├── README.md ├── proxysql-k8s ├── Dockerfile ├── add_cluster_nodes.sh ├── proxysql-entry.sh ├── proxysql.cnf └── start_node.sh ├── pxc-k8s ├── Dockerfile ├── README-build.md ├── README.md ├── dockerdir │ └── usr │ │ └── bin │ │ ├── clustercheck.sh │ │ ├── configure-pxc.sh │ │ └── peer-finder ├── entrypoint.sh ├── kubernetes │ ├── pxc-pv-host.yml │ └── pxc_k8s.yml ├── node.cnf ├── start_node.sh └── ubuntu │ ├── Dockerfile │ ├── entrypoint.sh │ └── node.cnf ├── pxc_proxy.yaml ├── pxc_proxy_cleartext.yaml └── secret.yaml /README.md: -------------------------------------------------------------------------------- 1 | # Percona XtraDB Cluster + ProxySQL on Kubernetes / Openshift 2 | 3 | The goal of this project is to provide a complete install path for Percona XtraDB Cluster + ProxySQL on Kubernetes / Openshift. 4 | * pxc-k8s/ includes Percona XtraDB Cluster docker for Kubernetes / Openshift (fork from https://github.com/Percona-Lab/percona-docker/tree/master/pxc-k8s). It uses the new version of discovery service (does not rely on ETCD anymore) 5 | * proxysql-k8s/ is the new version of proxysql + discovery service for Percona XtraDB Cluster nodes 6 | * pxc_proxy.yaml is the YAML for kubernetes / openshift. For openshift run: oc new-project pxc-proxy; oc create -f pxc_proxy.yaml 7 | 8 | -------------------------------------------------------------------------------- /proxysql-k8s/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM centos:7 2 | MAINTAINER Percona Development 3 | 4 | # the numeric UID is needed for OpenShift 5 | RUN useradd -u 1001 -r -g 0 -s /sbin/nologin \ 6 | -c "Default Application User" proxysql 7 | 8 | #RUN yum install -y https://github.com/sysown/proxysql/releases/download/v1.2.1/proxysql-1.2.1-1-centos7.x86_64.rpm 9 | 10 | RUN rpmkeys --import https://www.percona.com/downloads/RPM-GPG-KEY-percona 11 | RUN yum install -y https://www.percona.com/redir/downloads/percona-release/redhat/0.1-4/percona-release-0.1-4.noarch.rpm 12 | RUN yum install -y Percona-Server-client-56 proxysql vim curl && chown -R 1001:0 /etc/proxysql* && chown -R 1001:0 /var/lib/proxysql 13 | 14 | ADD proxysql.cnf /etc/proxysql.cnf 15 | 16 | COPY proxysql-entry.sh /entrypoint.sh 17 | RUN chmod +x /entrypoint.sh 18 | 19 | 20 | COPY add_cluster_nodes.sh /usr/bin/add_cluster_nodes.sh 21 | RUN chmod a+x /usr/bin/add_cluster_nodes.sh 22 | 23 | VOLUME /var/lib/proxysql 24 | 25 | EXPOSE 3306 6032 26 | ONBUILD RUN yum update -y 27 | 28 | ENTRYPOINT ["/entrypoint.sh"] 29 | USER 1001 30 | 31 | CMD [""] 32 | -------------------------------------------------------------------------------- /proxysql-k8s/add_cluster_nodes.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Configs 4 | opt=" -vvv -f " 5 | default_hostgroup_id="10" 6 | reader_hostgroup_id="20" 7 | TIMEOUT="10" # 10 sec timeout to wait for server 8 | 9 | # Remote exec hack 10 | if [ "$1" == "remote" ] 11 | then 12 | remote="oc rsh proxysql-0" 13 | else 14 | remote="" 15 | fi 16 | 17 | 18 | # Functions 19 | 20 | function mysql_root_exec() { 21 | local server="$1" 22 | local query="$2" 23 | printf "%s\n" \ 24 | "[client]" \ 25 | "user=root" \ 26 | "password=${MYSQL_ROOT_PASSWORD}" \ 27 | "host=${server}" \ 28 | | timeout $TIMEOUT $remote mysql --defaults-file=/dev/stdin --protocol=tcp -s -NB -e "${query}" 29 | } 30 | 31 | function wait_for_mysql() { 32 | local h=$1 33 | echo "Waiting for host $h to be online..." 34 | while [ "$(mysql_root_exec $h 'select 1')" != "1" ] 35 | do 36 | echo "MySQL is not up yet... sleeping ..." 37 | sleep 1 38 | done 39 | } 40 | 41 | # Check that PEERS are set 42 | if [ "$PEERS" == "" ] 43 | then 44 | echo "Need to pass PEERS variables in the YAML file or set PEERS env variable. Exiting ..." 45 | exit 46 | fi 47 | 48 | 49 | ipaddr=$($remote hostname -i | awk ' { print $1 } ') 50 | IFS=',' read -ra ADDR <<< "$PEERS" 51 | first_host=${ADDR[0]} 52 | 53 | $remote mysql $opt -h $first_host -uroot -p$MYSQL_ROOT_PASSWORD -e "GRANT ALL ON *.* TO '$MYSQL_PROXY_USER'@'$ipaddr' IDENTIFIED BY '$MYSQL_PROXY_PASSWORD';GRANT PROCESS ON *.* TO 'clustercheckuser'@'localhost' IDENTIFIED BY 'clustercheckpassword\!';" 54 | 55 | # Now prepare sql for proxysql 56 | 57 | cleanup_sql="" 58 | servers_sql="REPLACE INTO mysql_servers (hostgroup_id, hostname, port) VALUES ($default_hostgroup_id, '$first_host', 3306);" 59 | 60 | for i in "${ADDR[@]}" 61 | do 62 | echo "Found host: $i" 63 | wait_for_mysql $i 64 | servers_sql="$servers_sql\nREPLACE INTO mysql_servers (hostgroup_id, hostname, port) VALUES ($reader_hostgroup_id, '$i', 3306);" 65 | done 66 | 67 | servers_sql="$servers_sql\nLOAD MYSQL SERVERS TO RUNTIME; SAVE MYSQL SERVERS TO DISK;" 68 | 69 | users_sql=" 70 | REPLACE INTO mysql_users (username, password, active, default_hostgroup, max_connections) VALUES ('root', '$MYSQL_ROOT_PASSWORD', 1, $default_hostgroup_id, 200); 71 | REPLACE INTO mysql_users (username, password, active, default_hostgroup, max_connections) VALUES ('$MYSQL_PROXY_USER', '$MYSQL_PROXY_PASSWORD', 1, $default_hostgroup_id, 200); 72 | LOAD MYSQL USERS TO RUNTIME; SAVE MYSQL USERS TO DISK; 73 | " 74 | 75 | scheduler_sql=" 76 | UPDATE global_variables SET variable_value='$MYSQL_PROXY_USER' WHERE variable_name='mysql-monitor_username'; 77 | UPDATE global_variables SET variable_value='$MYSQL_PROXY_PASSWORD' WHERE variable_name='mysql-monitor_password'; 78 | LOAD MYSQL VARIABLES TO RUNTIME;SAVE MYSQL VARIABLES TO DISK; 79 | REPLACE INTO scheduler(id,active,interval_ms,filename,arg1,arg2,arg3,arg4,arg5) VALUES (1,'1','3000','/usr/bin/proxysql_galera_checker','10','11','1','1', '/var/lib/proxysql/proxysql_galera_checker.log'); 80 | LOAD SCHEDULER TO RUNTIME; SAVE SCHEDULER TO DISK; 81 | " 82 | 83 | rw_split_sql=" 84 | UPDATE mysql_users SET default_hostgroup=$default_hostgroup_id; 85 | LOAD MYSQL USERS TO RUNTIME; 86 | SAVE MYSQL USERS TO DISK; 87 | REPLACE INTO mysql_query_rules (rule_id,active,match_digest,destination_hostgroup,apply) 88 | VALUES 89 | (1,1,'^SELECT.*FOR UPDATE$',10,1), 90 | (2,1,'^SELECT',20,1); 91 | LOAD MYSQL QUERY RULES TO RUNTIME; 92 | SAVE MYSQL QUERY RULES TO DISK; 93 | " 94 | 95 | #echo $servers_sql, $users_sql, $scheduler_sql, $rw_split_sql 96 | 97 | $remote mysql $opt -h 127.0.0.1 -P6032 -uadmin -padmin -e "$cleanup_sql $servers_sql $users_sql $scheduler_sql $rw_split_sql" 98 | 99 | echo "All done!" 100 | -------------------------------------------------------------------------------- /proxysql-k8s/proxysql-entry.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | /usr/bin/proxysql --initial -f -c /etc/proxysql.cnf 4 | -------------------------------------------------------------------------------- /proxysql-k8s/proxysql.cnf: -------------------------------------------------------------------------------- 1 | datadir="/var/lib/proxysql" 2 | 3 | admin_variables = 4 | { 5 | admin_credentials="admin:admin" 6 | mysql_ifaces="0.0.0.0:6032" 7 | refresh_interval=2000 8 | } 9 | 10 | mysql_variables= 11 | { 12 | threads=2 13 | max_connections=2048 14 | default_query_delay=0 15 | default_query_timeout=10000 16 | poll_timeout=2000 17 | interfaces="0.0.0.0:3306" 18 | default_schema="information_schema" 19 | stacksize=1048576 20 | connect_timeout_server=10000 21 | monitor_history=60000 22 | monitor_connect_interval=20000 23 | monitor_ping_interval=10000 24 | ping_timeout_server=200 25 | commands_stats=true 26 | sessions_sort=true 27 | } 28 | 29 | -------------------------------------------------------------------------------- /proxysql-k8s/start_node.sh: -------------------------------------------------------------------------------- 1 | CLUSTER_NAME=${CLUSTER_NAME:-Theistareykjarbunga} 2 | ETCD_HOST=${ETCD_HOST:-10.20.2.4:2379} 3 | NETWORK_NAME=${CLUSTER_NAME}_net 4 | 5 | echo "Starting new ProxySQL on $NETWORK_NAME ..." 6 | docker run -d -p 3306:3306 -p 6032:6032 --net=$NETWORK_NAME --name=${CLUSTER_NAME}_proxysql \ 7 | -e CLUSTER_NAME=$CLUSTER_NAME \ 8 | -e DISCOVERY_SERVICE=$ETCD_HOST \ 9 | -e MYSQL_ROOT_PASSWORD=Theistareyk \ 10 | -e MYSQL_PROXY_USER=proxyuser \ 11 | -e MYSQL_PROXY_PASSWORD=s3cret \ 12 | perconalab/proxysql 13 | echo "Started $(docker ps -l -q)" 14 | 15 | -------------------------------------------------------------------------------- /pxc-k8s/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM centos:7 2 | MAINTAINER Percona Development 3 | LABEL vendor=Percona 4 | LABEL com.percona.package="Percona XtraDB Cluster" 5 | LABEL com.percona.version="5.7" 6 | LABEL io.k8s.description="Percona XtraDB Cluster is an active/active high availability and high scalability open source solution for MySQL clustering" 7 | LABEL io.k8s.display-name="Percona XtraDB Cluster 5.7" 8 | 9 | # the numeric UID is needed for OpenShift 10 | RUN useradd -u 1001 -r -g 0 -s /sbin/nologin \ 11 | -c "Default Application User" mysql 12 | 13 | ARG REPO_URL=http://www.percona.com/downloads/percona-release/redhat/0.1-4/percona-release-0.1-4.noarch.rpm 14 | 15 | # Install server 16 | RUN yum install -y $REPO_URL \ 17 | && yum install -y Percona-XtraDB-Cluster-57 curl vim \ 18 | && yum clean all && mkdir -p /etc/mysql/conf.d/ && chown -R mysql /etc/mysql/ && mkdir -p /var/log/mysql \ 19 | && chown -R 1001:0 /var/lib/mysql /var/run/mysqld /etc/mysql/conf.d/ /var/log/mysql && chmod -R g+w /etc/mysql/conf.d/ 20 | 21 | ADD node.cnf /etc/mysql/conf.d/node.cnf 22 | RUN echo '!include /etc/mysql/conf.d/node.cnf' > /etc/my.cnf 23 | 24 | COPY entrypoint.sh /entrypoint.sh 25 | COPY dockerdir / 26 | 27 | EXPOSE 3306 4567 4568 28 | 29 | ENTRYPOINT ["/entrypoint.sh"] 30 | 31 | USER 1001 32 | 33 | CMD [""] 34 | 35 | -------------------------------------------------------------------------------- /pxc-k8s/README-build.md: -------------------------------------------------------------------------------- 1 | Build image 2 | 3 | `docker build -t perconalab/percona-xtradb-cluster Dockerfile` 4 | 5 | or 6 | 7 | `docker build --build-arg PXC_VERSION=5.6.29 -t perconalab/percona-xtradb-cluster Dockerfile` 8 | 9 | Tag image 10 | 11 | `docker tag perconalab/percona-xtradb-cluster:5.6` 12 | 13 | Push to hub 14 | 15 | `docker push perconalab/percona-xtradb-cluster:5.6` 16 | 17 | Usage 18 | ===== 19 | 20 | -------------------------------------------------------------------------------- /pxc-k8s/README.md: -------------------------------------------------------------------------------- 1 | Percona XtraDB Cluster docker image 2 | =================================== 3 | 4 | The docker image is available right now at `percona/percona-xtradb-cluster:5.7`. 5 | The image supports work in Docker Network, including overlay networks, 6 | so that you can install Percona XtraDB Cluster nodes on different boxes. 7 | There is an initial support for the etcd discovery service. 8 | 9 | Basic usage 10 | ----------- 11 | 12 | For an example, see the `start_node.sh` script. 13 | 14 | The `CLUSTER_NAME` environment variable should be set, and the easiest to do it is: 15 | `export CLUSTER_NAME=cluster1` 16 | 17 | The script will try to create an overlay network `${CLUSTER_NAME}_net`. 18 | If you want to have a bridge network or network with a specific parameter, 19 | create it in advance. 20 | For example: 21 | `docker network create -d bridge ${CLUSTER_NAME}_net` 22 | 23 | The Docker image accepts the following parameters: 24 | * One of `MYSQL_ROOT_PASSWORD`, `MYSQL_ALLOW_EMPTY_PASSWORD` or `MYSQL_RANDOM_ROOT_PASSWORD` must be defined 25 | * The image will create the user `xtrabackup@localhost` for the XtraBackup SST method. If you want to use a password for the `xtrabackup` user, set `XTRABACKUP_PASSWORD`. 26 | * If you want to use the discovery service (right now only `etcd` is supported), set the address to `DISCOVERY_SERVICE`. The image will automatically find a running cluser by `CLUSTER_NAME` and join to the existing cluster (or start a new one). 27 | * If you want to start without the discovery service, use the `CLUSTER_JOIN` variable. Empty variables will start a new cluster, To join an existing cluster, set `CLUSTER_JOIN` to the list of IP addresses running cluster nodes. 28 | 29 | 30 | Discovery service 31 | ----------------- 32 | 33 | The cluster will try to register itself in the discovery service, so that new nodes or ProxySQL can easily find running nodes. 34 | 35 | Assuming you have the variable `ETCD_HOST` set to `IP:PORT` of the running etcd (e.g., `export ETCD_HOST=10.20.2.4:2379`), you can explore the current settings by using 36 | `curl http://$ETCD_HOST/v2/keys/pxc-cluster/$CLUSTER_NAME/?recursive=true | jq`. 37 | 38 | Example output: 39 | ``` 40 | { 41 | "action": "get", 42 | "node": { 43 | "key": "/pxc-cluster/cluster4", 44 | "dir": true, 45 | "nodes": [ 46 | { 47 | "key": "/pxc-cluster/cluster4/10.0.5.2", 48 | "dir": true, 49 | "nodes": [ 50 | { 51 | "key": "/pxc-cluster/cluster4/10.0.5.2/ipaddr", 52 | "value": "10.0.5.2", 53 | "modifiedIndex": 19600, 54 | "createdIndex": 19600 55 | }, 56 | { 57 | "key": "/pxc-cluster/cluster4/10.0.5.2/hostname", 58 | "value": "2af0a75ce0cb", 59 | "modifiedIndex": 19601, 60 | "createdIndex": 19601 61 | } 62 | ], 63 | "modifiedIndex": 19600, 64 | "createdIndex": 19600 65 | }, 66 | { 67 | "key": "/pxc-cluster/cluster4/10.0.5.3", 68 | "dir": true, 69 | "nodes": [ 70 | { 71 | "key": "/pxc-cluster/cluster4/10.0.5.3/ipaddr", 72 | "value": "10.0.5.3", 73 | "modifiedIndex": 26420, 74 | "createdIndex": 26420 75 | }, 76 | { 77 | "key": "/pxc-cluster/cluster4/10.0.5.3/hostname", 78 | "value": "cfb29833f1d6", 79 | "modifiedIndex": 26421, 80 | "createdIndex": 26421 81 | } 82 | ], 83 | "modifiedIndex": 26420, 84 | "createdIndex": 26420 85 | } 86 | ], 87 | "modifiedIndex": 19600, 88 | "createdIndex": 19600 89 | } 90 | } 91 | ``` 92 | 93 | Currently there is no automatic cleanup for the discovery service registry. You can remove all entries using 94 | `curl http://$ETCD_HOST/v2/keys/pxc-cluster/$CLUSTER_NAME?recursive=true -XDELETE`. 95 | 96 | Starting a discovery service 97 | -------------------------- 98 | 99 | For the full documentation, please check https://coreos.com/etcd/docs/latest/docker_guide.html. 100 | 101 | A simple script to start 1-node etcd (assuming `ETCD_HOST` variable is defined) is: 102 | 103 | ``` 104 | ETCD_HOST=${ETCD_HOST:-10.20.2.4:2379} 105 | docker run -d -v /usr/share/ca-certificates/:/etc/ssl/certs -p 4001:4001 -p 2380:2380 -p 2379:2379 \ 106 | --name etcd quay.io/coreos/etcd \ 107 | -name etcd0 \ 108 | -advertise-client-urls http://${ETCD_HOST}:2379,http://${ETCD_HOST}:4001 \ 109 | -listen-client-urls http://0.0.0.0:2379,http://0.0.0.0:4001 \ 110 | -initial-advertise-peer-urls http://${ETCD_HOST}:2380 \ 111 | -listen-peer-urls http://0.0.0.0:2380 \ 112 | -initial-cluster-token etcd-cluster-1 \ 113 | -initial-cluster etcd0=http://${ETCD_HOST}:2380 \ 114 | -initial-cluster-state new 115 | ``` 116 | 117 | Running a Docker overlay network 118 | ------------------------------ 119 | 120 | The following link is a great introduction with easy steps on how to run a Docker overlay network: http://chunqi.li/2015/11/09/docker-multi-host-networking/ 121 | 122 | 123 | Running with ProxySQL 124 | --------------------- 125 | 126 | The ProxySQL image https://hub.docker.com/r/perconalab/proxysql/ 127 | provides an integration with Percona XtraDB Cluster and discovery service. 128 | 129 | You can start proxysql image by 130 | ``` 131 | docker run -d -p 3306:3306 -p 6032:6032 --net=$NETWORK_NAME --name=${CLUSTER_NAME}_proxysql \ 132 | -e CLUSTER_NAME=$CLUSTER_NAME \ 133 | -e ETCD_HOST=$ETCD_HOST \ 134 | -e MYSQL_ROOT_PASSWORD=Theistareyk \ 135 | -e MYSQL_PROXY_USER=proxyuser \ 136 | -e MYSQL_PROXY_PASSWORD=s3cret \ 137 | perconalab/proxysql 138 | ``` 139 | 140 | where `MYSQL_ROOT_PASSWORD` is the root password for the MySQL nodes. The password is needed to register the proxy user. The user `MYSQL_PROXY_USER` with password `MYSQL_PROXY_PASSWORD` will be registered on all Percona XtraDB Cluster nodes. 141 | 142 | 143 | Running `docker exec -it ${CLUSTER_NAME}_proxysql add_cluster_nodes.sh` will register all nodes in the ProxySQL. 144 | 145 | -------------------------------------------------------------------------------- /pxc-k8s/dockerdir/usr/bin/clustercheck.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 3 | # Script to make a proxy (ie HAProxy) capable of monitoring Percona XtraDB Cluster nodes properly 4 | # 5 | # Authors: 6 | # Raghavendra Prabhu 7 | # Olaf van Zandwijk 8 | # 9 | # Based on the original script from Unai Rodriguez and Olaf (https://github.com/olafz/percona-clustercheck) 10 | # 11 | # Grant privileges required: 12 | # GRANT PROCESS ON *.* TO 'clustercheckuser'@'localhost' IDENTIFIED BY 'clustercheckpassword!'; 13 | 14 | if [[ $1 == '-h' || $1 == '--help' ]];then 15 | echo "Usage: $0 " 16 | exit 17 | fi 18 | 19 | MYSQL_USERNAME="${1-monitor}" 20 | MYSQL_PASSWORD="${2-monitor}" 21 | AVAILABLE_WHEN_DONOR=${3:-1} 22 | ERR_FILE="${4:-/var/lib/mysql/clustercheck.log}" 23 | AVAILABLE_WHEN_READONLY=${5:-1} 24 | DEFAULTS_EXTRA_FILE=${6:-/etc/mysql/my.cnf} 25 | 26 | # CLUSTER_NAME to be set in enviroment 27 | # DISCOVERY_SERVICE to be set in enviroment 28 | 29 | #Timeout exists for instances where mysqld may be hung 30 | TIMEOUT=10 31 | 32 | EXTRA_ARGS="" 33 | if [[ -n "$MYSQL_USERNAME" ]]; then 34 | EXTRA_ARGS="$EXTRA_ARGS --user=${MYSQL_USERNAME}" 35 | fi 36 | if [[ -n "$MYSQL_PASSWORD" ]]; then 37 | EXTRA_ARGS="$EXTRA_ARGS --password=${MYSQL_PASSWORD}" 38 | fi 39 | if [[ -r $DEFAULTS_EXTRA_FILE ]];then 40 | MYSQL_CMDLINE="mysql --defaults-extra-file=$DEFAULTS_EXTRA_FILE -nNE --connect-timeout=$TIMEOUT \ 41 | ${EXTRA_ARGS}" 42 | else 43 | MYSQL_CMDLINE="mysql -nNE --connect-timeout=$TIMEOUT ${EXTRA_ARGS}" 44 | fi 45 | 46 | ipaddr=$(hostname -i | awk ' { print $1 } ') 47 | hostname=$(hostname) 48 | 49 | # 50 | # Perform the query to check the wsrep_local_state 51 | # 52 | WSREP_STATUS=($($MYSQL_CMDLINE -e "SHOW GLOBAL STATUS LIKE 'wsrep_%';" \ 53 | 2>${ERR_FILE} | grep -A 1 -E 'wsrep_local_state$|wsrep_cluster_status$' \ 54 | | sed -n -e '2p' -e '5p' | tr '\n' ' ')) 55 | 56 | if [[ ${WSREP_STATUS[1]} == 'Primary' && ( ${WSREP_STATUS[0]} -eq 4 || \ 57 | ( ${WSREP_STATUS[0]} -eq 2 && $AVAILABLE_WHEN_DONOR -eq 1 ) ) ]] 58 | then 59 | 60 | # Check only when set to 0 to avoid latency in response. 61 | if [[ $AVAILABLE_WHEN_READONLY -eq 0 ]];then 62 | READ_ONLY=$($MYSQL_CMDLINE -e "SHOW GLOBAL VARIABLES LIKE 'read_only';" \ 63 | 2>${ERR_FILE} | tail -1 2>>${ERR_FILE}) 64 | 65 | if [[ "${READ_ONLY}" == "ON" ]];then 66 | # Percona XtraDB Cluster node local state is 'Synced', but it is in 67 | # read-only mode. The variable AVAILABLE_WHEN_READONLY is set to 0. 68 | # => return HTTP 503 69 | # Shell return-code is 1 70 | exit 1 71 | fi 72 | 73 | fi 74 | # Percona XtraDB Cluster node local state is 'Synced' => return HTTP 200 75 | # Shell return-code is 0 76 | exit 0 77 | else 78 | # Percona XtraDB Cluster node local state is not 'Synced' => return HTTP 503 79 | # Shell return-code is 1 80 | exit 1 81 | fi 82 | 83 | -------------------------------------------------------------------------------- /pxc-k8s/dockerdir/usr/bin/configure-pxc.sh: -------------------------------------------------------------------------------- 1 | #! /bin/bash 2 | 3 | # Copyright 2016 The Kubernetes Authors. 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | 17 | # This script writes out a mysql galera config using a list of newline seperated 18 | # peer DNS names it accepts through stdin. 19 | 20 | # /etc/mysql is assumed to be a shared volume so we can modify my.cnf as required 21 | # to keep the config up to date, without wrapping mysqld in a custom pid1. 22 | # The config location is intentionally not /etc/mysql/my.cnf because the 23 | # standard base image clobbers that location. 24 | CFG=/etc/mysql/conf.d/node.cnf 25 | 26 | function join { 27 | local IFS="$1"; shift; echo "$*"; 28 | } 29 | 30 | HOSTNAME=$(hostname) 31 | # Parse out cluster name, from service name: 32 | CLUSTER_NAME="$(hostname -f | cut -d'.' -f2)" 33 | 34 | while read -ra LINE; do 35 | if [[ "${LINE}" == *"${HOSTNAME}"* ]]; then 36 | MY_NAME=$LINE 37 | fi 38 | PEERS=("${PEERS[@]}" $LINE) 39 | done 40 | 41 | if [ "${#PEERS[@]}" = 1 ]; then 42 | WSREP_CLUSTER_ADDRESS="" 43 | else 44 | WSREP_CLUSTER_ADDRESS=$(join , "${PEERS[@]}") 45 | fi 46 | echo $WSREP_CLUSTER_ADDRESS > /tmp/cluster_addr.txt 47 | 48 | #--wsrep_cluster_name=$CLUSTER_NAME --wsrep_cluster_address="gcomm://$cluster_join" --wsrep_sst_method=xtrabackup-v2 --wsrep_sst_auth="xtrabackup:$XTRABACKUP_PASSWORD" --wsrep_node_address="$ipaddr" 49 | 50 | sed -i -e "s|^wsrep_node_address=.*$|wsrep_node_address=${MY_NAME}|" ${CFG} 51 | sed -i -e "s|^wsrep_cluster_name=.*$|wsrep_cluster_name=${CLUSTER_NAME}|" ${CFG} 52 | sed -i -e "s|^wsrep_cluster_address=.*$|wsrep_cluster_address=gcomm://${WSREP_CLUSTER_ADDRESS}|" ${CFG} 53 | 54 | # don't need a restart, we're just writing the conf in case there's an 55 | # unexpected restart on the node. 56 | -------------------------------------------------------------------------------- /pxc-k8s/dockerdir/usr/bin/peer-finder: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Percona-Lab/pxc-proxysql-k8s/8b9eebd59e0c9c36234a9ff291ed1c81e3839a91/pxc-k8s/dockerdir/usr/bin/peer-finder -------------------------------------------------------------------------------- /pxc-k8s/entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | set -e 3 | 4 | USER_ID=$(id -u) 5 | 6 | # if command starts with an option, prepend mysqld 7 | if [ "${1:0:1}" = '-' ]; then 8 | CMDARG="$@" 9 | fi 10 | 11 | if [ -z "$POD_NAMESPACE" ]; then 12 | echo >&2 'Error: You need to specify POD_NAMESPACE' 13 | exit 1 14 | else 15 | # Is running in Kubernetes/OpenShift, so find all other pods 16 | # belonging to the namespace 17 | echo "Percona XtraDB Cluster: Finding peers" 18 | K8S_SVC_NAME=$(hostname -f | cut -d"." -f2) 19 | echo "Using service name: ${K8S_SVC_NAME}" 20 | /usr/bin/peer-finder -on-start="/usr/bin/configure-pxc.sh" -service=${K8S_SVC_NAME} 21 | fi 22 | # Get config 23 | DATADIR="$("mysqld" --verbose --wsrep_provider= --help 2>/dev/null | awk '$1 == "datadir" { print $2; exit }')" 24 | if [ -z "$WSREP_CLUSTER_ADDRESS" ]; then 25 | DATADIR="/var/lib/mysql" 26 | fi 27 | 28 | # if we have CLUSTER_JOIN - then we do not need to perform datadir initialize 29 | # the data will be copied from another node 30 | WSREP_CLUSTER_ADDRESS=`cat /tmp/cluster_addr.txt` 31 | echo "Cluster address set to: $WSREP_CLUSTER_ADDRESS" 32 | 33 | if [ -z "$WSREP_CLUSTER_ADDRESS" ]; then 34 | 35 | if [ ! -e "$DATADIR/mysql" ]; then 36 | if [ -z "$MYSQL_ROOT_PASSWORD" -a -z "$MYSQL_ALLOW_EMPTY_PASSWORD" -a -z "$MYSQL_RANDOM_ROOT_PASSWORD" -a -z "$MYSQL_ROOT_PASSWORD_FILE" ]; then 37 | echo >&2 'error: database is uninitialized and password option is not specified ' 38 | echo >&2 ' You need to specify one of MYSQL_ROOT_PASSWORD, MYSQL_ROOT_PASSWORD_FILE, MYSQL_ALLOW_EMPTY_PASSWORD or MYSQL_RANDOM_ROOT_PASSWORD' 39 | exit 1 40 | fi 41 | 42 | if [ ! -z "$MYSQL_ROOT_PASSWORD_FILE" -a -z "$MYSQL_ROOT_PASSWORD" ]; then 43 | MYSQL_ROOT_PASSWORD=$(cat $MYSQL_ROOT_PASSWORD_FILE) 44 | fi 45 | rm -rf "$DATADIR/*.db" && mkdir -p "$DATADIR" 46 | 47 | echo "Running --initialize-insecure on $DATADIR" 48 | ls -lah $DATADIR 49 | mysqld --initialize-insecure 50 | echo 'Finished --initialize-insecure' 51 | 52 | mysqld --user=mysql --datadir="$DATADIR" --skip-networking & 53 | pid="$!" 54 | 55 | mysql=( mysql --protocol=socket -uroot ) 56 | 57 | for i in {30..0}; do 58 | if echo 'SELECT 1' | "${mysql[@]}" &> /dev/null; then 59 | break 60 | fi 61 | echo 'MySQL init process in progress...' 62 | sleep 1 63 | done 64 | if [ "$i" = 0 ]; then 65 | echo >&2 'MySQL init process failed.' 66 | exit 1 67 | fi 68 | 69 | # sed is for https://bugs.mysql.com/bug.php?id=20545 70 | mysql_tzinfo_to_sql /usr/share/zoneinfo | sed 's/Local time zone must be set--see zic manual page/FCTY/' | "${mysql[@]}" mysql 71 | if [ ! -z "$MYSQL_RANDOM_ROOT_PASSWORD" ]; then 72 | MYSQL_ROOT_PASSWORD="$(pwmake 128)" 73 | echo "GENERATED ROOT PASSWORD: $MYSQL_ROOT_PASSWORD" 74 | fi 75 | "${mysql[@]}" <<-EOSQL 76 | -- What's done in this file shouldn't be replicated 77 | -- or products like mysql-fabric won't work 78 | SET @@SESSION.SQL_LOG_BIN=0; 79 | CREATE USER 'root'@'%' IDENTIFIED BY '${MYSQL_ROOT_PASSWORD}' ; 80 | GRANT ALL ON *.* TO 'root'@'%' WITH GRANT OPTION ; 81 | ALTER USER 'root'@'localhost' IDENTIFIED BY '${MYSQL_ROOT_PASSWORD}'; 82 | CREATE USER 'xtrabackup'@'localhost' IDENTIFIED BY '$XTRABACKUP_PASSWORD'; 83 | GRANT RELOAD,PROCESS,LOCK TABLES,REPLICATION CLIENT ON *.* TO 'xtrabackup'@'localhost'; 84 | GRANT REPLICATION CLIENT ON *.* TO monitor@'%' IDENTIFIED BY 'monitor'; 85 | GRANT PROCESS ON *.* TO monitor@localhost IDENTIFIED BY 'monitor'; 86 | DROP DATABASE IF EXISTS test ; 87 | EOSQL 88 | if [ ! -z "$MYSQL_ROOT_PASSWORD" ]; then 89 | mysql+=( -p"${MYSQL_ROOT_PASSWORD}" ) 90 | fi 91 | 92 | if [ "$MYSQL_DATABASE" ]; then 93 | echo "CREATE DATABASE IF NOT EXISTS \`$MYSQL_DATABASE\` ;" | "${mysql[@]}" 94 | mysql+=( "$MYSQL_DATABASE" ) 95 | fi 96 | 97 | if [ "$MYSQL_USER" -a "$MYSQL_PASSWORD" ]; then 98 | echo "CREATE USER '"$MYSQL_USER"'@'%' IDENTIFIED BY '"$MYSQL_PASSWORD"' ;" | "${mysql[@]}" 99 | 100 | if [ "$MYSQL_DATABASE" ]; then 101 | echo "GRANT ALL ON \`"$MYSQL_DATABASE"\`.* TO '"$MYSQL_USER"'@'%' ;" | "${mysql[@]}" 102 | fi 103 | 104 | fi 105 | 106 | if [ ! -z "$MYSQL_ONETIME_PASSWORD" ]; then 107 | "${mysql[@]}" <<-EOSQL 108 | ALTER USER 'root'@'%' PASSWORD EXPIRE; 109 | EOSQL 110 | fi 111 | if ! kill -s TERM "$pid" || ! wait "$pid"; then 112 | echo >&2 'MySQL init process failed.' 113 | exit 1 114 | fi 115 | 116 | echo 117 | echo 'MySQL init process done. Ready for start up.' 118 | echo 119 | #mv /etc/my.cnf $DATADIR 120 | fi 121 | fi 122 | 123 | #--log-error=${DATADIR}error.log 124 | exec mysqld --user=mysql --wsrep_sst_auth="xtrabackup:$XTRABACKUP_PASSWORD" $CMDARG 125 | sleep 1000 126 | 127 | -------------------------------------------------------------------------------- /pxc-k8s/kubernetes/pxc-pv-host.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolume 3 | metadata: 4 | name: datadir-mysql-0 5 | spec: 6 | accessModes: 7 | - ReadWriteOnce 8 | capacity: 9 | storage: 2Gi 10 | hostPath: 11 | path: /data/flash/mysql/datadir-mysql-0/ 12 | --- 13 | apiVersion: v1 14 | kind: PersistentVolume 15 | metadata: 16 | name: datadir-mysql-1 17 | spec: 18 | accessModes: 19 | - ReadWriteOnce 20 | capacity: 21 | storage: 2Gi 22 | hostPath: 23 | path: /data/flash/mysql/datadir-mysql-1/ 24 | --- 25 | apiVersion: v1 26 | kind: PersistentVolume 27 | metadata: 28 | name: datadir-mysql-2 29 | spec: 30 | accessModes: 31 | - ReadWriteOnce 32 | capacity: 33 | storage: 2Gi 34 | hostPath: 35 | path: /data/flash/mysql/datadir-mysql-2/ 36 | -------------------------------------------------------------------------------- /pxc-k8s/kubernetes/pxc_k8s.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | annotations: 5 | service.alpha.kubernetes.io/tolerate-unready-endpoints: "true" 6 | name: pxc 7 | labels: 8 | app: mysql 9 | spec: 10 | ports: 11 | - port: 3306 12 | name: mysql 13 | clusterIP: None 14 | selector: 15 | app: mysql 16 | --- 17 | apiVersion: apps/v1beta1 18 | kind: StatefulSet 19 | metadata: 20 | name: mysql 21 | spec: 22 | serviceName: "pxc" 23 | replicas: 3 24 | template: 25 | metadata: 26 | labels: 27 | app: mysql 28 | annotations: 29 | pod.alpha.kubernetes.io/initialized: "true" 30 | spec: 31 | containers: 32 | - name: mysql 33 | image: perconalab/pxc-k8s:latest 34 | imagePullPolicy: Always 35 | ports: 36 | - containerPort: 3306 37 | name: mysql 38 | - containerPort: 4444 39 | name: sst 40 | - containerPort: 4567 41 | name: replication 42 | - containerPort: 4568 43 | name: ist 44 | readinessProbe: 45 | exec: 46 | command: 47 | - /usr/bin/clustercheck.sh 48 | initialDelaySeconds: 15 49 | timeoutSeconds: 15 50 | periodSeconds: 15 51 | failureThreshold: 5 52 | volumeMounts: 53 | - name: datadir 54 | mountPath: /var/lib/mysql 55 | subPath: data 56 | env: 57 | - name: MYSQL_ROOT_PASSWORD 58 | value: "Theistareyk" 59 | - name: XTRABACKUP_PASSWORD 60 | value: "Theistare" 61 | - name: POD_NAMESPACE 62 | valueFrom: 63 | fieldRef: 64 | apiVersion: v1 65 | fieldPath: metadata.namespace 66 | volumeClaimTemplates: 67 | - metadata: 68 | name: datadir 69 | spec: 70 | accessModes: [ "ReadWriteOnce" ] 71 | resources: 72 | requests: 73 | storage: 2Gi 74 | -------------------------------------------------------------------------------- /pxc-k8s/node.cnf: -------------------------------------------------------------------------------- 1 | [mysqld] 2 | 3 | datadir=/var/lib/mysql 4 | 5 | default_storage_engine=InnoDB 6 | binlog_format=ROW 7 | 8 | innodb_flush_log_at_trx_commit = 0 9 | innodb_flush_method = O_DIRECT 10 | innodb_file_per_table = 1 11 | innodb_autoinc_lock_mode=2 12 | 13 | bind_address = 0.0.0.0 14 | 15 | wsrep_slave_threads=2 16 | wsrep_cluster_address=gcomm:// 17 | wsrep_provider=/usr/lib64/galera3/libgalera_smm.so 18 | 19 | wsrep_cluster_name=Theistareykjarbunga 20 | 21 | wsrep_sst_method=xtrabackup-v2 22 | wsrep_sst_auth="root:" 23 | 24 | log_error=error.log 25 | -------------------------------------------------------------------------------- /pxc-k8s/start_node.sh: -------------------------------------------------------------------------------- 1 | CLUSTER_NAME=${CLUSTER_NAME:-Theistareykjarbunga} 2 | ETCD_HOST=${ETCD_HOST:-10.20.2.4:2379} 3 | NETWORK_NAME=${CLUSTER_NAME}_net 4 | 5 | docker network create -d overlay $NETWORK_NAME 6 | 7 | echo "Starting new node..." 8 | docker run -d -p 3306 --net=$NETWORK_NAME \ 9 | -e MYSQL_ROOT_PASSWORD=Theistareyk \ 10 | -e DISCOVERY_SERVICE=$ETCD_HOST \ 11 | -e CLUSTER_NAME=${CLUSTER_NAME} \ 12 | -e XTRABACKUP_PASSWORD=Theistare \ 13 | percona/percona-xtradb-cluster 14 | #--general-log=1 --general_log_file=/var/lib/mysql/general.log 15 | echo "Started $(docker ps -l -q)" 16 | 17 | # --wsrep_cluster_address="gcomm://$QCOMM" 18 | -------------------------------------------------------------------------------- /pxc-k8s/ubuntu/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM debian:jessie 2 | MAINTAINER Percona Development 3 | LABEL vendor=Percona 4 | LABEL com.percona.package="Percona XtraDB Cluster" 5 | LABEL com.percona.version="5.7" 6 | LABEL io.k8s.description="Percona XtraDB Cluster is an active/active high availability and high scalability open source solution for MySQL clustering" 7 | LABEL io.k8s.display-name="Percona XtraDB Cluster 5.7" 8 | 9 | 10 | RUN apt-get update && apt-get install -y --no-install-recommends \ 11 | apt-transport-https ca-certificates \ 12 | pwgen \ 13 | && rm -rf /var/lib/apt/lists/* 14 | 15 | RUN apt-key adv --keyserver ha.pool.sks-keyservers.net --recv-keys 8507EFA5 16 | RUN echo 'deb https://repo.percona.com/apt jessie testing' > /etc/apt/sources.list.d/percona.list 17 | 18 | # the numeric UID is needed for OpenShift 19 | RUN useradd -u 1001 -r -g 0 -s /sbin/nologin \ 20 | -c "Default Application User" mysql 21 | 22 | ENV PERCONA_MAJOR 5.7 23 | ENV PERCONA_VERSION 5.7.18-16-4.jessie 24 | 25 | # the "/var/lib/mysql" stuff here is because the mysql-server postinst doesn't have an explicit way to disable the mysql_install_db codepath besides having a database already "configured" (ie, stuff in /var/lib/mysql/mysql) 26 | # also, we set debconf keys to make APT a little quieter 27 | RUN apt-get update \ 28 | && DEBIAN_FRONTEND=noninteractive apt-get install -y --force-yes \ 29 | percona-xtradb-cluster-57 curl pmm-client \ 30 | && rm -rf /var/lib/apt/lists/* \ 31 | && mv /etc/mysql/percona-xtradb-cluster.conf.d/mysqld.cnf /etc/mysql/my.cnf \ 32 | # comment out any "user" entires in the MySQL config ("docker-entrypoint.sh" or "--user" will handle user switching) 33 | && sed -ri 's/^user\s/#&/' /etc/mysql/my.cnf \ 34 | # purge and re-create /var/lib/mysql with appropriate ownership 35 | && rm -rf /var/lib/mysql && mkdir -p /var/lib/mysql /var/run/mysqld \ 36 | && chown -R 1001:0 /var/lib/mysql /var/run/mysqld /etc/mysql/conf.d/ && chmod -R g+w /etc/mysql/conf.d/ \ 37 | # ensure that /var/run/mysqld (used for socket and lock files) is writable regardless of the UID our mysqld instance ends up having at runtime 38 | && chmod 777 /var/run/mysqld 39 | 40 | # comment out a few problematic configuration values 41 | # don't reverse lookup hostnames, they are usually another container 42 | RUN sed -Ei 's/^(bind-address|log)/#&/' /etc/mysql/my.cnf \ 43 | && echo 'skip-host-cache\nskip-name-resolve' | awk '{ print } $1 == "[mysqld]" && c == 0 { c = 1; system("cat") }' /etc/mysql/my.cnf > /tmp/my.cnf \ 44 | && mv /tmp/my.cnf /etc/mysql/my.cnf 45 | 46 | VOLUME ["/var/lib/mysql", "/var/log/mysql"] 47 | 48 | RUN sed -Ei '/log-error/s/^/#/g' -i /etc/mysql/my.cnf 49 | 50 | ADD node.cnf /etc/mysql/conf.d/node.cnf 51 | RUN echo '!include /etc/mysql/conf.d/node.cnf' >> /etc/mysql/my.cnf 52 | 53 | COPY entrypoint.sh /entrypoint.sh 54 | COPY dockerdir / 55 | 56 | EXPOSE 3306 4567 4568 57 | 58 | ENTRYPOINT ["/entrypoint.sh"] 59 | 60 | USER 1001 61 | 62 | CMD [""] 63 | 64 | -------------------------------------------------------------------------------- /pxc-k8s/ubuntu/entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | set -e 3 | 4 | USER_ID=$(id -u) 5 | 6 | # if command starts with an option, prepend mysqld 7 | if [ "${1:0:1}" = '-' ]; then 8 | CMDARG="$@" 9 | fi 10 | 11 | 12 | if [ -z "$POD_NAMESPACE" ]; then 13 | echo >&2 'Error: You need to specify POD_NAMESPACE' 14 | exit 1 15 | else 16 | # Is running in Kubernetes/OpenShift, so find all other pods 17 | # belonging to the namespace 18 | echo "Percona XtraDB Cluster: Finding peers" 19 | K8S_SVC_NAME=$(hostname -f | cut -d"." -f2) 20 | echo "Using service name: ${K8S_SVC_NAME}" 21 | /usr/bin/peer-finder -on-start="/usr/bin/configure-pxc.sh" -service=${K8S_SVC_NAME} 22 | fi 23 | # Get config 24 | DATADIR="$("mysqld" --verbose --wsrep_provider= --help 2>/dev/null | awk '$1 == "datadir" { print $2; exit }')" 25 | 26 | # if we have CLUSTER_JOIN - then we do not need to perform datadir initialize 27 | # the data will be copied from another node 28 | WSREP_CLUSTER_ADDRESS=`cat /tmp/cluster_addr.txt` 29 | echo "Cluster address set to: $WSREP_CLUSTER_ADDRESS" 30 | 31 | if [ -z "$WSREP_CLUSTER_ADDRESS" ]; then 32 | 33 | if [ ! -e "$DATADIR/mysql" ]; then 34 | if [ -z "$MYSQL_ROOT_PASSWORD" -a -z "$MYSQL_ALLOW_EMPTY_PASSWORD" -a -z "$MYSQL_RANDOM_ROOT_PASSWORD" -a -z "$MYSQL_ROOT_PASSWORD_FILE" ]; then 35 | echo >&2 'error: database is uninitialized and password option is not specified ' 36 | echo >&2 ' You need to specify one of MYSQL_ROOT_PASSWORD, MYSQL_ROOT_PASSWORD_FILE, MYSQL_ALLOW_EMPTY_PASSWORD or MYSQL_RANDOM_ROOT_PASSWORD' 37 | exit 1 38 | fi 39 | 40 | if [ ! -z "$MYSQL_ROOT_PASSWORD_FILE" -a -z "$MYSQL_ROOT_PASSWORD" ]; then 41 | MYSQL_ROOT_PASSWORD=$(cat $MYSQL_ROOT_PASSWORD_FILE) 42 | fi 43 | mkdir -p "$DATADIR" 44 | 45 | echo "Running --initialize-insecure on $DATADIR" 46 | ls -lah $DATADIR 47 | mysqld --initialize-insecure 48 | echo 'Finished --initialize-insecure' 49 | 50 | mysqld --user=mysql --datadir="$DATADIR" --skip-networking & 51 | pid="$!" 52 | 53 | mysql=( mysql --protocol=socket -uroot ) 54 | 55 | for i in {30..0}; do 56 | if echo 'SELECT 1' | "${mysql[@]}" &> /dev/null; then 57 | break 58 | fi 59 | echo 'MySQL init process in progress...' 60 | sleep 1 61 | done 62 | if [ "$i" = 0 ]; then 63 | echo >&2 'MySQL init process failed.' 64 | exit 1 65 | fi 66 | 67 | # sed is for https://bugs.mysql.com/bug.php?id=20545 68 | mysql_tzinfo_to_sql /usr/share/zoneinfo | sed 's/Local time zone must be set--see zic manual page/FCTY/' | "${mysql[@]}" mysql 69 | if [ ! -z "$MYSQL_RANDOM_ROOT_PASSWORD" ]; then 70 | MYSQL_ROOT_PASSWORD="$(pwmake 128)" 71 | echo "GENERATED ROOT PASSWORD: $MYSQL_ROOT_PASSWORD" 72 | fi 73 | "${mysql[@]}" <<-EOSQL 74 | -- What's done in this file shouldn't be replicated 75 | -- or products like mysql-fabric won't work 76 | SET @@SESSION.SQL_LOG_BIN=0; 77 | CREATE USER 'root'@'%' IDENTIFIED BY '${MYSQL_ROOT_PASSWORD}' ; 78 | GRANT ALL ON *.* TO 'root'@'%' WITH GRANT OPTION ; 79 | ALTER USER 'root'@'localhost' IDENTIFIED BY '${MYSQL_ROOT_PASSWORD}'; 80 | CREATE USER 'xtrabackup'@'localhost' IDENTIFIED BY '$XTRABACKUP_PASSWORD'; 81 | GRANT RELOAD,PROCESS,LOCK TABLES,REPLICATION CLIENT ON *.* TO 'xtrabackup'@'localhost'; 82 | GRANT REPLICATION CLIENT ON *.* TO monitor@'%' IDENTIFIED BY 'monitor'; 83 | GRANT PROCESS ON *.* TO monitor@localhost IDENTIFIED BY 'monitor'; 84 | DROP DATABASE IF EXISTS test ; 85 | FLUSH PRIVILEGES ; 86 | EOSQL 87 | if [ ! -z "$MYSQL_ROOT_PASSWORD" ]; then 88 | mysql+=( -p"${MYSQL_ROOT_PASSWORD}" ) 89 | fi 90 | 91 | if [ "$MYSQL_DATABASE" ]; then 92 | echo "CREATE DATABASE IF NOT EXISTS \`$MYSQL_DATABASE\` ;" | "${mysql[@]}" 93 | mysql+=( "$MYSQL_DATABASE" ) 94 | fi 95 | 96 | if [ "$MYSQL_USER" -a "$MYSQL_PASSWORD" ]; then 97 | echo "CREATE USER '"$MYSQL_USER"'@'%' IDENTIFIED BY '"$MYSQL_PASSWORD"' ;" | "${mysql[@]}" 98 | 99 | if [ "$MYSQL_DATABASE" ]; then 100 | echo "GRANT ALL ON \`"$MYSQL_DATABASE"\`.* TO '"$MYSQL_USER"'@'%' ;" | "${mysql[@]}" 101 | fi 102 | 103 | echo 'FLUSH PRIVILEGES ;' | "${mysql[@]}" 104 | fi 105 | 106 | if [ ! -z "$MYSQL_ONETIME_PASSWORD" ]; then 107 | "${mysql[@]}" <<-EOSQL 108 | ALTER USER 'root'@'%' PASSWORD EXPIRE; 109 | EOSQL 110 | fi 111 | if ! kill -s TERM "$pid" || ! wait "$pid"; then 112 | echo >&2 'MySQL init process failed.' 113 | exit 1 114 | fi 115 | 116 | echo 117 | echo 'MySQL init process done. Ready for start up.' 118 | echo 119 | #mv /etc/my.cnf $DATADIR 120 | fi 121 | fi 122 | 123 | #--log-error=${DATADIR}error.log 124 | exec mysqld --user=mysql --wsrep_sst_auth="xtrabackup:$XTRABACKUP_PASSWORD" $CMDARG 125 | sleep 1000 126 | 127 | -------------------------------------------------------------------------------- /pxc-k8s/ubuntu/node.cnf: -------------------------------------------------------------------------------- 1 | [mysqld] 2 | 3 | datadir=/var/lib/mysql 4 | 5 | default_storage_engine=InnoDB 6 | binlog_format=ROW 7 | 8 | innodb_flush_log_at_trx_commit = 0 9 | innodb_flush_method = O_DIRECT 10 | innodb_file_per_table = 1 11 | innodb_autoinc_lock_mode=2 12 | 13 | bind_address = 0.0.0.0 14 | 15 | wsrep_slave_threads=2 16 | wsrep_cluster_address=gcomm:// 17 | wsrep_provider=/usr/lib/galera3/libgalera_smm.so 18 | 19 | wsrep_cluster_name=Theistareykjarbunga 20 | 21 | wsrep_sst_method=xtrabackup-v2 22 | wsrep_sst_auth="root:" 23 | -------------------------------------------------------------------------------- /pxc_proxy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | annotations: 5 | service.alpha.kubernetes.io/tolerate-unready-endpoints: "true" 6 | name: pxc 7 | labels: 8 | app: mysql 9 | spec: 10 | ports: 11 | - port: 3306 12 | name: mysql 13 | clusterIP: None 14 | selector: 15 | app: mysql 16 | --- 17 | apiVersion: apps/v1beta1 18 | kind: StatefulSet 19 | metadata: 20 | name: mysql 21 | spec: 22 | serviceName: "pxc" 23 | replicas: 3 24 | template: 25 | metadata: 26 | labels: 27 | app: mysql 28 | annotations: 29 | pod.alpha.kubernetes.io/initialized: "true" 30 | spec: 31 | containers: 32 | - name: mysql 33 | image: perconalab/pxc-k8s:latest 34 | imagePullPolicy: Always 35 | ports: 36 | - containerPort: 3306 37 | name: mysql 38 | - containerPort: 4444 39 | name: sst 40 | - containerPort: 4567 41 | name: replication 42 | - containerPort: 4568 43 | name: ist 44 | readinessProbe: 45 | exec: 46 | command: 47 | - /usr/bin/clustercheck.sh 48 | initialDelaySeconds: 15 49 | timeoutSeconds: 15 50 | periodSeconds: 15 51 | failureThreshold: 5 52 | volumeMounts: 53 | - name: datadir 54 | mountPath: /var/lib/mysql 55 | subPath: data 56 | env: 57 | - name: MYSQL_ROOT_PASSWORD 58 | valueFrom: 59 | secretKeyRef: 60 | name: mysql-passwords 61 | key: root 62 | - name: XTRABACKUP_PASSWORD 63 | valueFrom: 64 | secretKeyRef: 65 | name: mysql-passwords 66 | key: xtrabackup 67 | - name: MONITOR_PASSWORD 68 | valueFrom: 69 | secretKeyRef: 70 | name: mysql-passwords 71 | key: monitor 72 | - name: CLUSTERCHECK_PASSWORD 73 | valueFrom: 74 | secretKeyRef: 75 | name: mysql-passwords 76 | key: clustercheck 77 | - name: POD_NAMESPACE 78 | valueFrom: 79 | fieldRef: 80 | apiVersion: v1 81 | fieldPath: metadata.namespace 82 | volumeClaimTemplates: 83 | - metadata: 84 | name: datadir 85 | spec: 86 | accessModes: [ "ReadWriteOnce" ] 87 | resources: 88 | requests: 89 | storage: 5Gi 90 | --- 91 | apiVersion: apps/v1beta1 92 | kind: StatefulSet 93 | metadata: 94 | name: proxysql 95 | app: proxysql-app 96 | spec: 97 | serviceName: "proxysql" 98 | replicas: 1 99 | selector: 100 | front: proxysql 101 | template: 102 | metadata: 103 | name: proxysql 104 | labels: 105 | app: proxysql 106 | front: proxysql 107 | spec: 108 | containers: 109 | - name: proxysql 110 | image: perconalab/proxysql-k8s:latest 111 | ports: 112 | - containerPort: 3306 113 | name: mysql 114 | - containerPort: 6032 115 | name: proxyadm 116 | volumeMounts: 117 | - name: proxydata 118 | mountPath: /var/lib/proxysql 119 | subPath: data 120 | env: 121 | - name: CLUSTER_NAME 122 | valueFrom: 123 | fieldRef: 124 | apiVersion: v1 125 | fieldPath: metadata.namespace 126 | - name: MYSQL_ROOT_PASSWORD 127 | valueFrom: 128 | secretKeyRef: 129 | name: mysql-passwords 130 | key: root 131 | - name: MYSQL_PROXY_USER 132 | value: "proxyuser" 133 | - name: MYSQL_PROXY_PASSWORD 134 | valueFrom: 135 | secretKeyRef: 136 | name: mysql-passwords 137 | key: proxyuser 138 | - name: PEERS 139 | value: mysql-0.pxc,mysql-1.pxc,mysql-2.pxc 140 | lifecycle: 141 | postStart: 142 | exec: 143 | command: ["/usr/bin/add_cluster_nodes.sh"] 144 | volumeClaimTemplates: 145 | - metadata: 146 | name: proxydata 147 | spec: 148 | accessModes: [ "ReadWriteOnce" ] 149 | resources: 150 | requests: 151 | storage: 2Gi 152 | --- 153 | apiVersion: v1 154 | kind: Service 155 | metadata: 156 | labels: 157 | app: proxysql 158 | name: sql 159 | spec: 160 | ports: 161 | - name: mysql 162 | port: 3306 163 | protocol: TCP 164 | targetPort: 3306 165 | - name: proxyadm 166 | port: 6032 167 | protocol: TCP 168 | targetPort: 6032 169 | selector: 170 | front: proxysql 171 | -------------------------------------------------------------------------------- /pxc_proxy_cleartext.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | annotations: 5 | service.alpha.kubernetes.io/tolerate-unready-endpoints: "true" 6 | name: pxc 7 | labels: 8 | app: mysql 9 | spec: 10 | ports: 11 | - port: 3306 12 | name: mysql 13 | clusterIP: None 14 | selector: 15 | app: mysql 16 | --- 17 | apiVersion: apps/v1beta1 18 | kind: StatefulSet 19 | metadata: 20 | name: mysql 21 | spec: 22 | serviceName: "pxc" 23 | replicas: 3 24 | template: 25 | metadata: 26 | labels: 27 | app: mysql 28 | annotations: 29 | pod.alpha.kubernetes.io/initialized: "true" 30 | spec: 31 | containers: 32 | - name: mysql 33 | image: perconalab/pxc-k8s:latest 34 | imagePullPolicy: Always 35 | ports: 36 | - containerPort: 3306 37 | name: mysql 38 | - containerPort: 4444 39 | name: sst 40 | - containerPort: 4567 41 | name: replication 42 | - containerPort: 4568 43 | name: ist 44 | readinessProbe: 45 | exec: 46 | command: 47 | - /usr/bin/clustercheck.sh 48 | initialDelaySeconds: 15 49 | timeoutSeconds: 15 50 | periodSeconds: 15 51 | failureThreshold: 5 52 | volumeMounts: 53 | - name: datadir 54 | mountPath: /var/lib/mysql 55 | subPath: data 56 | env: 57 | - name: MYSQL_ROOT_PASSWORD 58 | value: "root_password" 59 | - name: XTRABACKUP_PASSWORD 60 | value: "backup_password" 61 | - name: POD_NAMESPACE 62 | valueFrom: 63 | fieldRef: 64 | apiVersion: v1 65 | fieldPath: metadata.namespace 66 | volumeClaimTemplates: 67 | - metadata: 68 | name: datadir 69 | spec: 70 | accessModes: [ "ReadWriteOnce" ] 71 | resources: 72 | requests: 73 | storage: 5Gi 74 | --- 75 | apiVersion: apps/v1beta1 76 | kind: StatefulSet 77 | metadata: 78 | name: proxysql 79 | app: proxysql-app 80 | spec: 81 | replicas: 1 82 | selector: 83 | front: proxysql 84 | template: 85 | metadata: 86 | name: proxysql 87 | labels: 88 | app: proxysql 89 | front: proxysql 90 | spec: 91 | containers: 92 | - name: proxysql 93 | image: perconalab/proxysql-k8s:latest 94 | ports: 95 | - containerPort: 3306 96 | name: mysql 97 | - containerPort: 6032 98 | name: proxyadm 99 | volumeMounts: 100 | - name: proxydata 101 | mountPath: /var/lib/proxysql 102 | subPath: data 103 | env: 104 | - name: CLUSTER_NAME 105 | valueFrom: 106 | fieldRef: 107 | apiVersion: v1 108 | fieldPath: metadata.namespace 109 | - name: MYSQL_ROOT_PASSWORD 110 | value: "root_password" 111 | - name: MYSQL_PROXY_USER 112 | value: "proxyuser" 113 | - name: MYSQL_PROXY_PASSWORD 114 | value: "s3cret" 115 | - name: PEERS 116 | value: mysql-0.pxc,mysql-1.pxc,mysql-2.pxc 117 | lifecycle: 118 | postStart: 119 | exec: 120 | command: ["add_cluster_nodes.sh"] 121 | volumeClaimTemplates: 122 | - metadata: 123 | name: proxydata 124 | spec: 125 | accessModes: [ "ReadWriteOnce" ] 126 | resources: 127 | requests: 128 | storage: 2Gi 129 | --- 130 | apiVersion: v1 131 | kind: Service 132 | metadata: 133 | labels: 134 | app: proxysql 135 | name: sql 136 | spec: 137 | ports: 138 | - name: mysql 139 | port: 3306 140 | protocol: TCP 141 | targetPort: 3306 142 | - name: proxyadm 143 | port: 6032 144 | protocol: TCP 145 | targetPort: 6032 146 | selector: 147 | front: proxysql 148 | -------------------------------------------------------------------------------- /secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: mysql-passwords 5 | type: Opaque 6 | data: 7 | root: cm9vdF9wYXNzd29yZA== 8 | xtrabackup: YmFja3VwX3Bhc3N3b3Jk 9 | monitor: bW9uaXRvcg== 10 | clustercheck: Y2x1c3RlcmNoZWNrcGFzc3dvcmQ= 11 | proxyuser: czNjcmV0 12 | --------------------------------------------------------------------------------