diff --git a/bitnami/mariadb-galera/Chart.yaml b/bitnami/mariadb-galera/Chart.yaml index 6009278fc4..7ab4b4a45f 100644 --- a/bitnami/mariadb-galera/Chart.yaml +++ b/bitnami/mariadb-galera/Chart.yaml @@ -22,4 +22,4 @@ sources: - https://github.com/bitnami/bitnami-docker-mariadb-galera - https://github.com/prometheus/mysqld_exporter - https://mariadb.org -version: 5.0.1 +version: 5.1.0 diff --git a/bitnami/mariadb-galera/README.md b/bitnami/mariadb-galera/README.md index 463a286ebe..158ce47939 100644 --- a/bitnami/mariadb-galera/README.md +++ b/bitnami/mariadb-galera/README.md @@ -89,7 +89,8 @@ The following table lists the configurable parameters of the MariaDB Galera char | `securityContext.fsGroup` | Group ID for the container filesystem | `1001` | | `securityContext.runAsUser` | User ID for the container | `1001` | | `existingSecret` | Use existing secret for password details (`rootUser.password`, `db.password`, `galera.mariabackup.password` will be ignored and picked up from this secret). The secret has to contain the keys mariadb-root-password, mariadb-galera-mariabackup-password and mariadb-password. | `nil` | -| `rootUser.password` | Password for the `root` user. Ignored if existing secret is provided. | _random 10 character alphanumeric string_ | +| `rootUser.user` | Username for the admin user. | `root` | +| `rootUser.password` | Password for the admin user. Ignored if existing secret is provided. | _random 10 character alphanumeric string_ | | `rootUser.forcePassword` | Force users to specify a password | `false` | | `db.user` | Username of new user to create | `nil` | | `db.password` | Password for the new user. Ignored if existing secret is provided. | _random 10 character alphanumeric string if `db.user` is defined_ | diff --git a/bitnami/mariadb-galera/templates/NOTES.txt b/bitnami/mariadb-galera/templates/NOTES.txt index da1c80bec8..c85a7c60e2 100644 --- a/bitnami/mariadb-galera/templates/NOTES.txt +++ b/bitnami/mariadb-galera/templates/NOTES.txt @@ -11,14 +11,14 @@ MariaDB can be accessed via port "{{ .Values.service.port }}" on the following D {{ template "mariadb-galera.fullname" . }}.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }} -To obtain the password for the MariaDB "root" user run the following command: +To obtain the password for the MariaDB admin user run the following command: echo "$(kubectl get secret --namespace {{ .Release.Namespace }} {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{ else }}{{ template "mariadb-galera.fullname" . }}{{ end }} -o jsonpath="{.data.mariadb-root-password}" | base64 --decode)" To connect to your database run the following command: kubectl run {{ template "mariadb-galera.fullname" . }}-client --rm --tty -i --restart='Never' --namespace {{ .Release.Namespace }} --image {{ template "mariadb-galera.image" . }} --command \ - -- mysql -h {{ template "mariadb-galera.fullname" . }} -P {{ .Values.service.port }} -u{{ if .Values.db.user }}{{ .Values.db.user }}{{ else }}root{{ end }} -p{{ if .Values.db.user }}$(kubectl get secret --namespace {{ .Release.Namespace }} {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{ else }}{{ template "mariadb-galera.fullname" . }}{{ end }} -o jsonpath="{.data.mariadb-password}" | base64 --decode){{ else }}$(kubectl get secret --namespace {{ .Release.Namespace }} {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{ else }}{{ template "mariadb-galera.fullname" . }}{{ end }} -o jsonpath="{.data.mariadb-root-password}" | base64 --decode){{ end }} {{ .Values.db.name }} + -- mysql -h {{ template "mariadb-galera.fullname" . }} -P {{ .Values.service.port }} -u{{ if .Values.db.user }}{{ .Values.db.user }}{{ else }}{{ .Values.rootUser.user }}{{ end }} -p{{ if .Values.db.user }}$(kubectl get secret --namespace {{ .Release.Namespace }} {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{ else }}{{ template "mariadb-galera.fullname" . }}{{ end }} -o jsonpath="{.data.mariadb-password}" | base64 --decode){{ else }}$(kubectl get secret --namespace {{ .Release.Namespace }} {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{ else }}{{ template "mariadb-galera.fullname" . }}{{ end }} -o jsonpath="{.data.mariadb-root-password}" | base64 --decode){{ end }} {{ .Values.db.name }} To connect to your database from outside the cluster execute the following commands: @@ -26,7 +26,7 @@ To connect to your database from outside the cluster execute the following comma export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "mariadb-galera.fullname" . }}) - mysql -h $NODE_IP -P $NODE_PORT -u{{ if .Values.db.user }}{{ .Values.db.user }}{{ else }}root{{ end }} -p{{ if .Values.db.user }}$(kubectl get secret --namespace {{ .Release.Namespace }} {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{ else }}{{ template "mariadb-galera.fullname" . }}{{ end }} -o jsonpath="{.data.mariadb-password}" | base64 --decode){{ else }}$(kubectl get secret --namespace {{ .Release.Namespace }} {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{ else }}{{ template "mariadb-galera.fullname" . }}{{ end }} -o jsonpath="{.data.mariadb-root-password}" | base64 --decode){{ end }} {{ .Values.db.name }} + mysql -h $NODE_IP -P $NODE_PORT -u{{ if .Values.db.user }}{{ .Values.db.user }}{{ else }}{{ .Values.rootUser.user }}{{ end }} -p{{ if .Values.db.user }}$(kubectl get secret --namespace {{ .Release.Namespace }} {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{ else }}{{ template "mariadb-galera.fullname" . }}{{ end }} -o jsonpath="{.data.mariadb-password}" | base64 --decode){{ else }}$(kubectl get secret --namespace {{ .Release.Namespace }} {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{ else }}{{ template "mariadb-galera.fullname" . }}{{ end }} -o jsonpath="{.data.mariadb-root-password}" | base64 --decode){{ end }} {{ .Values.db.name }} {{- else if contains "LoadBalancer" .Values.service.type }} @@ -34,12 +34,12 @@ To connect to your database from outside the cluster execute the following comma Watch the status with: 'kubectl get svc --namespace {{ .Release.Namespace }} -w {{ template "mariadb-galera.fullname" . }}' export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "mariadb-galera.fullname" . }} --template "{{ "{{ range (index .status.loadBalancer.ingress 0) }}{{ . }}{{ end }}" }}") - mysql -h $SERVICE_IP -P {{ .Values.service.port }} -u{{ if .Values.db.user }}{{ .Values.db.user }}{{ else }}root{{ end }} -p{{ if .Values.db.user }}$(kubectl get secret --namespace {{ .Release.Namespace }} {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{ else }}{{ template "mariadb-galera.fullname" . }}{{ end }} -o jsonpath="{.data.mariadb-password}" | base64 --decode){{ else }}$(kubectl get secret --namespace {{ .Release.Namespace }} {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{ else }}{{ template "mariadb-galera.fullname" . }}{{ end }} -o jsonpath="{.data.mariadb-root-password}" | base64 --decode){{ end }} {{ .Values.db.name }} + mysql -h $SERVICE_IP -P {{ .Values.service.port }} -u{{ if .Values.db.user }}{{ .Values.db.user }}{{ else }}{{ .Values.rootUser.user }}{{ end }} -p{{ if .Values.db.user }}$(kubectl get secret --namespace {{ .Release.Namespace }} {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{ else }}{{ template "mariadb-galera.fullname" . }}{{ end }} -o jsonpath="{.data.mariadb-password}" | base64 --decode){{ else }}$(kubectl get secret --namespace {{ .Release.Namespace }} {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{ else }}{{ template "mariadb-galera.fullname" . }}{{ end }} -o jsonpath="{.data.mariadb-root-password}" | base64 --decode){{ end }} {{ .Values.db.name }} {{- else if contains "ClusterIP" .Values.service.type }} kubectl port-forward --namespace {{ .Release.Namespace }} svc/{{ template "mariadb-galera.fullname" . }} {{ .Values.service.port }}:{{ .Values.service.port }} & - mysql -h 127.0.0.1 -P {{ .Values.service.port }} -u{{ if .Values.db.user }}{{ .Values.db.user }}{{ else }}root{{ end }} -p{{ if .Values.db.user }}$(kubectl get secret --namespace {{ .Release.Namespace }} {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{ else }}{{ template "mariadb-galera.fullname" . }}{{ end }} -o jsonpath="{.data.mariadb-password}" | base64 --decode){{ else }}$(kubectl get secret --namespace {{ .Release.Namespace }} {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{ else }}{{ template "mariadb-galera.fullname" . }}{{ end }} -o jsonpath="{.data.mariadb-root-password}" | base64 --decode){{ end }} {{ .Values.db.name }} + mysql -h 127.0.0.1 -P {{ .Values.service.port }} -u{{ if .Values.db.user }}{{ .Values.db.user }}{{ else }}{{ .Values.rootUser.user }}{{ end }} -p{{ if .Values.db.user }}$(kubectl get secret --namespace {{ .Release.Namespace }} {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{ else }}{{ template "mariadb-galera.fullname" . }}{{ end }} -o jsonpath="{.data.mariadb-password}" | base64 --decode){{ else }}$(kubectl get secret --namespace {{ .Release.Namespace }} {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{ else }}{{ template "mariadb-galera.fullname" . }}{{ end }} -o jsonpath="{.data.mariadb-root-password}" | base64 --decode){{ end }} {{ .Values.db.name }} {{- end }} diff --git a/bitnami/mariadb-galera/templates/statefulset.yaml b/bitnami/mariadb-galera/templates/statefulset.yaml index 43220d3ff7..60e68cfe9c 100644 --- a/bitnami/mariadb-galera/templates/statefulset.yaml +++ b/bitnami/mariadb-galera/templates/statefulset.yaml @@ -76,6 +76,8 @@ spec: value: {{ .Values.galera.name | quote }} - name: MARIADB_GALERA_CLUSTER_ADDRESS value: "gcomm://{{ template "mariadb-galera.fullname" . }}-headless.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }}" + - name: MARIADB_ROOT_USER + value: {{ .Values.rootUser.user | quote }} - name: MARIADB_ROOT_PASSWORD valueFrom: secretKeyRef: @@ -188,7 +190,7 @@ spec: - bash - -ec - | - exec mysqladmin status -uroot -p$MARIADB_ROOT_PASSWORD + exec mysqladmin status -u$MARIADB_ROOT_USER -p$MARIADB_ROOT_PASSWORD initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.livenessProbe.periodSeconds }} timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }} @@ -202,7 +204,7 @@ spec: - bash - -ec - | - exec mysqladmin status -uroot -p$MARIADB_ROOT_PASSWORD + exec mysqladmin status -u$MARIADB_ROOT_USER -p$MARIADB_ROOT_PASSWORD initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.readinessProbe.periodSeconds }} timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }} @@ -244,6 +246,8 @@ spec: env: - name: MARIADB_METRICS_EXTRA_FLAGS value: {{ default "" (join " " .Values.metrics.extraFlags) | quote }} + - name: MARIADB_ROOT_USER + value: {{ .Values.rootUser.user | quote }} - name: MARIADB_ROOT_PASSWORD valueFrom: secretKeyRef: @@ -257,7 +261,7 @@ spec: - sh - -c - | - DATA_SOURCE_NAME="root:$MARIADB_ROOT_PASSWORD@(localhost:3306)/" /bin/mysqld_exporter $MARIADB_METRICS_EXTRA_FLAGS + DATA_SOURCE_NAME="$MARIADB_ROOT_USER:$MARIADB_ROOT_PASSWORD@(localhost:3306)/" /bin/mysqld_exporter $MARIADB_METRICS_EXTRA_FLAGS ports: - name: metrics containerPort: 9104 diff --git a/bitnami/mariadb-galera/values-production.yaml b/bitnami/mariadb-galera/values-production.yaml index 8c15843043..0acf1170b2 100644 --- a/bitnami/mariadb-galera/values-production.yaml +++ b/bitnami/mariadb-galera/values-production.yaml @@ -142,6 +142,8 @@ securityContext: ## Database credentials for root (admin) user ## rootUser: + ## MariaDB admin user + user: root ## MariaDB admin password ## Password is ignored if existingSecret is specified. ## ref: https://github.com/bitnami/bitnami-docker-mariadb-galera#setting-the-root-password-on-first-run diff --git a/bitnami/mariadb-galera/values.schema.json b/bitnami/mariadb-galera/values.schema.json index 3184fb41e3..9edce0639c 100644 --- a/bitnami/mariadb-galera/values.schema.json +++ b/bitnami/mariadb-galera/values.schema.json @@ -39,6 +39,12 @@ "value": true, "path": "existingSecret" } + }, + "user": { + "type": "string", + "title": "MariaDB admin user", + "description": "Name of the admin user to be created during the 1st initialization of MariaDB.", + "form": true } } }, diff --git a/bitnami/mariadb-galera/values.yaml b/bitnami/mariadb-galera/values.yaml index 853b8ea6b5..c0f52b2aaf 100644 --- a/bitnami/mariadb-galera/values.yaml +++ b/bitnami/mariadb-galera/values.yaml @@ -141,6 +141,8 @@ securityContext: ## Database credentials for root (admin) user ## rootUser: + ## MariaDB admin user + user: root ## MariaDB admin password ## Password is ignored if existingSecret is specified. ## ref: https://github.com/bitnami/bitnami-docker-mariadb-galera#setting-the-root-password-on-first-run