openstack/openstack-helm
Code Issues Proposed changes

Mariadb: Update to use endpoint values layout and lookups

Browse Source 
This PS adjusts the MariaDB chart to use the same endpoint values
layout as used in other openstack-helm components. It also removes
credentials and params from the configmaps and moves them to secrets
and env vars as appropriate.

Change-Id: I9116be7c46cdd16c743ca2784878f3de65665f8c
This commit is contained in:
Pete Birley 2017-07-01 12:59:46 -05:00
parent 4cc4b66898
commit 8ff8e7aeb2
11 changed files with 73 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
helm-toolkit/templates/endpoints/_endpoint_port_lookup.tpl
View File

@ -15,7 +15,7 @@
# This function returns hostnames from endpoint definitions for use cases
# where the uri style return is not appropriate, and only the hostname
# portion is used or relevant in the template:
# { tuple "memcache" "internal" "portName" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" }
# { tuple "memcache" "internal" "portName" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }
# returns: internal_host:port
#
# Output that requires the port aspect striped could simply split the output based on ':'

9
mariadb/Chart.yaml
View File

@ -15,4 +15,11 @@
apiVersion: v1
description: OpenStack-Helm MariaDB
name: mariadb
version: 0.5.0
version: 0.1.0
home: https://docs.openstack.org/developer/nova
icon: http://badges.mariadb.org/mariadb-badge-180x60.png
sources:
- https://github.com/MariaDB/server
- https://git.openstack.org/cgit/openstack/openstack-helm
maintainers:
- name: OpenStack-Helm Authors

4
mariadb/templates/bin/_readiness.sh.tpl
View File

@ -16,9 +16,7 @@
set -o pipefail
PASSWORD={{ .Values.database.root_password | quote }}
MYSQL="mysql -u root --password=${PASSWORD}"
MYSQL="mysql -u root --password=${MYSQL_ROOT_PASSWORD}"
if [ ! $($MYSQL -e 'select 1') ]; then
echo "Could not SELECT 1" 1>&2

14
mariadb/templates/bin/_start.sh.tpl
View File

@ -13,20 +13,18 @@
# See the License for the specific language governing permissions and
# limitations under the License.
export MYSQL_ROOT_PASSWORD={{ .Values.database.root_password | quote }}
#
# Bootstrap database
#
CLUSTER_INIT_ARGS=
if [ ! -d /var/lib/mysql/mysql ]; then
if [ "x${POD_NAME}" = "x{{ .Values.service_name }}-0" ]; then
if [ "x${POD_NAME}" = "x${SERVICE_NAME}-0" ]; then
echo No data found for pod 0
if [ "xtrue" = "x{{ .Values.force_bootstrap }}" ]; then
echo force_bootstrap set, so will force-initialize node 0.
CLUSTER_INIT_ARGS=--wsrep-new-cluster
elif ! mysql -h {{ .Values.service_name }} -u root --password=${MYSQL_ROOT_PASSWORD} -e 'select 1'; then
elif ! mysql -h ${SERVICE_NAME} -u root --password=${MYSQL_ROOT_PASSWORD} -e 'select 1'; then
echo No other nodes found, so will initialize cluster.
CLUSTER_INIT_ARGS=--wsrep-new-cluster
else
@ -47,12 +45,12 @@ CLUSTER_CONFIG_PATH=/etc/mysql/conf.d/10-cluster-config.cnf
MEMBERS=
for i in $(seq 1 {{ .Values.replicas }}); do
NUM=$(expr $i - 1)
CANDIDATE_POD="{{ .Values.service_name }}-$NUM.{{ .Values.service_name }}-discovery"
if [ "x${CANDIDATE_POD}" != "x${POD_NAME}.{{ .Values.service_name }}-discovery" ]; then
CANDIDATE_POD="${SERVICE_NAME}-$NUM.${DISCOVERY_SERVICE_NAME}"
if [ "x${CANDIDATE_POD}" != "x${POD_NAME}.${DISCOVERY_SERVICE_NAME}" ]; then
if [ -n "${MEMBERS}" ]; then
MEMBERS+=,
fi
MEMBERS+="${CANDIDATE_POD}:{{ .Values.network.port.wsrep }}"
MEMBERS+="${CANDIDATE_POD}:${WSREP_PORT}"
fi
done
@ -64,7 +62,7 @@ cat <<EOS | tee ${CLUSTER_CONFIG_PATH}
[mysqld]
wsrep_cluster_address="gcomm://${MEMBERS}"
wsrep_node_address=${POD_IP}
wsrep_node_name=${POD_NAME}.{{ .Values.service_name}}-discovery
wsrep_node_name=${POD_NAME}.${DISCOVERY_SERVICE_NAME}
EOS
echo ^^^

10
mariadb/templates/etc/_00-base.cnf.tpl
View File

@ -32,7 +32,7 @@ log_queries_not_using_indexes=on
# Networking
bind_address=0.0.0.0
port={{ .Values.network.port.mariadb }}
port={{ tuple "oslo_db" "internal" "mysql" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
# When a client connects, the server will perform hostname resolution,
# and when DNS is slow, establishing the connection will become slow as well.
@ -88,12 +88,12 @@ binlog_format=ROW
default-storage-engine=InnoDB
innodb_autoinc_lock_mode=2
innodb_flush_log_at_trx_commit=2
wsrep_cluster_name={{ .Values.service_name }}
wsrep_cluster_name={{ tuple "oslo_db" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
wsrep_on=1
wsrep_provider=/usr/lib/galera/libgalera_smm.so
wsrep_provider_options="gmcast.listen_addr=tcp://0.0.0.0:{{ .Values.network.port.wsrep }}"
wsrep_provider_options="gmcast.listen_addr=tcp://0.0.0.0:{{ tuple "oslo_db" "internal" "wsrep" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}"
wsrep_slave_threads=12
wsrep_sst_auth=root:{{ .Values.database.root_password }}
wsrep_sst_auth=root:{{ .Values.endpoints.oslo_db.auth.admin.password }}
wsrep_sst_method=xtrabackup-v2
@ -104,5 +104,5 @@ max-allowed-packet=16M
[client]
default_character_set=utf8
protocol=tcp
port={{ .Values.network.port.mariadb }}
port={{ tuple "oslo_db" "internal" "mysql" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
connect_timeout=10

4
mariadb/templates/pdb-mariadb.yaml
View File

@ -1,9 +1,9 @@
apiVersion: policy/v1beta1
kind: PodDisruptionBudget
metadata:
name: {{ .Values.service_name }}
name: {{ tuple "oslo_db" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec:
minAvailable: {{ .Values.pod_disruption_budget.mariadb.min_available }}
selector:
matchLabels:
app: {{ .Values.service_name }}
app: mariadb

7
mariadb/templates/secret-db-root-password.yaml Normal file
View File

@ -0,0 +1,7 @@
apiVersion: v1
kind: Secret
metadata:
name: mariadb-db-root-password
type: Opaque
data:
MYSQL_ROOT_PASSWORD: {{ .Values.endpoints.oslo_db.auth.admin.password | b64enc }}

6
mariadb/templates/service-discovery.yaml
View File

@ -17,13 +17,13 @@
apiVersion: v1
kind: Service
metadata:
name: {{ .Values.service_name }}-discovery
name: {{ tuple "oslo_db" "discovery" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
annotations:
service.alpha.kubernetes.io/tolerate-unready-endpoints: "true"
spec:
ports:
- name: db
port: {{ .Values.network.port.mariadb }}
port: {{ tuple "oslo_db" "internal" "mysql" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
clusterIP: None
selector:
app: {{ .Values.service_name }}
app: mariadb

6
mariadb/templates/service.yaml
View File

@ -15,7 +15,7 @@
apiVersion: v1
kind: Service
metadata:
name: {{ .Values.service_name }}
name: {{ tuple "oslo_db" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
annotations:
# This is needed to make the peer-finder work properly and to help avoid
# edge cases where instance 0 comes up after losing its data and needs to
@ -27,6 +27,6 @@ metadata:
spec:
ports:
- name: db
port: {{ .Values.network.port.mariadb }}
port: {{ tuple "oslo_db" "internal" "mysql" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
selector:
app: {{ .Values.service_name }}
app: mariadb

22
mariadb/templates/statefulset.yaml
View File

@ -16,15 +16,14 @@
apiVersion: apps/v1beta1
kind: StatefulSet
metadata:
name: {{ .Values.service_name }}
name: mariadb
spec:
serviceName: "{{ .Values.service_name }}-discovery"
serviceName: "{{ tuple "oslo_db" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}-discovery"
replicas: {{ .Values.replicas }}
template:
metadata:
labels:
app: {{ .Values.service_name }}
galera: enabled
app: mariadb
spec:
# alanmeadows: this soft requirement allows single
# host deployments to spawn several mariadb containers
@ -39,13 +38,13 @@ spec:
- key: app
operator: In
values:
- {{ .Values.service_name }}
- mariadb
topologyKey: kubernetes.io/hostname
weight: 10
nodeSelector:
{{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }}
containers:
- name: {{ .Values.service_name }}
- name: mariadb
image: {{ .Values.images.mariadb }}
imagePullPolicy: {{ .Values.images.pull_policy }}
{{- if .Values.resources.enabled }}
@ -68,6 +67,17 @@ spec:
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: WSREP_PORT
value: {{ tuple "oslo_db" "internal" "wsrep" . | include "helm-toolkit.endpoints.endpoint_port_lookup" | quote }}
- name: SERVICE_NAME
value: {{ tuple "oslo_db" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
- name: DISCOVERY_SERVICE_NAME
value: {{ tuple "oslo_db" "discovery" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup"}}
- name: MYSQL_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: mariadb-db-root-password
key: MYSQL_ROOT_PASSWORD
readinessProbe:
exec:
command:

32
mariadb/values.yaml
View File

@ -30,9 +30,6 @@ resources:
memory: "128Mi"
cpu: "500m"
# this drives the service name, and statefulset name
service_name: mariadb
images:
mariadb: docker.io/mariadb:10.1.23
pull_policy: IfNotPresent
@ -46,16 +43,29 @@ labels:
node_selector_key: openstack-control-plane
node_selector_value: enabled
network:
port:
ist: 4444
mariadb: 3306
wsrep: 4567
database:
root_password: password
config_override: null
# Any configuration here will override the base config.
# config_override: |-
# [mysqld]
# wsrep_slave_threads=1
# typically overriden by environmental
# values, but should include all endpoints
# required by this chart
endpoints:
oslo_db:
auth:
admin:
username: root
password: password
hosts:
default: mariadb
discovery: mariadb-discovery
path: null
scheme: mysql+pymysql
port:
mysql:
default: 3306
wsrep:
default: 4567