https://github.com/percona/percona-helm-charts/tree/main/charts/pxc-db/templates
GitHub - percona/percona-helm-charts: Collection of Helm charts for Percona Kubernetes Operators.
Collection of Helm charts for Percona Kubernetes Operators. - GitHub - percona/percona-helm-charts: Collection of Helm charts for Percona Kubernetes Operators.
github.com
cluster.yaml - 01
### .Chart.AppVersion 을 가지고와서 설치수행 "Knd - PerconaXtraDBCluster"
### .Chart.AppVersion 을 가지고와서 annotaition 값 정의
### .Values 의 finalizers 값이 있으면 4칸 띠어쓰기하고 입력
### .Values.pxc "clusterSecretName" 값이 있으면 secretName 이 "clusterSecretName" 값으로 정의되며, 아닐시 include "pxc-database.fullname" 값으로 정의되서 생성
### Values 의 pxc 의 disableTLS 값이 없을경우
### Values 의 secrets 의 tls 가 cluster 값이 있으면, sslSecretName 값이 "Values.secrets.tls.cluster" 값으로 정의, 없으면 include "pxc-database.fullname" . }}-ssl 값으로 정의
### Values 의 secrets 의 tls 가 internal 값이 있으면 sslSecretName 값이 ".Values.secrets.tls.internal" 값으로 정의, 없으면 include "pxc-database.fullname" . }}-ssl-internal 값으로 정의
### Values.pxc 의 vaultSecretName 값이 있으면 vaultSecretName 값이 Values.pxc.vaultSecretName 값으로 정의, 없으면 vaultSecretName 값이 include "pxc-database.fullname" . }}-vault 값으로 정의
### Values.pxc 의 logCollectorSecretName 값이 있으면 logCollectorSecretName 값에 Values.pxc.logCollectorSecretName 값으로 정의, 없으면 include "pxc-database.fullname" . }}-log-collector 값으로 정의
### Values 의 initImage 값으로 initLmage 값 정의 / Values.allowUnsafeConfigurations .Values.pxc.disableTLS 값중 둘중에 하나라도 있을시 "allowUnsafeConfigurations: true" 값 반영
### .Values.enableCRValidationWebhook 값 있을시 enableCRValidationWebhook 정의
### .Values.pause 값 있을시 pause 정의
### .Values.updateStrategy 값 있을시 updateStrategy 정의
### Values.upgradeOptions 값 중 versionServiceEndpoint 값이 있을시, "versionServiceEndpoint" key 값의 value 값이 Values.upgradeOptions.versionServiceEndpoint 값으로 정의 / "apply" key 값의 valuse 값이 Values.upgradeOptions.apply 값으로 정의 / "schedule" key 값의 value 값이 .Values.upgradeOptions.schedule 로 정의
### Values 의 tls 값이 있으면 tls 값 정의
### Values 의 tls 값 중 "SANs" 값이 있으면, SANs 값이 공백 6칸 띠고나서 값이 정의됨
### Values 의 tls 값 중 "issuerConf" 값이 있으면 issuerConf 의 값중에서 "name" key 값의 valuse 값이 .Values.tls.issuerConf.name 로 정의 / "kind" key 값의 valuse 값이 .Values.tls.issuerConf.kind 로 정의 / "group" key 값의 valuse 값이 .Values.tls.issuerConf.group 로 정의
### cluster.yaml - 01 START ###
apiVersion: pxc.percona.com/v{{ .Chart.AppVersion | replace "." "-" }}
kind: PerconaXtraDBCluster
metadata:
annotations:
kubectl.kubernetes.io/last-applied-configuration: |
{"apiVersion":"pxc.percona.com/v{{ .Chart.AppVersion | replace "." "-" }}","kind":"PerconaXtraDBCluster"}
name: {{ include "pxc-database.fullname" . }}
labels:
{{ include "pxc-database.labels" . | indent 4 }}
finalizers:
{{ .Values.finalizers | toYaml | indent 4 }}
spec:
crVersion: {{ .Chart.AppVersion }}
{{- if hasKey .Values.pxc "clusterSecretName" }}
secretsName: {{ .Values.pxc.clusterSecretName }}
{{- else }}
secretsName: {{ include "pxc-database.fullname" . }}
{{- end }}
{{- if not .Values.pxc.disableTLS }}
{{- if hasKey .Values.secrets.tls "cluster" }}
sslSecretName: {{ .Values.secrets.tls.cluster }}
{{- else }}
sslSecretName: {{ include "pxc-database.fullname" . }}-ssl
{{- end }}
{{- if hasKey .Values.secrets.tls "internal" }}
sslInternalSecretName: {{ .Values.secrets.tls.internal }}
{{- else }}
sslInternalSecretName: {{ include "pxc-database.fullname" . }}-ssl-internal
{{- end }}
{{- end }}
{{- if hasKey .Values.pxc "vaultSecretName" }}
vaultSecretName: {{ .Values.pxc.vaultSecretName }}
{{- else }}
vaultSecretName: {{ include "pxc-database.fullname" . }}-vault
{{- end }}
{{- if hasKey .Values.pxc "logCollectorSecretName" }}
logCollectorSecretName: {{ .Values.pxc.logCollectorSecretName }}
{{- else }}
logCollectorSecretName: {{ include "pxc-database.fullname" . }}-log-collector
{{- end }}
initImage: {{ .Values.initImage }}
{{- if or .Values.allowUnsafeConfigurations .Values.pxc.disableTLS }}
allowUnsafeConfigurations: true
{{- end }}
enableCRValidationWebhook: {{ .Values.enableCRValidationWebhook }}
pause: {{ .Values.pause }}
updateStrategy: {{ .Values.updateStrategy }}
{{- if hasKey .Values.upgradeOptions "versionServiceEndpoint" }}
upgradeOptions:
versionServiceEndpoint: {{ .Values.upgradeOptions.versionServiceEndpoint }}
apply: {{ .Values.upgradeOptions.apply }}
schedule: {{ .Values.upgradeOptions.schedule }}
{{- end }}
{{- if .Values.tls }}
tls:
{{- if hasKey .Values.tls "SANs" }}
SANs:
{{ .Values.tls.SANs | toYaml | indent 6 }}
{{- end }}
{{- if hasKey .Values.tls "issuerConf" }}
issuerConf:
name: {{ .Values.tls.issuerConf.name }}
kind: {{ .Values.tls.issuerConf.kind }}
group: {{ .Values.tls.issuerConf.group }}
{{- end }}
{{- end }}
### cluster.yaml - 01 END ###
{{- $pxc := .Values.pxc }}
pxc:
size: {{ $pxc.size }}
image: "{{ $pxc.image.repository }}:{{ $pxc.image.tag }}"
autoRecovery: {{ $pxc.autoRecovery }}
{{- if $pxc.schedulerName }}
schedulerName: {{ $pxc.schedulerName }}
{{- end }}
readinessDelaySec: {{ $pxc.readinessDelaySec }}
livenessDelaySec: {{ $pxc.livenessDelaySec }}
{{- if $pxc.configuration }}
configuration: |
{{ tpl $pxc.configuration $ | nindent 6 }}
{{- end }}
{{- if $pxc.imagePullPolicy }}
imagePullPolicy: {{ $pxc.imagePullPolicy }}
{{- end }}
{{- if $pxc.imagePullSecrets }}
imagePullSecrets:
{{ $pxc.imagePullSecrets | toYaml | indent 6 }}
{{- end }}
{{- if $pxc.priorityClassName }}
priorityClassName: {{ $pxc.priorityClassName }}
{{- end }}
annotations:
{{ $pxc.annotations | toYaml | indent 6 }}
labels:
{{ $pxc.labels | toYaml | indent 6 }}
{{- if $pxc.expose }}
expose:
{{ tpl ($pxc.expose | toYaml) $ | indent 6 }}
{{- end }}
{{- if $pxc.replicationChannels }}
replicationChannels:
{{ tpl ($pxc.replicationChannels | toYaml) $ | indent 6 }}
{{- end }}
{{- if $pxc.runtimeClassName }}
runtimeClassName: {{ $pxc.runtimeClassName }}
{{- end }}
{{- if $pxc.envVarsSecret }}
envVarsSecret: {{ $pxc.envVarsSecret }}
{{- end }}
resources:
requests:
{{ tpl ($pxc.resources.requests | toYaml) $ | indent 8 }}
limits:
{{ tpl ($pxc.resources.limits | toYaml) $ | indent 8 }}
sidecars:
{{ $pxc.sidecars | toYaml | indent 6 }}
sidecarResources:
requests:
{{ tpl ($pxc.sidecarResources.requests | toYaml) $ | indent 8 }}
limits:
{{ tpl ($pxc.sidecarResources.limits | toYaml) $ | indent 8 }}
nodeSelector:
{{ $pxc.nodeSelector | toYaml | indent 6 }}
affinity:
{{ $pxc.affinity | toYaml | indent 6 }}
tolerations:
{{ $pxc.tolerations | toYaml | indent 6 }}
podDisruptionBudget:
{{ $pxc.podDisruptionBudget | toYaml | indent 6 }}
volumeSpec:
{{- if not $pxc.persistence.enabled }}
emptyDir: {}
{{- else }}
{{- if hasKey $pxc.persistence "hostPath" }}
hostPath:
path: {{ $pxc.persistence.hostPath }}
type: Directory
{{- else }}
persistentVolumeClaim:
{{- if $pxc.persistence.storageClass }}
{{- if (eq "-" $pxc.persistence.storageClass) }}
storageClassName: ""
{{- else }}
storageClassName: "{{ $pxc.persistence.storageClass }}"
{{- end }}
{{- end }}
accessModes: [{{ $pxc.persistence.accessMode | quote }}]
resources:
requests:
storage: {{ $pxc.persistence.size | quote }}
{{- end }}
{{- end }}
gracePeriod: {{ $pxc.gracePeriod }}
readinessProbes:
{{ tpl ($pxc.readinessProbes | toYaml) $ | indent 6 }}
livenessProbes:
{{ tpl ($pxc.livenessProbes | toYaml) $ | indent 6 }}
{{- if $pxc.containerSecurityContext }}
containerSecurityContext:
{{ tpl ($pxc.containerSecurityContext | toYaml) $ | indent 6 }}
{{- end }}
{{- if $pxc.podSecurityContext }}
podSecurityContext:
{{ tpl ($pxc.podSecurityContext | toYaml) $ | indent 6 }}
{{- end }}
{{- if $pxc.serviceAccountName }}
serviceAccountName: {{ $pxc.serviceAccountName }}
{{- end }}
{{- if or (not .Values.haproxy.enabled) .Values.proxysql.enabled }}
haproxy:
enabled: false
{{- else }}
{{- $haproxy := .Values.haproxy }}
haproxy:
enabled: true
size: {{ $haproxy.size }}
image: {{ include "pxc-db.haproxy-image" . }}
replicasServiceEnabled: {{ $haproxy.replicasServiceEnabled }}
{{- if $haproxy.imagePullPolicy }}
imagePullPolicy: {{ $haproxy.imagePullPolicy }}
{{- end }}
{{- if $haproxy.imagePullSecrets }}
imagePullSecrets:
{{ $haproxy.imagePullSecrets | toYaml | indent 6 }}
{{- end }}
{{- if $haproxy.schedulerName }}
schedulerName: {{ $haproxy.schedulerName }}
{{- end }}
{{- if $haproxy.configuration }}
configuration: |
{{ tpl $haproxy.configuration $ | nindent 6 }}
{{- end }}
{{- if $haproxy.priorityClassName }}
priorityClassName: {{ $haproxy.priorityClassName }}
{{- end }}
{{- if $haproxy.externalTrafficPolicy }}
externalTrafficPolicy: {{ $haproxy.externalTrafficPolicy }}
{{- end }}
{{- if $haproxy.replicasExternalTrafficPolicy }}
replicasExternalTrafficPolicy: {{ $haproxy.replicasExternalTrafficPolicy }}
{{- end }}
{{- if $haproxy.loadBalancerSourceRanges }}
loadBalancerSourceRanges:
{{ $haproxy.loadBalancerSourceRanges | toYaml | indent 6 }}
{{- end }}
{{- if $haproxy.serviceType }}
serviceType: {{ $haproxy.serviceType }}
{{- end }}
{{- if $haproxy.replicasServiceType }}
replicasServiceType: {{ $haproxy.replicasServiceType }}
{{- end }}
{{- if $haproxy.serviceAnnotations }}
serviceAnnotations:
{{ $haproxy.serviceAnnotations | toYaml | indent 6 }}
{{- end }}
annotations:
{{ $haproxy.annotations | toYaml | indent 6 }}
labels:
{{ $haproxy.labels | toYaml | indent 6 }}
{{- if $haproxy.runtimeClassName }}
runtimeClassName: {{ $haproxy.runtimeClassName }}
{{- end }}
{{- if $haproxy.envVarsSecret }}
envVarsSecret: {{ $haproxy.envVarsSecret }}
{{- end }}
resources:
requests:
{{ $haproxy.resources.requests | toYaml | indent 8 }}
limits:
{{ $haproxy.resources.limits | toYaml | indent 8 }}
sidecars:
{{ $haproxy.sidecars | toYaml | indent 6 }}
sidecarResources:
requests:
{{ tpl ($haproxy.sidecarResources.requests | toYaml) $ | indent 8 }}
limits:
{{ tpl ($haproxy.sidecarResources.limits | toYaml) $ | indent 8 }}
{{- if $haproxy.serviceAccountName }}
serviceAccountName: {{ $haproxy.serviceAccountName }}
{{- end }}
nodeSelector:
{{ $haproxy.nodeSelector | toYaml | indent 6 }}
affinity:
{{ $haproxy.affinity | toYaml | indent 6 }}
tolerations:
{{ $haproxy.tolerations | toYaml | indent 6 }}
podDisruptionBudget:
{{ $haproxy.podDisruptionBudget | toYaml | indent 6 }}
volumeSpec:
emptyDir: {}
gracePeriod: {{ $haproxy.gracePeriod }}
{{- if $haproxy.readinessDelaySec }}
readinessDelaySec: {{ $haproxy.readinessDelaySec }}
{{- end }}
{{- if $haproxy.livenessDelaySec }}
livenessDelaySec: {{ $pxc.livenessDelaySec }}
{{- end }}
readinessProbes:
{{ tpl ($haproxy.readinessProbes | toYaml) $ | indent 6 }}
livenessProbes:
{{ tpl ($haproxy.livenessProbes | toYaml) $ | indent 6 }}
{{- if $haproxy.containerSecurityContext }}
containerSecurityContext:
{{ tpl ($haproxy.containerSecurityContext | toYaml) $ | indent 6 }}
{{- end }}
{{- if $haproxy.podSecurityContext }}
podSecurityContext:
{{ tpl ($haproxy.podSecurityContext | toYaml) $ | indent 6 }}
{{- end }}
{{- end }}
{{- if not .Values.proxysql.enabled }}
proxysql:
enabled: false
{{- else }}
{{- $proxysql := .Values.proxysql }}
proxysql:
enabled: true
size: {{ $proxysql.size }}
image: {{ include "pxc-db.proxysql-image" . }}
{{- if $proxysql.imagePullPolicy }}
imagePullPolicy: {{ $proxysql.imagePullPolicy }}
{{- end }}
{{- if $proxysql.imagePullSecrets }}
imagePullSecrets:
{{- $proxysql.imagePullSecrets | toYaml | indent 6 }}
{{- end }}
{{- if $proxysql.schedulerName }}
schedulerName: {{ $proxysql.schedulerName }}
{{- end }}
{{- if $proxysql.configuration }}
configuration: |
{{ tpl $proxysql.configuration $ | nindent 6 }}
{{- end }}
{{- if $proxysql.priorityClassName }}
priorityClassName: {{ $proxysql.priorityClassName }}
{{- end }}
{{- if $proxysql.externalTrafficPolicy }}
externalTrafficPolicy: {{ $proxysql.externalTrafficPolicy }}
{{- end }}
{{- if $proxysql.loadBalancerSourceRanges }}
loadBalancerSourceRanges:
{{ $proxysql.loadBalancerSourceRanges | toYaml | indent 6 }}
{{- end }}
{{- if $proxysql.serviceType }}
serviceType: {{ $proxysql.serviceType }}
{{- end }}
{{- if $proxysql.serviceAnnotations }}
serviceAnnotations:
{{ $proxysql.serviceAnnotations | toYaml | indent 6 }}
{{- end }}
annotations:
{{ $proxysql.annotations | toYaml | indent 6 }}
labels:
{{ $proxysql.labels | toYaml | indent 6 }}
{{- if $proxysql.runtimeClassName }}
runtimeClassName: {{ $proxysql.runtimeClassName }}
{{- end }}
{{- if $proxysql.envVarsSecret }}
envVarsSecret: {{ $proxysql.envVarsSecret }}
{{- end }}
resources:
requests:
{{ $proxysql.resources.requests | toYaml | indent 8 }}
limits:
{{ $proxysql.resources.limits | toYaml | indent 8 }}
sidecars:
{{ $proxysql.sidecars | toYaml | indent 6 }}
sidecarResources:
requests:
{{ tpl ($proxysql.sidecarResources.requests | toYaml) $ | indent 8 }}
limits:
{{ tpl ($proxysql.sidecarResources.limits | toYaml) $ | indent 8 }}
{{- if $proxysql.serviceAccountName }}
serviceAccountName: {{ $proxysql.serviceAccountName }}
{{- end }}
nodeSelector:
{{ $proxysql.nodeSelector | toYaml | indent 6 }}
affinity:
{{ $proxysql.affinity | toYaml | indent 6 }}
tolerations:
{{ $proxysql.tolerations | toYaml | indent 6 }}
podDisruptionBudget:
{{ $proxysql.podDisruptionBudget | toYaml | indent 6 }}
volumeSpec:
{{- if not $proxysql.persistence.enabled }}
emptyDir: {}
{{- else }}
{{- if hasKey $proxysql.persistence "hostPath" }}
hostPath:
path: {{ $proxysql.persistence.hostPath }}
type: Directory
{{- else }}
persistentVolumeClaim:
{{- if $proxysql.persistence.storageClass }}
{{- if (eq "-" $proxysql.persistence.storageClass) }}
storageClassName: ""
{{- else }}
storageClassName: "{{ $proxysql.persistence.storageClass }}"
{{- end }}
{{- end }}
accessModes: [{{ $proxysql.persistence.accessMode | quote }}]
resources:
requests:
storage: {{ $proxysql.persistence.size | quote }}
{{- end }}
{{- end }}
gracePeriod: {{ $proxysql.gracePeriod }}
{{- if $proxysql.containerSecurityContext }}
containerSecurityContext:
{{ tpl ($proxysql.containerSecurityContext | toYaml) $ | indent 6 }}
{{- end }}
{{- if $proxysql.podSecurityContext }}
podSecurityContext:
{{ tpl ($proxysql.podSecurityContext | toYaml) $ | indent 6 }}
{{- end }}
{{- end }}
logcollector:
{{- if not .Values.logcollector.enabled }}
enabled: false
{{- else }}
{{- $logcollector := .Values.logcollector }}
enabled: true
image: {{ include "pxc-db.logcollector-image" . }}
{{- if $logcollector.imagePullPolicy }}
imagePullPolicy: {{ $logcollector.imagePullPolicy }}
{{- end }}
{{- if $logcollector.imagePullSecrets }}
imagePullSecrets:
{{- $logcollector.imagePullSecrets | toYaml | nindent 6 }}
{{- end }}
{{- if $logcollector.configuration }}
configuration: |
{{ tpl $logcollector.configuration $ | nindent 6 }}
{{- end }}
resources:
requests:
{{ tpl ($logcollector.resources.requests | toYaml) $ | indent 8 }}
limits:
{{ tpl ($logcollector.resources.limits | toYaml) $ | indent 8 }}
{{- end }}
pmm:
{{- if not .Values.pmm.enabled }}
enabled: false
{{- else }}
{{- $pmm := .Values.pmm }}
enabled: true
image: {{ $pmm.image.repository }}:{{ $pmm.image.tag }}
{{- if $pmm.imagePullPolicy }}
imagePullPolicy: {{ $pmm.imagePullPolicy }}
{{- end }}
{{- if $pmm.imagePullSecrets }}
imagePullSecrets:
{{- $pmm.imagePullSecrets | toYaml | nindent 6 }}
{{- end }}
serverHost: {{ $pmm.serverHost }}
serverUser: {{ $pmm.serverUser }}
resources:
requests:
{{ tpl ($pmm.resources.requests | toYaml) $ | indent 8 }}
limits:
{{ tpl ($pmm.resources.limits | toYaml) $ | indent 8 }}
{{- end }}
{{- $backup := .Values.backup }}
{{- if $backup.enabled }}
backup:
image: {{ include "pxc-db.backup-image" . }}
{{- if $backup.serviceAccountName }}
serviceAccountName: {{ $backup.serviceAccountName }}
{{- end }}
{{- if $backup.imagePullPolicy }}
imagePullPolicy: {{ $backup.imagePullPolicy }}
{{- end }}
{{- if $backup.imagePullSecrets }}
imagePullSecrets:
{{ $backup.imagePullSecrets | toYaml | indent 6 }}
{{- end }}
pitr:
{{- if not $backup.pitr.enabled }}
enabled: false
{{- else }}
enabled: true
storageName: {{ $backup.pitr.storageName }}
timeBetweenUploads: {{ $backup.pitr.timeBetweenUploads }}
resources:
requests:
{{ tpl ($backup.pitr.resources.requests | toYaml) $ | indent 10 }}
limits:
{{ tpl ($backup.pitr.resources.limits | toYaml) $ | indent 10 }}
{{- end }}
storages:
{{ include "pxc-database.storages" . | indent 6 }}
schedule:
{{ $backup.schedule | toYaml | indent 6 }}
{{- end }}