--- apiVersion: v1 kind: ServiceAccount metadata: name: helm-mysql namespace: uavcloud-dev labels: app.kubernetes.io/name: mysql-db octopus.control: mysql-db-wdd app.kubernetes.io/release: uavcloud-dev app.kubernetes.io/managed-by: octopus annotations: { } secrets: - name: helm-mysql --- apiVersion: v1 kind: Secret metadata: name: helm-mysql namespace: uavcloud-dev labels: app.kubernetes.io/name: mysql-db octopus.control: mysql-db-wdd app.kubernetes.io/release: uavcloud-dev app.kubernetes.io/managed-by: octopus type: Opaque data: mysql-root-password: "R3d1YmM2Q3hSTQ==" mysql-password: "S0F0cm5PckFKNw==" --- apiVersion: v1 kind: ConfigMap metadata: name: helm-mysql namespace: uavcloud-dev labels: app.kubernetes.io/name: mysql-db octopus.control: mysql-db-wdd app.kubernetes.io/release: uavcloud-dev app.kubernetes.io/managed-by: octopus app.kubernetes.io/component: primary data: my.cnf: |- [mysqld] port=3306 basedir=/opt/bitnami/mysql datadir=/bitnami/mysql/data pid-file=/opt/bitnami/mysql/tmp/mysqld.pid socket=/opt/bitnami/mysql/tmp/mysql.sock log-error=/bitnami/mysql/data/error.log general_log_file = /bitnami/mysql/data/general.log slow_query_log_file = /bitnami/mysql/data/slow.log innodb_data_file_path = ibdata1:512M:autoextend innodb_buffer_pool_size = 512M innodb_buffer_pool_instances = 2 innodb_log_file_size = 512M innodb_log_files_in_group = 4 innodb_log_files_in_group = 4 log-bin = /bitnami/mysql/data/mysql-bin max_binlog_size=1G transaction_isolation = REPEATABLE-READ default_storage_engine = innodb character-set-server = utf8mb4 collation-server=utf8mb4_bin binlog_format = ROW binlog_rows_query_log_events=on binlog_cache_size=4M binlog_expire_logs_seconds = 1296000 max_binlog_cache_size=2G gtid_mode = on enforce_gtid_consistency = 1 sync_binlog = 1 innodb_flush_log_at_trx_commit = 1 innodb_flush_method = O_DIRECT log_slave_updates=1 relay_log_recovery = 1 relay-log-purge = 1 default_time_zone = '+08:00' lower_case_table_names=1 log_bin_trust_function_creators=1 group_concat_max_len=67108864 innodb_io_capacity = 4000 innodb_io_capacity_max = 8000 innodb_flush_sync = 0 innodb_flush_neighbors = 0 innodb_write_io_threads = 8 innodb_read_io_threads = 8 innodb_purge_threads = 4 innodb_page_cleaners = 4 innodb_open_files = 65535 innodb_max_dirty_pages_pct = 50 innodb_lru_scan_depth = 4000 innodb_checksum_algorithm = crc32 innodb_lock_wait_timeout = 10 innodb_rollback_on_timeout = 1 innodb_print_all_deadlocks = 1 innodb_file_per_table = 1 innodb_online_alter_log_max_size = 4G innodb_stats_on_metadata = 0 innodb_thread_concurrency = 0 innodb_sync_spin_loops = 100 innodb_spin_wait_delay = 30 lock_wait_timeout = 3600 slow_query_log = 1 long_query_time = 10 log_queries_not_using_indexes =1 log_throttle_queries_not_using_indexes = 60 min_examined_row_limit = 100 log_slow_admin_statements = 1 log_slow_slave_statements = 1 default_authentication_plugin=mysql_native_password skip-name-resolve=1 explicit_defaults_for_timestamp=1 plugin_dir=/opt/bitnami/mysql/plugin max_allowed_packet=128M max_connections = 2000 max_connect_errors = 1000000 table_definition_cache=2000 table_open_cache_instances=64 tablespace_definition_cache=1024 thread_cache_size=256 interactive_timeout = 600 wait_timeout = 600 tmpdir=/opt/bitnami/mysql/tmp max_allowed_packet=32M bind-address=0.0.0.0 performance_schema = 1 performance_schema_instrument = '%memory%=on' performance_schema_instrument = '%lock%=on' innodb_monitor_enable=ALL [mysql] no-auto-rehash [mysqldump] quick max_allowed_packet = 32M [client] port=3306 socket=/opt/bitnami/mysql/tmp/mysql.sock default-character-set=UTF8 plugin_dir=/opt/bitnami/mysql/plugin [manager] port=3306 socket=/opt/bitnami/mysql/tmp/mysql.sock pid-file=/opt/bitnami/mysql/tmp/mysqld.pid --- apiVersion: v1 kind: ConfigMap metadata: name: helm-mysql-init-scripts namespace: uavcloud-dev labels: app.kubernetes.io/name: mysql-db octopus.control: mysql-db-wdd app.kubernetes.io/release: uavcloud-dev app.kubernetes.io/managed-by: octopus app.kubernetes.io/component: primary data: create_users_grants_core.sql: |- create user zyly@'%' identified by 'Cmii@451315'; grant select on *.* to zyly@'%'; create user zyly_qc@'%' identified by 'Uh)E_owCyb16'; grant all on *.* to zyly_qc@'%'; create user k8s_admin@'%' identified by 'VFJncwy58^Zm'; grant all on *.* to k8s_admin@'%'; create user audit_dba@'%' identified by 'PjCzqiBmJaTpgkoYXynH'; grant all on *.* to audit_dba@'%'; create user db_backup@'%' identified by 'RU5Pu(4FGdT9'; GRANT SELECT, RELOAD, PROCESS, LOCK TABLES, REPLICATION CLIENT, EVENT on *.* to db_backup@'%'; create user monitor@'%' identified by 'PL3#nGtrWbf-'; grant REPLICATION CLIENT on *.* to monitor@'%'; flush privileges; --- kind: Service apiVersion: v1 metadata: name: cmii-mysql namespace: uavcloud-dev labels: app.kubernetes.io/component: primary app.kubernetes.io/managed-by: octopus app.kubernetes.io/name: mysql-db app.kubernetes.io/release: uavcloud-dev cmii.app: mysql cmii.type: middleware octopus.control: mysql-db-wdd spec: ports: - name: mysql protocol: TCP port: 13306 targetPort: mysql selector: app.kubernetes.io/component: primary app.kubernetes.io/name: mysql-db app.kubernetes.io/release: uavcloud-dev cmii.app: mysql cmii.type: middleware type: ClusterIP --- apiVersion: v1 kind: Service metadata: name: helm-mysql-headless namespace: uavcloud-dev labels: app.kubernetes.io/name: mysql-db octopus.control: mysql-db-wdd app.kubernetes.io/release: uavcloud-dev app.kubernetes.io/managed-by: octopus cmii.type: middleware cmii.app: mysql app.kubernetes.io/component: primary annotations: { } spec: type: ClusterIP clusterIP: None publishNotReadyAddresses: true ports: - name: mysql port: 3306 targetPort: mysql selector: app.kubernetes.io/name: mysql-db app.kubernetes.io/release: uavcloud-dev cmii.type: middleware cmii.app: mysql app.kubernetes.io/component: primary --- apiVersion: v1 kind: Service metadata: name: helm-mysql namespace: uavcloud-dev labels: app.kubernetes.io/name: mysql-db octopus.control: mysql-db-wdd app.kubernetes.io/release: uavcloud-dev app.kubernetes.io/managed-by: octopus cmii.type: middleware cmii.app: mysql app.kubernetes.io/component: primary annotations: { } spec: type: NodePort ports: - name: mysql port: 3306 protocol: TCP targetPort: mysql nodePort: 33306 selector: app.kubernetes.io/name: mysql-db app.kubernetes.io/release: uavcloud-dev cmii.type: middleware cmii.app: mysql app.kubernetes.io/component: primary --- apiVersion: apps/v1 kind: StatefulSet metadata: name: helm-mysql namespace: uavcloud-dev labels: app.kubernetes.io/name: mysql-db octopus.control: mysql-db-wdd app.kubernetes.io/release: uavcloud-dev app.kubernetes.io/managed-by: octopus cmii.type: middleware cmii.app: mysql app.kubernetes.io/component: primary spec: replicas: 1 selector: matchLabels: app.kubernetes.io/name: mysql-db app.kubernetes.io/release: uavcloud-dev cmii.type: middleware cmii.app: mysql app.kubernetes.io/component: primary serviceName: helm-mysql updateStrategy: type: RollingUpdate template: metadata: annotations: checksum/configuration: 6b60fa0f3a846a6ada8effdc4f823cf8003d42a8c8f630fe8b1b66d3454082dd labels: app.kubernetes.io/name: mysql-db octopus.control: mysql-db-wdd app.kubernetes.io/release: uavcloud-dev app.kubernetes.io/managed-by: octopus cmii.type: middleware cmii.app: mysql app.kubernetes.io/component: primary spec: serviceAccountName: helm-mysql affinity: { } nodeSelector: mysql-deploy: "true" securityContext: fsGroup: 1001 initContainers: - name: change-volume-permissions image: harbor.cdcyy.com.cn/cmii/bitnami-shell:11-debian-11-r136 imagePullPolicy: "Always" command: - /bin/bash - -ec - | chown -R 1001:1001 /bitnami/mysql securityContext: runAsUser: 0 volumeMounts: - name: mysql-data mountPath: /bitnami/mysql containers: - name: mysql image: harbor.cdcyy.com.cn/cmii/mysql:8.1.0-debian-11-r42 imagePullPolicy: "IfNotPresent" securityContext: runAsUser: 1001 env: - name: BITNAMI_DEBUG value: "true" - name: MYSQL_ROOT_PASSWORD valueFrom: secretKeyRef: name: helm-mysql key: mysql-root-password - name: MYSQL_DATABASE value: "cmii" ports: - name: mysql containerPort: 3306 livenessProbe: failureThreshold: 5 initialDelaySeconds: 120 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 3 exec: command: - /bin/bash - -ec - | password_aux="${MYSQL_ROOT_PASSWORD:-}" if [[ -f "${MYSQL_ROOT_PASSWORD_FILE:-}" ]]; then password_aux=$(cat "$MYSQL_ROOT_PASSWORD_FILE") fi mysqladmin status -uroot -p"${password_aux}" readinessProbe: failureThreshold: 5 initialDelaySeconds: 30 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 3 exec: command: - /bin/bash - -ec - | password_aux="${MYSQL_ROOT_PASSWORD:-}" if [[ -f "${MYSQL_ROOT_PASSWORD_FILE:-}" ]]; then password_aux=$(cat "$MYSQL_ROOT_PASSWORD_FILE") fi mysqladmin status -uroot -p"${password_aux}" startupProbe: failureThreshold: 60 initialDelaySeconds: 120 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 exec: command: - /bin/bash - -ec - | password_aux="${MYSQL_ROOT_PASSWORD:-}" if [[ -f "${MYSQL_ROOT_PASSWORD_FILE:-}" ]]; then password_aux=$(cat "$MYSQL_ROOT_PASSWORD_FILE") fi mysqladmin status -uroot -p"${password_aux}" resources: limits: { } requests: { } volumeMounts: - name: mysql-data mountPath: /bitnami/mysql - name: custom-init-scripts mountPath: /docker-entrypoint-initdb.d - name: config mountPath: /opt/bitnami/mysql/conf/my.cnf subPath: my.cnf volumes: - name: config configMap: name: helm-mysql - name: custom-init-scripts configMap: name: helm-mysql-init-scripts - name: mysql-data hostPath: path: /var/lib/docker/mysql-pv/uavcloud-dev/