cr

1. apiVersion: pxc.percona.com/v1-10-0
2. kind: PerconaXtraDBCluster
3. metadata:
4.   name: testreadonly
5.   finalizers:
6.    - delete-pxc-pods-in-order
7. #    - delete-proxysql-pvc
8. #    - delete-pxc-pvc
9. #  annotations:
10. #    percona.com/issue-vault-token: "true"
11. spec:
12.   crVersion: 1.10.0
13.   secretsName: my-cluster-secrets
14.   vaultSecretName: keyring-secret-vault
15.   sslSecretName: my-cluster-ssl
16.   sslInternalSecretName: my-cluster-ssl-internal
17.   logCollectorSecretName: my-log-collector-secrets
18. #  initImage: percona/percona-xtradb-cluster-operator:1.10.0
19. #  enableCRValidationWebhook: true
20. #  tls:
21. #    SANs:
22. #      - pxc-1.example.com
23. #      - pxc-2.example.com
24. #      - pxc-3.example.com
25. #    issuerConf:
26. #      name: special-selfsigned-issuer
27. #      kind: ClusterIssuer
28. #      group: cert-manager.io
29.   allowUnsafeConfigurations: false
30. #  pause: false
31.   updateStrategy: SmartUpdate
32.   upgradeOptions:
33.     versionServiceEndpoint: https://check.percona.com
34.     apply: Disabled
35.     schedule: "0 3 * * *"
36.   pxc:
37.     size: 3
38.     image: percona/percona-xtradb-cluster:8.0.25-15.1
39.     autoRecovery: true
40. #    expose:
41. #      enabled: true
42. #      type: LoadBalancer
43. #      trafficPolicy: Local
44. #      loadBalancerSourceRanges:
45. #        - 10.0.0.0/8
46. #      annotations:
47. #        networking.gke.io/load-balancer-type: "Internal"
48. #    replicationChannels:
49. #    - name: pxc1_to_pxc2
50. #      isSource: true
51. #    - name: pxc2_to_pxc1
52. #      isSource: false
53. #      configuration:
54. #        sourceRetryCount: 3
55. #        sourceConnectRetry: 60
56. #      sourcesList:
57. #      - host: 10.95.251.101
58. #        port: 3306
59. #        weight: 100
60. #    schedulerName: mycustom-scheduler
61. #    readinessDelaySec: 15
62. #    livenessDelaySec: 600
63.     configuration: |
64.      [mysqld]
65.       super_read_only = ON
66.       read_only = ON
67. #      max_allowed_packet = 200M
68. #      net_read_timeout = 720
69. #      net_write_timeout = 720
70. #      max_connections = 1007
71. #      open_files_limit = 200000
72. #      tmp_table_size = 16M
73. #      max_heap_table_size = 128M
74. #      sort_buffer_size = 1024K
75. #      read_buffer_size = 128K
76. #      read_rnd_buffer_size = 512K
77. #      innodb_write_io_threads = 16
78. #      innodb_read_io_threads = 16
79. #      thread_cache_size = 25
80. #      table_open_cache = 5000
81. #      binlog_cache_size = 1024K
82. #      key_buffer_size = 64M
83. #      binlog_expire_logs_seconds=200000
84. #      join_buffer_size = 2048K
85. #      innodb_buffer_pool_size = 184G
86. #      innodb_log_file_size = 26G
87. #      innodb_buffer_pool_instances = 64
88. #      innodb_flush_log_at_trx_commit = 0
89. #      innodb_temp_data_file_path = ibtmp1:12M:autoextend:max:200G
90. #      default-authentication-plugin=mysql_native_password
91. #      thread_pool_size = 36
92.       #wsrep_slave_threads = 128
93.       #skip-name-resolve=1
94.  
95. #      wsrep_debug=CLIENT
96. #      wsrep_provider_options="gcache.size=1G; gcache.recover=yes"
97. #      [sst]
98. #      xbstream-opts=--decompress
99. #      [xtrabackup]
100. #      compress=lz4
101. #      for PXC 5.7
102. #      [xtrabackup]
103. #      compress
104. #    imagePullSecrets:
105. #      - name: private-registry-credentials
106. #    priorityClassName: high-priority
107. #    annotations:
108. #      iam.amazonaws.com/role: role-arn
109.     labels:
110.       nks-elk: enabled
111.       environment: development
112.       customer: na
113. #      rack: rack-22
114. #    readinessProbes:
115. #      initialDelaySeconds: 15
116. #      timeoutSeconds: 15
117. #      periodSeconds: 30
118. #      successThreshold: 1
119. #      failureThreshold: 5
120. #    livenessProbes:
121. #      initialDelaySeconds: 300
122. #      timeoutSeconds: 5
123. #      periodSeconds: 10
124. #      successThreshold: 1
125. #      failureThreshold: 3
126. #    containerSecurityContext:
127. #      privileged: false
128. #    podSecurityContext:
129. #      runAsUser: 1001
130. #      runAsGroup: 1001
131. #      supplementalGroups: [1001]
132. #    serviceAccountName: percona-xtradb-cluster-operator-workload
133. #    imagePullPolicy: Always
134. #    runtimeClassName: image-rc
135. #    sidecars:
136. #    - image: busybox
137. #      command: ["/bin/sh"]
138. #      args: ["-c", "while true; do trap 'exit 0' SIGINT SIGTERM SIGQUIT SIGKILL; done;"]
139. #      name: my-sidecar-1
140. #      resources:
141. #        requests:
142. #          memory: 100M
143. #          cpu: 100m
144. #        limits:
145. #          memory: 200M
146. #          cpu: 200m
147. #    envVarsSecret: my-env-var-secrets
148.     resources:
149.       requests:
150.         memory: 4G
151.         cpu: 600m
152. #        ephemeral-storage: 1G
153. #      limits:
154. #        memory: 1G
155. #        cpu: "1"
156. #        ephemeral-storage: 1G
157. #    nodeSelector:
158. #      disktype: ssd
159.     affinity:
160.       antiAffinityTopologyKey: "kubernetes.io/hostname"
161. #      advanced:
162. #        nodeAffinity:
163. #          requiredDuringSchedulingIgnoredDuringExecution:
164. #            nodeSelectorTerms:
165. #            - matchExpressions:
166. #              - key: kubernetes.io/e2e-az-name
167. #                operator: In
168. #                values:
169. #                - e2e-az1
170. #                - e2e-az2
171. #    tolerations:
172. #    - key: "node.alpha.kubernetes.io/unreachable"
173. #      operator: "Exists"
174. #      effect: "NoExecute"
175. #      tolerationSeconds: 6000
176.     podDisruptionBudget:
177.       maxUnavailable: 1
178. #      minAvailable: 0
179.     volumeSpec:
180. #      emptyDir: {}
181. #      hostPath:
182. #        path: /data
183. #        type: Directory
184.       persistentVolumeClaim:
185.         storageClassName: openebs-hostpath
186.         volumeName: local-persistentvolume
187.         accessModes: [ "ReadWriteOnce" ]
188.         resources:
189.           requests:
190.             storage: 50G
191.     gracePeriod: 600
192.   haproxy:
193.     enabled: true
194.     size: 3
195.     image: percona/percona-xtradb-cluster-operator:1.10.0-haproxy-8.0.25
196. #    replicasServiceEnabled: false
197. #    imagePullPolicy: Always
198. #    schedulerName: mycustom-scheduler
199. #    configuration: |
200. #
201. #    the actual default configuration file can be found here https://github.com/percona/percona-docker/blob/main/haproxy/dockerdir/etc/haproxy/haproxy-global.cfg
202. #
203. #      global
204. #        maxconn 2048
205. #        external-check
206. #        insecure-fork-wanted
207. #        stats socket /etc/haproxy/pxc/haproxy.sock mode 600 expose-fd listeners level admin
208. #
209. #      defaults
210. #        default-server init-addr last,libc,none
211. #        log global
212. #        mode tcp
213. #        retries 10
214. #        timeout client 28800s
215. #        timeout connect 100500
216. #        timeout server 28800s
217. #
218. #      frontend galera-in
219. #        bind *:3309 accept-proxy
220. #        bind *:3306
221. #        mode tcp
222. #        option clitcpka
223. #        default_backend galera-nodes
224. #
225. #      frontend galera-admin-in
226. #        bind *:33062
227. #        mode tcp
228. #        option clitcpka
229. #        default_backend galera-admin-nodes
230. #
231. #      frontend galera-replica-in
232. #        bind *:3307
233. #        mode tcp
234. #        option clitcpka
235. #        default_backend galera-replica-nodes
236. #
237. #      frontend galera-mysqlx-in
238. #        bind *:33060
239. #        mode tcp
240. #        option clitcpka
241. #        default_backend galera-mysqlx-nodes
242. #
243. #      frontend stats
244. #        bind *:8404
245. #        mode http
246. #        option http-use-htx
247. #        http-request use-service prometheus-exporter if { path /metrics }
248. #    imagePullSecrets:
249. #      - name: private-registry-credentials
250. #    annotations:
251. #      iam.amazonaws.com/role: role-arn
252.     labels:
253.       nks-elk: enabled
254.       environment: development
255.       customer: na
256. #    readinessProbes:
257. #      initialDelaySeconds: 15
258. #      timeoutSeconds: 1
259. #      periodSeconds: 5
260. #      successThreshold: 1
261. #      failureThreshold: 3
262. #    livenessProbes:
263. #      initialDelaySeconds: 60
264. #      timeoutSeconds: 5
265. #      periodSeconds: 30
266. #      successThreshold: 1
267. #      failureThreshold: 4
268. #    serviceType: ClusterIP
269. #    externalTrafficPolicy: Cluster
270. #    replicasServiceType: ClusterIP
271. #    replicasExternalTrafficPolicy: Cluster
272. #    runtimeClassName: image-rc
273. #    sidecars:
274. #    - image: busybox
275. #      command: ["/bin/sh"]
276. #      args: ["-c", "while true; do trap 'exit 0' SIGINT SIGTERM SIGQUIT SIGKILL; done;"]
277. #      name: my-sidecar-1
278. #      resources:
279. #        requests:
280. #          memory: 100M
281. #          cpu: 100m
282. #        limits:
283. #          memory: 200M
284. #          cpu: 200m
285. #    envVarsSecret: my-env-var-secrets
286.     resources:
287.       requests:
288.         memory: 1G
289.         cpu: 600m
290. #      limits:
291. #        memory: 1G
292. #        cpu: 700m
293. #    priorityClassName: high-priority
294. #    nodeSelector:
295. #      disktype: ssd
296. #    sidecarResources:
297. #      requests:
298. #        memory: 1G
299. #        cpu: 500m
300. #      limits:
301. #        memory: 2G
302. #        cpu: 600m
303. #    serviceAccountName: percona-xtradb-cluster-operator-workload
304.     affinity:
305.       antiAffinityTopologyKey: "kubernetes.io/hostname"
306. #      advanced:
307. #        nodeAffinity:
308. #          requiredDuringSchedulingIgnoredDuringExecution:
309. #            nodeSelectorTerms:
310. #            - matchExpressions:
311. #              - key: kubernetes.io/e2e-az-name
312. #                operator: In
313. #                values:
314. #                - e2e-az1
315. #                - e2e-az2
316. #    tolerations:
317. #    - key: "node.alpha.kubernetes.io/unreachable"
318. #      operator: "Exists"
319. #      effect: "NoExecute"
320. #      tolerationSeconds: 6000
321.     podDisruptionBudget:
322.       maxUnavailable: 1
323. #      minAvailable: 0
324.     gracePeriod: 30
325. #    loadBalancerSourceRanges:
326. #      - 10.0.0.0/8
327. #    serviceAnnotations:
328. #      service.beta.kubernetes.io/aws-load-balancer-backend-protocol: http
329.   proxysql:
330.     enabled: false
331.     size: 3
332.     image: percona/percona-xtradb-cluster-operator:1.10.0-proxysql
333. #    imagePullPolicy: Always
334. #    configuration: |
335. #      datadir="/var/lib/proxysql"
336. #
337. #      admin_variables =
338. #      {
339. #        admin_credentials="proxyadmin:admin_password"
340. #        mysql_ifaces="0.0.0.0:6032"
341. #        refresh_interval=2000
342. #
343. #        cluster_username="proxyadmin"
344. #        cluster_password="admin_password"
345. #        checksum_admin_variables=false
346. #        checksum_ldap_variables=false
347. #        checksum_mysql_variables=false
348. #        cluster_check_interval_ms=200
349. #        cluster_check_status_frequency=100
350. #        cluster_mysql_query_rules_save_to_disk=true
351. #        cluster_mysql_servers_save_to_disk=true
352. #        cluster_mysql_users_save_to_disk=true
353. #        cluster_proxysql_servers_save_to_disk=true
354. #        cluster_mysql_query_rules_diffs_before_sync=1
355. #        cluster_mysql_servers_diffs_before_sync=1
356. #        cluster_mysql_users_diffs_before_sync=1
357. #        cluster_proxysql_servers_diffs_before_sync=1
358. #      }
359. #
360. #      mysql_variables=
361. #      {
362. #        monitor_password="monitor"
363. #        monitor_galera_healthcheck_interval=1000
364. #        threads=2
365. #        max_connections=2048
366. #        default_query_delay=0
367. #        default_query_timeout=10000
368. #        poll_timeout=2000
369. #        interfaces="0.0.0.0:3306"
370. #        default_schema="information_schema"
371. #        stacksize=1048576
372. #        connect_timeout_server=10000
373. #        monitor_history=60000
374. #        monitor_connect_interval=20000
375. #        monitor_ping_interval=10000
376. #        ping_timeout_server=200
377. #        commands_stats=true
378. #        sessions_sort=true
379. #        have_ssl=true
380. #        ssl_p2s_ca="/etc/proxysql/ssl-internal/ca.crt"
381. #        ssl_p2s_cert="/etc/proxysql/ssl-internal/tls.crt"
382. #        ssl_p2s_key="/etc/proxysql/ssl-internal/tls.key"
383. #        ssl_p2s_cipher="ECDHE-RSA-AES128-GCM-SHA256"
384. #      }
385. #    schedulerName: mycustom-scheduler
386. #    imagePullSecrets:
387. #      - name: private-registry-credentials
388. #    annotations:
389. #      iam.amazonaws.com/role: role-arn
390.     labels:
391.       nks-elk: enabled
392.       environment: development
393.       customer: na
394. #      rack: rack-22
395. #    serviceType: ClusterIP
396. #    externalTrafficPolicy: Cluster
397. #    runtimeClassName: image-rc
398. #    sidecars:
399. #    - image: busybox
400. #      command: ["/bin/sh"]
401. #      args: ["-c", "while true; do trap 'exit 0' SIGINT SIGTERM SIGQUIT SIGKILL; done;"]
402. #      name: my-sidecar-1
403. #      resources:
404. #        requests:
405. #          memory: 100M
406. #          cpu: 100m
407. #        limits:
408. #          memory: 200M
409. #          cpu: 200m
410. #    envVarsSecret: my-env-var-secrets
411.     resources:
412.       requests:
413.         memory: 1G
414.         cpu: 600m
415. #      limits:
416. #        memory: 1G
417. #        cpu: 700m
418. #    priorityClassName: high-priority
419. #    nodeSelector:
420. #      disktype: ssd
421. #    sidecarResources:
422. #      requests:
423. #        memory: 1G
424. #        cpu: 500m
425. #      limits:
426. #        memory: 2G
427. #        cpu: 600m
428. #    serviceAccountName: percona-xtradb-cluster-operator-workload
429.     affinity:
430.       antiAffinityTopologyKey: "kubernetes.io/hostname"
431. #      advanced:
432. #        nodeAffinity:
433. #          requiredDuringSchedulingIgnoredDuringExecution:
434. #            nodeSelectorTerms:
435. #            - matchExpressions:
436. #              - key: kubernetes.io/e2e-az-name
437. #                operator: In
438. #                values:
439. #                - e2e-az1
440. #                - e2e-az2
441. #    tolerations:
442. #    - key: "node.alpha.kubernetes.io/unreachable"
443. #      operator: "Exists"
444. #      effect: "NoExecute"
445. #      tolerationSeconds: 6000
446.     volumeSpec:
447. #      emptyDir: {}
448. #      hostPath:
449. #        path: /data
450. #        type: Directory
451.       persistentVolumeClaim:
452.         storageClassName: openebs-hostpath
453.         volumeName: local-persistentvolume2
454.         accessModes: [ "ReadWriteOnce" ]
455.         resources:
456.           requests:
457.             storage: 2G
458.     podDisruptionBudget:
459.       maxUnavailable: 1
460. #      minAvailable: 0
461.     gracePeriod: 30
462. #   loadBalancerSourceRanges:
463. #     - 10.0.0.0/8
464. #   serviceAnnotations:
465. #     service.beta.kubernetes.io/aws-load-balancer-backend-protocol: http
466.   logcollector:
467.     enabled: true
468.     image: percona/percona-xtradb-cluster-operator:1.10.0-1-logcollector
469. #    configuration: |
470. #      [OUTPUT]
471. #           Name  es
472. #           Match *
473. #           Host  192.168.2.3
474. #           Port  9200
475. #           Index my_index
476. #           Type  my_type
477.     resources:
478.       requests:
479.         memory: 100M
480.         cpu: 200m
481.   pmm:
482.     enabled: false
483.     image: percona/pmm-client:2.23.0
484.     serverHost: xyz
485.     serverUser: admin
486. #    pxcParams: "--disable-tablestats-limit=2000"
487. #    proxysqlParams: "--custom-labels=CUSTOM-LABELS"
488.     resources:
489.       requests:
490.         memory: 150M
491.         cpu: 300m
492.   backup:
493.     image: percona/percona-xtradb-cluster-operator:1.10.0-pxc8.0.25-backup
494. #    serviceAccountName: percona-xtradb-cluster-operator
495. #    imagePullSecrets:
496. #      - name: private-registry-credentials
497.     pitr:
498.       enabled: false
499.       storageName: s3-storage
500.       timeBetweenUploads: 60
501.     storages:
502.       s3-storage:
503.         type: s3
504. #        nodeSelector:
505. #          storage: tape
506. #          backupWorker: 'True'
507. #        resources:
508. #          requests:
509. #            memory: 1G
510. #            cpu: 600m
511. #        affinity:
512. #          nodeAffinity:
513. #            requiredDuringSchedulingIgnoredDuringExecution:
514. #              nodeSelectorTerms:
515. #              - matchExpressions:
516. #                - key: backupWorker
517. #                  operator: In
518. #                  values:
519. #                  - 'True'
520. #        tolerations:
521. #          - key: "backupWorker"
522. #            operator: "Equal"
523. #            value: "True"
524. #            effect: "NoSchedule"
525. #        annotations:
526. #          testName: scheduled-backup
527. #        labels:
528. #          backupWorker: 'True'
529. #        schedulerName: 'default-scheduler'
530. #        priorityClassName: 'high-priority'
531. #        containerSecurityContext:
532. #          privileged: true
533. #        podSecurityContext:
534. #          fsGroup: 1001
535. #          supplementalGroups: [1001, 1002, 1003]
536.         s3:
537.           bucket: backup3
538.           credentialsSecret: my-cluster-name-backup-s3
539.           region: us-east-1
540.           endpointUrl: xyz
541. #      fs-pvc:
542. #        type: filesystem
543. #        nodeSelector:
544. #          storage: tape
545. #          backupWorker: 'True'
546. #        resources:
547. #          requests:
548. #            memory: 1G
549. #            cpu: 600m
550. #        affinity:
551. #          nodeAffinity:
552. #            requiredDuringSchedulingIgnoredDuringExecution:
553. #              nodeSelectorTerms:
554. #              - matchExpressions:
555. #                - key: backupWorker
556. #                  operator: In
557. #                  values:
558. #                  - 'True'
559. #        tolerations:
560. #          - key: "backupWorker"
561. #            operator: "Equal"
562. #            value: "True"
563. #            effect: "NoSchedule"
564. #        annotations:
565. #          testName: scheduled-backup
566. #        labels:
567. #          backupWorker: 'True'
568. #        schedulerName: 'default-scheduler'
569. #        priorityClassName: 'high-priority'
570. #        containerSecurityContext:
571. #          privileged: true
572. #        podSecurityContext:
573. #          fsGroup: 1001
574. #          supplementalGroups: [1001, 1002, 1003]
575.         volume:
576.           persistentVolumeClaim:
577. #            storageClassName: standard
578.             accessModes: [ "ReadWriteOnce" ]
579.             resources:
580.               requests:
581.                 storage: 6G
582.     schedule:
583. #      - name: "runEvery15mins"
584. #        schedule: "*/15 * * * *"
585. #        keep: 4
586. #        storageName: s3-storage
587. #      - name: "daily-backup"
588. #        schedule: "0 0 * * *"
589. #        keep: 5
590. #        storageName: fs-pvc