Skip to content

(mariadb-operator) add mariadb operator & database on dev #959

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: dev
Choose a base branch
from
Open

(mariadb-operator) add mariadb operator & database on dev #959

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 18 additions & 0 deletions fleet/lib/mariadb-operator/fleet.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
---
name: mariadb-operator
defaultNamespace: &name mariadb-system
labels:
bundle: *name
helm:
chart: mariadb-operator
releaseName: mariadb-operator
repo: https://helm.mariadb.com/mariadb-operator
version: 0.38.1
waitForJobs: true
timeoutSeconds: 900
values:
crds:
enabled: true
ha:
enabled: true
replicas: 2
18 changes: 18 additions & 0 deletions fleet/lib/metallb-conf/overlays/ayekan/ipaddresspool-openvpndb.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
apiVersion: metallb.io/v1beta1
kind: IPAddressPool
metadata:
name: openvpndb
namespace: metallb-system
spec:
addresses:
- 139.229.144.10/32
autoAssign: false
---
apiVersion: metallb.io/v1beta1
kind: L2Advertisement
metadata:
name: openvpndb
namespace: metallb-system
spec:
ipAddressPools:
- openvpndb
34 changes: 34 additions & 0 deletions fleet/lib/openvpn-db-pre/base/external-secret-dockerhub.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: dockerhub-secret
namespace: openvpn-db
spec:
secretStoreRef:
kind: ClusterSecretStore
name: onepassword
target:
name: dockerhub-secret
creationPolicy: Owner
template:
type: kubernetes.io/dockerconfigjson
data:
.dockerconfigjson: |
{
"auths": {
"docker.io": {
"username": "{{ .dockerhub_username }}",
"password": "{{ .dockerhub_token }}",
"auth": "{{ printf "%s:%s" .dockerhub_username .dockerhub_token | b64enc }}"
}
}
}
data:
- secretKey: dockerhub_username
remoteRef:
key: lsstitadmin-docker-hub
property: username
- secretKey: dockerhub_token
remoteRef:
key: lsstitadmin-docker-hub
property: docker hub api token
36 changes: 36 additions & 0 deletions fleet/lib/openvpn-db-pre/base/external-secret-openvpndb.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: mariadb-root
namespace: openvpn-db
spec:
secretStoreRef:
kind: ClusterSecretStore
name: onepassword
target:
name: mariadb-root
creationPolicy: Owner
data:
- secretKey: mariadb-root-password
remoteRef:
key: ovpn-mariadb-root
property: mariadb-root-password
---
apiVersion: external-secrets.io/v1
kind: ExternalSecret
metadata:
name: mariadb-replication
namespace: openvpn-db
spec:
secretStoreRef:
kind: ClusterSecretStore
name: onepassword
target:
name: mariadb-replication
creationPolicy: Owner
data:
- secretKey: mariadb-replication-password
remoteRef:
key: ovpn-mariadb-replication
property: mariadb-replication-password
4 changes: 4 additions & 0 deletions fleet/lib/openvpn-db-pre/base/kustomization.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
resources:
- external-secret-dockerhub.yaml
- external-secret-openvpndb.yaml
- service-mariadb-headless.yaml
13 changes: 13 additions & 0 deletions fleet/lib/openvpn-db-pre/base/service-mariadb-headless.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
apiVersion: v1
kind: Service
metadata:
name: mariadb-galera
namespace: openvpn-db
spec:
clusterIP: None
selector:
app.kubernetes.io/name: mariadb
ports:
- protocol: TCP
port: 3306
targetPort: 3306
6 changes: 6 additions & 0 deletions fleet/lib/openvpn-db-pre/fleet.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
defaultNamespace: openvpn-db
labels:
bundle: openvpn-db-pre
name: openvpn-db-pre
kustomize:
dir: base
21 changes: 21 additions & 0 deletions fleet/lib/openvpn-db/fleet.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
name: openvpn-db
defaultNamespace: &name openvpn-db
namespaceLabels:
lsst.io/discover: "true"
labels:
bundle: *name
dependsOn:
- name: mariadb-operator
namespace: mariadb-system
- name: openvpn-db-pre
namespace: openvpn-db
targetCustomizations:
- name: ayekan
clusterSelector:
matchExpressions:
- key: management.cattle.io/cluster-display-name
operator: In
values:
- ayekan
kustomize:
dir: overlays/ayekan
2 changes: 2 additions & 0 deletions fleet/lib/openvpn-db/overlays/ayekan/kustomization.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
resources:
- mariadb-cluster.yaml
124 changes: 124 additions & 0 deletions fleet/lib/openvpn-db/overlays/ayekan/mariadb-cluster.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,124 @@
apiVersion: k8s.mariadb.com/v1alpha1
kind: MariaDB
metadata:
name: mariadb
namespace: openvpn-db
spec:
replicas: 3
galera:
enabled: true
primary:
podIndex: 0
automaticFailover: true
sst: mariabackup

rootPasswordSecretKeyRef:
name: mariadb-root
key: mariadb-root-password

username: mariadb
passwordSecretKeyRef:
name: mariadb-replication
key: mariadb-replication-password
database: mariadb

image: docker.io/library/mariadb:11.4.5
imagePullPolicy: IfNotPresent
imagePullSecrets:
- name: dockerhub-secret

storage:
size: 100Gi
storageClassName: rook-ceph-block

connection:
secretName: connection-mariadb
secretTemplate:
key: dsn
healthCheck:
interval: 10s
retryInterval: 3s
params:
parseTime: "true"

myCnf: |
[mariadb]
bind-address=*
skip-name-resolve
connect_timeout=30
wait_timeout=28800
interactive_timeout=28800
net_read_timeout=60
net_write_timeout=60
max_connections=500
max_allowed_packet=64M
thread_cache_size=100
table_open_cache=2048
open_files_limit=65535
default_storage_engine=InnoDB
binlog_format=row
innodb_autoinc_lock_mode=2
innodb_buffer_pool_size=1024M

livenessProbe:
exec:
command:
- bash
- -c
- mysqladmin ping -u root -p"$MARIADB_ROOT_PASSWORD" --silent
periodSeconds: 10
timeoutSeconds: 5

readinessProbe:
exec:
command:
- bash
- -c
- >
mariadb -u root -p"$MARIADB_ROOT_PASSWORD" -e "
SHOW STATUS LIKE 'wsrep_ready';
SHOW STATUS LIKE 'wsrep_local_state_comment';" |
grep -q 'ON' && grep -q 'Synced'
periodSeconds: 10
timeoutSeconds: 5

service:
type: ClusterIP
primaryService:
type: LoadBalancer
metadata:
annotations:
metallb.universe.tf/address-pool: openvpndb
secondaryService:
type: ClusterIP

affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
app.kubernetes.io/name: mariadb
topologyKey: kubernetes.io/hostname
topologySpreadConstraints:
- maxSkew: 1
topologyKey: kubernetes.io/hostname
whenUnsatisfiable: DoNotSchedule
labelSelector:
matchLabels:
app.kubernetes.io/name: mariadb

podDisruptionBudget:
minAvailable: 2

terminationGracePeriodSeconds: 180

podSecurityContext:
runAsUser: 999
runAsGroup: 999
fsGroup: 999
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: false

metrics:
enabled: true
1 change: 1 addition & 0 deletions fleet/s/dev/c/ayekan/mariadb-operator
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
../../../../lib/mariadb-operator
1 change: 1 addition & 0 deletions fleet/s/dev/c/ayekan/openvpn-db
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
../../../../lib/openvpn-db
1 change: 1 addition & 0 deletions fleet/s/dev/c/ayekan/openvpn-db-pre
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
../../../../lib/openvpn-db-pre
Loading