From daf3255b38c4e1e12199ded9bf1f3b598b6bb700 Mon Sep 17 00:00:00 2001 From: yz124 Date: Mon, 11 Mar 2024 17:50:05 -0500 Subject: [PATCH] add mysql-operator config files --- data/mysql_mysql-operator/context.json | 1350 +++++++++++++++++ data/mysql_mysql-operator/deploy-crds.yaml | 1095 +++++++++++++ .../mysql_mysql-operator/deploy-operator.yaml | 199 +++ .../mysql-operator-config.json | 36 + .../mysql-operator-cr.yaml | 23 + data/mysql_mysql-operator/secret.yaml | 19 + 6 files changed, 2722 insertions(+) create mode 100644 data/mysql_mysql-operator/context.json create mode 100644 data/mysql_mysql-operator/deploy-crds.yaml create mode 100644 data/mysql_mysql-operator/deploy-operator.yaml create mode 100644 data/mysql_mysql-operator/mysql-operator-config.json create mode 100644 data/mysql_mysql-operator/mysql-operator-cr.yaml create mode 100644 data/mysql_mysql-operator/secret.yaml diff --git a/data/mysql_mysql-operator/context.json b/data/mysql_mysql-operator/context.json new file mode 100644 index 0000000000..bcf4dcac55 --- /dev/null +++ b/data/mysql_mysql-operator/context.json @@ -0,0 +1,1350 @@ +{ + "crd": { + "body": { + "apiVersion": "apiextensions.k8s.io/v1", + "kind": "CustomResourceDefinition", + "metadata": { + "creationTimestamp": "2024-03-10T01:22:54Z", + "generation": 1, + "name": "innodbclusters.mysql.oracle.com", + "resourceVersion": "625", + "uid": "ba1d54fb-a175-4df8-83fb-4e793e61ec54" + }, + "spec": { + "conversion": { + "strategy": "None" + }, + "group": "mysql.oracle.com", + "names": { + "kind": "InnoDBCluster", + "listKind": "InnoDBClusterList", + "plural": "innodbclusters", + "shortNames": [ + "ic", + "ics" + ], + "singular": "innodbcluster" + }, + "scope": "Namespaced", + "versions": [ + { + "additionalPrinterColumns": [ + { + "description": "Status of the InnoDB Cluster", + "jsonPath": ".status.cluster.status", + "name": "Status", + "type": "string" + }, + { + "description": "Number of ONLINE InnoDB Cluster instances", + "jsonPath": ".status.cluster.onlineInstances", + "name": "Online", + "type": "integer" + }, + { + "description": "Number of InnoDB Cluster instances configured", + "jsonPath": ".spec.instances", + "name": "Instances", + "type": "integer" + }, + { + "description": "Number of Router instances configured for the InnoDB Cluster", + "jsonPath": ".spec.router.instances", + "name": "Routers", + "type": "integer" + }, + { + "jsonPath": ".metadata.creationTimestamp", + "name": "Age", + "type": "date" + } + ], + "name": "v2", + "schema": { + "openAPIV3Schema": { + "properties": { + "metadata": { + "properties": { + "name": { + "maxLength": 40, + "type": "string" + } + }, + "type": "object" + }, + "spec": { + "properties": { + "backupProfiles": { + "description": "Backup profile specifications for the cluster, which can be referenced from backup schedules and one-off backup jobs", + "items": { + "properties": { + "dumpInstance": { + "properties": { + "dumpOptions": { + "description": "A dictionary of key-value pairs passed directly to MySQL Shell's DumpInstance()", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "storage": { + "properties": { + "azure": { + "properties": { + "config": { + "description": "Name of a Secret with Azure BLOB Storage configuration and credentials", + "type": "string" + }, + "containerName": { + "description": "Name of the Azure BLOB Storage container where the dump is stored", + "type": "string" + }, + "prefix": { + "description": "Path in the container where the dump files are stored", + "type": "string" + } + }, + "required": [ + "containerName", + "config" + ], + "type": "object" + }, + "ociObjectStorage": { + "properties": { + "bucketName": { + "description": "Name of the OCI bucket where backup is stored", + "type": "string" + }, + "credentials": { + "description": "Name of a Secret with data for accessing the bucket", + "type": "string" + }, + "prefix": { + "description": "Path in bucket where backup is stored", + "type": "string" + } + }, + "required": [ + "bucketName", + "credentials" + ], + "type": "object" + }, + "persistentVolumeClaim": { + "description": "Specification of the PVC to be used. Used 'as is' in pod executing the backup.", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "s3": { + "properties": { + "bucketName": { + "description": "Name of the S3 bucket where the dump is stored", + "type": "string" + }, + "config": { + "description": "Name of a Secret with S3 configuration and credentials", + "type": "string" + }, + "endpoint": { + "description": "Override endpoint URL", + "type": "string" + }, + "prefix": { + "description": "Path in the bucket where the dump files are stored", + "type": "string" + }, + "profile": { + "default": "", + "description": "Profile being used in configuration files", + "type": "string" + } + }, + "required": [ + "bucketName", + "config" + ], + "type": "object" + } + }, + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + } + }, + "type": "object" + }, + "name": { + "description": "Embedded backup profile, referenced as backupProfileName elsewhere", + "type": "string" + }, + "podAnnotations": { + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "podLabels": { + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "snapshot": { + "properties": { + "storage": { + "properties": { + "azure": { + "properties": { + "config": { + "description": "Name of a Secret with Azure BLOB Storage configuration and credentials", + "type": "string" + }, + "containerName": { + "description": "Name of the Azure BLOB Storage container where the dump is stored", + "type": "string" + }, + "prefix": { + "description": "Path in the container where the dump files are stored", + "type": "string" + } + }, + "required": [ + "containerName", + "config" + ], + "type": "object" + }, + "ociObjectStorage": { + "properties": { + "bucketName": { + "description": "Bucket name where backup is stored", + "type": "string" + }, + "credentials": { + "description": "Name of a Secret with data for accessing the bucket", + "type": "string" + }, + "prefix": { + "description": "Path in bucket where backup is stored", + "type": "string" + } + }, + "required": [ + "bucketName", + "credentials" + ], + "type": "object" + }, + "persistentVolumeClaim": { + "description": "Specification of the PVC to be used. Used 'as is' in pod executing the backup.", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "s3": { + "properties": { + "bucketName": { + "description": "Name of the S3 bucket where the dump is stored", + "type": "string" + }, + "config": { + "description": "Name of a Secret with S3 configuration and credentials", + "type": "string" + }, + "endpoint": { + "description": "Override endpoint URL", + "type": "string" + }, + "prefix": { + "description": "Path in the bucket where the dump files are stored", + "type": "string" + }, + "profile": { + "default": "", + "description": "Profile being used in configuration files", + "type": "string" + } + }, + "required": [ + "bucketName", + "config" + ], + "type": "object" + } + }, + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + } + }, + "type": "object" + } + }, + "required": [ + "name" + ], + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "type": "array" + }, + "backupSchedules": { + "description": "Schedules for periodically executed backups", + "items": { + "properties": { + "backupProfile": { + "description": "backupProfile specification if backupProfileName is not specified", + "properties": { + "dumpInstance": { + "properties": { + "dumpOptions": { + "description": "A dictionary of key-value pairs passed directly to MySQL Shell's DumpInstance()", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "storage": { + "properties": { + "azure": { + "properties": { + "config": { + "description": "Name of a Secret with Azure BLOB Storage configuration and credentials", + "type": "string" + }, + "containerName": { + "description": "Name of the Azure BLOB Storage container where the dump is stored", + "type": "string" + }, + "prefix": { + "description": "Path in the container where the dump files are stored", + "type": "string" + } + }, + "required": [ + "containerName", + "config" + ], + "type": "object" + }, + "ociObjectStorage": { + "properties": { + "bucketName": { + "description": "Name of the OCI Bucket where backup is stored", + "type": "string" + }, + "credentials": { + "description": "Name of a Secret with data for accessing the bucket", + "type": "string" + }, + "prefix": { + "description": "Path in bucket where backup is stored", + "type": "string" + } + }, + "required": [ + "bucketName", + "credentials" + ], + "type": "object" + }, + "persistentVolumeClaim": { + "description": "Specification of the PVC to be used. Used 'as is' in pod executing the backup.", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "s3": { + "properties": { + "bucketName": { + "description": "Name of the S3 bucket where the dump is stored", + "type": "string" + }, + "config": { + "description": "Name of a Secret with S3 configuration and credentials", + "type": "string" + }, + "endpoint": { + "description": "Override endpoint URL", + "type": "string" + }, + "prefix": { + "description": "Path in the bucket where the dump files are stored", + "type": "string" + }, + "profile": { + "default": "", + "description": "Profile being used in configuration files", + "type": "string" + } + }, + "required": [ + "bucketName", + "config" + ], + "type": "object" + } + }, + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + } + }, + "type": "object" + }, + "podAnnotations": { + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "podLabels": { + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + } + }, + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "backupProfileName": { + "description": "Name of the backupProfile to be used", + "type": "string" + }, + "deleteBackupData": { + "default": false, + "description": "Whether to delete the backup data in case the MySQLBackup object created by the job is deleted", + "type": "boolean" + }, + "enabled": { + "default": true, + "description": "Whether the schedule is enabled or not", + "type": "boolean" + }, + "name": { + "description": "Name of the backup schedule", + "type": "string" + }, + "schedule": { + "description": "The schedule of the job, syntax as a cron expression", + "type": "string" + }, + "timeZone": { + "description": "Timezone for the backup schedule, example: 'America/New_York'", + "type": "string" + } + }, + "required": [ + "name", + "schedule" + ], + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "type": "array" + }, + "baseServerId": { + "default": 1000, + "description": "Base value for MySQL server_id for instances in the cluster", + "maximum": 4294967195, + "minimum": 0, + "type": "integer" + }, + "datadirVolumeClaimTemplate": { + "description": "Template for a PersistentVolumeClaim, to be used as datadir", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "edition": { + "description": "MySQL Server Edition (community or enterprise)", + "pattern": "^(community|enterprise)$", + "type": "string" + }, + "imagePullPolicy": { + "description": "Defaults to Always, but set to IfNotPresent in deploy-operator.yaml when deploying Operator", + "type": "string" + }, + "imagePullSecrets": { + "items": { + "properties": { + "name": { + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + }, + "imageRepository": { + "description": "Repository where images are pulled from; defaults to container-registry.oracle.com/mysql", + "type": "string" + }, + "initDB": { + "properties": { + "clone": { + "properties": { + "donorUrl": { + "description": "URL of the cluster to clone from", + "type": "string" + }, + "rootUser": { + "default": "root", + "description": "User name used for cloning", + "type": "string" + }, + "secretKeyRef": { + "properties": { + "name": { + "description": "Secret name with key 'rootPassword' storing the password for the user specified in rootUser", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + } + }, + "required": [ + "donorUrl", + "secretKeyRef" + ], + "type": "object" + }, + "dump": { + "properties": { + "name": { + "description": "Name of the dump. Not used by the operator, but a descriptive hint for the cluster administrator", + "type": "string" + }, + "options": { + "description": "A dictionary of key-value pairs passed directly to MySQL Shell's loadDump()", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "path": { + "description": "Path to the dump in the PVC. Use when specifying persistentVolumeClaim. Omit for ociObjectStorage, S3, or azure.", + "type": "string" + }, + "storage": { + "properties": { + "azure": { + "properties": { + "config": { + "description": "Name of a Secret with Azure BLOB Storage configuration and credentials", + "type": "string" + }, + "containerName": { + "description": "Name of the Azure BLOB Storage container where the dump is stored", + "type": "string" + }, + "prefix": { + "description": "Path in the container where the dump files are stored", + "type": "string" + } + }, + "required": [ + "containerName", + "prefix", + "config" + ], + "type": "object" + }, + "ociObjectStorage": { + "properties": { + "bucketName": { + "description": "Name of the OCI bucket where the dump is stored", + "type": "string" + }, + "credentials": { + "description": "Name of a Secret with data for accessing the bucket", + "type": "string" + }, + "prefix": { + "description": "Path in the bucket where the dump files are stored", + "type": "string" + } + }, + "required": [ + "bucketName", + "prefix", + "credentials" + ], + "type": "object" + }, + "persistentVolumeClaim": { + "description": "Specification of the PVC to be used. Used 'as is' in the cloning pod.", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "s3": { + "properties": { + "bucketName": { + "description": "Name of the S3 bucket where the dump is stored", + "type": "string" + }, + "config": { + "description": "Name of a Secret with S3 configuration and credentials", + "type": "string" + }, + "endpoint": { + "description": "Override endpoint URL", + "type": "string" + }, + "prefix": { + "description": "Path in the bucket where the dump files are stored", + "type": "string" + }, + "profile": { + "default": "", + "description": "Profile being used in configuration files", + "type": "string" + } + }, + "required": [ + "bucketName", + "prefix", + "config" + ], + "type": "object" + } + }, + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + } + }, + "required": [ + "storage" + ], + "type": "object" + } + }, + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "instances": { + "default": 1, + "description": "Number of MySQL replica instances for the cluster", + "maximum": 9, + "minimum": 1, + "type": "integer" + }, + "keyring": { + "description": "Keyring specification", + "properties": { + "encryptedFile": { + "description": "Keyring 'Encrypted File' specification", + "properties": { + "fileName": { + "default": "mysql_keyring", + "description": "Path to the keyring file name inside the storage volume (will be prefixed by mount path)", + "type": "string" + }, + "password": { + "description": "Name of a secret that contains password for the keyring in the key 'keyring_password'", + "type": "string" + }, + "readOnly": { + "default": false, + "description": "Whether to open the keyring file in read-only mode", + "type": "boolean" + }, + "storage": { + "description": "Specification of the volume to be mounted where the keyring file resides", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + } + }, + "required": [ + "storage", + "password" + ], + "type": "object" + }, + "file": { + "description": "Keyring 'File' specification", + "properties": { + "fileName": { + "default": "mysql_keyring", + "description": "Path to the keyring file name inside the storage volume (will be prefixed by mount path)", + "type": "string" + }, + "readOnly": { + "default": false, + "description": "Whether to open the keyring file in read-only mode", + "type": "boolean" + }, + "storage": { + "description": "Specification of the volume to be mounted where the keyring file resides", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + } + }, + "required": [ + "storage" + ], + "type": "object" + }, + "oci": { + "description": "Keyring 'OCI' specification", + "properties": { + "caCertificate": { + "description": "Secret that contains ca.crt field with CA certificate bundle file that the keyring_oci plugin uses for Oracle Cloud Infrastructure certificate verification", + "type": "string" + }, + "compartment": { + "description": "Compartment identifier in the form ocid1.compartment.oc1...", + "pattern": "^ocid1\\.compartment\\.", + "type": "string" + }, + "endpoints": { + "properties": { + "encryption": { + "description": "Encryption endpoint URI like {identifier}-crypto.kms.{region}.oraclecloud.com", + "type": "string" + }, + "management": { + "description": "Management endpoint URI like {identifier}-management.kms.{region}.oraclecloud.com", + "type": "string" + }, + "secrets": { + "description": "Secrets endpoint URI like secrets.vaults.{region}.oci.oraclecloud.com", + "type": "string" + }, + "vaults": { + "description": "Vaults endpoint URI like vaults.{region}.oci.oraclecloud.com", + "type": "string" + } + }, + "type": "object" + }, + "keyFingerprint": { + "description": "Private key fingerprint", + "pattern": "([0-9a-f]{2}:){15}[0-9a-f]{2}$", + "type": "string" + }, + "keySecret": { + "description": "A secret that contains the private key under the field 'privatekey'", + "type": "string" + }, + "masterKey": { + "description": "Master key identified in the form ocid1.key.oc1...", + "pattern": "^ocid1\\.key\\.", + "type": "string" + }, + "tenancy": { + "description": "Tenancy identifier in the form ocid1.tenancy.oc1...", + "pattern": "^ocid1\\.tenancy\\.", + "type": "string" + }, + "user": { + "description": "User identifier in the form of ocid1.user.oc1...", + "pattern": "^ocid1\\.user\\.", + "type": "string" + }, + "virtualVault": { + "description": "Vault identifier in the form ocid1.vault.oc1...", + "pattern": "^ocid1\\.vault\\.", + "type": "string" + } + }, + "required": [ + "user", + "keySecret", + "keyFingerprint", + "tenancy" + ], + "type": "object" + } + }, + "type": "object" + }, + "logs": { + "properties": { + "collector": { + "oneOf": [ + { + "required": [ + "image", + "fluentd" + ] + } + ], + "properties": { + "containerName": { + "default": "logcollector", + "description": "Name of the collector container sidecar", + "type": "string" + }, + "env": { + "items": { + "description": "Environment variables to be passed to the image. Definition will be directly copied like podSpec fields are", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "type": "array" + }, + "fluentd": { + "description": "Properties of the fluentd log collector", + "oneOf": [ + { + "required": [ + "sinks" + ] + } + ], + "properties": { + "additionalFilterConfiguration": { + "description": "Raw configuration of additional Fluentd filters to be added to the configuration file", + "type": "string" + }, + "errorLog": { + "properties": { + "options": { + "description": "fluentd specific options for the error log", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "tag": { + "default": "", + "description": "Tag for the error log records", + "type": "string" + } + }, + "type": "object" + }, + "generalLog": { + "properties": { + "options": { + "description": "fluentd specific options for the general log", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "tag": { + "default": "", + "description": "Tag for the general log records", + "type": "string" + } + }, + "type": "object" + }, + "recordAugmentation": { + "properties": { + "annotations": { + "items": { + "properties": { + "annotationName": { + "description": "Name of the pod label that holds the value to be stored under fieldName in the log record", + "type": "string" + }, + "fieldName": { + "description": "Name of the field added to the log record with value from annotationName", + "type": "string" + } + }, + "required": [ + "fieldName", + "annotationName" + ], + "type": "object" + }, + "type": "array" + }, + "enabled": { + "default": false, + "description": "Whether to enable record augmentation with additional data", + "type": "boolean" + }, + "labels": { + "items": { + "properties": { + "fieldName": { + "description": "Name of the field added to the log record with value from labelName", + "type": "string" + }, + "labelName": { + "description": "Name of the pod label that holds the value to be stored under fieldName in the log record", + "type": "string" + } + }, + "required": [ + "fieldName", + "labelName" + ], + "type": "object" + }, + "type": "array" + }, + "podFields": { + "items": { + "properties": { + "fieldName": { + "description": "Name of the field added to the log record with value taken from a field with path stored in fieldPath", + "type": "string" + }, + "fieldPath": { + "description": "Value for the field fieldName. The path should be of the same syntax as the one used for mounting environment variables from field reference - valueFrom.fieldRef.fieldPath . The field will be mounted in the pod as a environment variable, prefixed with a prefix and used then added to the log record. Examples for fieldRef are : spec.nodeName, metadata.namespace, status.podIP, etc.", + "type": "string" + } + }, + "required": [ + "fieldName", + "fieldPath" + ], + "type": "object" + }, + "type": "array" + }, + "resourceFields": { + "items": { + "properties": { + "containerName": { + "type": "string" + }, + "fieldName": { + "description": "Name of the field added to the log record with value taken from a field with path stored in fieldPath", + "type": "string" + }, + "resource": { + "description": "See https://kubernetes.io/docs/tasks/inject-data-application/environment-variable-expose-pod-information/#use-container-fields-as-values-for-environment-variables", + "type": "string" + } + }, + "required": [ + "fieldName", + "containerName", + "resource" + ], + "type": "object" + }, + "type": "array" + }, + "staticFields": { + "items": { + "properties": { + "fieldName": { + "description": "Name of the field added to the log record with value from fieldValue", + "type": "string" + }, + "fieldValue": { + "description": "Value for the static field with name taken from fieldName", + "type": "string" + } + }, + "required": [ + "fieldName", + "fieldValue" + ], + "type": "object" + }, + "type": "array" + } + }, + "type": "object" + }, + "sinks": { + "items": { + "properties": { + "name": { + "description": "Name of the sink. Used only for documentation purposes", + "type": "string" + }, + "rawConfig": { + "description": "Raw configuration of the sink", + "type": "string" + } + }, + "required": [ + "name", + "rawConfig" + ], + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "type": "array" + }, + "slowQueryLog": { + "properties": { + "options": { + "description": "fluentd specific options for the slow log", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "tag": { + "default": "", + "description": "Tag for the slow log records", + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "image": { + "description": "Name of an image, including registry and repository, to be used for the log collector sidecar. If provided it needs to be an image for the configured collector type.", + "type": "string" + } + }, + "type": "object" + }, + "error": { + "properties": { + "collect": { + "default": false, + "description": "Whether error logging data should be collected. Implies that the logging should be enabled. If enabled the error log will be switched to JSON format output", + "type": "boolean" + }, + "verbosity": { + "default": 3, + "description": "Log error verbosity. For details, see the MySQL Server --log-error-verbosity documentation.", + "maximum": 3, + "minimum": 1, + "type": "integer" + } + }, + "type": "object" + }, + "general": { + "properties": { + "collect": { + "default": false, + "description": "Whether general logging data should be collected. Implies that the logging should be enabled.", + "type": "boolean" + }, + "enabled": { + "default": false, + "description": "Whether general logging should be enabled", + "type": "boolean" + } + }, + "type": "object" + }, + "slowQuery": { + "properties": { + "collect": { + "default": false, + "description": "Whether slow query logging data should be collected. Implies that the logging should be enabled.", + "type": "boolean" + }, + "enabled": { + "default": false, + "description": "Whether slow query logging should be enabled", + "type": "boolean" + }, + "longQueryTime": { + "default": 10, + "description": "Long query time threshold", + "minimum": 0, + "type": "number" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "metrics": { + "description": "Configuration of a Prometheus-style metrics provider", + "properties": { + "enable": { + "default": false, + "description": "Toggle to enable or disable the metrics sidecar", + "type": "boolean" + }, + "image": { + "description": "Name of an image to be used for the metrics sidecar, if provided metrics will be enabled", + "type": "string" + }, + "monitor": { + "default": false, + "description": "Create a ServiceMonitor for Prometheus Operator", + "type": "boolean" + }, + "monitorSpec": { + "default": {}, + "description": "Custom configuration for the ServiceMonitor object", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "options": { + "description": "Options passed to the metrics provider as command line arguments", + "items": { + "type": "string" + }, + "type": "array" + }, + "tlsSecret": { + "description": "Name of a Secret with TLS certificate, key and CA, which will be mounted at /tls into the container an can be used from webConfig", + "type": "string" + }, + "webConfig": { + "description": "Name of a ConfigMap with a web.config file, if this option is provided a command line option --web.config.file is added", + "type": "string" + } + }, + "required": [ + "enable", + "image" + ], + "type": "object" + }, + "mycnf": { + "description": "Custom configuration additions for my.cnf", + "type": "string" + }, + "podAnnotations": { + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "podLabels": { + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "podSpec": { + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "readReplicas": { + "items": { + "properties": { + "baseServerId": { + "default": 0, + "description": "Base value for MySQL server_id for instances of the readReplica, if 0 it will be assigned automatically", + "maximum": 4294967195, + "minimum": 0, + "type": "integer" + }, + "datadirVolumeClaimTemplate": { + "description": "Template for a PersistentVolumeClaim, to be used as datadir", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "instances": { + "default": 1, + "description": "Number of MySQL instances for the set of read replica", + "maximum": 999, + "minimum": 1, + "type": "integer" + }, + "mycnf": { + "description": "Custom configuration additions for my.cnf", + "type": "string" + }, + "name": { + "type": "string" + }, + "podAnnotations": { + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "podLabels": { + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "podSpec": { + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "version": { + "description": "MySQL Server version", + "pattern": "^\\d+\\.\\d+\\.\\d+(-.+)?", + "type": "string" + } + }, + "required": [ + "name", + "baseServerId" + ], + "type": "object" + }, + "type": "array" + }, + "router": { + "description": "MySQL Router specification", + "properties": { + "bootstrapOptions": { + "description": "Command line options passed to MySQL Router while bootstrapping", + "items": { + "type": "string" + }, + "type": "array" + }, + "instances": { + "default": 1, + "description": "Number of MySQL Router instances to deploy", + "minimum": 0, + "type": "integer" + }, + "options": { + "description": "Command line options passed to MySQL Router while running", + "items": { + "type": "string" + }, + "type": "array" + }, + "podAnnotations": { + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "podLabels": { + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "podSpec": { + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "routingOptions": { + "description": "Set routing options for the cluster", + "properties": { + "invalidated_cluster_policy": { + "enum": [ + "drop_all", + "accept_ro" + ], + "type": "string" + }, + "read_only_targets": { + "enum": [ + "all", + "read_replicas", + "secondaries" + ], + "type": "string" + }, + "stats_updates_frequency": { + "default": 0, + "minimum": 0, + "type": "integer" + } + }, + "type": "object" + }, + "tlsSecretName": { + "description": "Name of a TLS type Secret containing MySQL Router certificate and private key used for SSL", + "type": "string" + }, + "version": { + "description": "Override MySQL Router version", + "pattern": "^\\d+\\.\\d+\\.\\d+(-.+)?", + "type": "string" + } + }, + "type": "object" + }, + "secretName": { + "description": "Name of a generic type Secret containing root/default account password", + "type": "string" + }, + "service": { + "description": "Configuration of the Service used by applications connecting to the InnoDB Cluster", + "properties": { + "annotations": { + "description": "Custom annotations for the Service", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "defaultPort": { + "default": "mysql-rw", + "description": "Target for the Service's default (3306) port. If mysql-rw traffic will go to the primary and allow read and write operations, with mysql-ro traffic goes to the replica and allows only read operations, with mysql-rw-split the router's read-write-splitting will be targeted", + "enum": [ + "mysql-rw", + "mysql-ro", + "mysql-rw-split" + ], + "type": "string" + }, + "labels": { + "description": "Custom labels for the Service", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "type": { + "default": "ClusterIP", + "enum": [ + "ClusterIP", + "NodePort", + "LoadBalancer" + ], + "type": "string" + } + }, + "type": "object" + }, + "serviceAccountName": { + "type": "string" + }, + "tlsCASecretName": { + "description": "Name of a generic type Secret containing CA (ca.pem) and optional CRL (crl.pem) for SSL", + "type": "string" + }, + "tlsSecretName": { + "description": "Name of a TLS type Secret containing Server certificate and private key for SSL", + "type": "string" + }, + "tlsUseSelfSigned": { + "default": false, + "description": "Enables use of self-signed TLS certificates, reducing or disabling TLS based security verifications", + "type": "boolean" + }, + "version": { + "description": "MySQL Server version", + "pattern": "^\\d+\\.\\d+\\.\\d+(-.+)?", + "type": "string" + } + }, + "required": [ + "secretName" + ], + "type": "object" + }, + "status": { + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + } + }, + "required": [ + "spec" + ], + "type": "object" + } + }, + "served": true, + "storage": true, + "subresources": { + "status": {} + } + } + ] + }, + "status": { + "acceptedNames": { + "kind": "InnoDBCluster", + "listKind": "InnoDBClusterList", + "plural": "innodbclusters", + "shortNames": [ + "ic", + "ics" + ], + "singular": "innodbcluster" + }, + "conditions": [ + { + "lastTransitionTime": "2024-03-10T01:22:54Z", + "message": "no conflicts found", + "reason": "NoConflicts", + "status": "True", + "type": "NamesAccepted" + }, + { + "lastTransitionTime": "2024-03-10T01:22:54Z", + "message": "the initial names have been accepted", + "reason": "InitialNamesAccepted", + "status": "True", + "type": "Established" + } + ], + "storedVersions": [ + "v2" + ] + } + }, + "group": "mysql.oracle.com", + "plural": "innodbclusters", + "version": "v2" + }, + "learnrun_time": 426.91398000717163, + "namespace": "mysql-operator", + "preload_images": [ + "container-registry.oracle.com/mysql/community-operator:8.3.0-2.1.2", + "container-registry.oracle.com/mysql/community-server:8.3.0", + "container-registry.oracle.com/mysql/community-router:8.3.0" + ], + "static_analysis_time": 8.106231689453125e-06 +} \ No newline at end of file diff --git a/data/mysql_mysql-operator/deploy-crds.yaml b/data/mysql_mysql-operator/deploy-crds.yaml new file mode 100644 index 0000000000..d25b1bdad1 --- /dev/null +++ b/data/mysql_mysql-operator/deploy-crds.yaml @@ -0,0 +1,1095 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: innodbclusters.mysql.oracle.com +spec: + group: mysql.oracle.com + versions: + - name: v2 + served: true + storage: true + schema: + openAPIV3Schema: + type: object + required: ["spec"] + properties: + metadata: + type: object + properties: + name: + type: string + maxLength: 40 + spec: + type: object + required: ["secretName"] + properties: + secretName: + type: string + description: "Name of a generic type Secret containing root/default account password" + tlsCASecretName: + type: string + description: "Name of a generic type Secret containing CA (ca.pem) and optional CRL (crl.pem) for SSL" + tlsSecretName: + type: string + description: "Name of a TLS type Secret containing Server certificate and private key for SSL" + tlsUseSelfSigned: + type: boolean + default: false + description: "Enables use of self-signed TLS certificates, reducing or disabling TLS based security verifications" + version: + type: string + pattern: '^\d+\.\d+\.\d+(-.+)?' + description: "MySQL Server version" + edition: + type: string + pattern: "^(community|enterprise)$" + description: "MySQL Server Edition (community or enterprise)" + imageRepository: + type: string + description: "Repository where images are pulled from; defaults to container-registry.oracle.com/mysql" + imagePullPolicy: + type: string + description: "Defaults to Always, but set to IfNotPresent in deploy-operator.yaml when deploying Operator" + imagePullSecrets: + type: array + items: + type: object + properties: + name: + type: string + serviceAccountName: + type: string + baseServerId: + type: integer + minimum: 0 + maximum: 4294967195 + default: 1000 + description: "Base value for MySQL server_id for instances in the cluster" + datadirVolumeClaimTemplate: + type: object + x-kubernetes-preserve-unknown-fields: true + description: "Template for a PersistentVolumeClaim, to be used as datadir" + mycnf: + type: string + description: "Custom configuration additions for my.cnf" + instances: + type: integer + minimum: 1 + maximum: 9 + default: 1 + description: "Number of MySQL replica instances for the cluster" + podSpec: + type: object + x-kubernetes-preserve-unknown-fields: true + podAnnotations: + type: object + x-kubernetes-preserve-unknown-fields: true + podLabels: + type: object + x-kubernetes-preserve-unknown-fields: true + keyring: + type: object + description: "Keyring specification" + properties: + file: + type: object + description: "Keyring 'File' specification" + required: ["storage"] + properties: + fileName: + type: string + default: "mysql_keyring" + description: "Path to the keyring file name inside the storage volume (will be prefixed by mount path)" + readOnly: + type: boolean + default: false + description: "Whether to open the keyring file in read-only mode" + storage: + type: object + description : "Specification of the volume to be mounted where the keyring file resides" + x-kubernetes-preserve-unknown-fields: true + encryptedFile: + type: object + description: "Keyring 'Encrypted File' specification" + required: ["storage", "password"] + properties: + fileName: + type: string + default: "mysql_keyring" + description: "Path to the keyring file name inside the storage volume (will be prefixed by mount path)" + readOnly: + type: boolean + default: false + description: "Whether to open the keyring file in read-only mode" + password: + type: string + description: "Name of a secret that contains password for the keyring in the key 'keyring_password'" + storage: + type: object + description : "Specification of the volume to be mounted where the keyring file resides" + x-kubernetes-preserve-unknown-fields: true + oci: + type: object + description: "Keyring 'OCI' specification" + required: ["user", "keySecret", "keyFingerprint", "tenancy"] + properties: + user: + type: string + description: "User identifier in the form of ocid1.user.oc1..." + pattern: '^ocid1\.user\.' + keySecret: + type: string + description: "A secret that contains the private key under the field 'privatekey'" + keyFingerprint: + type: string + description: "Private key fingerprint" + pattern: '([0-9a-f]{2}:){15}[0-9a-f]{2}$' + tenancy: + type: string + description: "Tenancy identifier in the form ocid1.tenancy.oc1..." + pattern: '^ocid1\.tenancy\.' + compartment: + type: string + description: "Compartment identifier in the form ocid1.compartment.oc1..." + pattern: '^ocid1\.compartment\.' + virtualVault: + type: string + description: "Vault identifier in the form ocid1.vault.oc1..." + pattern: '^ocid1\.vault\.' + masterKey: + type: string + description: "Master key identified in the form ocid1.key.oc1..." + pattern: '^ocid1\.key\.' + endpoints: + type: object + description: "" + properties: + encryption: + type: string + description: "Encryption endpoint URI like {identifier}-crypto.kms.{region}.oraclecloud.com" + management: + type: string + description: "Management endpoint URI like {identifier}-management.kms.{region}.oraclecloud.com" + vaults: + type: string + description: "Vaults endpoint URI like vaults.{region}.oci.oraclecloud.com" + secrets: + type: string + description: "Secrets endpoint URI like secrets.vaults.{region}.oci.oraclecloud.com" + caCertificate: + type: string + description: "Secret that contains ca.crt field with CA certificate bundle file that the keyring_oci plugin uses for Oracle Cloud Infrastructure certificate verification" + initDB: + type: object + properties: + clone: + type: object + required: ["donorUrl", "secretKeyRef"] + properties: + donorUrl: + type: string + description: "URL of the cluster to clone from" + rootUser: + type: string + default: "root" + description: "User name used for cloning" + secretKeyRef: + type: object + required: ["name"] + properties: + name: + type: string + description: "Secret name with key 'rootPassword' storing the password for the user specified in rootUser" + dump: + type: object + required: ["storage"] + properties: + name: + type: string + description: "Name of the dump. Not used by the operator, but a descriptive hint for the cluster administrator" + path: + type: string + description: "Path to the dump in the PVC. Use when specifying persistentVolumeClaim. Omit for ociObjectStorage, S3, or azure." + options: + type: object + description: "A dictionary of key-value pairs passed directly to MySQL Shell's loadDump()" + x-kubernetes-preserve-unknown-fields: true + storage: + type: object + properties: + ociObjectStorage: + type: object + required: ["bucketName", "prefix", "credentials"] + properties: + bucketName: + type: string + description: "Name of the OCI bucket where the dump is stored" + prefix: + type: string + description: "Path in the bucket where the dump files are stored" + credentials: + type: string + description: "Name of a Secret with data for accessing the bucket" + s3: + type: object + required: ["bucketName", "prefix", "config"] + properties: + bucketName: + type: string + description: "Name of the S3 bucket where the dump is stored" + prefix: + type: string + description: "Path in the bucket where the dump files are stored" + config: + type: string + description: "Name of a Secret with S3 configuration and credentials" + profile: + type: string + default: "" + description: "Profile being used in configuration files" + endpoint: + type: string + description: "Override endpoint URL" + azure: + type: object + required: ["containerName", "prefix", "config"] + properties: + containerName: + type: string + description: "Name of the Azure BLOB Storage container where the dump is stored" + prefix: + type: string + description: "Path in the container where the dump files are stored" + config: + type: string + description: "Name of a Secret with Azure BLOB Storage configuration and credentials" + persistentVolumeClaim: + type: object + description : "Specification of the PVC to be used. Used 'as is' in the cloning pod." + x-kubernetes-preserve-unknown-fields: true + x-kubernetes-preserve-unknown-fields: true + x-kubernetes-preserve-unknown-fields: true + router: + type: object + description: "MySQL Router specification" + properties: + instances: + type: integer + minimum: 0 + default: 1 + description: "Number of MySQL Router instances to deploy" + tlsSecretName: + type: string + description: "Name of a TLS type Secret containing MySQL Router certificate and private key used for SSL" + version: + type: string + pattern: '^\d+\.\d+\.\d+(-.+)?' + description: "Override MySQL Router version" + podSpec: + type: object + x-kubernetes-preserve-unknown-fields: true + podAnnotations: + type: object + x-kubernetes-preserve-unknown-fields: true + podLabels: + type: object + x-kubernetes-preserve-unknown-fields: true + bootstrapOptions: + description: "Command line options passed to MySQL Router while bootstrapping" + type: array + items: + type: string + options: + description: "Command line options passed to MySQL Router while running" + type: array + items: + type: string + routingOptions: + description: "Set routing options for the cluster" + type: object + properties: + # naming pattern follows Shell's naming documented at + # https://dev.mysql.com/doc/mysql-shell/8.1/en/innodb-clusterset-router-setroutingoption.html + # ClusterSet-related options and tags currently not supported + invalidated_cluster_policy: + type: string + enum: ["drop_all", "accept_ro"] + stats_updates_frequency: + type: integer + default: 0 + minimum: 0 + read_only_targets: + type: string + enum: ["all", "read_replicas", "secondaries"] + service: + type: object + description: "Configuration of the Service used by applications connecting to the InnoDB Cluster" + properties: + type: + type: string + enum: ["ClusterIP", "NodePort", "LoadBalancer"] + default: ClusterIP + annotations: + type: object + description: "Custom annotations for the Service" + x-kubernetes-preserve-unknown-fields: true + labels: + type: object + description: "Custom labels for the Service" + x-kubernetes-preserve-unknown-fields: true + defaultPort: + type: string + description: "Target for the Service's default (3306) port. If mysql-rw traffic will go to the primary and allow read and write operations, with mysql-ro traffic goes to the replica and allows only read operations, with mysql-rw-split the router's read-write-splitting will be targeted" + enum: ["mysql-rw", "mysql-ro", "mysql-rw-split"] + default: "mysql-rw" + + metrics: + type: object + description: "Configuration of a Prometheus-style metrics provider" + required: ["enable", "image"] + properties: + enable: + type: boolean + default: false + description: "Toggle to enable or disable the metrics sidecar" + image: + type: string + description: "Name of an image to be used for the metrics sidecar, if provided metrics will be enabled" + options: + type: array + description: "Options passed to the metrics provider as command line arguments" + items: + type: string + webConfig: + type: string + description: "Name of a ConfigMap with a web.config file, if this option is provided a command line option --web.config.file is added" + tlsSecret: + type: string + description: "Name of a Secret with TLS certificate, key and CA, which will be mounted at /tls into the container an can be used from webConfig" + monitor: + type: boolean + description: "Create a ServiceMonitor for Prometheus Operator" + default: false + monitorSpec: + type: object + x-kubernetes-preserve-unknown-fields: true + description: "Custom configuration for the ServiceMonitor object" + default: {} + + # These are only supported for development purpose: + #dbUser: + # type: object + # description: "MySQL user accoutn to be used for collecting metrics" + # properties: + # name: + # type: string + # description: "The account name, host part will always be localhost" + # default: mysqlmetrics + # grants: + # type: array + # description: "GRANTs given to the account" + # default: [ 'PROCESS', 'REPLICATION CLIENT', 'SELECT' ] + # items: + # type: string + # maxConnections: + # type: integer + # default: 3 + # description: "Maximum number of connections" + + backupProfiles: + type: array + description: "Backup profile specifications for the cluster, which can be referenced from backup schedules and one-off backup jobs" + items: + type: object + required: ["name"] + properties: + name: + type: string + description: "Embedded backup profile, referenced as backupProfileName elsewhere" + podAnnotations: + type: object + x-kubernetes-preserve-unknown-fields: true + podLabels: + type: object + x-kubernetes-preserve-unknown-fields: true + dumpInstance: + type: object + properties: + dumpOptions: + type: object + description: "A dictionary of key-value pairs passed directly to MySQL Shell's DumpInstance()" + x-kubernetes-preserve-unknown-fields: true + storage: + type: object + properties: + ociObjectStorage: + type: object + required: ["bucketName", "credentials"] + properties: + bucketName: + type: string + description: "Name of the OCI bucket where backup is stored" + prefix: + type: string + description: "Path in bucket where backup is stored" + credentials: + type: string + description: "Name of a Secret with data for accessing the bucket" + s3: + type: object + required: ["bucketName", "config"] + properties: + bucketName: + type: string + description: "Name of the S3 bucket where the dump is stored" + prefix: + type: string + description: "Path in the bucket where the dump files are stored" + config: + type: string + description: "Name of a Secret with S3 configuration and credentials" + profile: + type: string + default: "" + description: "Profile being used in configuration files" + endpoint: + type: string + description: "Override endpoint URL" + azure: + type: object + required: ["containerName", "config"] + properties: + containerName: + type: string + description: "Name of the Azure BLOB Storage container where the dump is stored" + prefix: + type: string + description: "Path in the container where the dump files are stored" + config: + type: string + description: "Name of a Secret with Azure BLOB Storage configuration and credentials" + persistentVolumeClaim: + type: object + description : "Specification of the PVC to be used. Used 'as is' in pod executing the backup." + x-kubernetes-preserve-unknown-fields: true + x-kubernetes-preserve-unknown-fields: true + snapshot: + type: object + properties: + storage: + type: object + properties: + ociObjectStorage: + type: object + required: ["bucketName", "credentials"] + properties: + bucketName: + type: string + description: "Bucket name where backup is stored" + prefix: + type: string + description: "Path in bucket where backup is stored" + credentials: + type: string + description: "Name of a Secret with data for accessing the bucket" + s3: + type: object + required: ["bucketName", "config"] + properties: + bucketName: + type: string + description: "Name of the S3 bucket where the dump is stored" + prefix: + type: string + description: "Path in the bucket where the dump files are stored" + config: + type: string + description: "Name of a Secret with S3 configuration and credentials" + profile: + type: string + default: "" + description: "Profile being used in configuration files" + endpoint: + type: string + description: "Override endpoint URL" + azure: + type: object + required: ["containerName", "config"] + properties: + containerName: + type: string + description: "Name of the Azure BLOB Storage container where the dump is stored" + prefix: + type: string + description: "Path in the container where the dump files are stored" + config: + type: string + description: "Name of a Secret with Azure BLOB Storage configuration and credentials" + persistentVolumeClaim: + type: object + description : "Specification of the PVC to be used. Used 'as is' in pod executing the backup." + x-kubernetes-preserve-unknown-fields: true + x-kubernetes-preserve-unknown-fields: true + x-kubernetes-preserve-unknown-fields: true + backupSchedules: + type: array + description: "Schedules for periodically executed backups" + items: + type: object + required: ["name", "schedule"] + x-kubernetes-preserve-unknown-fields: true + properties: + name: + type: string + description: "Name of the backup schedule" + schedule: + type: string + description: "The schedule of the job, syntax as a cron expression" + backupProfileName: + type: string + description: "Name of the backupProfile to be used" + backupProfile: + type: object + description: "backupProfile specification if backupProfileName is not specified" + x-kubernetes-preserve-unknown-fields: true + properties: + podAnnotations: + type: object + x-kubernetes-preserve-unknown-fields: true + podLabels: + type: object + x-kubernetes-preserve-unknown-fields: true + dumpInstance: + type: object + properties: + dumpOptions: + type: object + description: "A dictionary of key-value pairs passed directly to MySQL Shell's DumpInstance()" + x-kubernetes-preserve-unknown-fields: true + storage: + type: object + properties: + ociObjectStorage: + type: object + required: ["bucketName", "credentials"] + properties: + bucketName: + type: string + description: "Name of the OCI Bucket where backup is stored" + prefix: + type: string + description: "Path in bucket where backup is stored" + credentials: + type: string + description: "Name of a Secret with data for accessing the bucket" + s3: + type: object + required: ["bucketName", "config"] + properties: + bucketName: + type: string + description: "Name of the S3 bucket where the dump is stored" + prefix: + type: string + description: "Path in the bucket where the dump files are stored" + config: + type: string + description: "Name of a Secret with S3 configuration and credentials" + profile: + type: string + default: "" + description: "Profile being used in configuration files" + endpoint: + type: string + description: "Override endpoint URL" + azure: + type: object + required: ["containerName", "config"] + properties: + containerName: + type: string + description: "Name of the Azure BLOB Storage container where the dump is stored" + prefix: + type: string + description: "Path in the container where the dump files are stored" + config: + type: string + description: "Name of a Secret with Azure BLOB Storage configuration and credentials" + persistentVolumeClaim: + type: object + description : "Specification of the PVC to be used. Used 'as is' in pod executing the backup." + x-kubernetes-preserve-unknown-fields: true + x-kubernetes-preserve-unknown-fields: true + deleteBackupData: + type: boolean + default: false + description: "Whether to delete the backup data in case the MySQLBackup object created by the job is deleted" + enabled: + type: boolean + default: true + description: "Whether the schedule is enabled or not" + timeZone: + type: string + description: "Timezone for the backup schedule, example: 'America/New_York'" + logs: + type: object + properties: + general: + type: object + properties: + enabled: + type: boolean + default: false + description: "Whether general logging should be enabled" + collect: + type: boolean + default: false + description: "Whether general logging data should be collected. Implies that the logging should be enabled." + error: + type: object + properties: + collect: + type: boolean + default: false + description: "Whether error logging data should be collected. Implies that the logging should be enabled. If enabled the error log will be switched to JSON format output" + verbosity: + type: integer + default: 3 + minimum: 1 + maximum: 3 + description: "Log error verbosity. For details, see the MySQL Server --log-error-verbosity documentation." + slowQuery: + type: object + properties: + enabled: + type: boolean + default: false + description: "Whether slow query logging should be enabled" + longQueryTime: + type: number + minimum: 0 + default: 10 + description: "Long query time threshold" + collect: + type: boolean + default: false + description: "Whether slow query logging data should be collected. Implies that the logging should be enabled." + collector: + type: object + oneOf: + - required: ["image", "fluentd"] + properties: + image: + type: string + description: "Name of an image, including registry and repository, to be used for the log collector sidecar. If provided it needs to be an image for the configured collector type." + containerName: + type: string + default: "logcollector" + description: "Name of the collector container sidecar" + env: + type: array + items: + type: object + description: "Environment variables to be passed to the image. Definition will be directly copied like podSpec fields are" + x-kubernetes-preserve-unknown-fields: true + fluentd: + type: object + description: "Properties of the fluentd log collector" + oneOf: + - required: ["sinks"] + properties: + generalLog: + type: object + properties: + tag: + type: string + default: "" + description: "Tag for the general log records" + options: + type: object + description: "fluentd specific options for the general log" + x-kubernetes-preserve-unknown-fields: true + errorLog: + type: object + properties: + tag: + type: string + default: "" + description: "Tag for the error log records" + options: + type: object + description: "fluentd specific options for the error log" + x-kubernetes-preserve-unknown-fields: true + slowQueryLog: + type: object + properties: + tag: + type: string + default: "" + description: "Tag for the slow log records" + options: + type: object + description: "fluentd specific options for the slow log" + x-kubernetes-preserve-unknown-fields: true + recordAugmentation: + type: object + properties: + enabled: + type: boolean + default: false + description: "Whether to enable record augmentation with additional data" + labels: + type: array + items: + type: object + required: ["fieldName", "labelName"] + properties: + fieldName: + type: string + description: "Name of the field added to the log record with value from labelName" + labelName: + type: string + description: "Name of the pod label that holds the value to be stored under fieldName in the log record" + annotations: + type: array + items: + type: object + required: ["fieldName", "annotationName"] + properties: + fieldName: + type: string + description: "Name of the field added to the log record with value from annotationName" + annotationName: + type: string + description: "Name of the pod label that holds the value to be stored under fieldName in the log record" + staticFields: + type: array + items: + type: object + required: ["fieldName", "fieldValue"] + properties: + fieldName: + type: string + description: "Name of the field added to the log record with value from fieldValue" + fieldValue: + type: string + description: "Value for the static field with name taken from fieldName" + podFields: + type: array + items: + type: object + required: ["fieldName", "fieldPath"] + properties: + fieldName: + type: string + description: "Name of the field added to the log record with value taken from a field with path stored in fieldPath" + fieldPath: + type: string + description: "Value for the field fieldName. The path should be of the same syntax as the one used for mounting environment variables from field reference - valueFrom.fieldRef.fieldPath . The field will be mounted in the pod as a environment variable, prefixed with a prefix and used then added to the log record. Examples for fieldRef are : spec.nodeName, metadata.namespace, status.podIP, etc." + resourceFields: + type: array + items: + type: object + required: ["fieldName", "containerName", "resource"] + properties: + fieldName: + type: string + description: "Name of the field added to the log record with value taken from a field with path stored in fieldPath" + containerName: + type: string + resource: + type: string + description: "See https://kubernetes.io/docs/tasks/inject-data-application/environment-variable-expose-pod-information/#use-container-fields-as-values-for-environment-variables" + additionalFilterConfiguration: + type: string + description: "Raw configuration of additional Fluentd filters to be added to the configuration file" + sinks: + type: array + items: + type: object + required: ["name", "rawConfig"] + x-kubernetes-preserve-unknown-fields: true + properties: + name: + type: string + description: "Name of the sink. Used only for documentation purposes" + rawConfig: + type: "string" + description: "Raw configuration of the sink" + + readReplicas: + type: array + items: + type: object + required: ["name", "baseServerId"] + properties: + name: + type: string + version: + type: string + pattern: '^\d+\.\d+\.\d+(-.+)?' + description: "MySQL Server version" + baseServerId: + type: integer + minimum: 0 + maximum: 4294967195 + default: 0 + description: "Base value for MySQL server_id for instances of the readReplica, if 0 it will be assigned automatically" + datadirVolumeClaimTemplate: + type: object + x-kubernetes-preserve-unknown-fields: true + description: "Template for a PersistentVolumeClaim, to be used as datadir" + mycnf: + type: string + description: "Custom configuration additions for my.cnf" + instances: + type: integer + minimum: 1 + maximum: 999 + default: 1 + description: "Number of MySQL instances for the set of read replica" + podSpec: + type: object + x-kubernetes-preserve-unknown-fields: true + podAnnotations: + type: object + x-kubernetes-preserve-unknown-fields: true + podLabels: + type: object + x-kubernetes-preserve-unknown-fields: true + status: + type: object + x-kubernetes-preserve-unknown-fields: true + subresources: + status: {} + additionalPrinterColumns: + - name: Status + type: string + description: Status of the InnoDB Cluster + jsonPath: .status.cluster.status + - name: Online + type: integer + description: Number of ONLINE InnoDB Cluster instances + jsonPath: .status.cluster.onlineInstances + - name: Instances + type: integer + description: Number of InnoDB Cluster instances configured + jsonPath: .spec.instances + - name: Routers + type: integer + description: Number of Router instances configured for the InnoDB Cluster + jsonPath: .spec.router.instances + - name: Age + type: date + jsonPath: .metadata.creationTimestamp + scope: Namespaced + names: + kind: InnoDBCluster + listKind: InnoDBClusterList + singular: innodbcluster + plural: innodbclusters + shortNames: + - ic + - ics +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: mysqlbackups.mysql.oracle.com +spec: + group: mysql.oracle.com + scope: Namespaced + names: + kind: MySQLBackup + listKind: MySQLBackupList + singular: mysqlbackup + plural: mysqlbackups + shortNames: + - mbk + versions: + - name: v2 + served: true + storage: true + schema: + openAPIV3Schema: + type: object + properties: + spec: + type: object + required: ["clusterName"] + properties: + clusterName: + type: string + backupProfileName: + type: string + backupProfile: + type: object + description: "backupProfile specification if backupProfileName is not specified" + x-kubernetes-preserve-unknown-fields: true + properties: + podAnnotations: + type: object + x-kubernetes-preserve-unknown-fields: true + podLabels: + type: object + x-kubernetes-preserve-unknown-fields: true + dumpInstance: + type: object + properties: + dumpOptions: + type: object + description: "A dictionary of key-value pairs passed directly to MySQL Shell's DumpInstance()" + x-kubernetes-preserve-unknown-fields: true + storage: + type: object + properties: + ociObjectStorage: + type: object + required: ["bucketName", "credentials"] + properties: + bucketName: + type: string + description: "Name of the OCI bucket where backup is stored" + prefix: + type: string + description: "Path in bucket where backup is stored" + credentials: + type: string + description: "Name of a Secret with data for accessing the bucket" + s3: + type: object + required: ["bucketName", "config"] + properties: + bucketName: + type: string + description: "Name of the S3 bucket where the dump is stored" + prefix: + type: string + description: "Path in the bucket where the dump files are stored" + config: + type: string + description: "Name of a Secret with S3 configuration and credentials" + profile: + type: string + default: "" + description: "Profile being used in configuration files" + endpoint: + type: string + description: "Override endpoint URL" + azure: + type: object + required: ["containerName", "config"] + properties: + containerName: + type: string + description: "Name of the Azure BLOB Storage container where the dump is stored" + prefix: + type: string + description: "Path in the container where the dump files are stored" + config: + type: string + description: "Name of a Secret with Azure BLOB Storage configuration and credentials" + persistentVolumeClaim: + type: object + description : "Specification of the PVC to be used. Used 'as is' in pod executing the backup." + x-kubernetes-preserve-unknown-fields: true + x-kubernetes-preserve-unknown-fields: true + addTimestampToBackupDirectory: + type: boolean + default: true + deleteBackupData: + type: boolean + default: false + status: + type: object + properties: + status: + type: string + startTime: + type: string + completionTime: + type: string + elapsedTime: + type: string + output: + type: string + method: + type: string + source: + type: string + bucket: + type: string + ociTenancy: + type: string + container: + type: string + spaceAvailable: + type: string + size: + type: string + message: + type: string + subresources: + status: {} + additionalPrinterColumns: + - name: Cluster + type: string + description: Name of the target cluster + jsonPath: .spec.clusterName + - name: Status + type: string + description: Status of the Backup + jsonPath: .status.status + - name: Output + type: string + description: Name of the produced file/directory + jsonPath: .status.output + - name: Age + type: date + jsonPath: .metadata.creationTimestamp +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: clusterkopfpeerings.zalando.org +spec: + scope: Cluster + group: zalando.org + names: + kind: ClusterKopfPeering + plural: clusterkopfpeerings + singular: clusterkopfpeering + versions: + - name: v1 + served: true + storage: true + schema: + openAPIV3Schema: + type: object + properties: + status: + type: object + x-kubernetes-preserve-unknown-fields: true +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kopfpeerings.zalando.org +spec: + scope: Namespaced + group: zalando.org + names: + kind: KopfPeering + plural: kopfpeerings + singular: kopfpeering + versions: + - name: v1 + served: true + storage: true + schema: + openAPIV3Schema: + type: object + properties: + status: + type: object + x-kubernetes-preserve-unknown-fields: true diff --git a/data/mysql_mysql-operator/deploy-operator.yaml b/data/mysql_mysql-operator/deploy-operator.yaml new file mode 100644 index 0000000000..51ac92910e --- /dev/null +++ b/data/mysql_mysql-operator/deploy-operator.yaml @@ -0,0 +1,199 @@ +# The main role for the operator +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: mysql-operator +rules: + - apiGroups: [""] + resources: ["pods"] + verbs: ["get", "list", "watch", "patch"] + - apiGroups: [""] + resources: ["pods/status"] + verbs: ["get", "patch", "update", "watch"] + # Kopf needs patch on secrets or the sidecar will throw + # The operator needs this verb to be able to pass it to the sidecar + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "create", "list", "watch", "patch"] + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get", "create", "update", "list", "watch", "patch", "delete"] + - apiGroups: [""] + resources: ["services"] + verbs: ["get", "create", "list", "update", "delete", "patch"] + - apiGroups: [""] + resources: ["serviceaccounts"] + verbs: ["get", "create", "patch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["create", "patch", "update"] + - apiGroups: ["rbac.authorization.k8s.io"] + resources: ["rolebindings"] + verbs: ["get", "create"] + - apiGroups: ["policy"] + resources: ["poddisruptionbudgets"] + verbs: ["get", "create"] + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create"] + - apiGroups: ["batch"] + resources: ["cronjobs"] + verbs: ["get", "create", "update", "delete"] + - apiGroups: ["apps"] + resources: ["deployments", "statefulsets"] + verbs: ["get", "create", "patch", "update", "watch", "delete"] + - apiGroups: ["mysql.oracle.com"] + resources: ["*"] + verbs: ["*"] + - apiGroups: ["zalando.org"] + resources: ["*"] + verbs: ["get", "patch", "list", "watch"] + # Kopf: runtime observation of namespaces & CRDs (addition/deletion). + - apiGroups: [apiextensions.k8s.io] + resources: [customresourcedefinitions] + verbs: [list, watch] + - apiGroups: [""] + resources: [namespaces] + verbs: [list, watch] + - apiGroups: ["monitoring.coreos.com"] + resources: ["servicemonitors"] + verbs: ["get", "create", "patch", "update", "delete"] +--- +# role for the server sidecar +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: mysql-sidecar +rules: + - apiGroups: [""] + resources: ["pods"] + verbs: ["get", "list", "watch", "patch"] + - apiGroups: [""] + resources: ["pods/status"] + verbs: ["get", "patch", "update", "watch"] + # Kopf needs patch on secrets or the sidecar will throw + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "create", "list", "watch", "patch"] + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get", "create", "list", "watch", "patch"] + - apiGroups: [""] + resources: ["services"] + verbs: ["get", "create", "list", "update"] + - apiGroups: [""] + resources: ["serviceaccounts"] + verbs: ["get", "create"] + - apiGroups: [""] + resources: ["events"] + verbs: ["create", "patch", "update"] + - apiGroups: ["apps"] + resources: ["deployments"] + verbs: ["get", "patch"] + - apiGroups: ["mysql.oracle.com"] + resources: ["innodbclusters"] + verbs: ["get", "watch", "list"] + - apiGroups: ["mysql.oracle.com"] + resources: ["mysqlbackups"] + verbs: ["create", "get", "list", "patch", "update", "watch", "delete"] + - apiGroups: ["mysql.oracle.com"] + resources: ["mysqlbackups/status"] + verbs: ["get", "patch", "update", "watch"] +--- +# Give access to the operator +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: mysql-operator-rolebinding +subjects: + - kind: ServiceAccount + name: mysql-operator-sa + namespace: mysql-operator + # TODO The following entry is for dev purposes only + #- kind: Group + # name: system:serviceaccounts + # apiGroup: rbac.authorization.k8s.io +roleRef: + kind: ClusterRole + name: mysql-operator + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: zalando.org/v1 +kind: ClusterKopfPeering +metadata: + name: mysql-operator +--- +apiVersion: v1 +kind: Namespace +metadata: + name: mysql-operator +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: mysql-operator-sa + namespace: mysql-operator +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: mysql-operator + namespace: mysql-operator + labels: + version: "1.0" + app.kubernetes.io/name: mysql-operator + app.kubernetes.io/instance: mysql-operator + app.kubernetes.io/version: 8.3.0-2.1.2 + app.kubernetes.io/component: controller + app.kubernetes.io/managed-by: mysql-operator + app.kubernetes.io/created-by: mysql-operator +spec: + replicas: 1 + selector: + matchLabels: + name: mysql-operator + template: + metadata: + labels: + name: mysql-operator + spec: + containers: + - name: mysql-operator + image: container-registry.oracle.com/mysql/community-operator:8.3.0-2.1.2 + imagePullPolicy: IfNotPresent + args: + [ + "mysqlsh", + "--log-level=@INFO", + "--pym", + "mysqloperator", + "operator", + ] + env: + - name: MYSQLSH_USER_CONFIG_HOME + value: /mysqlsh + - name: MYSQLSH_CREDENTIAL_STORE_SAVE_PASSWORDS + value: never + readinessProbe: + exec: + command: + - cat + - /tmp/mysql-operator-ready + initialDelaySeconds: 1 + periodSeconds: 3 + volumeMounts: + - name: mysqlsh-home + mountPath: /mysqlsh + - name: tmpdir + mountPath: /tmp + securityContext: + runAsUser: 2 + allowPrivilegeEscalation: false + privileged: false + readOnlyRootFilesystem: true + volumes: + - name: mysqlsh-home + emptyDir: {} + - name: tmpdir + emptyDir: {} + serviceAccountName: mysql-operator-sa diff --git a/data/mysql_mysql-operator/mysql-operator-config.json b/data/mysql_mysql-operator/mysql-operator-config.json new file mode 100644 index 0000000000..9408b0460f --- /dev/null +++ b/data/mysql_mysql-operator/mysql-operator-config.json @@ -0,0 +1,36 @@ +{ + "deploy": { + "steps": [ + { + "apply": { + "file": "data/mysql_mysql-operator/deploy-crds.yaml", + "namespace": "default" + } + }, + { + "wait": { + "duration": 10 + } + }, + { + "apply": { + "file": "data/mysql_mysql-operator/deploy-operator.yaml", + "operator": true + } + }, + { + "wait": { + "duration": 10 + } + }, + { + "apply": { + "file": "data/mysql_mysql-operator/secret.yaml", + "operator": true + } + } + ] + }, + "crd_name": "innodbclusters.mysql.oracle.com", + "seed_custom_resource": "data/mysql_mysql-operator/cr.yaml" +} \ No newline at end of file diff --git a/data/mysql_mysql-operator/mysql-operator-cr.yaml b/data/mysql_mysql-operator/mysql-operator-cr.yaml new file mode 100644 index 0000000000..5f51680aea --- /dev/null +++ b/data/mysql_mysql-operator/mysql-operator-cr.yaml @@ -0,0 +1,23 @@ +# Copyright (c) 2020, 2022, Oracle and/or its affiliates. +# +# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/ +# +# This sample creates a simple InnoDB Cluster with help from the MySQL Operator. +# This yields: +# 3 MySQL Server Pods; one primary and two secondaries +# 1 MySQL Router Pod +# It uses self-signed TLS certificates. +# It requires a deployed Operator (e.g., deploy/deploy-operator.yaml), +# and requires root user credentials provided by a Kubernetes Secret; +# the Secret is named mypwds in this case (e.g., sample-secret.yaml) +# +apiVersion: mysql.oracle.com/v2 +kind: InnoDBCluster +metadata: + name: test-cluster +spec: + secretName: mypwds + instances: 3 + router: + instances: 1 + tlsUseSelfSigned: true diff --git a/data/mysql_mysql-operator/secret.yaml b/data/mysql_mysql-operator/secret.yaml new file mode 100644 index 0000000000..20c7663784 --- /dev/null +++ b/data/mysql_mysql-operator/secret.yaml @@ -0,0 +1,19 @@ +# Copyright (c) 2020, 2022, Oracle and/or its affiliates. +# +# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/ +# +# This sample adds a Secret to reference from an InnoDBCluster manifest. +# It's used to create a privileged MySQL user, a user used by a sysadmin to manage the cluster. +# Although typically named "root", it can be a different name. +# Note: MySQL Operator creates additional (internal) Secrets and MySQL users. +# +# This file requires editing before deployment; other samples here reference the name 'mypwds' +# +apiVersion: v1 +kind: Secret +metadata: + name: mypwds +stringData: + rootUser: root + rootHost: '%' + rootPassword: password