diff --git a/apps/mysql/config/example.env b/apps/mysql/config/example.env deleted file mode 100644 index cb23f44..0000000 --- a/apps/mysql/config/example.env +++ /dev/null @@ -1,11 +0,0 @@ -MARIADB_NAMESPACE=mariadb -MARIADB_RELEASE_NAME=mariadb -MARIADB_USER=app -MARIADB_DATABASE=app_database -MARIADB_STORAGE=8Gi -MARIADB_TAG=11.4.5 -MARIADB_PORT=3306 - -# Secrets -MARIADB_PASSWORD= -MARIADB_ROOT_PASSWORD= diff --git a/apps/mysql/primary/configmap.yaml b/apps/mysql/configmap.yaml similarity index 62% rename from apps/mysql/primary/configmap.yaml rename to apps/mysql/configmap.yaml index 90dc130..a0d9c4b 100644 --- a/apps/mysql/primary/configmap.yaml +++ b/apps/mysql/configmap.yaml @@ -1,27 +1,17 @@ ---- -# Source: ghost/charts/mysql/templates/primary/configmap.yaml apiVersion: v1 kind: ConfigMap metadata: - name: ghost-mysql - namespace: "default" - labels: - app.kubernetes.io/instance: ghost - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: mysql - app.kubernetes.io/version: 8.4.5 - helm.sh/chart: mysql-12.3.4 - app.kubernetes.io/part-of: mysql - app.kubernetes.io/component: primary + name: mysql + namespace: mysql data: - my.cnf: |- + my.cnf: | [mysqld] authentication_policy='* ,,' skip-name-resolve explicit_defaults_for_timestamp basedir=/opt/bitnami/mysql plugin_dir=/opt/bitnami/mysql/lib/plugin - port=3306 + port={{ .apps.mysql.port }} mysqlx=0 mysqlx_port=33060 socket=/opt/bitnami/mysql/tmp/mysql.sock @@ -36,12 +26,12 @@ data: long_query_time=10.0 [client] - port=3306 + port={{ .apps.mysql.port }} socket=/opt/bitnami/mysql/tmp/mysql.sock default-character-set=UTF8 plugin_dir=/opt/bitnami/mysql/lib/plugin [manager] - port=3306 + port={{ .apps.mysql.port }} socket=/opt/bitnami/mysql/tmp/mysql.sock - pid-file=/opt/bitnami/mysql/tmp/mysqld.pid + pid-file=/opt/bitnami/mysql/tmp/mysqld.pid \ No newline at end of file diff --git a/apps/mysql/kustomization.yaml b/apps/mysql/kustomization.yaml new file mode 100644 index 0000000..9d7a7da --- /dev/null +++ b/apps/mysql/kustomization.yaml @@ -0,0 +1,15 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: mysql +labels: + - includeSelectors: true + pairs: + app: mysql + managedBy: kustomize + partOf: wild-cloud +resources: + - namespace.yaml + - statefulset.yaml + - service.yaml + - service-headless.yaml + - configmap.yaml \ No newline at end of file diff --git a/apps/mysql/manifest.yaml b/apps/mysql/manifest.yaml new file mode 100644 index 0000000..80d6f27 --- /dev/null +++ b/apps/mysql/manifest.yaml @@ -0,0 +1,17 @@ +name: mysql +description: MySQL is an open-source relational database management system +version: 8.4.5 +icon: https://www.mysql.com/common/logos/logo-mysql-170x115.png +requires: [] +defaultConfig: + image: docker.io/bitnami/mysql:8.4.5-debian-12-r0 + port: 3306 + storage: 20Gi + dbName: mysql + rootUser: root + user: mysql + timezone: UTC + enableSSL: false +requiredSecrets: + - apps.mysql.rootPassword + - apps.mysql.password \ No newline at end of file diff --git a/apps/mysql/namespace.yaml b/apps/mysql/namespace.yaml new file mode 100644 index 0000000..c31f271 --- /dev/null +++ b/apps/mysql/namespace.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: mysql \ No newline at end of file diff --git a/apps/mysql/networkpolicy.yaml b/apps/mysql/networkpolicy.yaml deleted file mode 100644 index bd496aa..0000000 --- a/apps/mysql/networkpolicy.yaml +++ /dev/null @@ -1,31 +0,0 @@ ---- -# Source: ghost/charts/mysql/templates/networkpolicy.yaml -kind: NetworkPolicy -apiVersion: networking.k8s.io/v1 -metadata: - name: ghost-mysql - namespace: "default" - labels: - app.kubernetes.io/instance: ghost - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: mysql - app.kubernetes.io/version: 8.4.5 - helm.sh/chart: mysql-12.3.4 - app.kubernetes.io/part-of: mysql -spec: - podSelector: - matchLabels: - app.kubernetes.io/instance: ghost - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: mysql - app.kubernetes.io/version: 8.4.5 - helm.sh/chart: mysql-12.3.4 - policyTypes: - - Ingress - - Egress - egress: - - {} - ingress: - # Allow connection from other cluster pods - - ports: - - port: 3306 diff --git a/apps/mysql/primary/pdb.yaml b/apps/mysql/primary/pdb.yaml deleted file mode 100644 index 378a658..0000000 --- a/apps/mysql/primary/pdb.yaml +++ /dev/null @@ -1,23 +0,0 @@ ---- -# Source: ghost/charts/mysql/templates/primary/pdb.yaml -apiVersion: policy/v1 -kind: PodDisruptionBudget -metadata: - name: ghost-mysql - namespace: "default" - labels: - app.kubernetes.io/instance: ghost - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: mysql - app.kubernetes.io/version: 8.4.5 - helm.sh/chart: mysql-12.3.4 - app.kubernetes.io/part-of: mysql - app.kubernetes.io/component: primary -spec: - maxUnavailable: 1 - selector: - matchLabels: - app.kubernetes.io/instance: ghost - app.kubernetes.io/name: mysql - app.kubernetes.io/part-of: mysql - app.kubernetes.io/component: primary diff --git a/apps/mysql/primary/svc-headless.yaml b/apps/mysql/primary/svc-headless.yaml deleted file mode 100644 index 736dbc2..0000000 --- a/apps/mysql/primary/svc-headless.yaml +++ /dev/null @@ -1,27 +0,0 @@ ---- -# Source: ghost/charts/mysql/templates/primary/svc-headless.yaml -apiVersion: v1 -kind: Service -metadata: - name: ghost-mysql-headless - namespace: "default" - labels: - app.kubernetes.io/instance: ghost - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: mysql - app.kubernetes.io/version: 8.4.5 - helm.sh/chart: mysql-12.3.4 - app.kubernetes.io/part-of: mysql - app.kubernetes.io/component: primary -spec: - type: ClusterIP - clusterIP: None - publishNotReadyAddresses: true - ports: - - name: mysql - port: 3306 - targetPort: mysql - selector: - app.kubernetes.io/instance: ghost - app.kubernetes.io/name: mysql - app.kubernetes.io/component: primary diff --git a/apps/mysql/primary/svc.yaml b/apps/mysql/primary/svc.yaml deleted file mode 100644 index 0b9409c..0000000 --- a/apps/mysql/primary/svc.yaml +++ /dev/null @@ -1,29 +0,0 @@ ---- -# Source: ghost/charts/mysql/templates/primary/svc.yaml -apiVersion: v1 -kind: Service -metadata: - name: ghost-mysql - namespace: "default" - labels: - app.kubernetes.io/instance: ghost - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: mysql - app.kubernetes.io/version: 8.4.5 - helm.sh/chart: mysql-12.3.4 - app.kubernetes.io/part-of: mysql - app.kubernetes.io/component: primary -spec: - type: ClusterIP - sessionAffinity: None - ports: - - name: mysql - port: 3306 - protocol: TCP - targetPort: mysql - nodePort: null - selector: - app.kubernetes.io/instance: ghost - app.kubernetes.io/name: mysql - app.kubernetes.io/part-of: mysql - app.kubernetes.io/component: primary diff --git a/apps/mysql/service-headless.yaml b/apps/mysql/service-headless.yaml new file mode 100644 index 0000000..06b2b36 --- /dev/null +++ b/apps/mysql/service-headless.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Service +metadata: + name: mysql-headless + namespace: mysql +spec: + type: ClusterIP + clusterIP: None + publishNotReadyAddresses: true + ports: + - name: mysql + port: {{ .apps.mysql.port }} + protocol: TCP + targetPort: mysql + selector: + component: primary \ No newline at end of file diff --git a/apps/mysql/service.yaml b/apps/mysql/service.yaml new file mode 100644 index 0000000..38e53a0 --- /dev/null +++ b/apps/mysql/service.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: Service +metadata: + name: mysql + namespace: mysql +spec: + type: ClusterIP + ports: + - name: mysql + port: {{ .apps.mysql.port }} + protocol: TCP + targetPort: mysql + selector: + component: primary \ No newline at end of file diff --git a/apps/mysql/serviceaccount.yaml b/apps/mysql/serviceaccount.yaml deleted file mode 100644 index 0a1ed30..0000000 --- a/apps/mysql/serviceaccount.yaml +++ /dev/null @@ -1,17 +0,0 @@ ---- -# Source: ghost/charts/mysql/templates/serviceaccount.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: ghost-mysql - namespace: "default" - labels: - app.kubernetes.io/instance: ghost - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: mysql - app.kubernetes.io/version: 8.4.5 - helm.sh/chart: mysql-12.3.4 - app.kubernetes.io/part-of: mysql -automountServiceAccountToken: false -secrets: - - name: ghost-mysql diff --git a/apps/mysql/primary/statefulset.yaml b/apps/mysql/statefulset.yaml similarity index 55% rename from apps/mysql/primary/statefulset.yaml rename to apps/mysql/statefulset.yaml index a360261..bd90c62 100644 --- a/apps/mysql/primary/statefulset.yaml +++ b/apps/mysql/statefulset.yaml @@ -1,97 +1,57 @@ ---- -# Source: ghost/charts/mysql/templates/primary/statefulset.yaml apiVersion: apps/v1 kind: StatefulSet metadata: - name: ghost-mysql - namespace: "default" - labels: - app.kubernetes.io/instance: ghost - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: mysql - app.kubernetes.io/version: 8.4.5 - helm.sh/chart: mysql-12.3.4 - app.kubernetes.io/part-of: mysql - app.kubernetes.io/component: primary + name: mysql + namespace: mysql spec: replicas: 1 - podManagementPolicy: "" - selector: - matchLabels: - app.kubernetes.io/instance: ghost - app.kubernetes.io/name: mysql - app.kubernetes.io/part-of: mysql - app.kubernetes.io/component: primary - serviceName: ghost-mysql-headless + podManagementPolicy: Parallel + serviceName: mysql-headless updateStrategy: type: RollingUpdate + selector: + matchLabels: + component: primary template: metadata: - annotations: - checksum/configuration: 959b0f76ba7e6be0aaaabf97932398c31b17bc9f86d3839a26a3bbbc48673cd9 labels: - app.kubernetes.io/instance: ghost - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: mysql - app.kubernetes.io/version: 8.4.5 - helm.sh/chart: mysql-12.3.4 - app.kubernetes.io/part-of: mysql - app.kubernetes.io/component: primary + component: primary spec: - serviceAccountName: ghost-mysql - + serviceAccountName: default automountServiceAccountToken: false - affinity: - podAffinity: - - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app.kubernetes.io/instance: ghost - app.kubernetes.io/name: mysql - topologyKey: kubernetes.io/hostname - weight: 1 - nodeAffinity: - securityContext: fsGroup: 1001 fsGroupChangePolicy: Always - supplementalGroups: [] - sysctls: [] initContainers: - name: preserve-logs-symlinks - image: docker.io/bitnami/mysql:8.4.5-debian-12-r0 - imagePullPolicy: "IfNotPresent" + image: {{ .apps.mysql.image }} + imagePullPolicy: IfNotPresent securityContext: allowPrivilegeEscalation: false capabilities: drop: - - ALL + - ALL readOnlyRootFilesystem: true runAsGroup: 1001 runAsNonRoot: true runAsUser: 1001 - seLinuxOptions: {} seccompProfile: type: RuntimeDefault resources: limits: - cpu: 750m - ephemeral-storage: 2Gi - memory: 768Mi + cpu: 250m + ephemeral-storage: 1Gi + memory: 256Mi requests: - cpu: 500m + cpu: 100m ephemeral-storage: 50Mi - memory: 512Mi + memory: 128Mi command: - /bin/bash args: - -ec - | #!/bin/bash - . /opt/bitnami/scripts/libfs.sh # We copy the logs folder because it has symlinks to stdout and stderr if ! is_dir_empty /opt/bitnami/mysql/logs; then @@ -102,39 +62,41 @@ spec: mountPath: /emptydir containers: - name: mysql - image: docker.io/bitnami/mysql:8.4.5-debian-12-r0 - imagePullPolicy: "IfNotPresent" + image: {{ .apps.mysql.image }} + imagePullPolicy: IfNotPresent securityContext: allowPrivilegeEscalation: false capabilities: drop: - - ALL + - ALL readOnlyRootFilesystem: true runAsGroup: 1001 runAsNonRoot: true runAsUser: 1001 - seLinuxOptions: {} seccompProfile: type: RuntimeDefault env: - name: BITNAMI_DEBUG value: "false" - - name: MYSQL_ROOT_PASSWORD_FILE - value: /opt/bitnami/mysql/secrets/mysql-root-password - - name: MYSQL_ENABLE_SSL - value: "no" + - name: MYSQL_ROOT_PASSWORD + valueFrom: + secretKeyRef: + name: mysql-secrets + key: rootPassword - name: MYSQL_USER - value: "bn_ghost" - - name: MYSQL_PASSWORD_FILE - value: /opt/bitnami/mysql/secrets/mysql-password - - name: MYSQL_PORT - value: "3306" + value: {{ .apps.mysql.user }} + - name: MYSQL_PASSWORD + valueFrom: + secretKeyRef: + name: mysql-secrets + key: password - name: MYSQL_DATABASE - value: "bitnami_ghost" - envFrom: + value: {{ .apps.mysql.dbName }} + - name: MYSQL_PORT + value: "{{ .apps.mysql.port }}" ports: - name: mysql - containerPort: 3306 + containerPort: {{ .apps.mysql.port }} livenessProbe: failureThreshold: 3 initialDelaySeconds: 5 @@ -147,9 +109,6 @@ spec: - -ec - | password_aux="${MYSQL_ROOT_PASSWORD:-}" - if [[ -f "${MYSQL_ROOT_PASSWORD_FILE:-}" ]]; then - password_aux=$(cat "$MYSQL_ROOT_PASSWORD_FILE") - fi mysqladmin status -uroot -p"${password_aux}" readinessProbe: failureThreshold: 3 @@ -163,9 +122,6 @@ spec: - -ec - | password_aux="${MYSQL_ROOT_PASSWORD:-}" - if [[ -f "${MYSQL_ROOT_PASSWORD_FILE:-}" ]]; then - password_aux=$(cat "$MYSQL_ROOT_PASSWORD_FILE") - fi mysqladmin ping -uroot -p"${password_aux}" | grep "mysqld is alive" startupProbe: failureThreshold: 10 @@ -179,9 +135,6 @@ spec: - -ec - | password_aux="${MYSQL_ROOT_PASSWORD:-}" - if [[ -f "${MYSQL_ROOT_PASSWORD_FILE:-}" ]]; then - password_aux=$(cat "$MYSQL_ROOT_PASSWORD_FILE") - fi mysqladmin ping -uroot -p"${password_aux}" | grep "mysqld is alive" resources: limits: @@ -210,32 +163,18 @@ spec: - name: config mountPath: /opt/bitnami/mysql/conf/my.cnf subPath: my.cnf - - name: mysql-credentials - mountPath: /opt/bitnami/mysql/secrets/ volumes: - name: config configMap: - name: ghost-mysql - - name: mysql-credentials - secret: - secretName: ghost-mysql - items: - - key: mysql-root-password - path: mysql-root-password - - key: mysql-password - path: mysql-password + name: mysql - name: empty-dir emptyDir: {} volumeClaimTemplates: - metadata: name: data - labels: - app.kubernetes.io/instance: ghost - app.kubernetes.io/name: mysql - app.kubernetes.io/component: primary spec: accessModes: - - "ReadWriteOnce" + - ReadWriteOnce resources: requests: - storage: "8Gi" + storage: {{ .apps.mysql.storage }} \ No newline at end of file