openstack/openstack-helm
Code Issues Proposed changes

Merge "Use the standard Dockerhub MariaDB image"

Browse Source
This commit is contained in:
Jenkins 2017-05-25 21:02:50 +00:00 committed by Gerrit Code Review
commit 78abb8218c
31 changed files with 219 additions and 698 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
barbican/values.yaml
View File

@ -63,8 +63,6 @@ keystone:
dependencies: dependencies:
db_init: db_init:
jobs:
- mariadb-seed
service: service:
- mariadb - mariadb
db_sync: db_sync:

2
cinder/values.yaml
View File

@ -107,8 +107,6 @@ misc:
dependencies: dependencies:
db_init: db_init:
jobs:
- mariadb-seed
service: service:
- mariadb - mariadb
db_sync: db_sync:

4
doc/source/install/developer/minikube.rst
View File

@ -84,7 +84,7 @@ use the following commands:
kubectl label nodes openstack-control-plane=enabled --all --namespace=openstack kubectl label nodes openstack-control-plane=enabled --all --namespace=openstack
# Deploy each chart: # Deploy each chart:
helm install --name mariadb local/mariadb --namespace=openstack --set development.enabled=true helm install --name mariadb local/mariadb --namespace=openstack --set volume.enabled=false
helm install --name=memcached local/memcached --namespace=openstack helm install --name=memcached local/memcached --namespace=openstack
helm install --name=etcd-rabbitmq local/etcd --namespace=openstack helm install --name=etcd-rabbitmq local/etcd --namespace=openstack
helm install --name=rabbitmq local/rabbitmq --namespace=openstack helm install --name=rabbitmq local/rabbitmq --namespace=openstack
@ -263,7 +263,7 @@ child charts.
:: ::
helm install --name mariadb --set development.enabled=true local/mariadb --namespace=openstack helm install --name mariadb --set volume.enabled=false local/mariadb --namespace=openstack
.. note:: .. note::
MariaDB seeding tasks run for quite a while. This is expected MariaDB seeding tasks run for quite a while. This is expected

2
glance/values.yaml
View File

@ -210,8 +210,6 @@ resources:
dependencies: dependencies:
db_init: db_init:
jobs:
- mariadb-seed
service: service:
- mariadb - mariadb
db_sync: db_sync:

2
heat/values.yaml
View File

@ -173,8 +173,6 @@ network:
dependencies: dependencies:
db_init: db_init:
jobs:
- mariadb-seed
service: service:
- mariadb - mariadb
db_sync: db_sync:

4
keystone/values.yaml
View File

@ -66,19 +66,15 @@ network:
dependencies: dependencies:
api: api:
jobs: jobs:
- mariadb-seed
- keystone-db-sync - keystone-db-sync
service: service:
- mariadb - mariadb
db_sync: db_sync:
jobs: jobs:
- keystone-db-init - keystone-db-init
- mariadb-seed
service: service:
- mariadb - mariadb
init: init:
jobs:
- mariadb-seed
service: service:
- mariadb - mariadb

2
magnum/values.yaml
View File

@ -98,8 +98,6 @@ network:
dependencies: dependencies:
db_init: db_init:
jobs:
- mariadb-seed
service: service:
- mariadb - mariadb
db_sync: db_sync:

2
mariadb/Chart.yaml
View File

@ -15,4 +15,4 @@
apiVersion: v1 apiVersion: v1
description: OpenStack-Helm MariaDB description: OpenStack-Helm MariaDB
name: mariadb name: mariadb
version: 0.1.0 version: 0.5.0

66
mariadb/templates/bin/_bootstrap-db.sh.tpl
View File

@ -1,66 +0,0 @@
#!/bin/sh
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
set -ex
SLEEP_TIMEOUT=5
# Initialize system .Values.database.
mysql_install_db --datadir=/var/lib/mysql
# Start mariadb and wait for it to be ready.
#
# note that we bind to 127.0.0.1 here because we want
# to interact with the database but we dont want to expose it
# yet for other cluster members to accidently connect yet
mysqld_safe --defaults-file=/etc/my.cnf \
--console \
--wsrep-new-cluster \
--wsrep_cluster_address='gcomm://' \
--bind-address='127.0.0.1' \
--wsrep_node_address="127.0.0.1:{{ .Values.network.port.wsrep }}" \
--wsrep_provider_options="gmcast.listen_addr=tcp://127.0.0.1:{{ .Values.network.port.wsrep }}" &
TIMEOUT=120
while [[ ! -f /var/lib/mysql/mariadb.pid ]]; do
if [[ ${TIMEOUT} -gt 0 ]]; then
let TIMEOUT-=1
sleep 1
else
exit 1
fi
done
# Reset permissions.
# kolla_security_reset requires to be run from home directory
cd /var/lib/mysql ; DB_ROOT_PASSWORD="{{ .Values.database.root_password }}" kolla_security_reset
mysql -u root --password="{{ .Values.database.root_password }}" --port="{{ .Values.network.port.mariadb }}" -e "GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' IDENTIFIED BY '{{ .Values.database.root_password }}' WITH GRANT OPTION;"
mysql -u root --password="{{ .Values.database.root_password }}" --port="{{ .Values.network.port.mariadb }}" -e "GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY '{{ .Values.database.root_password }}' WITH GRANT OPTION;"
# Restart .Values.database.
mysqladmin -uroot -p"{{ .Values.database.root_password }}" --port="{{ .Values.network.port.mariadb }}" shutdown
# Wait for the mariadb server to shut down
SHUTDOWN_TIMEOUT=60
while [[ -f /var/lib/mysql/mariadb.pid ]]; do
if [[ ${SHUTDOWN_TIMEOUT} -gt 0 ]]; then
let SHUTDOWN_TIMEOUT-=1
sleep 1
else
echo "MariaDB instance couldn't be properly shut down"
exit 1
fi
done

104
mariadb/templates/bin/_peer-finder.py.tpl
View File

@ -1,104 +0,0 @@
#!/usr/bin/env python
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
import json
import os
import urllib2
import ssl
import socket
import sys
import time
URL = ('https://kubernetes.default.svc.cluster.local/api/v1/namespaces/{namespace}'
'/endpoints/{service_name}')
TOKEN_FILE = '/var/run/secrets/kubernetes.io/serviceaccount/token'
def get_service_endpoints(service_name):
url = URL.format(namespace=os.environ['NAMESPACE'], service_name=service_name)
try:
token = file (TOKEN_FILE, 'r').read()
except KeyError:
exit("Unable to open a file with token.")
header = {'Authorization': " Bearer {}".format(token)}
req = urllib2.Request(url=url, headers=header)
ctx = create_ctx()
connection = urllib2.urlopen(req, context=ctx)
data = connection.read()
# parse to dict
json_acceptable_string = data.replace("'", "\"")
output = json.loads(json_acceptable_string)
return output
def get_ip_addresses(output, force_only_members=False):
subsets = output['subsets'][0]
if not 'addresses' in subsets:
return []
# where we are seeding, the only cluster member is the seed job
if not force_only_members:
for subset in subsets['addresses']:
if subset.has_key('name'):
if 'seed' in subset['name']:
return [subset['ip']]
# otherwise use the other cluster members
ip_addresses = [x['ip'] for x in subsets['addresses']]
my_ip = get_my_ip_address()
if my_ip in ip_addresses:
ip_addresses.remove(my_ip)
return ip_addresses
def get_my_ip_address():
s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
s.connect(('kubernetes.default.svc.cluster.local', 0))
return s.getsockname()[0]
def create_ctx():
ctx = ssl.create_default_context()
ctx.check_hostname = False
ctx.verify_mode = ssl.CERT_NONE
return ctx
def print_galera_cluster_address(service_name, force_only_members):
while True:
output = get_service_endpoints(service_name)
ips = get_ip_addresses(output, force_only_members)
#print "=== OUTPUT: %s" % output
#print "=== IPS: %s" % ips
if len(ips):
wsrep_cluster_address = '--wsrep_cluster_address=gcomm://{}'.format(
','.join(get_ip_addresses(output)))
print wsrep_cluster_address
break
time.sleep(5)
def main():
if len(sys.argv) != 3:
exit('peer-finder: You need to pass argument <service name> <1|0 for force cluster members>')
service_name = sys.argv[1]
force_only_members = int(sys.argv[2])
print_galera_cluster_address(service_name, force_only_members)
if __name__ == '__main__':
main()

41
mariadb/templates/bin/_readiness.py.tpl
View File

@ -1,41 +0,0 @@
#!/usr/bin/env python
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
import os
import sys
import time
import pymysql
DB_HOST = "127.0.0.1"
DB_PORT = int(os.environ.get('MARIADB_SERVICE_PORT', '3306'))
while True:
try:
pymysql.connections.Connection(host=DB_HOST, port=DB_PORT,
connect_timeout=1)
sys.exit(0)
except pymysql.err.OperationalError as e:
code, message = e.args
if code == 2003 and 'time out' in message:
print('Connection timeout, sleeping')
time.sleep(1)
continue
if code == 1045:
print('Mysql ready to use. Exiting')
sys.exit(0)
# other error
raise

51
mariadb/templates/bin/_readiness.sh.tpl Normal file
View File

@ -0,0 +1,51 @@
#!/usr/bin/env bash
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
set -o pipefail
PASSWORD={{ .Values.database.root_password | quote }}
MYSQL="mysql -u root --password=${PASSWORD}"
if [ ! $($MYSQL -e 'select 1') ]; then
echo "Could not SELECT 1" 1>&2
exit 1
fi
# Set this late, so that we can give a nicer error message above.
set -o errexit
CLUSTER_STATUS=$($MYSQL -e "show status like 'wsrep_cluster_status'" | tail -n 1 | cut -f 2)
if [ "x${CLUSTER_STATUS}" != "xPrimary" ]; then
echo "Not in primary cluster: '${CLUSTER_STATUS}'" 1>&2
exit 1
fi
WSREP_READY=$($MYSQL -e "show status like 'wsrep_ready'" | tail -n 1 | cut -f 2)
if [ "x${WSREP_READY}" != "xON" ]; then
echo "WSREP not ready: '${WSREP_READY}'" 1>&2
exit 1
fi
WSREP_STATE=$($MYSQL -e "show status like 'wsrep_local_state_comment'" | tail -n 1 | cut -f 2)
if [ "x${WSREP_STATE}" != "xSynced" ]; then
echo "WSREP not synced: '${WSREP_STATE}'" 1>&2
exit 1
fi
echo "${POD_NAME} ready." 1>&2
exit 0

96
mariadb/templates/bin/_seed.sh.tpl
View File

@ -1,96 +0,0 @@
#!/bin/sh
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
set -ex
SLEEP_TIMEOUT=5
function wait_for_cluster {
# Wait for the mariadb server to be "Ready" before starting the security reset with a max timeout
TIMEOUT=600
while [[ ! -f /var/lib/mysql/mariadb.pid ]]; do
if [[ ${TIMEOUT} -gt 0 ]]; then
let TIMEOUT-=1
sleep 1
else
exit 1
fi
done
REPLICAS={{ .Values.replicas }}
# We need to count seed instance here.
MINIMUM_CLUSTER_SIZE=$(( $REPLICAS + 1 ))
# wait until we have at least two more members in a cluster.
while true ; do
CLUSTER_SIZE=`mysql -uroot -h ${POD_IP} -p"{{ .Values.database.root_password }}" --port="{{ .Values.network.port.mariadb }}" -e'show status' | grep wsrep_cluster_size | awk ' { if($2 ~ /[0-9]/){ print $2 } else { print 0 } } '`
if [ "${CLUSTER_SIZE}" -lt ${MINIMUM_CLUSTER_SIZE} ] ; then
echo "Cluster seed not finished, waiting."
sleep ${SLEEP_TIMEOUT}
continue
fi
CLUSTER_STATUS=`mysql -uroot -h ${POD_IP} -p"{{ .Values.database.root_password }}" --port="{{ .Values.network.port.mariadb }}" -e'show status' | grep wsrep_local_state_comment | awk ' { print $2 } '`
if [ "${CLUSTER_STATUS}" != "Synced" ] ; then
echo "Cluster not synced, waiting."
sleep ${SLEEP_TIMEOUT}
continue
fi
# Count number of endpoint separators.
ENDPOINTS_CNT=`python /tmp/peer-finder.py mariadb 1 | grep -o ',' | wc -l`
# TODO(tomasz.paszkowski): Fix a corner case when only one endpoint is on the list.
# Add +1 for seed node and +1 as first item does not have a separator
ENDPOINTS_CNT=$(($ENDPOINTS_CNT+2))
if [ "${ENDPOINTS_CNT}" != "${CLUSTER_SIZE}" ] ; then
echo "Cluster not synced, waiting."
sleep ${SLEEP_TIMEOUT}
continue
fi
echo "Cluster ready, exiting seed."
kill -- -$$
break
done
}
# With the DaemonSet implementation, there may be a difference
# in the number of replicas and actual number of nodes matching
# mariadb node selector label. Problem will be solved when
# the implementation will be switched to Deployment
# (using anti-affinity feature).
{{- if .Values.development.enabled }}
REPLICAS=1
{{- else }}
REPLICAS={{ .Values.replicas }}
{{- end }}
if [ "$REPLICAS" -eq 1 ] ; then
echo "Requested to build one-instance MariaDB cluster. There is no need to run seed. Exiting."
exit 0
elif [ "$REPLICAS" -eq 2 ] ; then
echo "2-instance cluster is not a valid MariaDB configuration."
exit 1
fi
. /tmp/bootstrap-db.sh
mysqld_safe --defaults-file=/etc/my.cnf \
--console \
--wsrep-new-cluster \
--wsrep_cluster_address='gcomm://' \
--bind-address="0.0.0.0" \
--wsrep_node_address="${POD_IP}:{{ .Values.network.port.wsrep }}" \
--wsrep_provider_options="gmcast.listen_addr=tcp://${POD_IP}:{{ .Values.network.port.wsrep }}" &
wait_for_cluster
exit 0

97
mariadb/templates/bin/_start.sh.tpl
View File

@ -13,54 +13,65 @@
# See the License for the specific language governing permissions and # See the License for the specific language governing permissions and
# limitations under the License. # limitations under the License.
set -ex export MYSQL_ROOT_PASSWORD={{ .Values.database.root_password | quote }}
trap "trap - SIGTERM && kill -- -$$" SIGINT SIGTERM EXIT
sudo chown mysql: /var/lib/mysql #
rm -rf /var/lib/mysql/lost+found # Bootstrap database
#
CLUSTER_INIT_ARGS=
{{- if .Values.development.enabled }} if [ ! -d /var/lib/mysql/mysql ]; then
REPLICAS=1 if [ "x${POD_NAME}" = "x{{ .Values.service_name }}-0" ]; then
{{- else }} echo No data found for pod 0
REPLICAS={{ .Values.replicas }} if [ "xtrue" = "x{{ .Values.force_bootstrap }}" ]; then
{{- end }} echo force_bootstrap set, so will force-initialize node 0.
PETSET_NAME={{ printf "%s" .Values.service_name }} CLUSTER_INIT_ARGS=--wsrep-new-cluster
INIT_MARKER="/var/lib/mysql/init_done" elif ! mysql -h {{ .Values.service_name }} -u root --password=${MYSQL_ROOT_PASSWORD} -e 'select 1'; then
echo No other nodes found, so will initialize cluster.
function join_by { local IFS="$1"; shift; echo "$*"; } CLUSTER_INIT_ARGS=--wsrep-new-cluster
else
# Remove mariadb.pid if exists echo Found other live nodes, will attempt to join them.
if [[ -f /var/lib/mysql/mariadb.pid ]]; then mkdir /var/lib/mysql/mysql
if [[ `pgrep -c $(cat /var/lib/mysql/mariadb.pid)` -eq 0 ]]; then fi
rm -vf /var/lib/mysql/mariadb.pid else
echo Not pod 0, so will avoid upstream database initialization.
mkdir /var/lib/mysql/mysql
fi fi
fi fi
if [ "$REPLICAS" -eq 1 ] ; then #
if [[ ! -f ${INIT_MARKER} ]]; then # Construct cluster config
cd /var/lib/mysql #
echo "Creating one-instance MariaDB." CLUSTER_CONFIG_PATH=/etc/mysql/conf.d/10-cluster-config.cnf
bash /tmp/bootstrap-db.sh
touch ${INIT_MARKER} MEMBERS=
for i in $(seq 1 {{ .Values.replicas }}); do
NUM=$(expr $i - 1)
CANDIDATE_POD="{{ .Values.service_name }}-$NUM.{{ .Values.service_name }}-discovery"
if [ "x${CANDIDATE_POD}" != "x${POD_NAME}.{{ .Values.service_name }}-discovery" ]; then
if [ -n "${MEMBERS}" ]; then
MEMBERS+=,
fi
MEMBERS+="${CANDIDATE_POD}:{{ .Values.network.port.wsrep }}"
fi fi
exec mysqld_safe --defaults-file=/etc/my.cnf \ done
--console \
--wsrep-new-cluster \
--wsrep_cluster_address='gcomm://'
else
# give the seed more of a chance to be ready by the time echo
# we start the first pet so we succeed on the first pass echo Writing cluster config for ${POD_NAME} to ${CLUSTER_CONFIG_PATH}
# a little hacky, but prevents restarts as we aren't waiting echo vvv
# for job completion here so I'm not sure what else
# to look for
sleep 30
export WSREP_OPTIONS=`python /tmp/peer-finder.py mariadb 0` cat <<EOS | tee ${CLUSTER_CONFIG_PATH}
exec mysqld --defaults-file=/etc/my.cnf \ [mysqld]
--console \ wsrep_cluster_address="gcomm://${MEMBERS}"
--bind-address="0.0.0.0" \ wsrep_node_address=${POD_IP}
--wsrep_node_address="${POD_IP}:{{ .Values.network.port.wsrep }}" \ wsrep_node_name=${POD_NAME}.{{ .Values.service_name}}-discovery
--wsrep_provider_options="gmcast.listen_addr=tcp://${POD_IP}:{{ .Values.network.port.wsrep }}" \ EOS
$WSREP_OPTIONS
fi echo ^^^
echo Executinging upstream docker-entrypoint.
echo
#
# Start server
#
exec /usr/local/bin/docker-entrypoint.sh mysqld ${CLUSTER_INIT_ARGS}

10
mariadb/templates/configmap-bin.yaml
View File

@ -17,13 +17,7 @@ kind: ConfigMap
metadata: metadata:
name: mariadb-bin name: mariadb-bin
data: data:
readiness.sh: |
{{ tuple "bin/_readiness.sh.tpl" . | include "helm-toolkit.template" | indent 4 }}
start.sh: | start.sh: |
{{ tuple "bin/_start.sh.tpl" . | include "helm-toolkit.template" | indent 4 }} {{ tuple "bin/_start.sh.tpl" . | include "helm-toolkit.template" | indent 4 }}
peer-finder.py: |
{{ tuple "bin/_peer-finder.py.tpl" . | include "helm-toolkit.template" | indent 4 }}
readiness.py: |
{{ tuple "bin/_readiness.py.tpl" . | include "helm-toolkit.template" | indent 4 }}
bootstrap-db.sh: |
{{ tuple "bin/_bootstrap-db.sh.tpl" . | include "helm-toolkit.template" | indent 4 }}
seed.sh: |
{{ tuple "bin/_seed.sh.tpl" . | include "helm-toolkit.template" | indent 4 }}

22
mariadb/templates/configmap-etc.yaml
View File

@ -17,19 +17,11 @@ kind: ConfigMap
metadata: metadata:
name: mariadb-etc name: mariadb-etc
data: data:
charsets.cnf: |
{{ tuple "etc/_charsets.cnf.tpl" . | include "helm-toolkit.template" | indent 4 }}
engine.cnf: |
{{ tuple "etc/_engine.cnf.tpl" . | include "helm-toolkit.template" | indent 4 }}
my.cnf: | my.cnf: |
{{ tuple "etc/_galera-my.cnf.tpl" . | include "helm-toolkit.template" | indent 4 }} {{ tuple "etc/_my.cnf.tpl" . | include "helm-toolkit.template" | indent 4 }}
log.cnf: | 00-base.cnf: |
{{ tuple "etc/_log.cnf.tpl" . | include "helm-toolkit.template" | indent 4 }} {{ tuple "etc/_00-base.cnf.tpl" . | include "helm-toolkit.template" | indent 4 }}
pid.cnf: | 20-override.cnf: |
{{ tuple "etc/_pid.cnf.tpl" . | include "helm-toolkit.template" | indent 4 }} {{ tuple "etc/_20-override.cnf.tpl" . | include "helm-toolkit.template" | indent 4 }}
tuning.cnf: | 99-force.cnf: |
{{ tuple "etc/_tuning.cnf.tpl" . | include "helm-toolkit.template" | indent 4 }} {{ tuple "etc/_99-force.cnf.tpl" . | include "helm-toolkit.template" | indent 4 }}
networking.cnf: |
{{ tuple "etc/_networking.cnf.tpl" . | include "helm-toolkit.template" | indent 4 }}
wsrep.cnf: |
{{ tuple "etc/_wsrep.cnf.tpl" . | include "helm-toolkit.template" | indent 4 }}

59
mariadb/templates/etc/_tuning.cnf.tpl → mariadb/templates/etc/_00-base.cnf.tpl
View File

@ -13,6 +13,35 @@
# limitations under the License. # limitations under the License.
[mysqld] [mysqld]
# Charset
character_set_server=utf8
collation_server=utf8_unicode_ci
skip-character-set-client-handshake
# Logging
slow_query_log=on
slow_query_log_file=/var/log/mysql/mariadb-slow.log
log_warnings=2
# General logging has huge performance penalty therefore is disabled by default
general_log=off
general_log_file=/var/log/mysql/mariadb-error.log
long_query_time=3
log_queries_not_using_indexes=on
# Networking
bind_address=0.0.0.0
port={{ .Values.network.port.mariadb }}
# When a client connects, the server will perform hostname resolution,
# and when DNS is slow, establishing the connection will become slow as well.
# It is therefore recommended to start the server with skip-name-resolve to
# disable all DNS lookups. The only limitation is that the GRANT statements
# must then use IP addresses only.
skip_name_resolve
# Tuning
user=mysql user=mysql
max_allowed_packet=256M max_allowed_packet=256M
open_files_limit=10240 open_files_limit=10240
@ -27,7 +56,7 @@ max-connect-errors=1000000
## by setting query_cache_size=0 (now the default on MySQL 5.6) ## by setting query_cache_size=0 (now the default on MySQL 5.6)
## and to use other ways to speed up read queries: good indexing, adding ## and to use other ways to speed up read queries: good indexing, adding
## replicas to spread the read load or using an external cache. ## replicas to spread the read load or using an external cache.
query_cache_size =0 query_cache_size=0
query_cache_type=0 query_cache_type=0
sync_binlog=0 sync_binlog=0
@ -43,19 +72,37 @@ table_definition_cache=1024
# Typical values are 50..75% of available RAM. # Typical values are 50..75% of available RAM.
# TODO(tomasz.paszkowski): This needs to by dynamic based on avaliable RAM. # TODO(tomasz.paszkowski): This needs to by dynamic based on avaliable RAM.
innodb_buffer_pool_size=1024M innodb_buffer_pool_size=1024M
innodb_log_file_size=128M
innodb_flush_method=O_DIRECT
innodb_flush_log_at_trx_commit=2
innodb_old_blocks_time=1000
innodb_autoinc_lock_mode=2
innodb_doublewrite=0 innodb_doublewrite=0
innodb_file_format=Barracuda innodb_file_format=Barracuda
innodb_file_per_table=1 innodb_file_per_table=1
innodb_flush_method=O_DIRECT
innodb_io_capacity=500 innodb_io_capacity=500
innodb_locks_unsafe_for_binlog=1 innodb_locks_unsafe_for_binlog=1
innodb_log_file_size=128M
innodb_old_blocks_time=1000
innodb_read_io_threads=8 innodb_read_io_threads=8
innodb_write_io_threads=8 innodb_write_io_threads=8
# Clustering
binlog_format=ROW
default-storage-engine=InnoDB
innodb_autoinc_lock_mode=2
innodb_flush_log_at_trx_commit=2
wsrep_cluster_name={{ .Values.service_name }}
wsrep_on=1
wsrep_provider=/usr/lib/galera/libgalera_smm.so
wsrep_provider_options="gmcast.listen_addr=tcp://0.0.0.0:{{ .Values.network.port.wsrep }}"
wsrep_slave_threads=12
wsrep_sst_auth=root:{{ .Values.database.root_password }}
wsrep_sst_method=xtrabackup-v2
[mysqldump] [mysqldump]
max-allowed-packet=16M max-allowed-packet=16M
[client]
default_character_set=utf8
protocol=tcp
port={{ .Values.network.port.mariadb }}
connect_timeout=10

5
mariadb/templates/etc/_engine.cnf.tpl → mariadb/templates/etc/_20-override.cnf.tpl
View File

@ -12,7 +12,4 @@
# See the License for the specific language governing permissions and # See the License for the specific language governing permissions and
# limitations under the License. # limitations under the License.
[mysqld] {{ .Values.database.config_override }}
default-storage-engine=InnoDB
innodb=FORCE
binlog_format=ROW

3
mariadb/templates/etc/_pid.cnf.tpl → mariadb/templates/etc/_99-force.cnf.tpl
View File

@ -13,4 +13,5 @@
# limitations under the License. # limitations under the License.
[mysqld] [mysqld]
pid_file=/var/lib/mysql/mariadb.pid datadir=/var/lib/mysql
tmpdir=/tmp

25
mariadb/templates/etc/_log.cnf.tpl
View File

@ -1,25 +0,0 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
[mysqld]
slow_query_log=off
slow_query_log_file=/var/log/mysql/mariadb-slow.log
log_warnings=2
# General logging has huge performance penalty therefore is disabled by default
general_log=off
general_log_file=/var/log/mysql/mariadb-error.log
long_query_time=3
log_queries_not_using_indexes=on

2
mariadb/templates/etc/_galera-my.cnf.tpl → mariadb/templates/etc/_my.cnf.tpl
View File

@ -17,4 +17,4 @@ datadir=/var/lib/mysql
basedir=/usr basedir=/usr
[client-server] [client-server]
!includedir /etc/my.cnf.d/ !includedir /etc/mysql/conf.d/

28
mariadb/templates/etc/_networking.cnf.tpl
View File

@ -1,28 +0,0 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
[mysqld]
bind_address=0.0.0.0
port={{ .Values.network.port.mariadb }}
# When a client connects, the server will perform hostname resolution,
# and when DNS is slow, establishing the connection will become slow as well.
# It is therefore recommended to start the server with skip-name-resolve to
# disable all DNS lookups. The only limitation is that the GRANT statements
# must then use IP addresses only.
skip_name_resolve
[client]
protocol=tcp
port={{ .Values.network.port.mariadb }}

30
mariadb/templates/etc/_wsrep.cnf.tpl
View File

@ -1,30 +0,0 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
[mysqld]
wsrep_cluster_name="{{ .Values.database.cluster_name }}"
wsrep_provider=/usr/lib/galera/libgalera_smm.so
wsrep_provider_options="gcache.size=128M"
wsrep_slave_threads=12
wsrep_sst_auth=root:{{ .Values.database.root_password }}
wsrep_sst_method={{ .Values.database.wsrep_sst_method }}
# xtrabackup-v2 would be more desirable here, but its
# not in the upstream stackanetes images
# ()[mysql@mariadb-seed-gdqr8 /]$ xtrabackup --version
# xtrabackup version 2.2.13 based on MySQL server 5.6.24 Linux (x86_64) (revision id: 70f4be3)
wsrep_sst_method=xtrabackup-v2
wsrep_node_name={{ .Values.database.node_name }}
datadir=/var/lib/mysql
tmpdir=/tmp
user=mysql

108
mariadb/templates/job-seed.yaml
View File

@ -1,108 +0,0 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
---
apiVersion: batch/v1
kind: Job
metadata:
name: mariadb-seed
spec:
template:
metadata:
labels:
app: mariadb
spec:
restartPolicy: Never
nodeSelector:
{{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }}
containers:
- name: mariadb-init
image: {{ .Values.images.mariadb }}
imagePullPolicy: {{ .Values.images.pull_policy }}
{{- if .Values.resources.enabled }}
resources:
limits:
cpu: {{ .Values.resources.job.seed.limits.cpu | quote }}
memory: {{ .Values.resources.job.seed.limits.memory | quote }}
requests:
cpu: {{ .Values.resources.job.seed.requests.cpu | quote }}
memory: {{ .Values.resources.job.seed.requests.memory | quote }}
{{- end }}
command:
- bash
- /tmp/seed.sh
env:
- name: INTERFACE_NAME
value: "eth0"
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
- name: NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
ports:
- containerPort: {{ .Values.network.port.mariadb }}
- containerPort: {{ .Values.network.port.wsrep }}
- containerPort: {{ .Values.network.port.ist }}
volumeMounts:
- name: mycnfd
mountPath: /etc/my.cnf.d
- name: mariadb-bin
mountPath: /tmp/seed.sh
subPath: seed.sh
- name: mariadb-bin
mountPath: /tmp/bootstrap-db.sh
subPath: bootstrap-db.sh
- name: mariadb-bin
mountPath: /tmp/peer-finder.py
subPath: peer-finder.py
- name: mariadb-etc
mountPath: /etc/my.cnf.d/charsets.cnf
subPath: charsets.cnf
- name: mariadb-etc
mountPath: /etc/my.cnf.d/engine.cnf
subPath: engine.cnf
- name: mariadb-etc
mountPath: /etc/my.cnf.d/log.cnf
subPath: log.cnf
- name: mariadb-etc
mountPath: /etc/my.cnf
subPath: my.cnf
- name: mariadb-etc
mountPath: /etc/my.cnf.d/networking.cnf
subPath: networking.cnf
- name: mariadb-etc
mountPath: /etc/my.cnf.d/pid.cnf
subPath: pid.cnf
- name: mariadb-etc
mountPath: /etc/my.cnf.d/tuning.cnf
subPath: tuning.cnf
- name: mariadb-etc
mountPath: /etc/my.cnf.d/wsrep.cnf
subPath: wsrep.cnf
volumes:
- name: mycnfd
emptyDir: {}
- name: mariadb-bin
configMap:
name: mariadb-bin
- name: mariadb-etc
configMap:
name: mariadb-etc

22
mariadb/templates/etc/_charsets.cnf.tpl → mariadb/templates/service-discovery.yaml
View File

@ -12,10 +12,18 @@
# See the License for the specific language governing permissions and # See the License for the specific language governing permissions and
# limitations under the License. # limitations under the License.
[mysqld] # This service could be used for cluster pod discovery, though instead it's
character_set_server=utf8 # primarily here to allow DNS lookups of cluster pods.
collation_server=utf8_unicode_ci apiVersion: v1
skip-character-set-client-handshake kind: Service
metadata:
[client] name: {{ .Values.service_name }}-discovery
default_character_set=utf8 annotations:
service.alpha.kubernetes.io/tolerate-unready-endpoints: "true"
spec:
ports:
- name: db
port: {{ .Values.network.port.mariadb }}
clusterIP: None
selector:
app: {{ .Values.service_name }}

79
mariadb/templates/deployment.yaml → mariadb/templates/statefulset.yaml
View File

@ -18,20 +18,14 @@ kind: StatefulSet
metadata: metadata:
name: {{ .Values.service_name }} name: {{ .Values.service_name }}
spec: spec:
serviceName: "{{ .Values.service_name }}" serviceName: "{{ .Values.service_name }}-discovery"
{{- if .Values.development.enabled }}
replicas: 1
{{- else }}
replicas: {{ .Values.replicas }} replicas: {{ .Values.replicas }}
{{- end }}
template: template:
metadata: metadata:
labels: labels:
app: {{ .Values.service_name }} app: {{ .Values.service_name }}
galera: enabled galera: enabled
annotations: annotations:
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.hash" }}
# alanmeadows: this soft requirement allows single # alanmeadows: this soft requirement allows single
# host deployments to spawn several mariadb containers # host deployments to spawn several mariadb containers
# but in a larger environment, would attempt to spread # but in a larger environment, would attempt to spread
@ -72,73 +66,40 @@ spec:
- bash - bash
- /tmp/start.sh - /tmp/start.sh
env: env:
- name: INTERFACE_NAME
value: "eth0"
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_IP - name: POD_IP
valueFrom: valueFrom:
fieldRef: fieldRef:
fieldPath: status.podIP fieldPath: status.podIP
- name: NAMESPACE - name: POD_NAME
valueFrom: valueFrom:
fieldRef: fieldRef:
fieldPath: metadata.namespace fieldPath: metadata.name
ports:
- containerPort: {{ .Values.network.port.mariadb }}
- containerPort: {{ .Values.network.port.wsrep }}
- containerPort: {{ .Values.network.port.ist }}
# a readinessprobe is a much more complex affair with
# statefulsets, as the container must be "live"
# before the next stateful member is created
# and with galera this is problematic
readinessProbe: readinessProbe:
exec: exec:
command: command:
- python - bash
- /mariadb-readiness.py - /tmp/readiness.sh
initialDelaySeconds: 60
volumeMounts: volumeMounts:
- name: mycnfd - name: mycnfd
mountPath: /etc/my.cnf.d mountPath: /etc/mysql/conf.d
- name: mariadb-bin
mountPath: /tmp/readiness.sh
subPath: readiness.sh
- name: mariadb-bin - name: mariadb-bin
mountPath: /tmp/start.sh mountPath: /tmp/start.sh
subPath: start.sh subPath: start.sh
- name: mariadb-bin
mountPath: /tmp/bootstrap-db.sh
subPath: bootstrap-db.sh
- name: mariadb-bin
mountPath: /tmp/peer-finder.py
subPath: peer-finder.py
- name: mariadb-bin
mountPath: /mariadb-readiness.py
subPath: readiness.py
- name: mariadb-etc - name: mariadb-etc
mountPath: /etc/my.cnf.d/charsets.cnf mountPath: /etc/mysql/my.cnf
subPath: charsets.cnf
- name: mariadb-etc
mountPath: /etc/my.cnf.d/engine.cnf
subPath: engine.cnf
- name: mariadb-etc
mountPath: /etc/my.cnf.d/log.cnf
subPath: log.cnf
- name: mariadb-etc
mountPath: /etc/my.cnf
subPath: my.cnf subPath: my.cnf
- name: mariadb-etc - name: mariadb-etc
mountPath: /etc/my.cnf.d/networking.cnf mountPath: /etc/mysql/conf.d/00-base.cnf
subPath: networking.cnf subPath: 00-base.cnf
- name: mariadb-etc - name: mariadb-etc
mountPath: /etc/my.cnf.d/pid.cnf mountPath: /etc/mysql/conf.d/20-override.cnf
subPath: pid.cnf subPath: 20-override.cnf
- name: mariadb-etc - name: mariadb-etc
mountPath: /etc/my.cnf.d/tuning.cnf mountPath: /etc/mysql/conf.d/99-force.cnf
subPath: tuning.cnf subPath: 99-force.cnf
- name: mariadb-etc
mountPath: /etc/my.cnf.d/wsrep.cnf
subPath: wsrep.cnf
- name: mysql-data - name: mysql-data
mountPath: /var/lib/mysql mountPath: /var/lib/mysql
volumes: volumes:
@ -150,11 +111,11 @@ spec:
- name: mariadb-etc - name: mariadb-etc
configMap: configMap:
name: mariadb-etc name: mariadb-etc
{{- if .Values.development.enabled }} {{- if not .Values.volume.enabled }}
- name: mysql-data - name: mysql-data
hostPath: emptyDir: {}
path: {{ .Values.development.storage_path }} {{- end }}
{{- else }} {{- if .Values.volume.enabled }}
volumeClaimTemplates: volumeClaimTemplates:
- metadata: - metadata:
name: mysql-data name: mysql-data

41
mariadb/values.yaml
View File

@ -12,23 +12,9 @@
# See the License for the specific language governing permissions and # See the License for the specific language governing permissions and
# limitations under the License. # limitations under the License.
# note that you need to update the gcomm member list
# below when changing this value
replicas: 3 replicas: 3
# this flag allows a "leaner" version of this chart to be installed force_bootstrap: false
# likely lacking any resiliency or persistence, but will help
# both laptop developers and cicd systems
#
# it will deploy a single instance of mariadb, use nodeDir
# for persistence and satisfy the mariadb-seed job with
# a busybox mock
#
# note enabling this flag takes precedence when enabled and
# will override certain things, like the replicas requested
development:
enabled: false
storage_path: /var/lib/localkube/openstack-helm/mariadb
resources: resources:
enabled: false enabled: false
@ -39,23 +25,16 @@ resources:
requests: requests:
memory: "128Mi" memory: "128Mi"
cpu: "500m" cpu: "500m"
job:
seed:
limits:
memory: "128Mi"
cpu: "500m"
requests:
memory: "128Mi"
cpu: "500m"
# this drives the service name, and statefulset name # this drives the service name, and statefulset name
service_name: mariadb service_name: mariadb
images: images:
mariadb: quay.io/stackanetes/stackanetes-mariadb:newton mariadb: mariadb:10.1.23
pull_policy: IfNotPresent pull_policy: IfNotPresent
volume: volume:
enabled: true
class_path: volume.beta.kubernetes.io/storage-class class_path: volume.beta.kubernetes.io/storage-class
class_name: general class_name: general
size: 2Gi size: 2Gi
@ -66,14 +45,14 @@ labels:
network: network:
port: port:
wsrep: 4567
mariadb: 3306
ist: 4444 ist: 4444
dns: mariadb: 3306
kubernetes_domain: cluster.local wsrep: 4567
database: database:
root_password: password root_password: password
cluster_name: mariadb
node_name: master # Any configuration here will override the base config.
wsrep_sst_method: rsync # config_override: |-
# [mysqld]
# wsrep_slave_threads=1

2
mistral/values.yaml
View File

@ -82,8 +82,6 @@ network:
dependencies: dependencies:
db_init: db_init:
jobs:
- mariadb-seed
service: service:
- mariadb - mariadb
db_sync: db_sync:

2
neutron/values.yaml
View File

@ -126,8 +126,6 @@ ml2:
dependencies: dependencies:
db_init: db_init:
jobs:
- mariadb-seed
service: service:
- mariadb - mariadb
db_sync: db_sync:

2
nova/values.yaml
View File

@ -144,8 +144,6 @@ dependencies:
service: service:
- mariadb - mariadb
db_init: db_init:
jobs:
- mariadb-seed
service: service:
- mariadb - mariadb
db_sync: db_sync:

2
senlin/values.yaml
View File

@ -95,8 +95,6 @@ network:
dependencies: dependencies:
db_init: db_init:
jobs:
- mariadb-seed
service: service:
- mariadb - mariadb
db_sync: db_sync: