c74b147fe7
These are mostly CI fixes:
* Use podman+cri-o based minikube:
* This is still considered experimental, but seems to be
more supported than the 'none' driver.
* Fix an issue where ssh to the emulated static node fails:
* PAM needed to be disabled for openssh
* openssh needs more permissions to run - cri-o based minikube
is more strict
* Rebase test container to Fedora 40
* Update the ingress definition to current API version
* Update zookeeper from 3.5.5 to 3.8.4:
* required for nodepool 9.0.0+
* Update the percona operator from 1.11 to 1.14:
* required for kubernetes 1.24+
* Update test node to Ubuntu Jammy from Ubuntu Bionic
* Update minikube to 1.33.1
* Added some more explicit logging to the k8s state, this
could be split off into a role in future.
Depends-On: https://review.opendev.org/c/zuul/zuul-jobs/+/924970
Change-Id: I7bf27750073fa807069af6f85f2689173b278abe
710 lines
20 KiB
YAML
710 lines
20 KiB
YAML
# Adapted from https://raw.githubusercontent.com/percona/percona-xtradb-cluster-operator/v1.14.0/deploy/cr.yaml
|
|
apiVersion: pxc.percona.com/v1
|
|
kind: PerconaXtraDBCluster
|
|
metadata:
|
|
name: db-cluster
|
|
finalizers:
|
|
- delete-pxc-pods-in-order
|
|
# - delete-ssl
|
|
# - delete-proxysql-pvc
|
|
# - delete-pxc-pvc
|
|
# annotations:
|
|
# percona.com/issue-vault-token: "true"
|
|
spec:
|
|
crVersion: 1.14.0
|
|
# ignoreAnnotations:
|
|
# - iam.amazonaws.com/role
|
|
# ignoreLabels:
|
|
# - rack
|
|
secretsName: db-cluster-secrets
|
|
vaultSecretName: keyring-secret-vault
|
|
sslSecretName: db-cluster-ssl
|
|
sslInternalSecretName: db-cluster-ssl-internal
|
|
logCollectorSecretName: db-log-collector-secrets
|
|
# initContainer:
|
|
# image: perconalab/percona-xtradb-cluster-operator:main
|
|
# resources:
|
|
# requests:
|
|
# memory: 100M
|
|
# cpu: 100m
|
|
# limits:
|
|
# memory: 200M
|
|
# cpu: 200m
|
|
# enableCRValidationWebhook: true
|
|
# tls:
|
|
# SANs:
|
|
# - pxc-1.example.com
|
|
# - pxc-2.example.com
|
|
# - pxc-3.example.com
|
|
# issuerConf:
|
|
# name: special-selfsigned-issuer
|
|
# kind: ClusterIssuer
|
|
# group: cert-manager.io
|
|
allowUnsafeConfigurations: {{ allow_unsafe }}
|
|
# pause: false
|
|
updateStrategy: SmartUpdate
|
|
upgradeOptions:
|
|
versionServiceEndpoint: https://check.percona.com
|
|
apply: disabled
|
|
schedule: "0 4 * * *"
|
|
pxc:
|
|
size: 3
|
|
image: percona/percona-xtradb-cluster:8.0.35-27.1
|
|
autoRecovery: true
|
|
# expose:
|
|
# enabled: true
|
|
# type: LoadBalancer
|
|
# externalTrafficPolicy: Local
|
|
# internalTrafficPolicy: Local
|
|
# loadBalancerSourceRanges:
|
|
# - 10.0.0.0/8
|
|
# loadBalancerIP: 127.0.0.1
|
|
# annotations:
|
|
# networking.gke.io/load-balancer-type: "Internal"
|
|
# labels:
|
|
# rack: rack-22
|
|
# replicationChannels:
|
|
# - name: pxc1_to_pxc2
|
|
# isSource: true
|
|
# - name: pxc2_to_pxc1
|
|
# isSource: false
|
|
# configuration:
|
|
# sourceRetryCount: 3
|
|
# sourceConnectRetry: 60
|
|
# ssl: false
|
|
# sslSkipVerify: true
|
|
# ca: '/etc/mysql/ssl/ca.crt'
|
|
# sourcesList:
|
|
# - host: 10.95.251.101
|
|
# port: 3306
|
|
# weight: 100
|
|
# schedulerName: mycustom-scheduler
|
|
# readinessDelaySec: 15
|
|
# livenessDelaySec: 600
|
|
# configuration: |
|
|
# [mysqld]
|
|
# wsrep_debug=CLIENT
|
|
# wsrep_provider_options="gcache.size=1G; gcache.recover=yes"
|
|
# [sst]
|
|
# xbstream-opts=--decompress
|
|
# [xtrabackup]
|
|
# compress=lz4
|
|
# for PXC 5.7
|
|
# [xtrabackup]
|
|
# compress
|
|
# imagePullSecrets:
|
|
# - name: private-registry-credentials
|
|
# priorityClassName: high-priority
|
|
# annotations:
|
|
# iam.amazonaws.com/role: role-arn
|
|
# labels:
|
|
# rack: rack-22
|
|
# readinessProbes:
|
|
# initialDelaySeconds: 15
|
|
# timeoutSeconds: 15
|
|
# periodSeconds: 30
|
|
# successThreshold: 1
|
|
# failureThreshold: 5
|
|
# livenessProbes:
|
|
# initialDelaySeconds: 300
|
|
# timeoutSeconds: 5
|
|
# periodSeconds: 10
|
|
# successThreshold: 1
|
|
# failureThreshold: 3
|
|
# containerSecurityContext:
|
|
# privileged: false
|
|
# podSecurityContext:
|
|
# runAsUser: 1001
|
|
# runAsGroup: 1001
|
|
# supplementalGroups: [1001]
|
|
# serviceAccountName: percona-xtradb-cluster-operator-workload
|
|
# imagePullPolicy: Always
|
|
# runtimeClassName: image-rc
|
|
# sidecars:
|
|
# - image: busybox
|
|
# command: ["/bin/sh"]
|
|
# args: ["-c", "while true; do trap 'exit 0' SIGINT SIGTERM SIGQUIT SIGKILL; done;"]
|
|
# name: my-sidecar-1
|
|
# resources:
|
|
# requests:
|
|
# memory: 100M
|
|
# cpu: 100m
|
|
# limits:
|
|
# memory: 200M
|
|
# cpu: 200m
|
|
# envVarsSecret: my-env-var-secrets
|
|
{%- if not allow_unsafe %}
|
|
resources:
|
|
requests:
|
|
memory: 1G
|
|
cpu: 600m
|
|
{%- endif %}
|
|
# ephemeral-storage: 1G
|
|
# limits:
|
|
# memory: 1G
|
|
# cpu: "1"
|
|
# ephemeral-storage: 1G
|
|
# nodeSelector:
|
|
# disktype: ssd
|
|
# topologySpreadConstraints:
|
|
# - labelSelector:
|
|
# matchLabels:
|
|
# app.kubernetes.io/name: percona-xtradb-cluster-operator
|
|
# maxSkew: 1
|
|
# topologyKey: kubernetes.io/hostname
|
|
# whenUnsatisfiable: DoNotSchedule
|
|
affinity:
|
|
antiAffinityTopologyKey: {{ anti_affinity_key }}
|
|
# advanced:
|
|
# nodeAffinity:
|
|
# requiredDuringSchedulingIgnoredDuringExecution:
|
|
# nodeSelectorTerms:
|
|
# - matchExpressions:
|
|
# - key: kubernetes.io/e2e-az-name
|
|
# operator: In
|
|
# values:
|
|
# - e2e-az1
|
|
# - e2e-az2
|
|
# tolerations:
|
|
# - key: "node.alpha.kubernetes.io/unreachable"
|
|
# operator: "Exists"
|
|
# effect: "NoExecute"
|
|
# tolerationSeconds: 6000
|
|
podDisruptionBudget:
|
|
maxUnavailable: 1
|
|
# minAvailable: 0
|
|
volumeSpec:
|
|
# emptyDir: {}
|
|
# hostPath:
|
|
# path: /data
|
|
# type: Directory
|
|
persistentVolumeClaim:
|
|
# storageClassName: standard
|
|
# accessModes: [ "ReadWriteOnce" ]
|
|
resources:
|
|
requests:
|
|
storage: 6G
|
|
gracePeriod: 600
|
|
# lifecycle:
|
|
# preStop:
|
|
# exec:
|
|
# command: [ "/bin/true" ]
|
|
# postStart:
|
|
# exec:
|
|
# command: [ "/bin/true" ]
|
|
haproxy:
|
|
enabled: true
|
|
size: 3
|
|
image: percona/percona-xtradb-cluster-operator:1.14.0-haproxy
|
|
# imagePullPolicy: Always
|
|
# schedulerName: mycustom-scheduler
|
|
# readinessDelaySec: 15
|
|
# livenessDelaySec: 600
|
|
# configuration: |
|
|
#
|
|
# the actual default configuration file can be found here https://github.com/percona/percona-docker/blob/main/haproxy/dockerdir/etc/haproxy/haproxy-global.cfg
|
|
#
|
|
# global
|
|
# maxconn 2048
|
|
# external-check
|
|
# insecure-fork-wanted
|
|
# stats socket /etc/haproxy/pxc/haproxy.sock mode 600 expose-fd listeners level admin
|
|
#
|
|
# defaults
|
|
# default-server init-addr last,libc,none
|
|
# log global
|
|
# mode tcp
|
|
# retries 10
|
|
# timeout client 28800s
|
|
# timeout connect 100500
|
|
# timeout server 28800s
|
|
#
|
|
# resolvers kubernetes
|
|
# parse-resolv-conf
|
|
#
|
|
# frontend galera-in
|
|
# bind *:3309 accept-proxy
|
|
# bind *:3306
|
|
# mode tcp
|
|
# option clitcpka
|
|
# default_backend galera-nodes
|
|
#
|
|
# frontend galera-admin-in
|
|
# bind *:33062
|
|
# mode tcp
|
|
# option clitcpka
|
|
# default_backend galera-admin-nodes
|
|
#
|
|
# frontend galera-replica-in
|
|
# bind *:3307
|
|
# mode tcp
|
|
# option clitcpka
|
|
# default_backend galera-replica-nodes
|
|
#
|
|
# frontend galera-mysqlx-in
|
|
# bind *:33060
|
|
# mode tcp
|
|
# option clitcpka
|
|
# default_backend galera-mysqlx-nodes
|
|
#
|
|
# frontend stats
|
|
# bind *:8404
|
|
# mode http
|
|
# option http-use-htx
|
|
# http-request use-service prometheus-exporter if { path /metrics }
|
|
# imagePullSecrets:
|
|
# - name: private-registry-credentials
|
|
# annotations:
|
|
# iam.amazonaws.com/role: role-arn
|
|
# labels:
|
|
# rack: rack-22
|
|
# readinessProbes:
|
|
# initialDelaySeconds: 15
|
|
# timeoutSeconds: 1
|
|
# periodSeconds: 5
|
|
# successThreshold: 1
|
|
# failureThreshold: 3
|
|
# livenessProbes:
|
|
# initialDelaySeconds: 60
|
|
# timeoutSeconds: 5
|
|
# periodSeconds: 30
|
|
# successThreshold: 1
|
|
# failureThreshold: 4
|
|
# exposePrimary:
|
|
# enabled: false
|
|
# type: ClusterIP
|
|
# annotations:
|
|
# service.beta.kubernetes.io/aws-load-balancer-backend-protocol: tcp
|
|
# externalTrafficPolicy: Cluster
|
|
# internalTrafficPolicy: Cluster
|
|
# labels:
|
|
# rack: rack-22
|
|
# loadBalancerSourceRanges:
|
|
# - 10.0.0.0/8
|
|
# loadBalancerIP: 127.0.0.1
|
|
# exposeReplicas:
|
|
# enabled: false
|
|
# type: ClusterIP
|
|
# annotations:
|
|
# service.beta.kubernetes.io/aws-load-balancer-backend-protocol: tcp
|
|
# externalTrafficPolicy: Cluster
|
|
# internalTrafficPolicy: Cluster
|
|
# labels:
|
|
# rack: rack-22
|
|
# loadBalancerSourceRanges:
|
|
# - 10.0.0.0/8
|
|
# loadBalancerIP: 127.0.0.1
|
|
# runtimeClassName: image-rc
|
|
# sidecars:
|
|
# - image: busybox
|
|
# command: ["/bin/sh"]
|
|
# args: ["-c", "while true; do trap 'exit 0' SIGINT SIGTERM SIGQUIT SIGKILL; done;"]
|
|
# name: my-sidecar-1
|
|
# resources:
|
|
# requests:
|
|
# memory: 100M
|
|
# cpu: 100m
|
|
# limits:
|
|
# memory: 200M
|
|
# cpu: 200m
|
|
# envVarsSecret: my-env-var-secrets
|
|
{%- if not allow_unsafe %}
|
|
resources:
|
|
requests:
|
|
memory: 1G
|
|
cpu: 600m
|
|
{%- endif %}
|
|
# limits:
|
|
# memory: 1G
|
|
# cpu: 700m
|
|
# priorityClassName: high-priority
|
|
# nodeSelector:
|
|
# disktype: ssd
|
|
# sidecarResources:
|
|
# requests:
|
|
# memory: 1G
|
|
# cpu: 500m
|
|
# limits:
|
|
# memory: 2G
|
|
# cpu: 600m
|
|
# containerSecurityContext:
|
|
# privileged: false
|
|
# podSecurityContext:
|
|
# runAsUser: 1001
|
|
# runAsGroup: 1001
|
|
# supplementalGroups: [1001]
|
|
# serviceAccountName: percona-xtradb-cluster-operator-workload
|
|
# topologySpreadConstraints:
|
|
# - labelSelector:
|
|
# matchLabels:
|
|
# app.kubernetes.io/name: percona-xtradb-cluster-operator
|
|
# maxSkew: 1
|
|
# topologyKey: kubernetes.io/hostname
|
|
# whenUnsatisfiable: DoNotSchedule
|
|
affinity:
|
|
antiAffinityTopologyKey: {{ anti_affinity_key }}
|
|
# advanced:
|
|
# nodeAffinity:
|
|
# requiredDuringSchedulingIgnoredDuringExecution:
|
|
# nodeSelectorTerms:
|
|
# - matchExpressions:
|
|
# - key: kubernetes.io/e2e-az-name
|
|
# operator: In
|
|
# values:
|
|
# - e2e-az1
|
|
# - e2e-az2
|
|
# tolerations:
|
|
# - key: "node.alpha.kubernetes.io/unreachable"
|
|
# operator: "Exists"
|
|
# effect: "NoExecute"
|
|
# tolerationSeconds: 6000
|
|
podDisruptionBudget:
|
|
maxUnavailable: 1
|
|
# minAvailable: 0
|
|
gracePeriod: 30
|
|
# lifecycle:
|
|
# preStop:
|
|
# exec:
|
|
# command: [ "/bin/true" ]
|
|
# postStart:
|
|
# exec:
|
|
# command: [ "/bin/true" ]
|
|
proxysql:
|
|
enabled: false
|
|
size: 3
|
|
image: percona/percona-xtradb-cluster-operator:1.14.0-proxysql
|
|
# imagePullPolicy: Always
|
|
# configuration: |
|
|
# datadir="/var/lib/proxysql"
|
|
#
|
|
# admin_variables =
|
|
# {
|
|
# admin_credentials="proxyadmin:admin_password"
|
|
# mysql_ifaces="0.0.0.0:6032"
|
|
# refresh_interval=2000
|
|
#
|
|
# cluster_username="proxyadmin"
|
|
# cluster_password="admin_password"
|
|
# checksum_admin_variables=false
|
|
# checksum_ldap_variables=false
|
|
# checksum_mysql_variables=false
|
|
# cluster_check_interval_ms=200
|
|
# cluster_check_status_frequency=100
|
|
# cluster_mysql_query_rules_save_to_disk=true
|
|
# cluster_mysql_servers_save_to_disk=true
|
|
# cluster_mysql_users_save_to_disk=true
|
|
# cluster_proxysql_servers_save_to_disk=true
|
|
# cluster_mysql_query_rules_diffs_before_sync=1
|
|
# cluster_mysql_servers_diffs_before_sync=1
|
|
# cluster_mysql_users_diffs_before_sync=1
|
|
# cluster_proxysql_servers_diffs_before_sync=1
|
|
# }
|
|
#
|
|
# mysql_variables=
|
|
# {
|
|
# monitor_password="monitor"
|
|
# monitor_galera_healthcheck_interval=1000
|
|
# threads=2
|
|
# max_connections=2048
|
|
# default_query_delay=0
|
|
# default_query_timeout=10000
|
|
# poll_timeout=2000
|
|
# interfaces="0.0.0.0:3306"
|
|
# default_schema="information_schema"
|
|
# stacksize=1048576
|
|
# connect_timeout_server=10000
|
|
# monitor_history=60000
|
|
# monitor_connect_interval=20000
|
|
# monitor_ping_interval=10000
|
|
# ping_timeout_server=200
|
|
# commands_stats=true
|
|
# sessions_sort=true
|
|
# have_ssl=true
|
|
# ssl_p2s_ca="/etc/proxysql/ssl-internal/ca.crt"
|
|
# ssl_p2s_cert="/etc/proxysql/ssl-internal/tls.crt"
|
|
# ssl_p2s_key="/etc/proxysql/ssl-internal/tls.key"
|
|
# ssl_p2s_cipher="ECDHE-RSA-AES128-GCM-SHA256"
|
|
# }
|
|
# readinessDelaySec: 15
|
|
# livenessDelaySec: 600
|
|
# schedulerName: mycustom-scheduler
|
|
# imagePullSecrets:
|
|
# - name: private-registry-credentials
|
|
# annotations:
|
|
# iam.amazonaws.com/role: role-arn
|
|
# labels:
|
|
# rack: rack-22
|
|
# expose:
|
|
# enabled: false
|
|
# type: ClusterIP
|
|
# annotations:
|
|
# service.beta.kubernetes.io/aws-load-balancer-backend-protocol: tcp
|
|
# externalTrafficPolicy: Cluster
|
|
# internalTrafficPolicy: Cluster
|
|
# labels:
|
|
# rack: rack-22
|
|
# loadBalancerSourceRanges:
|
|
# - 10.0.0.0/8
|
|
# loadBalancerIP: 127.0.0.1
|
|
# runtimeClassName: image-rc
|
|
# sidecars:
|
|
# - image: busybox
|
|
# command: ["/bin/sh"]
|
|
# args: ["-c", "while true; do trap 'exit 0' SIGINT SIGTERM SIGQUIT SIGKILL; done;"]
|
|
# name: my-sidecar-1
|
|
# resources:
|
|
# requests:
|
|
# memory: 100M
|
|
# cpu: 100m
|
|
# limits:
|
|
# memory: 200M
|
|
# cpu: 200m
|
|
# envVarsSecret: my-env-var-secrets
|
|
{%- if not allow_unsafe %}
|
|
resources:
|
|
requests:
|
|
memory: 1G
|
|
cpu: 600m
|
|
{%- endif %}
|
|
# limits:
|
|
# memory: 1G
|
|
# cpu: 700m
|
|
# priorityClassName: high-priority
|
|
# nodeSelector:
|
|
# disktype: ssd
|
|
# sidecarResources:
|
|
# requests:
|
|
# memory: 1G
|
|
# cpu: 500m
|
|
# limits:
|
|
# memory: 2G
|
|
# cpu: 600m
|
|
# containerSecurityContext:
|
|
# privileged: false
|
|
# podSecurityContext:
|
|
# runAsUser: 1001
|
|
# runAsGroup: 1001
|
|
# supplementalGroups: [1001]
|
|
# serviceAccountName: percona-xtradb-cluster-operator-workload
|
|
# topologySpreadConstraints:
|
|
# - labelSelector:
|
|
# matchLabels:
|
|
# app.kubernetes.io/name: percona-xtradb-cluster-operator
|
|
# maxSkew: 1
|
|
# topologyKey: kubernetes.io/hostname
|
|
# whenUnsatisfiable: DoNotSchedule
|
|
affinity:
|
|
antiAffinityTopologyKey: {{ anti_affinity_key }}
|
|
# advanced:
|
|
# nodeAffinity:
|
|
# requiredDuringSchedulingIgnoredDuringExecution:
|
|
# nodeSelectorTerms:
|
|
# - matchExpressions:
|
|
# - key: kubernetes.io/e2e-az-name
|
|
# operator: In
|
|
# values:
|
|
# - e2e-az1
|
|
# - e2e-az2
|
|
# tolerations:
|
|
# - key: "node.alpha.kubernetes.io/unreachable"
|
|
# operator: "Exists"
|
|
# effect: "NoExecute"
|
|
# tolerationSeconds: 6000
|
|
volumeSpec:
|
|
# emptyDir: {}
|
|
# hostPath:
|
|
# path: /data
|
|
# type: Directory
|
|
persistentVolumeClaim:
|
|
# storageClassName: standard
|
|
# accessModes: [ "ReadWriteOnce" ]
|
|
resources:
|
|
requests:
|
|
storage: 2G
|
|
podDisruptionBudget:
|
|
maxUnavailable: 1
|
|
# minAvailable: 0
|
|
gracePeriod: 30
|
|
# lifecycle:
|
|
# preStop:
|
|
# exec:
|
|
# command: [ "/bin/true" ]
|
|
# postStart:
|
|
# exec:
|
|
# command: [ "/bin/true" ]
|
|
# loadBalancerSourceRanges:
|
|
# - 10.0.0.0/8
|
|
logcollector:
|
|
enabled: true
|
|
image: percona/percona-xtradb-cluster-operator:1.14.0-logcollector
|
|
# configuration: |
|
|
# [OUTPUT]
|
|
# Name es
|
|
# Match *
|
|
# Host 192.168.2.3
|
|
# Port 9200
|
|
# Index my_index
|
|
# Type my_type
|
|
{%- if not allow_unsafe %}
|
|
resources:
|
|
requests:
|
|
memory: 100M
|
|
cpu: 200m
|
|
{%- endif %}
|
|
pmm:
|
|
enabled: false
|
|
image: percona/pmm-client:2.41.1
|
|
serverHost: monitoring-service
|
|
# serverUser: admin
|
|
# pxcParams: "--disable-tablestats-limit=2000"
|
|
# proxysqlParams: "--custom-labels=CUSTOM-LABELS"
|
|
# containerSecurityContext:
|
|
# privileged: false
|
|
{%- if not allow_unsafe %}
|
|
resources:
|
|
requests:
|
|
memory: 150M
|
|
cpu: 300m
|
|
{%- endif %}
|
|
backup:
|
|
# allowParallel: true
|
|
image: percona/percona-xtradb-cluster-operator:1.14.0-pxc8.0-backup-pxb8.0.35
|
|
# backoffLimit: 6
|
|
# serviceAccountName: percona-xtradb-cluster-operator
|
|
# imagePullSecrets:
|
|
# - name: private-registry-credentials
|
|
pitr:
|
|
enabled: false
|
|
# storageName: STORAGE-NAME-HERE
|
|
# timeBetweenUploads: 60
|
|
# timeoutSeconds: 60
|
|
# resources:
|
|
# requests:
|
|
# memory: 0.1G
|
|
# cpu: 100m
|
|
# limits:
|
|
# memory: 1G
|
|
# cpu: 700m
|
|
storages:
|
|
# s3-us-west:
|
|
# type: s3
|
|
# verifyTLS: true
|
|
# nodeSelector:
|
|
# storage: tape
|
|
# backupWorker: 'True'
|
|
# resources:
|
|
# requests:
|
|
# memory: 1G
|
|
# cpu: 600m
|
|
# topologySpreadConstraints:
|
|
# - labelSelector:
|
|
# matchLabels:
|
|
# app.kubernetes.io/name: percona-xtradb-cluster-operator
|
|
# maxSkew: 1
|
|
# topologyKey: kubernetes.io/hostname
|
|
# whenUnsatisfiable: DoNotSchedule
|
|
# affinity:
|
|
# nodeAffinity:
|
|
# requiredDuringSchedulingIgnoredDuringExecution:
|
|
# nodeSelectorTerms:
|
|
# - matchExpressions:
|
|
# - key: backupWorker
|
|
# operator: In
|
|
# values:
|
|
# - 'True'
|
|
# tolerations:
|
|
# - key: "backupWorker"
|
|
# operator: "Equal"
|
|
# value: "True"
|
|
# effect: "NoSchedule"
|
|
# annotations:
|
|
# testName: scheduled-backup
|
|
# labels:
|
|
# backupWorker: 'True'
|
|
# schedulerName: 'default-scheduler'
|
|
# priorityClassName: 'high-priority'
|
|
# containerSecurityContext:
|
|
# privileged: true
|
|
# podSecurityContext:
|
|
# fsGroup: 1001
|
|
# supplementalGroups: [1001, 1002, 1003]
|
|
# containerOptions:
|
|
# env:
|
|
# - name: VERIFY_TLS
|
|
# value: "false"
|
|
# args:
|
|
# xtrabackup:
|
|
# - "--someflag=abc"
|
|
# xbcloud:
|
|
# - "--someflag=abc"
|
|
# xbstream:
|
|
# - "--someflag=abc"
|
|
# s3:
|
|
# bucket: S3-BACKUP-BUCKET-NAME-HERE
|
|
# credentialsSecret: my-cluster-name-backup-s3
|
|
# region: us-west-2
|
|
# azure-blob:
|
|
# type: azure
|
|
# azure:
|
|
# credentialsSecret: azure-secret
|
|
# container: test
|
|
# endpointUrl: https://accountName.blob.core.windows.net
|
|
# storageClass: Hot
|
|
fs-pvc:
|
|
type: filesystem
|
|
# nodeSelector:
|
|
# storage: tape
|
|
# backupWorker: 'True'
|
|
# resources:
|
|
# requests:
|
|
# memory: 1G
|
|
# cpu: 600m
|
|
# topologySpreadConstraints:
|
|
# - labelSelector:
|
|
# matchLabels:
|
|
# app.kubernetes.io/name: percona-xtradb-cluster-operator
|
|
# maxSkew: 1
|
|
# topologyKey: kubernetes.io/hostname
|
|
# whenUnsatisfiable: DoNotSchedule
|
|
# affinity:
|
|
# nodeAffinity:
|
|
# requiredDuringSchedulingIgnoredDuringExecution:
|
|
# nodeSelectorTerms:
|
|
# - matchExpressions:
|
|
# - key: backupWorker
|
|
# operator: In
|
|
# values:
|
|
# - 'True'
|
|
# tolerations:
|
|
# - key: "backupWorker"
|
|
# operator: "Equal"
|
|
# value: "True"
|
|
# effect: "NoSchedule"
|
|
# annotations:
|
|
# testName: scheduled-backup
|
|
# labels:
|
|
# backupWorker: 'True'
|
|
# schedulerName: 'default-scheduler'
|
|
# priorityClassName: 'high-priority'
|
|
# containerSecurityContext:
|
|
# privileged: true
|
|
# podSecurityContext:
|
|
# fsGroup: 1001
|
|
# supplementalGroups: [1001, 1002, 1003]
|
|
volume:
|
|
persistentVolumeClaim:
|
|
# storageClassName: standard
|
|
accessModes: [ "ReadWriteOnce" ]
|
|
resources:
|
|
requests:
|
|
storage: 6G
|
|
schedule:
|
|
# - name: "sat-night-backup"
|
|
# schedule: "0 0 * * 6"
|
|
# keep: 3
|
|
# storageName: s3-us-west
|
|
- name: "daily-backup"
|
|
schedule: "0 0 * * *"
|
|
keep: 5
|
|
storageName: fs-pvc
|