Update CRD apiVersion to v1 (from v1beta)
This change enables installing the zuul-operator on a recent cluster, where CRD are no longer beta: - Update apiVersion in the CRD - Update cert-manager to v1.8.2 - Update pxc to v1.10.0 - Add openAPIV3Schema to zuul crd (from https://review.opendev.org/c/zuul/zuul-operator/+/800302) Change-Id: I12ac02d609ea6a2806c734ca00023e4d1059af37
This commit is contained in:
parent
63685df30b
commit
8c6ad5f431
@ -23,3 +23,7 @@ spec:
|
|||||||
externalConfig:
|
externalConfig:
|
||||||
kubernetes:
|
kubernetes:
|
||||||
secretName: nodepool-kube-config
|
secretName: nodepool-kube-config
|
||||||
|
#
|
||||||
|
# uncomment the following if the k8s cluster has less than 3 nodes:
|
||||||
|
# database:
|
||||||
|
# allowUnsafeConfig: true
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
apiVersion: apiextensions.k8s.io/v1beta1
|
apiVersion: apiextensions.k8s.io/v1
|
||||||
kind: CustomResourceDefinition
|
kind: CustomResourceDefinition
|
||||||
metadata:
|
metadata:
|
||||||
name: zuuls.operator.zuul-ci.org
|
name: zuuls.operator.zuul-ci.org
|
||||||
@ -12,12 +12,167 @@ spec:
|
|||||||
shortNames:
|
shortNames:
|
||||||
- zuul
|
- zuul
|
||||||
scope: Namespaced
|
scope: Namespaced
|
||||||
subresources:
|
|
||||||
status: {}
|
|
||||||
versions:
|
versions:
|
||||||
- name: v1alpha1
|
- name: v1alpha1
|
||||||
served: false
|
served: false
|
||||||
storage: false
|
storage: false
|
||||||
- name: v1alpha2
|
schema:
|
||||||
served: true
|
openAPIV3Schema:
|
||||||
storage: true
|
type: object
|
||||||
|
- name: v1alpha2
|
||||||
|
served: true
|
||||||
|
storage: true
|
||||||
|
schema:
|
||||||
|
openAPIV3Schema:
|
||||||
|
type: object
|
||||||
|
properties:
|
||||||
|
spec:
|
||||||
|
type: object
|
||||||
|
properties:
|
||||||
|
imagePrefix:
|
||||||
|
type: string
|
||||||
|
imagePullSecrets:
|
||||||
|
type: array
|
||||||
|
items:
|
||||||
|
type: string
|
||||||
|
zuulImageVersion:
|
||||||
|
type: string
|
||||||
|
zuulPreviewImageVersion:
|
||||||
|
type: string
|
||||||
|
zuulRegistryImageVersion:
|
||||||
|
type: string
|
||||||
|
nodepoolImageVersion:
|
||||||
|
type: string
|
||||||
|
database:
|
||||||
|
type: object
|
||||||
|
properties:
|
||||||
|
secretName:
|
||||||
|
type: string
|
||||||
|
allowUnsafeConfig:
|
||||||
|
type: boolean
|
||||||
|
default: false
|
||||||
|
zookeeper:
|
||||||
|
type: object
|
||||||
|
properties:
|
||||||
|
hosts:
|
||||||
|
type: string
|
||||||
|
secretName:
|
||||||
|
type: string
|
||||||
|
env:
|
||||||
|
type: object
|
||||||
|
x-kubernetes-preserve-unknown-fields: true
|
||||||
|
scheduler:
|
||||||
|
type: object
|
||||||
|
properties:
|
||||||
|
config:
|
||||||
|
type: object
|
||||||
|
properties:
|
||||||
|
secretName:
|
||||||
|
type: string
|
||||||
|
count:
|
||||||
|
type: integer
|
||||||
|
default: 1
|
||||||
|
minimum: 1
|
||||||
|
launcher:
|
||||||
|
type: object
|
||||||
|
properties:
|
||||||
|
config:
|
||||||
|
type: object
|
||||||
|
properties:
|
||||||
|
secretName:
|
||||||
|
type: string
|
||||||
|
executor:
|
||||||
|
type: object
|
||||||
|
properties:
|
||||||
|
count:
|
||||||
|
type: integer
|
||||||
|
default: 1
|
||||||
|
minimum: 1
|
||||||
|
sshkey:
|
||||||
|
type: object
|
||||||
|
properties:
|
||||||
|
secretName:
|
||||||
|
type: string
|
||||||
|
terminationGracePeriodSeconds:
|
||||||
|
type: integer
|
||||||
|
default: 21600
|
||||||
|
minimum: 0
|
||||||
|
merger:
|
||||||
|
type: object
|
||||||
|
properties:
|
||||||
|
count:
|
||||||
|
type: integer
|
||||||
|
git_user_email:
|
||||||
|
type: string
|
||||||
|
git_user_name:
|
||||||
|
type: string
|
||||||
|
web:
|
||||||
|
type: object
|
||||||
|
properties:
|
||||||
|
count:
|
||||||
|
type: integer
|
||||||
|
default: 1
|
||||||
|
status_url:
|
||||||
|
type: string
|
||||||
|
fingergw:
|
||||||
|
type: object
|
||||||
|
properties:
|
||||||
|
count:
|
||||||
|
type: integer
|
||||||
|
default: 1
|
||||||
|
connections:
|
||||||
|
type: object
|
||||||
|
x-kubernetes-preserve-unknown-fields: true
|
||||||
|
externalConfig:
|
||||||
|
type: object
|
||||||
|
x-kubernetes-preserve-unknown-fields: true
|
||||||
|
jobVolumes:
|
||||||
|
type: array
|
||||||
|
items:
|
||||||
|
type: object
|
||||||
|
properties:
|
||||||
|
context:
|
||||||
|
type: string
|
||||||
|
pattern: ^(trusted|untrusted)$
|
||||||
|
access:
|
||||||
|
type: string
|
||||||
|
pattern: ^(rw|ro)$
|
||||||
|
path:
|
||||||
|
type: string
|
||||||
|
volume:
|
||||||
|
type: object
|
||||||
|
properties:
|
||||||
|
name:
|
||||||
|
type: string
|
||||||
|
hostPath:
|
||||||
|
type: object
|
||||||
|
properties:
|
||||||
|
path:
|
||||||
|
type: string
|
||||||
|
type:
|
||||||
|
type: string
|
||||||
|
preview:
|
||||||
|
type: object
|
||||||
|
properties:
|
||||||
|
count:
|
||||||
|
type: integer
|
||||||
|
default: 0
|
||||||
|
registry:
|
||||||
|
type: object
|
||||||
|
properties:
|
||||||
|
count:
|
||||||
|
type: integer
|
||||||
|
default: 0
|
||||||
|
volumeSize:
|
||||||
|
type: string
|
||||||
|
default: "80G"
|
||||||
|
tls:
|
||||||
|
type: object
|
||||||
|
properties:
|
||||||
|
secretName:
|
||||||
|
type: string
|
||||||
|
config:
|
||||||
|
type: object
|
||||||
|
properties:
|
||||||
|
secretName:
|
||||||
|
type: string
|
||||||
|
@ -613,7 +613,7 @@ verbatim):
|
|||||||
How many Zuul Registry servers to manage.
|
How many Zuul Registry servers to manage.
|
||||||
|
|
||||||
.. attr:: volumeSize
|
.. attr:: volumeSize
|
||||||
:default: 80Gi
|
:default: 80G
|
||||||
|
|
||||||
The requested size of the registry storage volume.
|
The requested size of the registry storage volume.
|
||||||
|
|
||||||
|
@ -27,7 +27,7 @@ class CertManager:
|
|||||||
self.log = logger
|
self.log = logger
|
||||||
|
|
||||||
def is_installed(self):
|
def is_installed(self):
|
||||||
kind = objects.get_object('apiextensions.k8s.io/v1beta1',
|
kind = objects.get_object('apiextensions.k8s.io/v1',
|
||||||
'CustomResourceDefinition')
|
'CustomResourceDefinition')
|
||||||
try:
|
try:
|
||||||
kind.objects(self.api).\
|
kind.objects(self.api).\
|
||||||
|
@ -19,13 +19,13 @@ from pykube.objects import *
|
|||||||
|
|
||||||
|
|
||||||
class Issuer(NamespacedAPIObject):
|
class Issuer(NamespacedAPIObject):
|
||||||
version = "cert-manager.io/v1alpha2"
|
version = "cert-manager.io/v1"
|
||||||
endpoint = "issuers"
|
endpoint = "issuers"
|
||||||
kind = "Issuer"
|
kind = "Issuer"
|
||||||
|
|
||||||
|
|
||||||
class Certificate(NamespacedAPIObject):
|
class Certificate(NamespacedAPIObject):
|
||||||
version = "cert-manager.io/v1alpha2"
|
version = "cert-manager.io/v1"
|
||||||
endpoint = "certificates"
|
endpoint = "certificates"
|
||||||
kind = "Certificate"
|
kind = "Certificate"
|
||||||
|
|
||||||
@ -42,8 +42,8 @@ class ValidatingWebhookConfiguration(APIObject):
|
|||||||
kind = 'ValidatingWebhookConfiguration'
|
kind = 'ValidatingWebhookConfiguration'
|
||||||
|
|
||||||
|
|
||||||
class CustomResourceDefinition_v1beta1(APIObject):
|
class CustomResourceDefinition(APIObject):
|
||||||
version = "apiextensions.k8s.io/v1beta1"
|
version = "apiextensions.k8s.io/v1"
|
||||||
endpoint = "customresourcedefinitions"
|
endpoint = "customresourcedefinitions"
|
||||||
kind = "CustomResourceDefinition"
|
kind = "CustomResourceDefinition"
|
||||||
|
|
||||||
@ -54,6 +54,12 @@ class Role_v1beta1(NamespacedAPIObject):
|
|||||||
kind = "Role"
|
kind = "Role"
|
||||||
|
|
||||||
|
|
||||||
|
class PodDisruptionBudget(NamespacedAPIObject):
|
||||||
|
version = "policy/v1"
|
||||||
|
endpoint = "poddisruptionbudgets"
|
||||||
|
kind = "PodDisruptionBudget"
|
||||||
|
|
||||||
|
|
||||||
class ClusterRole_v1beta1(APIObject):
|
class ClusterRole_v1beta1(APIObject):
|
||||||
version = "rbac.authorization.k8s.io/v1beta1"
|
version = "rbac.authorization.k8s.io/v1beta1"
|
||||||
endpoint = "clusterroles"
|
endpoint = "clusterroles"
|
||||||
@ -61,7 +67,7 @@ class ClusterRole_v1beta1(APIObject):
|
|||||||
|
|
||||||
|
|
||||||
class PerconaXtraDBCluster(NamespacedAPIObject):
|
class PerconaXtraDBCluster(NamespacedAPIObject):
|
||||||
version = "pxc.percona.com/v1-7-0"
|
version = "pxc.percona.com/v1-11-0"
|
||||||
endpoint = "perconaxtradbclusters"
|
endpoint = "perconaxtradbclusters"
|
||||||
kind = "PerconaXtraDBCluster"
|
kind = "PerconaXtraDBCluster"
|
||||||
|
|
||||||
|
@ -28,7 +28,7 @@ class PXC:
|
|||||||
self.log = logger
|
self.log = logger
|
||||||
|
|
||||||
def is_installed(self):
|
def is_installed(self):
|
||||||
kind = objects.get_object('apiextensions.k8s.io/v1beta1',
|
kind = objects.get_object('apiextensions.k8s.io/v1',
|
||||||
'CustomResourceDefinition')
|
'CustomResourceDefinition')
|
||||||
try:
|
try:
|
||||||
kind.objects(self.api).\
|
kind.objects(self.api).\
|
||||||
@ -44,9 +44,7 @@ class PXC:
|
|||||||
# deleted and the cluster orphaned. Basically, we get to
|
# deleted and the cluster orphaned. Basically, we get to
|
||||||
# choose whether to orphan the cluster or the operator, and
|
# choose whether to orphan the cluster or the operator, and
|
||||||
# the operator seems like the better choice.
|
# the operator seems like the better choice.
|
||||||
utils.apply_file(self.api, 'pxc-crd.yaml', _adopt=False)
|
utils.apply_file(self.api, 'pxc-bundle.yaml', _adopt=False)
|
||||||
utils.apply_file(self.api, 'pxc-operator.yaml',
|
|
||||||
namespace=self.namespace, _adopt=False)
|
|
||||||
|
|
||||||
def create_cluster(self, small):
|
def create_cluster(self, small):
|
||||||
kw = {'namespace': self.namespace}
|
kw = {'namespace': self.namespace}
|
||||||
|
@ -1,12 +1,12 @@
|
|||||||
---
|
---
|
||||||
apiVersion: cert-manager.io/v1alpha2
|
apiVersion: cert-manager.io/v1
|
||||||
kind: Issuer
|
kind: Issuer
|
||||||
metadata:
|
metadata:
|
||||||
name: selfsigned-issuer
|
name: selfsigned-issuer
|
||||||
spec:
|
spec:
|
||||||
selfSigned: {}
|
selfSigned: {}
|
||||||
---
|
---
|
||||||
apiVersion: cert-manager.io/v1alpha2
|
apiVersion: cert-manager.io/v1
|
||||||
kind: Certificate
|
kind: Certificate
|
||||||
metadata:
|
metadata:
|
||||||
name: ca-cert
|
name: ca-cert
|
||||||
@ -16,9 +16,10 @@ spec:
|
|||||||
duration: 87600h # 10y
|
duration: 87600h # 10y
|
||||||
renewBefore: 360h # 15d
|
renewBefore: 360h # 15d
|
||||||
isCA: true
|
isCA: true
|
||||||
keySize: 2048
|
privateKey:
|
||||||
keyAlgorithm: rsa
|
size: 2048
|
||||||
keyEncoding: pkcs1
|
algorithm: RSA
|
||||||
|
encoding: PKCS1
|
||||||
commonName: cacert
|
commonName: cacert
|
||||||
# At least one of a DNS Name, URI, or IP address is required.
|
# At least one of a DNS Name, URI, or IP address is required.
|
||||||
dnsNames:
|
dnsNames:
|
||||||
@ -27,7 +28,7 @@ spec:
|
|||||||
issuerRef:
|
issuerRef:
|
||||||
name: selfsigned-issuer
|
name: selfsigned-issuer
|
||||||
---
|
---
|
||||||
apiVersion: cert-manager.io/v1alpha2
|
apiVersion: cert-manager.io/v1
|
||||||
kind: Issuer
|
kind: Issuer
|
||||||
metadata:
|
metadata:
|
||||||
name: ca-issuer
|
name: ca-issuer
|
||||||
|
File diff suppressed because it is too large
Load Diff
8978
zuul_operator/templates/pxc-bundle.yaml
Normal file
8978
zuul_operator/templates/pxc-bundle.yaml
Normal file
File diff suppressed because it is too large
Load Diff
@ -1,5 +1,5 @@
|
|||||||
---
|
# Adapted from https://raw.githubusercontent.com/percona/percona-xtradb-cluster-operator/v1.11.0/deploy/cr.yaml
|
||||||
apiVersion: pxc.percona.com/v1-7-0
|
apiVersion: pxc.percona.com/v1-11-0
|
||||||
kind: PerconaXtraDBCluster
|
kind: PerconaXtraDBCluster
|
||||||
metadata:
|
metadata:
|
||||||
name: db-cluster
|
name: db-cluster
|
||||||
@ -10,12 +10,13 @@ metadata:
|
|||||||
# annotations:
|
# annotations:
|
||||||
# percona.com/issue-vault-token: "true"
|
# percona.com/issue-vault-token: "true"
|
||||||
spec:
|
spec:
|
||||||
crVersion: 1.7.0
|
crVersion: 1.11.0
|
||||||
secretsName: db-cluster-secrets
|
secretsName: db-cluster-secrets
|
||||||
vaultSecretName: keyring-secret-vault
|
vaultSecretName: keyring-secret-vault
|
||||||
sslSecretName: db-cluster-ssl
|
sslSecretName: db-cluster-ssl
|
||||||
sslInternalSecretName: db-cluster-ssl-internal
|
sslInternalSecretName: db-cluster-ssl-internal
|
||||||
logCollectorSecretName: db-log-collector-secrets
|
logCollectorSecretName: db-log-collector-secrets
|
||||||
|
# initImage: percona/percona-xtradb-cluster-operator:1.11.0
|
||||||
# enableCRValidationWebhook: true
|
# enableCRValidationWebhook: true
|
||||||
# tls:
|
# tls:
|
||||||
# SANs:
|
# SANs:
|
||||||
@ -31,19 +32,38 @@ spec:
|
|||||||
updateStrategy: SmartUpdate
|
updateStrategy: SmartUpdate
|
||||||
upgradeOptions:
|
upgradeOptions:
|
||||||
versionServiceEndpoint: https://check.percona.com
|
versionServiceEndpoint: https://check.percona.com
|
||||||
apply: recommended
|
apply: 8.0-recommended
|
||||||
schedule: "0 4 * * *"
|
schedule: "0 4 * * *"
|
||||||
pxc:
|
pxc:
|
||||||
size: 3
|
size: 3
|
||||||
image: percona/percona-xtradb-cluster:8.0.21-12.1
|
image: percona/percona-xtradb-cluster:8.0.27-18.1
|
||||||
autoRecovery: true
|
autoRecovery: true
|
||||||
|
# expose:
|
||||||
|
# enabled: true
|
||||||
|
# type: LoadBalancer
|
||||||
|
# trafficPolicy: Local
|
||||||
|
# loadBalancerSourceRanges:
|
||||||
|
# - 10.0.0.0/8
|
||||||
|
# annotations:
|
||||||
|
# networking.gke.io/load-balancer-type: "Internal"
|
||||||
|
# replicationChannels:
|
||||||
|
# - name: pxc1_to_pxc2
|
||||||
|
# isSource: true
|
||||||
|
# - name: pxc2_to_pxc1
|
||||||
|
# isSource: false
|
||||||
|
# configuration:
|
||||||
|
# sourceRetryCount: 3
|
||||||
|
# sourceConnectRetry: 60
|
||||||
|
# sourcesList:
|
||||||
|
# - host: 10.95.251.101
|
||||||
|
# port: 3306
|
||||||
|
# weight: 100
|
||||||
# schedulerName: mycustom-scheduler
|
# schedulerName: mycustom-scheduler
|
||||||
# readinessDelaySec: 15
|
# readinessDelaySec: 15
|
||||||
# livenessDelaySec: 600
|
# livenessDelaySec: 600
|
||||||
# forceUnsafeBootstrap: false
|
|
||||||
# configuration: |
|
# configuration: |
|
||||||
# [mysqld]
|
# [mysqld]
|
||||||
# wsrep_debug=ON
|
# wsrep_debug=CLIENT
|
||||||
# wsrep_provider_options="gcache.size=1G; gcache.recover=yes"
|
# wsrep_provider_options="gcache.size=1G; gcache.recover=yes"
|
||||||
# [sst]
|
# [sst]
|
||||||
# xbstream-opts=--decompress
|
# xbstream-opts=--decompress
|
||||||
@ -59,6 +79,18 @@ spec:
|
|||||||
# iam.amazonaws.com/role: role-arn
|
# iam.amazonaws.com/role: role-arn
|
||||||
# labels:
|
# labels:
|
||||||
# rack: rack-22
|
# rack: rack-22
|
||||||
|
# readinessProbes:
|
||||||
|
# initialDelaySeconds: 15
|
||||||
|
# timeoutSeconds: 15
|
||||||
|
# periodSeconds: 30
|
||||||
|
# successThreshold: 1
|
||||||
|
# failureThreshold: 5
|
||||||
|
# livenessProbes:
|
||||||
|
# initialDelaySeconds: 300
|
||||||
|
# timeoutSeconds: 5
|
||||||
|
# periodSeconds: 10
|
||||||
|
# successThreshold: 1
|
||||||
|
# failureThreshold: 3
|
||||||
# containerSecurityContext:
|
# containerSecurityContext:
|
||||||
# privileged: false
|
# privileged: false
|
||||||
# podSecurityContext:
|
# podSecurityContext:
|
||||||
@ -66,18 +98,32 @@ spec:
|
|||||||
# runAsGroup: 1001
|
# runAsGroup: 1001
|
||||||
# supplementalGroups: [1001]
|
# supplementalGroups: [1001]
|
||||||
# serviceAccountName: percona-xtradb-cluster-operator-workload
|
# serviceAccountName: percona-xtradb-cluster-operator-workload
|
||||||
imagePullPolicy: IfNotPresent # corvus
|
# imagePullPolicy: Always
|
||||||
|
# runtimeClassName: image-rc
|
||||||
|
# sidecars:
|
||||||
|
# - image: busybox
|
||||||
|
# command: ["/bin/sh"]
|
||||||
|
# args: ["-c", "while true; do trap 'exit 0' SIGINT SIGTERM SIGQUIT SIGKILL; done;"]
|
||||||
|
# name: my-sidecar-1
|
||||||
|
# resources:
|
||||||
|
# requests:
|
||||||
|
# memory: 100M
|
||||||
|
# cpu: 100m
|
||||||
|
# limits:
|
||||||
|
# memory: 200M
|
||||||
|
# cpu: 200m
|
||||||
|
# envVarsSecret: my-env-var-secrets
|
||||||
{%- if not allow_unsafe %}
|
{%- if not allow_unsafe %}
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
memory: 1G
|
memory: 1G
|
||||||
cpu: 600m
|
cpu: 600m
|
||||||
{%- endif %}
|
{%- endif %}
|
||||||
# ephemeral-storage: 1Gi
|
# ephemeral-storage: 1G
|
||||||
# limits:
|
# limits:
|
||||||
# memory: 1G
|
# memory: 1G
|
||||||
# cpu: "1"
|
# cpu: "1"
|
||||||
# ephemeral-storage: 1Gi
|
# ephemeral-storage: 1G
|
||||||
# nodeSelector:
|
# nodeSelector:
|
||||||
# disktype: ssd
|
# disktype: ssd
|
||||||
affinity:
|
affinity:
|
||||||
@ -110,21 +156,29 @@ spec:
|
|||||||
# accessModes: [ "ReadWriteOnce" ]
|
# accessModes: [ "ReadWriteOnce" ]
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
storage: 6Gi
|
storage: 6G
|
||||||
gracePeriod: 600
|
gracePeriod: 600
|
||||||
haproxy:
|
haproxy:
|
||||||
enabled: true
|
enabled: true
|
||||||
size: 3
|
size: 3
|
||||||
image: percona/percona-xtradb-cluster-operator:1.7.0-haproxy
|
image: percona/percona-xtradb-cluster-operator:1.11.0-haproxy
|
||||||
imagePullPolicy: IfNotPresent # corvus
|
# replicasServiceEnabled: false
|
||||||
|
# imagePullPolicy: Always
|
||||||
# schedulerName: mycustom-scheduler
|
# schedulerName: mycustom-scheduler
|
||||||
|
# readinessDelaySec: 15
|
||||||
|
# livenessDelaySec: 600
|
||||||
# configuration: |
|
# configuration: |
|
||||||
|
#
|
||||||
|
# the actual default configuration file can be found here https://github.com/percona/percona-docker/blob/main/haproxy/dockerdir/etc/haproxy/haproxy-global.cfg
|
||||||
|
#
|
||||||
# global
|
# global
|
||||||
# maxconn 2048
|
# maxconn 2048
|
||||||
# external-check
|
# external-check
|
||||||
# stats socket /var/run/haproxy.sock mode 600 expose-fd listeners level user
|
# insecure-fork-wanted
|
||||||
|
# stats socket /etc/haproxy/pxc/haproxy.sock mode 600 expose-fd listeners level admin
|
||||||
#
|
#
|
||||||
# defaults
|
# defaults
|
||||||
|
# default-server init-addr last,libc,none
|
||||||
# log global
|
# log global
|
||||||
# mode tcp
|
# mode tcp
|
||||||
# retries 10
|
# retries 10
|
||||||
@ -134,27 +188,70 @@ spec:
|
|||||||
#
|
#
|
||||||
# frontend galera-in
|
# frontend galera-in
|
||||||
# bind *:3309 accept-proxy
|
# bind *:3309 accept-proxy
|
||||||
# bind *:3306 accept-proxy
|
# bind *:3306
|
||||||
# mode tcp
|
# mode tcp
|
||||||
# option clitcpka
|
# option clitcpka
|
||||||
# default_backend galera-nodes
|
# default_backend galera-nodes
|
||||||
#
|
#
|
||||||
|
# frontend galera-admin-in
|
||||||
|
# bind *:33062
|
||||||
|
# mode tcp
|
||||||
|
# option clitcpka
|
||||||
|
# default_backend galera-admin-nodes
|
||||||
|
#
|
||||||
# frontend galera-replica-in
|
# frontend galera-replica-in
|
||||||
# bind *:3307
|
# bind *:3307
|
||||||
# mode tcp
|
# mode tcp
|
||||||
# option clitcpka
|
# option clitcpka
|
||||||
# default_backend galera-replica-nodes
|
# default_backend galera-replica-nodes
|
||||||
|
#
|
||||||
|
# frontend galera-mysqlx-in
|
||||||
|
# bind *:33060
|
||||||
|
# mode tcp
|
||||||
|
# option clitcpka
|
||||||
|
# default_backend galera-mysqlx-nodes
|
||||||
|
#
|
||||||
|
# frontend stats
|
||||||
|
# bind *:8404
|
||||||
|
# mode http
|
||||||
|
# option http-use-htx
|
||||||
|
# http-request use-service prometheus-exporter if { path /metrics }
|
||||||
# imagePullSecrets:
|
# imagePullSecrets:
|
||||||
# - name: private-registry-credentials
|
# - name: private-registry-credentials
|
||||||
# annotations:
|
# annotations:
|
||||||
# iam.amazonaws.com/role: role-arn
|
# iam.amazonaws.com/role: role-arn
|
||||||
# labels:
|
# labels:
|
||||||
# rack: rack-22
|
# rack: rack-22
|
||||||
|
# readinessProbes:
|
||||||
|
# initialDelaySeconds: 15
|
||||||
|
# timeoutSeconds: 1
|
||||||
|
# periodSeconds: 5
|
||||||
|
# successThreshold: 1
|
||||||
|
# failureThreshold: 3
|
||||||
|
# livenessProbes:
|
||||||
|
# initialDelaySeconds: 60
|
||||||
|
# timeoutSeconds: 5
|
||||||
|
# periodSeconds: 30
|
||||||
|
# successThreshold: 1
|
||||||
|
# failureThreshold: 4
|
||||||
# serviceType: ClusterIP
|
# serviceType: ClusterIP
|
||||||
# externalTrafficPolicy: Cluster
|
# externalTrafficPolicy: Cluster
|
||||||
# replicasServiceType: ClusterIP
|
# replicasServiceType: ClusterIP
|
||||||
# replicasExternalTrafficPolicy: Cluster
|
# replicasExternalTrafficPolicy: Cluster
|
||||||
# schedulerName: "default"
|
# runtimeClassName: image-rc
|
||||||
|
# sidecars:
|
||||||
|
# - image: busybox
|
||||||
|
# command: ["/bin/sh"]
|
||||||
|
# args: ["-c", "while true; do trap 'exit 0' SIGINT SIGTERM SIGQUIT SIGKILL; done;"]
|
||||||
|
# name: my-sidecar-1
|
||||||
|
# resources:
|
||||||
|
# requests:
|
||||||
|
# memory: 100M
|
||||||
|
# cpu: 100m
|
||||||
|
# limits:
|
||||||
|
# memory: 200M
|
||||||
|
# cpu: 200m
|
||||||
|
# envVarsSecret: my-env-var-secrets
|
||||||
{%- if not allow_unsafe %}
|
{%- if not allow_unsafe %}
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
@ -174,6 +271,12 @@ spec:
|
|||||||
# limits:
|
# limits:
|
||||||
# memory: 2G
|
# memory: 2G
|
||||||
# cpu: 600m
|
# cpu: 600m
|
||||||
|
# containerSecurityContext:
|
||||||
|
# privileged: false
|
||||||
|
# podSecurityContext:
|
||||||
|
# runAsUser: 1001
|
||||||
|
# runAsGroup: 1001
|
||||||
|
# supplementalGroups: [1001]
|
||||||
# serviceAccountName: percona-xtradb-cluster-operator-workload
|
# serviceAccountName: percona-xtradb-cluster-operator-workload
|
||||||
affinity:
|
affinity:
|
||||||
antiAffinityTopologyKey: {{ anti_affinity_key }}
|
antiAffinityTopologyKey: {{ anti_affinity_key }}
|
||||||
@ -196,15 +299,17 @@ spec:
|
|||||||
maxUnavailable: 1
|
maxUnavailable: 1
|
||||||
# minAvailable: 0
|
# minAvailable: 0
|
||||||
gracePeriod: 30
|
gracePeriod: 30
|
||||||
# loadBalancerSourceRanges:
|
# loadBalancerSourceRanges:
|
||||||
# - 10.0.0.0/8
|
# - 10.0.0.0/8
|
||||||
# serviceAnnotations:
|
# serviceAnnotations:
|
||||||
# service.beta.kubernetes.io/aws-load-balancer-backend-protocol: http
|
# service.beta.kubernetes.io/aws-load-balancer-backend-protocol: http
|
||||||
|
# serviceLabels:
|
||||||
|
# rack: rack-23
|
||||||
proxysql:
|
proxysql:
|
||||||
enabled: false
|
enabled: false
|
||||||
size: 3
|
size: 3
|
||||||
image: percona/percona-xtradb-cluster-operator:1.7.0-proxysql
|
image: percona/percona-xtradb-cluster-operator:1.11.0-proxysql
|
||||||
imagePullPolicy: IfNotPresent # corvus
|
# imagePullPolicy: Always
|
||||||
# configuration: |
|
# configuration: |
|
||||||
# datadir="/var/lib/proxysql"
|
# datadir="/var/lib/proxysql"
|
||||||
#
|
#
|
||||||
@ -216,6 +321,9 @@ spec:
|
|||||||
#
|
#
|
||||||
# cluster_username="proxyadmin"
|
# cluster_username="proxyadmin"
|
||||||
# cluster_password="admin_password"
|
# cluster_password="admin_password"
|
||||||
|
# checksum_admin_variables=false
|
||||||
|
# checksum_ldap_variables=false
|
||||||
|
# checksum_mysql_variables=false
|
||||||
# cluster_check_interval_ms=200
|
# cluster_check_interval_ms=200
|
||||||
# cluster_check_status_frequency=100
|
# cluster_check_status_frequency=100
|
||||||
# cluster_mysql_query_rules_save_to_disk=true
|
# cluster_mysql_query_rules_save_to_disk=true
|
||||||
@ -253,6 +361,8 @@ spec:
|
|||||||
# ssl_p2s_key="/etc/proxysql/ssl-internal/tls.key"
|
# ssl_p2s_key="/etc/proxysql/ssl-internal/tls.key"
|
||||||
# ssl_p2s_cipher="ECDHE-RSA-AES128-GCM-SHA256"
|
# ssl_p2s_cipher="ECDHE-RSA-AES128-GCM-SHA256"
|
||||||
# }
|
# }
|
||||||
|
# readinessDelaySec: 15
|
||||||
|
# livenessDelaySec: 600
|
||||||
# schedulerName: mycustom-scheduler
|
# schedulerName: mycustom-scheduler
|
||||||
# imagePullSecrets:
|
# imagePullSecrets:
|
||||||
# - name: private-registry-credentials
|
# - name: private-registry-credentials
|
||||||
@ -262,7 +372,20 @@ spec:
|
|||||||
# rack: rack-22
|
# rack: rack-22
|
||||||
# serviceType: ClusterIP
|
# serviceType: ClusterIP
|
||||||
# externalTrafficPolicy: Cluster
|
# externalTrafficPolicy: Cluster
|
||||||
# schedulerName: "default"
|
# runtimeClassName: image-rc
|
||||||
|
# sidecars:
|
||||||
|
# - image: busybox
|
||||||
|
# command: ["/bin/sh"]
|
||||||
|
# args: ["-c", "while true; do trap 'exit 0' SIGINT SIGTERM SIGQUIT SIGKILL; done;"]
|
||||||
|
# name: my-sidecar-1
|
||||||
|
# resources:
|
||||||
|
# requests:
|
||||||
|
# memory: 100M
|
||||||
|
# cpu: 100m
|
||||||
|
# limits:
|
||||||
|
# memory: 200M
|
||||||
|
# cpu: 200m
|
||||||
|
# envVarsSecret: my-env-var-secrets
|
||||||
{%- if not allow_unsafe %}
|
{%- if not allow_unsafe %}
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
@ -282,6 +405,12 @@ spec:
|
|||||||
# limits:
|
# limits:
|
||||||
# memory: 2G
|
# memory: 2G
|
||||||
# cpu: 600m
|
# cpu: 600m
|
||||||
|
# containerSecurityContext:
|
||||||
|
# privileged: false
|
||||||
|
# podSecurityContext:
|
||||||
|
# runAsUser: 1001
|
||||||
|
# runAsGroup: 1001
|
||||||
|
# supplementalGroups: [1001]
|
||||||
# serviceAccountName: percona-xtradb-cluster-operator-workload
|
# serviceAccountName: percona-xtradb-cluster-operator-workload
|
||||||
affinity:
|
affinity:
|
||||||
antiAffinityTopologyKey: {{ anti_affinity_key }}
|
antiAffinityTopologyKey: {{ anti_affinity_key }}
|
||||||
@ -310,7 +439,7 @@ spec:
|
|||||||
# accessModes: [ "ReadWriteOnce" ]
|
# accessModes: [ "ReadWriteOnce" ]
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
storage: 2Gi
|
storage: 2G
|
||||||
podDisruptionBudget:
|
podDisruptionBudget:
|
||||||
maxUnavailable: 1
|
maxUnavailable: 1
|
||||||
# minAvailable: 0
|
# minAvailable: 0
|
||||||
@ -319,9 +448,11 @@ spec:
|
|||||||
# - 10.0.0.0/8
|
# - 10.0.0.0/8
|
||||||
# serviceAnnotations:
|
# serviceAnnotations:
|
||||||
# service.beta.kubernetes.io/aws-load-balancer-backend-protocol: http
|
# service.beta.kubernetes.io/aws-load-balancer-backend-protocol: http
|
||||||
|
# serviceLabels:
|
||||||
|
# rack: rack-23
|
||||||
logcollector:
|
logcollector:
|
||||||
enabled: true
|
enabled: true
|
||||||
image: percona/percona-xtradb-cluster-operator:1.7.0-logcollector
|
image: percona/percona-xtradb-cluster-operator:1.11.0-logcollector
|
||||||
# configuration: |
|
# configuration: |
|
||||||
# [OUTPUT]
|
# [OUTPUT]
|
||||||
# Name es
|
# Name es
|
||||||
@ -330,23 +461,28 @@ spec:
|
|||||||
# Port 9200
|
# Port 9200
|
||||||
# Index my_index
|
# Index my_index
|
||||||
# Type my_type
|
# Type my_type
|
||||||
# resources:
|
{%- if not allow_unsafe %}
|
||||||
# requests:
|
resources:
|
||||||
# memory: 200M
|
requests:
|
||||||
# cpu: 500m
|
memory: 100M
|
||||||
|
cpu: 200m
|
||||||
|
{%- endif %}
|
||||||
pmm:
|
pmm:
|
||||||
enabled: false
|
enabled: false
|
||||||
image: percona/pmm-client:2.12.0
|
image: percona/pmm-client:2.28.0
|
||||||
serverHost: monitoring-service
|
serverHost: monitoring-service
|
||||||
serverUser: pmm
|
# serverUser: admin
|
||||||
# pxcParams: "--disable-tablestats-limit=2000"
|
# pxcParams: "--disable-tablestats-limit=2000"
|
||||||
# proxysqlParams: "--custom-labels=CUSTOM-LABELS"
|
# proxysqlParams: "--custom-labels=CUSTOM-LABELS"
|
||||||
# resources:
|
{%- if not allow_unsafe %}
|
||||||
# requests:
|
resources:
|
||||||
# memory: 200M
|
requests:
|
||||||
# cpu: 500m
|
memory: 150M
|
||||||
|
cpu: 300m
|
||||||
|
{%- endif %}
|
||||||
backup:
|
backup:
|
||||||
image: percona/percona-xtradb-cluster-operator:1.7.0-pxc8.0-backup
|
image: percona/percona-xtradb-cluster-operator:1.11.0-pxc8.0-backup
|
||||||
|
# backoffLimit: 6
|
||||||
# serviceAccountName: percona-xtradb-cluster-operator
|
# serviceAccountName: percona-xtradb-cluster-operator
|
||||||
# imagePullSecrets:
|
# imagePullSecrets:
|
||||||
# - name: private-registry-credentials
|
# - name: private-registry-credentials
|
||||||
@ -354,9 +490,17 @@ spec:
|
|||||||
enabled: false
|
enabled: false
|
||||||
# storageName: STORAGE-NAME-HERE
|
# storageName: STORAGE-NAME-HERE
|
||||||
# timeBetweenUploads: 60
|
# timeBetweenUploads: 60
|
||||||
|
# resources:
|
||||||
|
# requests:
|
||||||
|
# memory: 0.1G
|
||||||
|
# cpu: 100m
|
||||||
|
# limits:
|
||||||
|
# memory: 1G
|
||||||
|
# cpu: 700m
|
||||||
storages:
|
storages:
|
||||||
# s3-us-west:
|
# s3-us-west:
|
||||||
# type: s3
|
# type: s3
|
||||||
|
# verifyTLS: true
|
||||||
# nodeSelector:
|
# nodeSelector:
|
||||||
# storage: tape
|
# storage: tape
|
||||||
# backupWorker: 'True'
|
# backupWorker: 'True'
|
||||||
@ -433,7 +577,7 @@ spec:
|
|||||||
accessModes: [ "ReadWriteOnce" ]
|
accessModes: [ "ReadWriteOnce" ]
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
storage: 6Gi
|
storage: 6G
|
||||||
schedule:
|
schedule:
|
||||||
# - name: "sat-night-backup"
|
# - name: "sat-night-backup"
|
||||||
# schedule: "0 0 * * 6"
|
# schedule: "0 0 * * 6"
|
||||||
|
@ -1,193 +0,0 @@
|
|||||||
apiVersion: apiextensions.k8s.io/v1beta1
|
|
||||||
kind: CustomResourceDefinition
|
|
||||||
metadata:
|
|
||||||
name: perconaxtradbclusters.pxc.percona.com
|
|
||||||
spec:
|
|
||||||
group: pxc.percona.com
|
|
||||||
names:
|
|
||||||
kind: PerconaXtraDBCluster
|
|
||||||
listKind: PerconaXtraDBClusterList
|
|
||||||
plural: perconaxtradbclusters
|
|
||||||
singular: perconaxtradbcluster
|
|
||||||
shortNames:
|
|
||||||
- pxc
|
|
||||||
- pxcs
|
|
||||||
scope: Namespaced
|
|
||||||
versions:
|
|
||||||
- name: v1
|
|
||||||
storage: false
|
|
||||||
served: true
|
|
||||||
- name: v1-1-0
|
|
||||||
storage: false
|
|
||||||
served: true
|
|
||||||
- name: v1-2-0
|
|
||||||
storage: false
|
|
||||||
served: true
|
|
||||||
- name: v1-3-0
|
|
||||||
storage: false
|
|
||||||
served: true
|
|
||||||
- name: v1-4-0
|
|
||||||
storage: false
|
|
||||||
served: true
|
|
||||||
- name: v1-5-0
|
|
||||||
storage: false
|
|
||||||
served: true
|
|
||||||
- name: v1-6-0
|
|
||||||
storage: false
|
|
||||||
served: true
|
|
||||||
- name: v1-7-0
|
|
||||||
storage: true
|
|
||||||
served: true
|
|
||||||
- name: v1alpha1
|
|
||||||
storage: false
|
|
||||||
served: true
|
|
||||||
additionalPrinterColumns:
|
|
||||||
- name: Endpoint
|
|
||||||
type: string
|
|
||||||
JSONPath: .status.host
|
|
||||||
- name: Status
|
|
||||||
type: string
|
|
||||||
JSONPath: .status.state
|
|
||||||
- name: PXC
|
|
||||||
type: string
|
|
||||||
description: Ready pxc nodes
|
|
||||||
JSONPath: .status.pxc.ready
|
|
||||||
- name: proxysql
|
|
||||||
type: string
|
|
||||||
description: Ready proxysql nodes
|
|
||||||
JSONPath: .status.proxysql.ready
|
|
||||||
- name: haproxy
|
|
||||||
type: string
|
|
||||||
description: Ready haproxy nodes
|
|
||||||
JSONPath: .status.haproxy.ready
|
|
||||||
- name: Age
|
|
||||||
type: date
|
|
||||||
JSONPath: .metadata.creationTimestamp
|
|
||||||
subresources:
|
|
||||||
status: {}
|
|
||||||
---
|
|
||||||
apiVersion: apiextensions.k8s.io/v1beta1
|
|
||||||
kind: CustomResourceDefinition
|
|
||||||
metadata:
|
|
||||||
name: perconaxtradbclusterbackups.pxc.percona.com
|
|
||||||
spec:
|
|
||||||
group: pxc.percona.com
|
|
||||||
names:
|
|
||||||
kind: PerconaXtraDBClusterBackup
|
|
||||||
listKind: PerconaXtraDBClusterBackupList
|
|
||||||
plural: perconaxtradbclusterbackups
|
|
||||||
singular: perconaxtradbclusterbackup
|
|
||||||
shortNames:
|
|
||||||
- pxc-backup
|
|
||||||
- pxc-backups
|
|
||||||
scope: Namespaced
|
|
||||||
versions:
|
|
||||||
- name: v1
|
|
||||||
storage: true
|
|
||||||
served: true
|
|
||||||
additionalPrinterColumns:
|
|
||||||
- name: Cluster
|
|
||||||
type: string
|
|
||||||
description: Cluster name
|
|
||||||
JSONPath: .spec.pxcCluster
|
|
||||||
- name: Storage
|
|
||||||
type: string
|
|
||||||
description: Storage name from pxc spec
|
|
||||||
JSONPath: .status.storageName
|
|
||||||
- name: Destination
|
|
||||||
type: string
|
|
||||||
description: Backup destination
|
|
||||||
JSONPath: .status.destination
|
|
||||||
- name: Status
|
|
||||||
type: string
|
|
||||||
description: Job status
|
|
||||||
JSONPath: .status.state
|
|
||||||
- name: Completed
|
|
||||||
description: Completed time
|
|
||||||
type: date
|
|
||||||
JSONPath: .status.completed
|
|
||||||
- name: Age
|
|
||||||
type: date
|
|
||||||
JSONPath: .metadata.creationTimestamp
|
|
||||||
subresources:
|
|
||||||
status: {}
|
|
||||||
---
|
|
||||||
apiVersion: apiextensions.k8s.io/v1beta1
|
|
||||||
kind: CustomResourceDefinition
|
|
||||||
metadata:
|
|
||||||
name: perconaxtradbclusterrestores.pxc.percona.com
|
|
||||||
spec:
|
|
||||||
group: pxc.percona.com
|
|
||||||
names:
|
|
||||||
kind: PerconaXtraDBClusterRestore
|
|
||||||
listKind: PerconaXtraDBClusterRestoreList
|
|
||||||
plural: perconaxtradbclusterrestores
|
|
||||||
singular: perconaxtradbclusterrestore
|
|
||||||
shortNames:
|
|
||||||
- pxc-restore
|
|
||||||
- pxc-restores
|
|
||||||
scope: Namespaced
|
|
||||||
versions:
|
|
||||||
- name: v1
|
|
||||||
storage: true
|
|
||||||
served: true
|
|
||||||
additionalPrinterColumns:
|
|
||||||
- name: Cluster
|
|
||||||
type: string
|
|
||||||
description: Cluster name
|
|
||||||
JSONPath: .spec.pxcCluster
|
|
||||||
- name: Status
|
|
||||||
type: string
|
|
||||||
description: Job status
|
|
||||||
JSONPath: .status.state
|
|
||||||
- name: Completed
|
|
||||||
description: Completed time
|
|
||||||
type: date
|
|
||||||
JSONPath: .status.completed
|
|
||||||
- name: Age
|
|
||||||
type: date
|
|
||||||
JSONPath: .metadata.creationTimestamp
|
|
||||||
subresources:
|
|
||||||
status: {}
|
|
||||||
---
|
|
||||||
apiVersion: apiextensions.k8s.io/v1beta1
|
|
||||||
kind: CustomResourceDefinition
|
|
||||||
metadata:
|
|
||||||
name: perconaxtradbbackups.pxc.percona.com
|
|
||||||
spec:
|
|
||||||
group: pxc.percona.com
|
|
||||||
names:
|
|
||||||
kind: PerconaXtraDBBackup
|
|
||||||
listKind: PerconaXtraDBBackupList
|
|
||||||
plural: perconaxtradbbackups
|
|
||||||
singular: perconaxtradbbackup
|
|
||||||
shortNames: []
|
|
||||||
scope: Namespaced
|
|
||||||
versions:
|
|
||||||
- name: v1alpha1
|
|
||||||
storage: true
|
|
||||||
served: true
|
|
||||||
additionalPrinterColumns:
|
|
||||||
- name: Cluster
|
|
||||||
type: string
|
|
||||||
description: Cluster name
|
|
||||||
JSONPath: .spec.pxcCluster
|
|
||||||
- name: Storage
|
|
||||||
type: string
|
|
||||||
description: Storage name from pxc spec
|
|
||||||
JSONPath: .status.storageName
|
|
||||||
- name: Destination
|
|
||||||
type: string
|
|
||||||
description: Backup destination
|
|
||||||
JSONPath: .status.destination
|
|
||||||
- name: Status
|
|
||||||
type: string
|
|
||||||
description: Job status
|
|
||||||
JSONPath: .status.state
|
|
||||||
- name: Completed
|
|
||||||
description: Completed time
|
|
||||||
type: date
|
|
||||||
JSONPath: .status.completed
|
|
||||||
- name: Age
|
|
||||||
type: date
|
|
||||||
JSONPath: .metadata.creationTimestamp
|
|
@ -1,168 +0,0 @@
|
|||||||
---
|
|
||||||
kind: Role
|
|
||||||
apiVersion: rbac.authorization.k8s.io/v1beta1
|
|
||||||
metadata:
|
|
||||||
name: percona-xtradb-cluster-operator
|
|
||||||
rules:
|
|
||||||
- apiGroups:
|
|
||||||
- pxc.percona.com
|
|
||||||
resources:
|
|
||||||
- perconaxtradbclusters
|
|
||||||
- perconaxtradbclusters/status
|
|
||||||
- perconaxtradbclusterbackups
|
|
||||||
- perconaxtradbclusterbackups/status
|
|
||||||
- perconaxtradbclusterrestores
|
|
||||||
- perconaxtradbclusterrestores/status
|
|
||||||
verbs:
|
|
||||||
- get
|
|
||||||
- list
|
|
||||||
- watch
|
|
||||||
- create
|
|
||||||
- update
|
|
||||||
- patch
|
|
||||||
- delete
|
|
||||||
- apiGroups:
|
|
||||||
- ""
|
|
||||||
resources:
|
|
||||||
- pods
|
|
||||||
- pods/exec
|
|
||||||
- pods/log
|
|
||||||
- configmaps
|
|
||||||
- services
|
|
||||||
- persistentvolumeclaims
|
|
||||||
- secrets
|
|
||||||
verbs:
|
|
||||||
- get
|
|
||||||
- list
|
|
||||||
- watch
|
|
||||||
- create
|
|
||||||
- update
|
|
||||||
- patch
|
|
||||||
- delete
|
|
||||||
- apiGroups:
|
|
||||||
- apps
|
|
||||||
resources:
|
|
||||||
- deployments
|
|
||||||
- replicasets
|
|
||||||
- statefulsets
|
|
||||||
verbs:
|
|
||||||
- get
|
|
||||||
- list
|
|
||||||
- watch
|
|
||||||
- create
|
|
||||||
- update
|
|
||||||
- patch
|
|
||||||
- delete
|
|
||||||
- apiGroups:
|
|
||||||
- batch
|
|
||||||
resources:
|
|
||||||
- jobs
|
|
||||||
- cronjobs
|
|
||||||
verbs:
|
|
||||||
- get
|
|
||||||
- list
|
|
||||||
- watch
|
|
||||||
- create
|
|
||||||
- update
|
|
||||||
- patch
|
|
||||||
- delete
|
|
||||||
- apiGroups:
|
|
||||||
- policy
|
|
||||||
resources:
|
|
||||||
- poddisruptionbudgets
|
|
||||||
verbs:
|
|
||||||
- get
|
|
||||||
- list
|
|
||||||
- watch
|
|
||||||
- create
|
|
||||||
- update
|
|
||||||
- patch
|
|
||||||
- delete
|
|
||||||
- apiGroups:
|
|
||||||
- certmanager.k8s.io
|
|
||||||
- cert-manager.io
|
|
||||||
resources:
|
|
||||||
- issuers
|
|
||||||
- certificates
|
|
||||||
verbs:
|
|
||||||
- get
|
|
||||||
- list
|
|
||||||
- watch
|
|
||||||
- create
|
|
||||||
- update
|
|
||||||
- patch
|
|
||||||
- delete
|
|
||||||
- deletecollection
|
|
||||||
---
|
|
||||||
apiVersion: v1
|
|
||||||
kind: ServiceAccount
|
|
||||||
metadata:
|
|
||||||
name: percona-xtradb-cluster-operator
|
|
||||||
---
|
|
||||||
kind: RoleBinding
|
|
||||||
apiVersion: rbac.authorization.k8s.io/v1
|
|
||||||
metadata:
|
|
||||||
name: service-account-percona-xtradb-cluster-operator
|
|
||||||
subjects:
|
|
||||||
- kind: ServiceAccount
|
|
||||||
name: percona-xtradb-cluster-operator
|
|
||||||
roleRef:
|
|
||||||
kind: Role
|
|
||||||
name: percona-xtradb-cluster-operator
|
|
||||||
apiGroup: rbac.authorization.k8s.io
|
|
||||||
---
|
|
||||||
apiVersion: apps/v1
|
|
||||||
kind: Deployment
|
|
||||||
metadata:
|
|
||||||
name: percona-xtradb-cluster-operator
|
|
||||||
spec:
|
|
||||||
replicas: 1
|
|
||||||
selector:
|
|
||||||
matchLabels:
|
|
||||||
app.kubernetes.io/component: operator
|
|
||||||
app.kubernetes.io/instance: percona-xtradb-cluster-operator
|
|
||||||
app.kubernetes.io/name: percona-xtradb-cluster-operator
|
|
||||||
app.kubernetes.io/part-of: percona-xtradb-cluster-operator
|
|
||||||
strategy:
|
|
||||||
rollingUpdate:
|
|
||||||
maxUnavailable: 1
|
|
||||||
type: RollingUpdate
|
|
||||||
template:
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/component: operator
|
|
||||||
app.kubernetes.io/instance: percona-xtradb-cluster-operator
|
|
||||||
app.kubernetes.io/name: percona-xtradb-cluster-operator
|
|
||||||
app.kubernetes.io/part-of: percona-xtradb-cluster-operator
|
|
||||||
spec:
|
|
||||||
containers:
|
|
||||||
- command:
|
|
||||||
- percona-xtradb-cluster-operator
|
|
||||||
env:
|
|
||||||
- name: WATCH_NAMESPACE
|
|
||||||
valueFrom:
|
|
||||||
fieldRef:
|
|
||||||
apiVersion: v1
|
|
||||||
fieldPath: metadata.namespace
|
|
||||||
- name: POD_NAME
|
|
||||||
valueFrom:
|
|
||||||
fieldRef:
|
|
||||||
apiVersion: v1
|
|
||||||
fieldPath: metadata.name
|
|
||||||
- name: OPERATOR_NAME
|
|
||||||
value: percona-xtradb-cluster-operator
|
|
||||||
image: percona/percona-xtradb-cluster-operator:1.7.0
|
|
||||||
# corvus commented out for testing
|
|
||||||
# imagePullPolicy: Always
|
|
||||||
livenessProbe:
|
|
||||||
failureThreshold: 3
|
|
||||||
httpGet:
|
|
||||||
path: /metrics
|
|
||||||
port: metrics
|
|
||||||
scheme: HTTP
|
|
||||||
name: percona-xtradb-cluster-operator
|
|
||||||
ports:
|
|
||||||
- containerPort: 8080
|
|
||||||
name: metrics
|
|
||||||
protocol: TCP
|
|
||||||
serviceAccountName: percona-xtradb-cluster-operator
|
|
@ -1,10 +1,11 @@
|
|||||||
---
|
---
|
||||||
apiVersion: cert-manager.io/v1alpha2
|
apiVersion: cert-manager.io/v1
|
||||||
kind: Certificate
|
kind: Certificate
|
||||||
metadata:
|
metadata:
|
||||||
name: zookeeper-server
|
name: zookeeper-server
|
||||||
spec:
|
spec:
|
||||||
keyEncoding: pkcs8
|
privateKey:
|
||||||
|
encoding: PKCS8
|
||||||
secretName: zookeeper-server-tls
|
secretName: zookeeper-server-tls
|
||||||
commonName: server
|
commonName: server
|
||||||
usages:
|
usages:
|
||||||
@ -24,7 +25,7 @@ spec:
|
|||||||
kind: Issuer
|
kind: Issuer
|
||||||
---
|
---
|
||||||
# Source: zookeeper/templates/poddisruptionbudget.yaml
|
# Source: zookeeper/templates/poddisruptionbudget.yaml
|
||||||
apiVersion: policy/v1beta1
|
apiVersion: policy/v1
|
||||||
kind: PodDisruptionBudget
|
kind: PodDisruptionBudget
|
||||||
metadata:
|
metadata:
|
||||||
name: zookeeper
|
name: zookeeper
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
{%- if manage_registry_cert %}
|
{%- if manage_registry_cert %}
|
||||||
---
|
---
|
||||||
apiVersion: cert-manager.io/v1alpha2
|
apiVersion: cert-manager.io/v1
|
||||||
kind: Certificate
|
kind: Certificate
|
||||||
metadata:
|
metadata:
|
||||||
name: zuul-registry-tls
|
name: zuul-registry-tls
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
{%- if manage_zk %}
|
{%- if manage_zk %}
|
||||||
---
|
---
|
||||||
apiVersion: cert-manager.io/v1alpha2
|
apiVersion: cert-manager.io/v1
|
||||||
kind: Certificate
|
kind: Certificate
|
||||||
metadata:
|
metadata:
|
||||||
name: zookeeper-client
|
name: zookeeper-client
|
||||||
|
Loading…
Reference in New Issue
Block a user