: {{ template "mariadb-galera.image" . }}
imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
command: ["/tools/bats/bats", "-t", "/tests/run.sh"]
env:
- name: MARIADB_ROOT_PASSWORD
valueFrom:
secretKeyRef:
{{- if .Values.existingSecret }}
name: {{ .Values.existingSecret }}
{{- else }}
name: {{ template "mariadb-galera.fullname" . }}
{{- end }}
key: mariadb-galera-root-password
volumeMounts:
- mountPath: /tests
name: tests
readOnly: true
- mountPath: /tools
name: tools
volumes:
- name: tests
configMap:
name: {{ template "mariadb-galera.fullname" . }}-tests
- name: tools
emptyDir: {}
restartPolicy: Never

9
bitnami/mariadb-galera/templates/tests.yaml Normal file
View File

@@ -0,0 +1,9 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ template "mariadb-galera.fullname" . }}-tests
data:
run.sh: |-
@test "Testing MariaDB is accessible" {
mysql -h {{ template "mariadb-galera.fullname" . }} -uroot -p$MARIADB_ROOT_PASSWORD -e 'show databases;'
}

434
bitnami/mariadb-galera/values-production.yaml Normal file
View File

@@ -0,0 +1,434 @@
## Global Docker image parameters
## Please, note that this will override the image parameters, including dependencies, configured to use the global value
## Current available global Docker image parameters: imageRegistry and imagePullSecrets
##
# global:
# imageRegistry: myRegistryName
# imagePullSecrets:
# - myRegistryKeySecretName
## Bitnami MariaDB Galera image
## ref: https://hub.docker.com/r/bitnami/mariadb-galera/tags/
##
image:
registry: docker.io
repository: bitnami/mariadb-galera
tag: 10.3.17-debian-9-r8
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
# pullSecrets:
# - myRegistryKeySecretName
## Set to true if you would like to see extra information on logs
## It turns BASH debugging in minideb-extras-base
##
debug: false
## String to partially override mariadb-galera.fullname template (will maintain the release name)
##
# nameOverride:
## String to fully override mariadb-galera.fullname template
##
# fullnameOverride:
## Use an alternate scheduler, e.g. "stork".
## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
##
# schedulerName:
## MariaDB Gallera K8s svc properties
##
service:
## Kubernetes service type and port number
##
type: ClusterIP
port: 3306
# clusterIP: None
## Specify the nodePort value for the LoadBalancer and NodePort service types.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
##
# nodePort: 30001
## Set the LoadBalancer service type to internal only.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
##
# loadBalancerIP:
## Load Balancer sources
## https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
##
# loadBalancerSourceRanges:
# - 10.10.10.0/24
## Provide any additional annotations which may be required. This can be used to
## set the LoadBalancer service type to internal only.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
##
annotations: {}
## Pods Service Account
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
##
serviceAccount:
## Specifies whether a ServiceAccount should be created
##
create: false
## The name of the ServiceAccount to use.
## If not set and create is true, a name is generated using the mariadb.fullname template
# name:
## Role Based Access
## Ref: https://kubernetes.io/docs/admin/authorization/rbac/
##
rbac:
create: false
## Pod Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
##
securityContext:
enabled: false
fsGroup: 1001
runAsUser: 1001
## Use existing secret (ignores rootUser.password, db.password, and galera.mariabackup.password)
##
# existingSecret:
rootUser:
## MariaDB admin password
## Password is ignored if existingSecret is specified.
## ref: https://github.com/bitnami/bitnami-docker-mariadb-galera#setting-the-root-password-on-first-run
##
password:
## Option to force users to specify a password. That is required for 'helm upgrade' to work properly.
## If it is not force, a random password will be generated.
##
forcePassword: true
## Custom db configuration
##
db:
## MariaDB username and password
## Password is ignored if existingSecret is specified.
## ref: https://github.com/bitnami/bitnami-docker-mariadb-galera#creating-a-database-user-on-first-run
##
user:
password:
## Database to create
## ref: https://github.com/bitnami/bitnami-docker-mariadb-galera#creating-a-database-on-first-run
##
name: my_database
## Option to force users to specify a password. That is required for 'helm upgrade' to work properly.
## If it is not force, a random password will be generated.
##
forcePassword: true
## Galera configuration
##
galera:
## Galera cluster name
##
name: galera
mariabackup:
## MariaBackup username and password
## Password is ignored if existingSecret is specified.
## ref: https://github.com/bitnami/bitnami-docker-mariadb-galera#setting-up-a-multi-master-cluster
##
user: mariabackup
password:
## Option to force users to specify a password. That is required for 'helm upgrade' to work properly.
## If it is not force, a random password will be generated.
##
forcePassword: true
## LDAP configuration
##
ldap:
## Enable LDAP support
##
enabled: false
# uri:
# base:
# binddn:
# bindpw:
# bslookup:
## Configure MariaDB with a custom my.cnf file
## ref: https://mysql.com/kb/en/mysql/configuring-mysql-with-mycnf/#example-of-configuration-file
## Alternatively, you can put your my.cnf under the files/ directory
##
mariadbConfiguration: |-
[client]
port=3306
socket=/opt/bitnami/mariadb/tmp/mysql.sock
[mysqld]
default-storage-engine=InnoDB
basedir=/opt/bitnami/mariadb
datadir=/bitnami/mariadb/data
tmpdir=/opt/bitnami/mariadb/tmp
socket=/opt/bitnami/mariadb/tmp/mysql.sock
pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid
bind-address=0.0.0.0
## Character set
collation-server=utf8_unicode_ci
init-connect='SET NAMES utf8'
character-set-server=utf8
## MyISAM
key-buffer-size=32M
myisam-recover-options=FORCE,BACKUP
## safety
skip-host-cache
skip-name-resolve
max-allowed-packet=16M
max-connect-errors=1000000
sql-mode=STRICT_TRANS_TABLES,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_AUTO_VALUE_ON_ZERO,NO_ENGINE_SUBSTITUTION,NO_ZERO_DATE,NO_ZERO_IN_DATE,ONLY_FULL_GROUP_BY
sysdate-is-now=1
innodb=FORCE
innodb-strict-mode=1
innodb_file_per_table=1
# Mandatory per https://github.com/codership/documentation/issues/25
innodb-autoinc-lock-mode=2
# Per https://www.percona.com/blog/2006/08/04/innodb-double-write/
innodb-doublewrite=1
# Not fully ACID compliant, up to 1sec transaction loss in the event of total cluster failure (across both regions)
# Enabled for performance per https://mariadb.com/kb/en/mariadb/getting-started-with-mariadb-galera-cluster/
innodb_flush_log_at_trx_commit=0
## binary logging
log-bin=mysql-bin
expire-logs-days=14
# Disabling for performance per http://severalnines.com/blog/9-tips-going-production-galera-cluster-mysql
sync-binlog=0
# Required for Galera
binlog-format=row
## Caches and limits
tmp-table-size=32M
max-heap-table-size=32M
# Re-enabling as now works with Maria 10.1.2
query-cache-type=1
query-cache-limit=4M
query-cache-size=256M
max-connections=500
thread-cache-size=50
open-files-limit=65535
table-definition-cache=4096
table-open-cache=4096
## innodb
innodb-flush-method=O_DIRECT
innodb-log-files-in-group=2
innodb-log-file-size=128M
innodb-flush-log-at-trx-commit=1
innodb-file-per-table=1
# 80% Memory is default reco.
# Need to re-evaluate when DB size grows
innodb-buffer-pool-size=2G
innodb_file_format=Barracuda
## logging
log-error=/opt/bitnami/mariadb/logs/mysqld.log
slow-query-log-file=/opt/bitnami/mariadb/logs/mysqld.log
log-queries-not-using-indexes=1
slow-query-log=1
[galera]
wsrep_on=ON
wsrep_provider=/opt/bitnami/mariadb/lib/libgalera_smm.so
wsrep_sst_method=mariabackup
wsrep_slave_threads=4
wsrep_cluster_address=gcomm://
wsrep_cluster_name=galera
wsrep_sst_auth="root:"
innodb-flush-log-at-trx-commit=2
# MYISAM REPLICATION SUPPORT #
wsrep_replicate_myisam=ON
[mariadb]
plugin_load_add=auth_pam
## ConfigMap with MariaDB configuration
## NOTE: This will override mariadbConfiguration
# configurationConfigMap:
## initdb scripts
## Specify dictionary of scripts to be run at first boot
## Alternatively, you can put your scripts under the files/docker-entrypoint-initdb.d directory
##
# initdbScripts:
# my_init_script.sh: |
# #!/bin/sh
# echo "Do something."
## ConfigMap with scripts to be run at first boot
## Note: This will override initdbScripts
# initdbScriptsConfigMap:
## MariaDB additional command line flags
## Can be used to specify command line flags, for example:
##
## extraFlags: "--max-connect-errors=1000 --max_connections=155"
## Mariadb Master additional pod annotations
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
# annotations:
# - key: key1
# value: value1
## Desired number of cluster nodes
##
replicaCount: 3
## updateStrategy for MariaDB Master StatefulSet
## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies
##
updateStrategy:
type: RollingUpdate
## Node Affinity. The value is evaluated as a template.
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#node-affinity
##
nodeAffinity: {}
## Pod AntiAffinity
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
##
podAntiAffinity: soft
## Pod Affinity. The value is evaluated as a template.
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
##
podAffinity: {}
## Node labels for pod assignment
## Ref: https://kubernetes.io/docs/user-guide/node-selection/
##
nodeSelector: {}
## Tolerations for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []
## Enable persistence using Persistent Volume Claims
## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
##
persistence:
## If true, use a Persistent Volume Claim, If false, use emptyDir
##
enabled: true
# Enable persistence using an existing PVC
# existingClaim:
# Subdirectory of the volume to mount
# subPath:
mountPath: /bitnami/mariadb
## Persistent Volume Storage Class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
## If undefined (the default) or set to null, no storageClassName spec is
## set, choosing the default provisioner. (gp2 on AWS, standard on
## GKE, AWS & OpenStack)
##
# storageClass: "-"
## Persistent Volume Claim annotations
##
annotations: {}
## Persistent Volume Access Mode
##
accessModes:
- ReadWriteOnce
## Persistent Volume size
##
size: 8Gi
##
## Additional init containers
##
# extraInitContainers: |
# - name: do-something
# image: busybox
# command: ['do', 'something']
## Configure resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources: {}
## Liveness and readiness probes configuration
##
livenessProbe:
enabled: true
## Initializing the database could take some time
##
initialDelaySeconds: 120
periodSeconds: 10
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 3
readinessProbe:
enabled: true
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 3
## Pod disruption budget configuration
##
podDisruptionBudget:
## Specifies whether a Pod disruption budget should be created
##
create: false
minAvailable: 1
# maxUnavailable: 1
## Prometheus exporter configuration
##
metrics:
enabled: true
image:
registry: docker.io
repository: bitnami/mysqld-exporter
tag: 0.12.1-debian-9-r14
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
# pullSecrets:
# - myRegistryKeySecretName
resources: {}
service:
type: ClusterIP
port: 9104
annotations:
prometheus.io/scrape: "true"
prometheus.io/port: "9104"
# Enable this if you're using https://github.com/coreos/prometheus-operator
serviceMonitor:
enabled: false
## Specify a namespace if needed
# namespace: monitoring
# fallback to the prometheus default unless specified
# interval: 10s
# scrapeTimeout: 10s
## Defaults to what's used if you follow CoreOS [Prometheus Install Instructions](https://github.com/helm/charts/tree/master/stable/prometheus-operator#tldr)
## [Prometheus Selector Label](https://github.com/helm/charts/tree/master/stable/prometheus-operator#prometheus-operator-1)
## [Kube Prometheus Selector Label](https://github.com/helm/charts/tree/master/stable/prometheus-operator#exporters)
selector:
prometheus: kube-prometheus

434
bitnami/mariadb-galera/values.yaml Normal file
View File

@@ -0,0 +1,434 @@
## Global Docker image parameters
## Please, note that this will override the image parameters, including dependencies, configured to use the global value
## Current available global Docker image parameters: imageRegistry and imagePullSecrets
##
# global:
# imageRegistry: myRegistryName
# imagePullSecrets:
# - myRegistryKeySecretName
## Bitnami MariaDB Galera image
## ref: https://hub.docker.com/r/bitnami/mariadb-galera/tags/
##
image:
registry: docker.io
repository: bitnami/mariadb-galera
tag: 10.3.17-debian-9-r8
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
# pullSecrets:
# - myRegistryKeySecretName
## Set to true if you would like to see extra information on logs
## It turns BASH debugging in minideb-extras-base
##
debug: false
## String to partially override mariadb-galera.fullname template (will maintain the release name)
##
# nameOverride:
## String to fully override mariadb-galera.fullname template
##
# fullnameOverride:
## Use an alternate scheduler, e.g. "stork".
## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
##
# schedulerName:
## MariaDB Gallera K8s svc properties
##
service:
## Kubernetes service type and port number
##
type: ClusterIP
port: 3306
# clusterIP: None
## Specify the nodePort value for the LoadBalancer and NodePort service types.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
##
# nodePort: 30001
## Set the LoadBalancer service type to internal only.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
##
# loadBalancerIP:
## Load Balancer sources
## https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
##
# loadBalancerSourceRanges:
# - 10.10.10.0/24
## Provide any additional annotations which may be required. This can be used to
## set the LoadBalancer service type to internal only.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
##
annotations: {}
## Pods Service Account
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
##
serviceAccount:
## Specifies whether a ServiceAccount should be created
##
create: false
## The name of the ServiceAccount to use.
## If not set and create is true, a name is generated using the mariadb.fullname template
# name:
## Role Based Access
## Ref: https://kubernetes.io/docs/admin/authorization/rbac/
##
rbac:
create: false
## Pod Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
##
securityContext:
enabled: false
fsGroup: 1001
runAsUser: 1001
## Use existing secret (ignores rootUser.password, db.password, and galera.mariabackup.password)
##
# existingSecret:
rootUser:
## MariaDB admin password
## Password is ignored if existingSecret is specified.
## ref: https://github.com/bitnami/bitnami-docker-mariadb-galera#setting-the-root-password-on-first-run
##
password:
## Option to force users to specify a password. That is required for 'helm upgrade' to work properly.
## If it is not force, a random password will be generated.
##
forcePassword: false
## Custom db configuration
##
db:
## MariaDB username and password
## Password is ignored if existingSecret is specified.
## ref: https://github.com/bitnami/bitnami-docker-mariadb-galera#creating-a-database-user-on-first-run
##
user:
password:
## Database to create
## ref: https://github.com/bitnami/bitnami-docker-mariadb-galera#creating-a-database-on-first-run
##
name: my_database
## Option to force users to specify a password. That is required for 'helm upgrade' to work properly.
## If it is not force, a random password will be generated.
##
forcePassword: false
## Galera configuration
##
galera:
## Galera cluster name
##
name: galera
mariabackup:
## MariaBackup username and password
## Password is ignored if existingSecret is specified.
## ref: https://github.com/bitnami/bitnami-docker-mariadb-galera#setting-up-a-multi-master-cluster
##
user: mariabackup
password:
## Option to force users to specify a password. That is required for 'helm upgrade' to work properly.
## If it is not force, a random password will be generated.
##
forcePassword: false
## LDAP configuration
##
ldap:
## Enable LDAP support
##
enabled: false
# uri:
# base:
# binddn:
# bindpw:
# bslookup:
## Configure MariaDB with a custom my.cnf file
## ref: https://mysql.com/kb/en/mysql/configuring-mysql-with-mycnf/#example-of-configuration-file
## Alternatively, you can put your my.cnf under the files/ directory
##
mariadbConfiguration: |-
[client]
port=3306
socket=/opt/bitnami/mariadb/tmp/mysql.sock
[mysqld]
default-storage-engine=InnoDB
basedir=/opt/bitnami/mariadb
datadir=/bitnami/mariadb/data
tmpdir=/opt/bitnami/mariadb/tmp
socket=/opt/bitnami/mariadb/tmp/mysql.sock
pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid
bind-address=0.0.0.0
## Character set
collation-server=utf8_unicode_ci
init-connect='SET NAMES utf8'
character-set-server=utf8
## MyISAM
key-buffer-size=32M
myisam-recover-options=FORCE,BACKUP
## safety
skip-host-cache
skip-name-resolve
max-allowed-packet=16M
max-connect-errors=1000000
sql-mode=STRICT_TRANS_TABLES,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_AUTO_VALUE_ON_ZERO,NO_ENGINE_SUBSTITUTION,NO_ZERO_DATE,NO_ZERO_IN_DATE,ONLY_FULL_GROUP_BY
sysdate-is-now=1
innodb=FORCE
innodb-strict-mode=1
innodb_file_per_table=1
# Mandatory per https://github.com/codership/documentation/issues/25
innodb-autoinc-lock-mode=2
# Per https://www.percona.com/blog/2006/08/04/innodb-double-write/
innodb-doublewrite=1
# Not fully ACID compliant, up to 1sec transaction loss in the event of total cluster failure (across both regions)
# Enabled for performance per https://mariadb.com/kb/en/mariadb/getting-started-with-mariadb-galera-cluster/
innodb_flush_log_at_trx_commit=0
## binary logging
log-bin=mysql-bin
expire-logs-days=14
# Disabling for performance per http://severalnines.com/blog/9-tips-going-production-galera-cluster-mysql
sync-binlog=0
# Required for Galera
binlog-format=row
## Caches and limits
tmp-table-size=32M
max-heap-table-size=32M
# Re-enabling as now works with Maria 10.1.2
query-cache-type=1
query-cache-limit=4M
query-cache-size=256M
max-connections=500
thread-cache-size=50
open-files-limit=65535
table-definition-cache=4096
table-open-cache=4096
## innodb
innodb-flush-method=O_DIRECT
innodb-log-files-in-group=2
innodb-log-file-size=128M
innodb-flush-log-at-trx-commit=1
innodb-file-per-table=1
# 80% Memory is default reco.
# Need to re-evaluate when DB size grows
innodb-buffer-pool-size=2G
innodb_file_format=Barracuda
## logging
log-error=/opt/bitnami/mariadb/logs/mysqld.log
slow-query-log-file=/opt/bitnami/mariadb/logs/mysqld.log
log-queries-not-using-indexes=1
slow-query-log=1
[galera]
wsrep_on=ON
wsrep_provider=/opt/bitnami/mariadb/lib/libgalera_smm.so
wsrep_sst_method=mariabackup
wsrep_slave_threads=4
wsrep_cluster_address=gcomm://
wsrep_cluster_name=galera
wsrep_sst_auth="root:"
innodb-flush-log-at-trx-commit=2
# MYISAM REPLICATION SUPPORT #
wsrep_replicate_myisam=ON
[mariadb]
plugin_load_add=auth_pam
## ConfigMap with MariaDB configuration
## NOTE: This will override mariadbConfiguration
# configurationConfigMap:
## initdb scripts
## Specify dictionary of scripts to be run at first boot
## Alternatively, you can put your scripts under the files/docker-entrypoint-initdb.d directory
##
# initdbScripts:
# my_init_script.sh: |
# #!/bin/sh
# echo "Do something."
## ConfigMap with scripts to be run at first boot
## Note: This will override initdbScripts
# initdbScriptsConfigMap:
## MariaDB additional command line flags
## Can be used to specify command line flags, for example:
##
## extraFlags: "--max-connect-errors=1000 --max_connections=155"
## Mariadb Master additional pod annotations
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
# annotations:
# - key: key1
# value: value1
## Desired number of cluster nodes
##
replicaCount: 3
## updateStrategy for MariaDB Master StatefulSet
## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies
##
updateStrategy:
type: RollingUpdate
## Node Affinity. The value is evaluated as a template.
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#node-affinity
##
nodeAffinity: {}
## Pod AntiAffinity
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
##
podAntiAffinity: soft
## Pod Affinity. The value is evaluated as a template.
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
##
podAffinity: {}
## Node labels for pod assignment
## Ref: https://kubernetes.io/docs/user-guide/node-selection/
##
nodeSelector: {}
## Tolerations for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []
## Enable persistence using Persistent Volume Claims
## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
##
persistence:
## If true, use a Persistent Volume Claim, If false, use emptyDir
##
enabled: true
# Enable persistence using an existing PVC
# existingClaim:
# Subdirectory of the volume to mount
# subPath:
mountPath: /bitnami/mariadb
## Persistent Volume Storage Class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
## If undefined (the default) or set to null, no storageClassName spec is
## set, choosing the default provisioner. (gp2 on AWS, standard on
## GKE, AWS & OpenStack)
##
# storageClass: "-"
## Persistent Volume Claim annotations
##
annotations: {}
## Persistent Volume Access Mode
##
accessModes:
- ReadWriteOnce
## Persistent Volume size
##
size: 8Gi
##
## Additional init containers
##
# extraInitContainers: |
# - name: do-something
# image: busybox
# command: ['do', 'something']
## Configure resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources: {}
## Liveness and readiness probes configuration
##
livenessProbe:
enabled: true
## Initializing the database could take some time
##
initialDelaySeconds: 120
periodSeconds: 10
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 3
readinessProbe:
enabled: true
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 3
## Pod disruption budget configuration
##
podDisruptionBudget:
## Specifies whether a Pod disruption budget should be created
##
create: false
minAvailable: 1
# maxUnavailable: 1
## Prometheus exporter configuration
##
metrics:
enabled: false
image:
registry: docker.io
repository: bitnami/mysqld-exporter
tag: 0.12.1-debian-9-r14
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
# pullSecrets:
# - myRegistryKeySecretName
resources: {}
service:
type: ClusterIP
port: 9104
annotations:
prometheus.io/scrape: "true"
prometheus.io/port: "9104"
# Enable this if you're using https://github.com/coreos/prometheus-operator
serviceMonitor:
enabled: false
## Specify a namespace if needed
# namespace: monitoring
# fallback to the prometheus default unless specified
# interval: 10s
# scrapeTimeout: 10s
## Defaults to what's used if you follow CoreOS [Prometheus Install Instructions](https://github.com/helm/charts/tree/master/stable/prometheus-operator#tldr)
## [Prometheus Selector Label](https://github.com/helm/charts/tree/master/stable/prometheus-operator#prometheus-operator-1)
## [Kube Prometheus Selector Label](https://github.com/helm/charts/tree/master/stable/prometheus-operator#exporters)
selector:
prometheus: kube-prometheus