From 66dbac10d5a3f815ef0ec12f30c2149270962b7f Mon Sep 17 00:00:00 2001 From: Joseph Hanson Date: Wed, 27 Nov 2024 15:32:55 -0600 Subject: [PATCH] add mariadb cluster --- .../apps/database/mariadb/cluster/backup.yaml | 23 +++++++++++ .../mariadb/cluster/externalsecret.yaml | 27 +++++++++++++ .../apps/database/mariadb/cluster/gatus.yaml | 21 ++++++++++ .../mariadb/cluster/kustomization.yaml | 9 +++++ .../database/mariadb/cluster/mariadb.yaml | 38 +++++++++++++++++++ kubernetes/apps/database/mariadb/ks.yaml | 22 +++++++++++ 6 files changed, 140 insertions(+) create mode 100644 kubernetes/apps/database/mariadb/cluster/backup.yaml create mode 100644 kubernetes/apps/database/mariadb/cluster/externalsecret.yaml create mode 100644 kubernetes/apps/database/mariadb/cluster/gatus.yaml create mode 100644 kubernetes/apps/database/mariadb/cluster/kustomization.yaml create mode 100644 kubernetes/apps/database/mariadb/cluster/mariadb.yaml diff --git a/kubernetes/apps/database/mariadb/cluster/backup.yaml b/kubernetes/apps/database/mariadb/cluster/backup.yaml new file mode 100644 index 00000000..7efeacd3 --- /dev/null +++ b/kubernetes/apps/database/mariadb/cluster/backup.yaml @@ -0,0 +1,23 @@ +--- +# yaml-language-server: $schema=https://ks.hsn.dev/k8s.mariadb.com/backup_v1alpha1.json +apiVersion: k8s.mariadb.com/v1alpha1 +kind: Backup +metadata: + name: &name mariadb-backup +spec: + mariaDbRef: + name: mariadb + timeZone: "America/Chicago" + schedule: + cron: "0 * * * *" + suspend: false + storage: + s3: + endpoint: s3.hsn.dev + bucket: mariadb + accessKeyIdSecretKeyRef: + name: mariadb-secret + key: AWS_ACCESS_KEY_ID + secretAccessKeySecretKeyRef: + name: mariadb-secret + key: AWS_SECRET_ACCESS_KEY diff --git a/kubernetes/apps/database/mariadb/cluster/externalsecret.yaml b/kubernetes/apps/database/mariadb/cluster/externalsecret.yaml new file mode 100644 index 00000000..50839ed1 --- /dev/null +++ b/kubernetes/apps/database/mariadb/cluster/externalsecret.yaml @@ -0,0 +1,27 @@ +--- +# yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/externalsecret_v1beta1.json +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: &name mariadb +spec: + secretStoreRef: + kind: ClusterSecretStore + name: onepassword-connect + target: + name: mariadb-secret + template: + engineVersion: v2 + data: + AWS_ACCESS_KEY_ID: "{{ .minio_mariadb_access_key }}" + AWS_SECRET_ACCESS_KEY: "{{ .minio_mariadb_secret_key }}" + dataFrom: + - extract: + key: minio + rewrite: + - regexp: + source: "[-]" + target: "_" + - regexp: + source: "(.*)" + target: "minio_$1" diff --git a/kubernetes/apps/database/mariadb/cluster/gatus.yaml b/kubernetes/apps/database/mariadb/cluster/gatus.yaml new file mode 100644 index 00000000..70fc8407 --- /dev/null +++ b/kubernetes/apps/database/mariadb/cluster/gatus.yaml @@ -0,0 +1,21 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: mariadb-gatus-ep + labels: + gatus.io/enabled: "true" +data: + config.yaml: | + endpoints: + - name: mariadb + group: infrastructure + url: tcp://mariadb.database.svc.cluster.local:3306 + interval: 1m + ui: + hide-url: true + hide-hostname: true + conditions: + - "[CONNECTED] == true" + alerts: + - type: pushover diff --git a/kubernetes/apps/database/mariadb/cluster/kustomization.yaml b/kubernetes/apps/database/mariadb/cluster/kustomization.yaml new file mode 100644 index 00000000..023b1882 --- /dev/null +++ b/kubernetes/apps/database/mariadb/cluster/kustomization.yaml @@ -0,0 +1,9 @@ +--- +# yaml-language-server: $schema=https://json.schemastore.org/kustomization +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - ./backup.yaml + - ./externalsecret.yaml + - ./gatus.yaml + - ./mariadb.yaml diff --git a/kubernetes/apps/database/mariadb/cluster/mariadb.yaml b/kubernetes/apps/database/mariadb/cluster/mariadb.yaml new file mode 100644 index 00000000..651ef0e5 --- /dev/null +++ b/kubernetes/apps/database/mariadb/cluster/mariadb.yaml @@ -0,0 +1,38 @@ +--- +# yaml-language-server: $schema=https://ks.hsn.dev/k8s.mariadb.com/mariadb_v1alpha1.json +apiVersion: k8s.mariadb.com/v1alpha1 +kind: MariaDB +metadata: + name: &name mariadb +spec: + # renovate: datasource=docker depName=docker.io/library/mariadb + image: docker.io/library/mariadb:11.6.2 + replicas: 3 + storage: + size: 5Gi + storageClassName: openebs-hostpath + bootstrapFrom: + backupRef: + name: mariadb-backup + maxScale: + enabled: true + kubernetesService: + type: LoadBalancer + metadata: + annotations: + io.cilium/lb-ipam-ips: 10.1.1.39 + connection: + secretName: mxs-connection + port: 3306 + galera: + enabled: true + podSecurityContext: + runAsUser: 568 + runAsGroup: 568 + fsGroup: 568 + fsGroupChangePolicy: OnRootMismatch + service: + type: LoadBalancer + metadata: + annotations: + io.cilium/lb-ipam-ips: 10.1.1.33 diff --git a/kubernetes/apps/database/mariadb/ks.yaml b/kubernetes/apps/database/mariadb/ks.yaml index cb8bbdea..e5764c3f 100644 --- a/kubernetes/apps/database/mariadb/ks.yaml +++ b/kubernetes/apps/database/mariadb/ks.yaml @@ -40,3 +40,25 @@ spec: wait: true interval: 30m timeout: 5m +--- +# yaml-language-server: $schema=https://ks.hsn.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: &app mariadb-cluster + namespace: flux-system +spec: + targetNamespace: database + commonMetadata: + labels: + app.kubernetes.io/name: *app + dependsOn: + - name: external-secrets-stores + path: ./kubernetes/apps/database/mariadb/cluster + prune: true + sourceRef: + kind: GitRepository + name: theshire + wait: true + interval: 30m + timeout: 5m