Kezdőlap Felfedezés Súgó
Regisztráció Bejelentkezés
lcy
/
truenas
1
0
Másolás 0
Fájlok Problémák 0 Beolvasztási kérések 0 Wiki
Fa: 8bd4f3281d
Branch-ok Tag-ek
truenas
/
library
/
common
/
templates
/
app_functions
/
_mariadb.tpl

_mariadb.tpl 6.4 KB
Előzmények Nyers

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182 
  1. {{/* Returns a mariadb pod with init container for fixing permissions
    2. 

  2. and a pre-upgrade job to backup the database */}}
    3. 

  3. {{/* Call this template:
    4. 

  4. {{ include "ix.v1.common.app.mariadb" (dict "name" "mariadb" "secretName" "mariadb-creds" "backupPath" "/mariadb_backup" "resources" .Values.resources) }}
    5. 

  5. 

  6. name (optional): Name of the mariadb pod/container (default: mariadb)
    7. 

  7. secretName (required): Name of the secret containing the mariadb credentials
    8. 

  8. backupPath (optional): Path to store the backup, it's the container's path (default: /mariadb_backup)
    9. 

  9. resources (required): Resources for the mariadb container
    10. 

  10. backupChownMode (optional): Whether to chown the backup directory or
    11. 

  11.           check parent directory permissions and fix them if needed.
    12. 

  12.           (default: check) Valid values: always, check
    13. 

  13. */}}
    14. 

  14. {{- define "ix.v1.common.app.mariadb" -}}
    15. 

  15.   {{- $name := .name | default "mariadb" -}}
    16. 

  16.   {{- $secretName := (required "MariaDB - Secret Name is required" .secretName) -}}
    17. 

  17.   {{- $backupPath := .backupPath | default "/mariadb_backup" -}}
    18. 

  18.   {{- $backupChownMode := .backupChownMode | default "check" -}}
    19. 

  19.   {{- $ixChartContext := .ixChartContext -}}
    20. 

  20.   {{- $resources := (required "MariadDB - Resources are required" .resources) }}
    21. 

  21. {{ $name }}:
    22. 

  22.   enabled: true
    23. 

  23.   type: Deployment
    24. 

  24.   podSpec:
    25. 

  25.     containers:
    26. 

  26.       {{ $name }}:
    27. 

  27.         enabled: true
    28. 

  28.         primary: true
    29. 

  29.         imageSelector: mariadbImage
    30. 

  30.         securityContext:
    31. 

  31.           runAsUser: 999
    32. 

  32.           runAsGroup: 999
    33. 

  33.           readOnlyRootFilesystem: false
    34. 

  34.         resources:
    35. 

  35.           limits:
    36. 

  36.             cpu: {{ $resources.limits.cpu }}
    37. 

  37.             memory: {{ $resources.limits.memory }}
    38. 

  38.         envFrom:
    39. 

  39.           - secretRef:
    40. 

  40.               name: {{ $secretName }}
    41. 

  41.         probes:
    42. 

  42.           {{- $args := "--user=root --host=localhost --password=$MARIADB_ROOT_PASSWORD" }}
    43. 

  43.           liveness:
    44. 

  44.             enabled: true
    45. 

  45.             type: exec
    46. 

  46.             command:
    47. 

  47.               - sh
    48. 

  48.               - -c
    49. 

  49.               - "until mariadb-admin {{ $args }} ping && mariadb-admin {{ $args }} status; do sleep 2; done"
    50. 

  50.           readiness:
    51. 

  51.             enabled: true
    52. 

  52.             type: exec
    53. 

  53.             command:
    54. 

  54.               - sh
    55. 

  55.               - -c
    56. 

  56.               - "until mariadb-admin {{ $args }} ping && mariadb-admin {{ $args }} status; do sleep 2; done"
    57. 

  57.           startup:
    58. 

  58.             enabled: true
    59. 

  59.             type: exec
    60. 

  60.             command:
    61. 

  61.               - sh
    62. 

  62.               - -c
    63. 

  63.               - "until mariadb-admin {{ $args }} ping && mariadb-admin {{ $args }} status; do sleep 2; done"
    64. 

  64.     initContainers:
    65. 

  65.     {{- include "ix.v1.common.app.permissions" (dict "UID" 999 "GID" 999) | nindent 6 }}
    66. 

  66. 

  67. {{/* Backup Job */}}
    68. 

  68. {{- $enableBackupJob := false -}}
    69. 

  69. {{- if hasKey $ixChartContext "isUpgrade" -}}
    70. 

  70.   {{- if $ixChartContext.isUpgrade -}}
    71. 

  71.     {{- $enableBackupJob = true -}}
    72. 

  72.     {{- if hasKey $ixChartContext "isStopped" -}}
    73. 

  73.       {{- if $ixChartContext.isStopped -}}
    74. 

  74.         {{- fail "Application must be running before upgrade. This is to ensure the database backup will be able to complete." -}}
    75. 

  75.       {{- end -}}
    76. 

  76.     {{- end -}}
    77. 

  77.   {{- end -}}
    78. 

  78. {{- else -}}
    79. 

  79.   {{/*
    80. 

  80.     If the key is not present in ixChartContext,
    81. 

  81.     means we are outside SCALE (Probably CI),
    82. 

  82.     let upgrade job run
    83. 

  83.   */}}
    84. 

  84.   {{- $enableBackupJob = true -}}
    85. 

  85. {{- end }}
    86. 

  86. mariadbbackup:
    87. 

  87.   enabled: {{ $enableBackupJob }}
    88. 

  88.   type: Job
    89. 

  89.   annotations:
    90. 

  90.     "helm.sh/hook": pre-upgrade
    91. 

  91.     "helm.sh/hook-weight": "1"
    92. 

  92.     "helm.sh/hook-delete-policy": hook-succeeded
    93. 

  93.   podSpec:
    94. 

  94.     restartPolicy: Never
    95. 

  95.     containers:
    96. 

  96.       mariadbbackup:
    97. 

  97.         enabled: true
    98. 

  98.         primary: true
    99. 

  99.         imageSelector: mariadbImage
    100. 

  100.         securityContext:
    101. 

  101.           runAsUser: 999
    102. 

  102.           runAsGroup: 999
    103. 

  103.           readOnlyRootFilesystem: false
    104. 

  104.         probes:
    105. 

  105.           liveness:
    106. 

  106.             enabled: false
    107. 

  107.           readiness:
    108. 

  108.             enabled: false
    109. 

  109.           startup:
    110. 

  110.             enabled: false
    111. 

  111.         resources:
    112. 

  112.           limits:
    113. 

  113.             cpu: 2000m
    114. 

  114.             memory: 2Gi
    115. 

  115.         envFrom:
    116. 

  116.           - secretRef:
    117. 

  117.               name: {{ $secretName }}
    118. 

  118.         command:
    119. 

  119.           - sh
    120. 

  120.           - -c
    121. 

  121.           - |
    122. 

  122.             until mariadb-admin --user=root --host="${MARIADB_HOST}" --password="${MARIADB_ROOT_PASSWORD}" --connect-timeout=5 ping
    123. 

  123.               do
    124. 

  124.                 echo "Waiting for mariadb to be ready. Sleeping 2 seconds"
    125. 

  125.                 sleep 2s
    126. 

  126.             done
    127. 

  127.             until mariadb-admin --user=root --host="${MARIADB_HOST}" --password="${MARIADB_ROOT_PASSWORD}" --connect-timeout=5 status
    128. 

  128.               do
    129. 

  129.                 echo "Waiting for mariadb to be alive. Sleeping 2 seconds"
    130. 

  130.                 sleep 2s
    131. 

  131.             done
    132. 

  132. 

  133.             echo "Creating backup of ${MARIADB_DATABASE} database"
    134. 

  134. 

  135.             mariadb-dump ${MARIADB_DATABASE} --host="${MARIADB_HOST}" \
    136. 

  136.                          --user=root --password="${MARIADB_ROOT_PASSWORD}" \
    137. 

  137.                          > {{ $backupPath }}/${MARIADB_DATABASE}_$(date +%Y-%m-%d_%H-%M-%S).sql \
    138. 

  138.                          || echo "Failed to create backup"
    139. 

  139. 

  140.             echo "Backup finished"
    141. 

  141.     initContainers:
    142. 

  142.     {{- include "ix.v1.common.app.permissions" (dict "UID" 999 "GID" 999 "type" "init" "mode" $backupChownMode) | nindent 6 }}
    143. 

  143. {{- end -}}
    144. 

  144. 

  145. 

  146. {{/* Returns a mariadb-wait container for waiting for mariadb to be ready */}}
    147. 

  147. {{/* Call this template:
    148. 

  148. {{ include "ix.v1.common.app.mariadbWait" (dict "name" "mariadb-wait" "secretName" "mariadb-creds") }}
    149. 

  149. 

  150. name (optional): Name of the mariadb-wait container (default: mariadb-wait)
    151. 

  151. secretName (required): Name of the secret containing the mariadb credentials
    152. 

  152. */}}
    153. 

  153. {{- define "ix.v1.common.app.mariadbWait" -}}
    154. 

  154.   {{- $name := .name | default "mariadb-wait" -}}
    155. 

  155.   {{- $secretName := (required "Mariadb-Wait - Secret Name is required" .secretName) }}
    156. 

  156. {{ $name }}:
    157. 

  157.   enabled: true
    158. 

  158.   type: init
    159. 

  159.   imageSelector: mariadbImage
    160. 

  160.   envFrom:
    161. 

  161.     - secretRef:
    162. 

  162.         name: {{ $secretName }}
    163. 

  163.   resources:
    164. 

  164.     limits:
    165. 

  165.       cpu: 500m
    166. 

  166.       memory: 256Mi
    167. 

  167.   command: bash
    168. 

  168.   args:
    169. 

  169.     - -c
    170. 

  170.     - |
    171. 

  171.       echo "Waiting for mariadb to be ready"
    172. 

  172.       until mariadb-admin --user=root --host="${MARIADB_HOST}" --password="${MARIADB_ROOT_PASSWORD}" --connect-timeout=5 ping
    173. 

  173.         do
    174. 

  174.           echo "Waiting for mariadb to be ready. Sleeping 2 seconds"
    175. 

  175.           sleep 2s
    176. 

  176.       done
    177. 

  177.       until mariadb-admin --user=root --host="${MARIADB_HOST}" --password="${MARIADB_ROOT_PASSWORD}" --connect-timeout=5 status
    178. 

  178.         do
    179. 

  179.           echo "Waiting for mariadb to be alive. Sleeping 2 seconds"
    180. 

  180.           sleep 2s
    181. 

  181.       done
    182. 

  182. {{- end -}}
    183.