jmhbnz/charts
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
9c7baecfbd4023526d8e07f60dfb4d61627ecbc2
charts/gitea/charts/mysql/templates/master-statefulset.yaml

288 lines
12 KiB
YAML
Raw Blame History

apiVersion: apps/v1
kind: StatefulSet
metadata:
name: {{ template "mysql.master.fullname" . }}
labels: {{- include "mysql.labels" . | nindent 4 }}
component: master
spec:
selector:
matchLabels: {{- include "mysql.matchLabels" . | nindent 6 }}
component: master
serviceName: {{ template "mysql.master.fullname" . }}
replicas: 1
updateStrategy:
type: {{ .Values.master.updateStrategy.type }}
{{- if (eq "Recreate" .Values.master.updateStrategy.type) }}
rollingUpdate: null
{{- end }}
template:
metadata:
labels: {{- include "mysql.labels" . | nindent 8 }}
component: master
{{- if .Values.master.podAnnotations }}
annotations: {{ include "mysql.tplValue" ( dict "value" .Values.master.podAnnotations "context" $) | nindent 8 }}
{{- end }}
spec:
{{- include "mysql.imagePullSecrets" . | indent 6 }}
{{- if .Values.master.affinity }}
affinity: {{- include "mysql.tplValue" (dict "value" .Values.master.affinity "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.master.nodeSelector }}
nodeSelector: {{- include "mysql.tplValue" (dict "value" .Values.master.nodeSelector "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.master.tolerations }}
tolerations: {{- include "mysql.tplValue" (dict "value" .Values.master.tolerations "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.master.securityContext.enabled }}
securityContext:
fsGroup: {{ .Values.master.securityContext.fsGroup }}
runAsUser: {{ .Values.master.securityContext.runAsUser }}
{{- end }}
serviceAccountName: {{ template "mysql.serviceAccountName" . }}
{{- if and .Values.volumePermissions.enabled .Values.master.persistence.enabled }}
initContainers:
- name: volume-permissions
image: {{ template "mysql.volumePermissions.image" . }}
imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }}
command:
- /bin/bash
- -ec
- |
chown -R {{ .Values.master.securityContext.runAsUser }}:{{ .Values.master.securityContext.fsGroup }} {{ .Values.master.persistence.mountPath }}
securityContext:
runAsUser: 0
{{- if .Values.volumePermissions.resources }}
resources: {{- toYaml .Values.volumePermissions.resources | nindent 12 }}
{{- end }}
volumeMounts:
- name: data
mountPath: {{ .Values.master.persistence.mountPath }}
{{- end }}
containers:
- name: mysql
image: {{ template "mysql.image" . }}
imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
{{- if .Values.master.containerSecurityContext }}
securityContext: {{- toYaml .Values.master.containerSecurityContext | nindent 12 }}
{{- end }}
env:
- name: BITNAMI_DEBUG
value: {{ ternary "true" "false" .Values.image.debug | quote }}
{{- if .Values.root.injectSecretsAsVolume }}
- name: MYSQL_ROOT_PASSWORD_FILE
value: "/opt/bitnami/mysql/secrets/mysql-root-password"
{{- else }}
- name: MYSQL_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: {{ template "mysql.secretName" . }}
key: mysql-root-password
{{- end }}
{{- if .Values.db.user }}
- name: MYSQL_USER
value: {{ .Values.db.user | quote }}
{{- if .Values.db.injectSecretsAsVolume }}
- name: MYSQL_PASSWORD_FILE
value: "/opt/bitnami/mysql/secrets/mysql-password"
{{- else }}
- name: MYSQL_PASSWORD
valueFrom:
secretKeyRef:
name: {{ template "mysql.secretName" . }}
key: mysql-password
{{- end }}
{{- end }}
- name: MYSQL_DATABASE
value: {{ .Values.db.name | quote }}
{{- if .Values.replication.enabled }}
- name: MYSQL_REPLICATION_MODE
value: "master"
- name: MYSQL_REPLICATION_USER
value: {{ .Values.replication.user | quote }}
{{- if .Values.replication.injectSecretsAsVolume }}
- name: MYSQL_REPLICATION_PASSWORD_FILE
value: "/opt/bitnami/mysql/secrets/mysql-replication-password"
{{- else }}
- name: MYSQL_REPLICATION_PASSWORD
valueFrom:
secretKeyRef:
name: {{ template "mysql.secretName" . }}
key: mysql-replication-password
{{- end }}
{{- end }}
{{- if .Values.master.extraEnvVars }}
{{- include "mysql.tplValue" (dict "value" .Values.master.extraEnvVars "context" $) | nindent 12 }}
{{- end }}
{{- if or .Values.master.extraEnvVarsCM .Values.master.extraEnvVarsSecret }}
envFrom:
{{- if .Values.master.extraEnvVarsCM }}
- configMapRef:
name: {{ .Values.master.extraEnvVarsCM }}
{{- end }}
{{- if .Values.master.extraEnvVarsSecret }}
- secretRef:
name: {{ .Values.master.extraEnvVarsSecret }}
{{- end }}
{{- end }}
ports:
- name: mysql
containerPort: 3306
{{- if .Values.master.livenessProbe.enabled }}
livenessProbe:
exec:
command:
- sh
- -c
- |
password_aux="${MYSQL_ROOT_PASSWORD:-}"
if [ -f "${MYSQL_ROOT_PASSWORD_FILE:-}" ]; then
password_aux=$(cat $MYSQL_ROOT_PASSWORD_FILE)
fi
mysqladmin status -uroot -p$password_aux
initialDelaySeconds: {{ .Values.master.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.master.livenessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.master.livenessProbe.timeoutSeconds }}
successThreshold: {{ .Values.master.livenessProbe.successThreshold }}
failureThreshold: {{ .Values.master.livenessProbe.failureThreshold }}
{{- end }}
{{- if .Values.master.readinessProbe.enabled }}
readinessProbe:
exec:
command:
- sh
- -c
- |
password_aux="${MYSQL_ROOT_PASSWORD:-}"
if [ -f "${MYSQL_ROOT_PASSWORD_FILE:-}" ]; then
password_aux=$(cat $MYSQL_ROOT_PASSWORD_FILE)
fi
mysqladmin status -uroot -p$password_aux
initialDelaySeconds: {{ .Values.master.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.master.readinessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.master.readinessProbe.timeoutSeconds }}
successThreshold: {{ .Values.master.readinessProbe.successThreshold }}
failureThreshold: {{ .Values.master.readinessProbe.failureThreshold }}
{{- end }}
{{- if .Values.master.resources }}
resources: {{- toYaml .Values.master.resources | nindent 12 }}
{{- end }}
volumeMounts:
- name: data
mountPath: {{ .Values.master.persistence.mountPath }}
{{- if or (.Files.Glob "files/docker-entrypoint-initdb.d/*.{sh,sql,sql.gz}") .Values.initdbScriptsConfigMap .Values.initdbScripts }}
- name: custom-init-scripts
mountPath: /docker-entrypoint-initdb.d
{{- end }}
{{- if .Values.master.config }}
- name: config
mountPath: /opt/bitnami/mysql/conf/my.cnf
subPath: my.cnf
{{- end }}
{{- if or .Values.root.injectSecretsAsVolume .Values.db.injectSecretsAsVolume .Values.replication.injectSecretsAsVolume }}
- name: mysql-credentials
mountPath: /opt/bitnami/mysql/secrets/
{{- end }}
{{- if .Values.metrics.enabled }}
- name: metrics
image: {{ template "mysql.metrics.image" . }}
imagePullPolicy: {{ .Values.metrics.image.pullPolicy | quote }}
env:
{{- if .Values.root.injectSecretsAsVolume }}
- name: MYSQL_ROOT_PASSWORD_FILE
value: "/opt/bitnami/mysqld-exporter/secrets/mysql-root-password"
{{- else }}
- name: MYSQL_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: {{ template "mysql.secretName" . }}
key: mysql-root-password
{{- end }}
command:
- /bin/sh
- -c
- |
password_aux="${MYSQL_ROOT_PASSWORD:-}"
if [ -f "${MYSQL_ROOT_PASSWORD_FILE:-}" ]; then
password_aux=$(cat $MYSQL_ROOT_PASSWORD_FILE)
fi
DATA_SOURCE_NAME="root:${password_aux}@(localhost:3306)/" /bin/mysqld_exporter
ports:
- name: metrics
containerPort: 9104
livenessProbe:
httpGet:
path: /metrics
port: metrics
initialDelaySeconds: 15
timeoutSeconds: 5
readinessProbe:
httpGet:
path: /metrics
port: metrics
initialDelaySeconds: 5
timeoutSeconds: 1
{{- if .Values.metrics.resources }}
resources: {{- toYaml .Values.metrics.resources | nindent 12 }}
{{- end }}
{{- if or .Values.root.injectSecretsAsVolume }}
volumeMounts:
- name: mysql-credentials
mountPath: /opt/bitnami/mysqld-exporter/secrets/
{{- end }}
{{- end }}
volumes:
{{- if .Values.master.config }}
- name: config
configMap:
name: {{ template "mysql.master.fullname" . }}
{{- end }}
{{- if or (.Files.Glob "files/docker-entrypoint-initdb.d/*.{sh,sql,sql.gz}") .Values.initdbScriptsConfigMap .Values.initdbScripts }}
- name: custom-init-scripts
configMap:
name: {{ template "mysql.initdbScriptsCM" . }}
{{- end }}
{{- if or .Values.root.injectSecretsAsVolume .Values.db.injectSecretsAsVolume .Values.replication.injectSecretsAsVolume }}
- name: mysql-credentials
secret:
secretName: {{ template "mysql.fullname" . }}
items:
{{- if .Values.db.injectSecretsAsVolume }}
- key: mysql-password
path: mysql-password
{{- end }}
{{- if .Values.root.injectSecretsAsVolume }}
- key: mysql-root-password
path: mysql-root-password
{{- end }}
{{- if .Values.replication.injectSecretsAsVolume }}
- key: mysql-replication-password
path: mysql-replication-password
{{- end }}
{{- end }}
{{- if not .Values.master.persistence.enabled }}
- name: "data"
emptyDir: {}
{{- else if and .Values.master.persistence.enabled .Values.master.persistence.existingClaim }}
- name: "data"
persistentVolumeClaim:
claimName: {{ .Values.master.persistence.existingClaim }}
{{- else if and .Values.master.persistence.enabled (not .Values.master.persistence.existingClaim) }}
volumeClaimTemplates:
- metadata:
name: data
labels:
app: {{ template "mysql.name" . }}
component: master
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
spec:
accessModes:
{{- range .Values.master.persistence.accessModes }}
- {{ . | quote }}
{{- end }}
resources:
requests:
storage: {{ .Values.master.persistence.size | quote }}
{{ include "mysql.master.storageClass" . }}
{{- end }}
Reference in New Issue View Git Blame Copy Permalink