180 lines
5.3 KiB
YAML
180 lines
5.3 KiB
YAML
apiVersion: apps/v1
|
|
kind: StatefulSet
|
|
metadata:
|
|
name: mysql
|
|
namespace: mysql
|
|
spec:
|
|
replicas: 1
|
|
podManagementPolicy: Parallel
|
|
serviceName: mysql-headless
|
|
updateStrategy:
|
|
type: RollingUpdate
|
|
selector:
|
|
matchLabels:
|
|
component: primary
|
|
template:
|
|
metadata:
|
|
labels:
|
|
component: primary
|
|
spec:
|
|
serviceAccountName: default
|
|
automountServiceAccountToken: false
|
|
securityContext:
|
|
fsGroup: 1001
|
|
fsGroupChangePolicy: Always
|
|
initContainers:
|
|
- name: preserve-logs-symlinks
|
|
image: {{ .apps.mysql.image }}
|
|
imagePullPolicy: IfNotPresent
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
readOnlyRootFilesystem: true
|
|
runAsGroup: 1001
|
|
runAsNonRoot: true
|
|
runAsUser: 1001
|
|
seccompProfile:
|
|
type: RuntimeDefault
|
|
resources:
|
|
limits:
|
|
cpu: 250m
|
|
ephemeral-storage: 1Gi
|
|
memory: 256Mi
|
|
requests:
|
|
cpu: 100m
|
|
ephemeral-storage: 50Mi
|
|
memory: 128Mi
|
|
command:
|
|
- /bin/bash
|
|
args:
|
|
- -ec
|
|
- |
|
|
#!/bin/bash
|
|
. /opt/bitnami/scripts/libfs.sh
|
|
# We copy the logs folder because it has symlinks to stdout and stderr
|
|
if ! is_dir_empty /opt/bitnami/mysql/logs; then
|
|
cp -r /opt/bitnami/mysql/logs /emptydir/app-logs-dir
|
|
fi
|
|
volumeMounts:
|
|
- name: empty-dir
|
|
mountPath: /emptydir
|
|
containers:
|
|
- name: mysql
|
|
image: {{ .apps.mysql.image }}
|
|
imagePullPolicy: IfNotPresent
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
readOnlyRootFilesystem: true
|
|
runAsGroup: 1001
|
|
runAsNonRoot: true
|
|
runAsUser: 1001
|
|
seccompProfile:
|
|
type: RuntimeDefault
|
|
env:
|
|
- name: BITNAMI_DEBUG
|
|
value: "false"
|
|
- name: MYSQL_ROOT_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: mysql-secrets
|
|
key: apps.mysql.rootPassword
|
|
- name: MYSQL_USER
|
|
value: {{ .apps.mysql.user }}
|
|
- name: MYSQL_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: mysql-secrets
|
|
key: apps.mysql.password
|
|
- name: MYSQL_DATABASE
|
|
value: {{ .apps.mysql.dbName }}
|
|
- name: MYSQL_PORT
|
|
value: "{{ .apps.mysql.port }}"
|
|
ports:
|
|
- name: mysql
|
|
containerPort: {{ .apps.mysql.port }}
|
|
livenessProbe:
|
|
failureThreshold: 3
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 10
|
|
successThreshold: 1
|
|
timeoutSeconds: 1
|
|
exec:
|
|
command:
|
|
- /bin/bash
|
|
- -ec
|
|
- |
|
|
password_aux="${MYSQL_ROOT_PASSWORD:-}"
|
|
mysqladmin status -uroot -p"${password_aux}"
|
|
readinessProbe:
|
|
failureThreshold: 3
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 10
|
|
successThreshold: 1
|
|
timeoutSeconds: 1
|
|
exec:
|
|
command:
|
|
- /bin/bash
|
|
- -ec
|
|
- |
|
|
password_aux="${MYSQL_ROOT_PASSWORD:-}"
|
|
mysqladmin ping -uroot -p"${password_aux}" | grep "mysqld is alive"
|
|
startupProbe:
|
|
failureThreshold: 10
|
|
initialDelaySeconds: 15
|
|
periodSeconds: 10
|
|
successThreshold: 1
|
|
timeoutSeconds: 1
|
|
exec:
|
|
command:
|
|
- /bin/bash
|
|
- -ec
|
|
- |
|
|
password_aux="${MYSQL_ROOT_PASSWORD:-}"
|
|
mysqladmin ping -uroot -p"${password_aux}" | grep "mysqld is alive"
|
|
resources:
|
|
limits:
|
|
cpu: 750m
|
|
ephemeral-storage: 2Gi
|
|
memory: 768Mi
|
|
requests:
|
|
cpu: 500m
|
|
ephemeral-storage: 50Mi
|
|
memory: 512Mi
|
|
volumeMounts:
|
|
- name: data
|
|
mountPath: /bitnami/mysql
|
|
- name: empty-dir
|
|
mountPath: /tmp
|
|
subPath: tmp-dir
|
|
- name: empty-dir
|
|
mountPath: /opt/bitnami/mysql/conf
|
|
subPath: app-conf-dir
|
|
- name: empty-dir
|
|
mountPath: /opt/bitnami/mysql/tmp
|
|
subPath: app-tmp-dir
|
|
- name: empty-dir
|
|
mountPath: /opt/bitnami/mysql/logs
|
|
subPath: app-logs-dir
|
|
- name: config
|
|
mountPath: /opt/bitnami/mysql/conf/my.cnf
|
|
subPath: my.cnf
|
|
volumes:
|
|
- name: config
|
|
configMap:
|
|
name: mysql
|
|
- name: empty-dir
|
|
emptyDir: {}
|
|
volumeClaimTemplates:
|
|
- metadata:
|
|
name: data
|
|
spec:
|
|
accessModes:
|
|
- ReadWriteOnce
|
|
resources:
|
|
requests:
|
|
storage: {{ .apps.mysql.storage }} |