openstack/openstack-helm-infra
Code Issues Proposed changes
e6530bc2bb
openstack-helm-infra/mariadb
History
Sphicas, Phil (ps3910) 09bf431fe7 MariaDB: Disable SSL chain completion on ingress controller 
This PS sets `--enable-ssl-chain-completion=false` for the MariaDB
ingress controller. This is the default for current versions of
the nginx-ingress-controller, but for 0.9.0 needs to be set.

If enableSSLChainCompletion is left on, nginx will attempt to
autocomplete SSL certificate chains with missing intermediate CA
certificates, causing unnecessary network and errors in pod logs.

Change-Id: I088b33fe994281dca6997baa87a6b599c3f10c14
Closes-Bug: #1835364
2019-07-03 23:20:15 -07:00
..
files 'NOP' cleanup for more consistent white-space use in charts 2019-01-03 22:45:49 +00:00
templates MariaDB: Disable SSL chain completion on ingress controller 2019-07-03 23:20:15 -07:00
.helmignore MariaDB: Move chart to openstack-helm-infra 2018-09-04 18:57:53 -05:00
Chart.yaml Replace git.openstack.org URLs with opendev.org URLs 2019-05-31 01:52:10 +00:00
README.rst MariaDB: Move chart to openstack-helm-infra 2018-09-04 18:57:53 -05:00
requirements.yaml MariaDB: Move chart to openstack-helm-infra 2018-09-04 18:57:53 -05:00
values.yaml Add a configmap for mariadb ingress controller 2019-07-03 21:07:51 +00:00

README.rst

openstack-helm/mariadb

By default, this chart creates a 3-member mariadb galera cluster.

This chart leverages StatefulSets, with persistent storage.

It creates a job that acts as a temporary standalone galera cluster. This host is bootstrapped with authentication and then the WSREP bindings are exposed publicly. The cluster members being StatefulSets are provisioned one at a time. The first host must be marked as Ready before the next host will be provisioned. This is determined by the readinessProbes which actually validate that MySQL is up and responsive.

The configuration leverages xtrabackup-v2 for synchronization. This may later be augmented to leverage rsync which has some benefits.

Once the seed job completes, which completes only when galera reports that it is Synced and all cluster members are reporting in thus matching the cluster count according to the job to the replica count in the helm values configuration, the job is terminated. When the job is no longer active, future StatefulSets provisioned will leverage the existing cluster members as gcomm endpoints. It is only when the job is running that the cluster members leverage the seed job as their gcomm endpoint. This ensures you can restart members and scale the cluster.

The StatefulSets all leverage PVCs to provide stateful storage to /var/lib/mysql.

You must ensure that your control nodes that should receive mariadb instances are labeled with openstack-control-plane=enabled, or whatever you have configured in values.yaml for the label configuration:

kubectl label nodes openstack-control-plane=enabled --all