apiVersion: ps.percona.com/v1 kind: PerconaServerMySQL metadata: finalizers: - percona.com/delete-mysql-pods-in-order # - percona.com/delete-ssl # - percona.com/delete-mysql-pvc name: ps-cluster1 spec: # metadata: # annotations: # service.beta.kubernetes.io/aws-load-balancer-backend-protocol: tcp # service.beta.kubernetes.io/aws-load-balancer-type: nlb # labels: # rack: rack-22 # unsafeFlags: # mysqlSize: false # orchestrator: false # orchestratorSize: false # proxy: false # proxySize: false # pause: false crVersion: 1.1.0 # enableVolumeExpansion: false secretsName: ps-cluster1-secrets sslSecretName: ps-cluster1-ssl updateStrategy: SmartUpdate upgradeOptions: apply: disabled versionServiceEndpoint: https://check.percona.com # initContainer: # containerSecurityContext: # privileged: false # runAsGroup: 1001 # runAsUser: 1001 # image: perconalab/percona-server-mysql-operator:main # resources: # limits: # cpu: 100m # memory: 100M # requests: # cpu: 200m # memory: 200M # ignoreAnnotations: # - service.beta.kubernetes.io/aws-load-balancer-backend-protocol # ignoreLabels: # - rack # tls: # SANs: # - mysql-1.example.com # - mysql-2.example.com # - mysql-3.example.com # issuerConf: # group: cert-manager.io # kind: ClusterIssuer # name: special-selfsigned-issuer mysql: clusterType: group-replication autoRecovery: true # vaultSecretName: ps-cluster1-vault size: 3 image: perconalab/percona-server-mysql-operator:main-psmysql8.4 imagePullPolicy: Always # imagePullSecrets: # - name: my-secret-1 # - name: my-secret-2 # runtimeClassName: image-rc # tolerations: # - effect: NoExecute # key: node.alpha.kubernetes.io/unreachable # operator: Exists # tolerationSeconds: 6000 # annotations: # service.beta.kubernetes.io/aws-load-balancer-backend-protocol: tcp # service.beta.kubernetes.io/aws-load-balancer-type: nlb # labels: # rack: rack-22 # nodeSelector: # topology.kubernetes.io/zone: us-east-1a # priorityClassName: high-priority # schedulerName: default-scheduler # serviceAccountName: some-service-account gracePeriod: 600 # initContainer: # containerSecurityContext: # privileged: false # runAsGroup: 1001 # runAsUser: 1001 # image: perconalab/percona-server-mysql-operator:main # resources: # limits: # cpu: 100m # memory: 100M # requests: # cpu: 200m # memory: 200M # env: # - name: BOOTSTRAP_READ_TIMEOUT # value: "600" # envFrom: # - secretRef: # name: mysql-env-secret podDisruptionBudget: maxUnavailable: 1 # minAvailable: 0 resources: limits: memory: 4Gi requests: memory: 2Gi # startupProbe: # failureThreshold: 1 # initialDelaySeconds: 15 # periodSeconds: 10 # successThreshold: 1 # timeoutSeconds: 43200 # readinessProbe: # failureThreshold: 3 # initialDelaySeconds: 30 # periodSeconds: 5 # successThreshold: 1 # timeoutSeconds: 3 # livenessProbe: # failureThreshold: 3 # initialDelaySeconds: 15 # periodSeconds: 10 # successThreshold: 1 # timeoutSeconds: 10 affinity: # advanced: # nodeAffinity: # requiredDuringSchedulingIgnoredDuringExecution: # nodeSelectorTerms: # - matchExpressions: # - key: kubernetes.io/e2e-az-name # operator: In # values: # - e2e-az1 # - e2e-az2 antiAffinityTopologyKey: kubernetes.io/hostname # topologySpreadConstraints: # - labelSelector: # matchLabels: # app.kubernetes.io/name: percona-server # maxSkew: 1 # topologyKey: kubernetes.io/hostname # whenUnsatisfiable: DoNotSchedule # containerSecurityContext: # privileged: false # runAsGroup: 1001 # runAsUser: 1001 # podSecurityContext: # fsGroup: 1001 # supplementalGroups: # - 1001 # - 1002 # - 1003 exposePrimary: # annotations: # service.beta.kubernetes.io/aws-load-balancer-backend-protocol: tcp # service.beta.kubernetes.io/aws-load-balancer-type: nlb enabled: true # externalTrafficPolicy: Cluster # internalTrafficPolicy: Cluster # labels: # rack: rack-22 # loadBalancerSourceRanges: # - 10.0.0.0/8 # type: ClusterIP # expose: # annotations: # service.beta.kubernetes.io/aws-load-balancer-backend-protocol: tcp # service.beta.kubernetes.io/aws-load-balancer-type: nlb # enabled: false # externalTrafficPolicy: Cluster # internalTrafficPolicy: Cluster # labels: # rack: rack-22 # loadBalancerSourceRanges: # - 10.0.0.0/8 # type: ClusterIP volumeSpec: # emptyDir: {} # hostPath: # path: /data # type: Directory persistentVolumeClaim: # accessModes: # - ReadWriteOnce resources: requests: storage: 2Gi # storageClassName: standard # configuration: |- # max_connections=250 # innodb_buffer_pool_size={{containerMemoryLimit * 3/4}} # sidecars: # - command: # - sleep # - 30d # image: busybox # imagePullPolicy: Always # lifecycle: {} # livenessProbe: {} # name: noop-memory # readinessProbe: {} # resources: # requests: # memory: 16M # securityContext: {} # startupProbe: {} # volumeMounts: # - mountPath: /var/log/app/memory # name: memory-vol # - command: # - sleep # - 30d # image: busybox # imagePullPolicy: Always # lifecycle: {} # livenessProbe: {} # name: noop-pvc # readinessProbe: {} # resources: # requests: # memory: 16M # securityContext: {} # startupProbe: {} # volumeMounts: # - mountPath: /var/log/app/memory # name: memory-vol # sidecarVolumes: # - emptyDir: # medium: Memory # name: memory-vol # sidecarPVCs: # - name: pvc-vol # spec: # resources: # requests: # storage: 1Gi proxy: haproxy: enabled: true # expose: # annotations: # service.beta.kubernetes.io/aws-load-balancer-backend-protocol: tcp # service.beta.kubernetes.io/aws-load-balancer-type: nlb # externalTrafficPolicy: Cluster # internalTrafficPolicy: Cluster # labels: # rack: rack-22 # loadBalancerSourceRanges: # - 10.0.0.0/8 # type: ClusterIP size: 3 image: perconalab/percona-server-mysql-operator:main-haproxy imagePullPolicy: Always # imagePullSecrets: # - name: my-secret-1 # - name: my-secret-2 # runtimeClassName: image-rc # tolerations: # - effect: NoExecute # key: node.alpha.kubernetes.io/unreachable # operator: Exists # tolerationSeconds: 6000 # annotations: # service.beta.kubernetes.io/aws-load-balancer-backend-protocol: tcp # service.beta.kubernetes.io/aws-load-balancer-type: nlb # labels: # rack: rack-22 # nodeSelector: # topology.kubernetes.io/zone: us-east-1a # priorityClassName: high-priority # schedulerName: default-scheduler # serviceAccountName: some-service-account gracePeriod: 30 # initContainer: # containerSecurityContext: # privileged: false # runAsGroup: 1001 # runAsUser: 1001 # image: perconalab/percona-server-mysql-operator:main # resources: # limits: # cpu: 100m # memory: 100M # requests: # cpu: 200m # memory: 200M # env: # - name: HA_CONNECTION_TIMEOUT # value: "600" # envFrom: # - secretRef: # name: haproxy-env-secret podDisruptionBudget: maxUnavailable: 1 # minAvailable: 0 resources: # limits: # cpu: 700m # memory: 1Gi requests: cpu: 600m memory: 1Gi # startupProbe: # failureThreshold: 3 # periodSeconds: 5 # successThreshold: 1 # timeoutSeconds: 3 # readinessProbe: # failureThreshold: 3 # initialDelaySeconds: 15 # periodSeconds: 5 # successThreshold: 1 # timeoutSeconds: 1 # livenessProbe: # failureThreshold: 4 # initialDelaySeconds: 60 # periodSeconds: 30 # successThreshold: 1 # timeoutSeconds: 3 affinity: # advanced: # nodeAffinity: # requiredDuringSchedulingIgnoredDuringExecution: # nodeSelectorTerms: # - matchExpressions: # - key: kubernetes.io/e2e-az-name # operator: In # values: # - e2e-az1 # - e2e-az2 antiAffinityTopologyKey: kubernetes.io/hostname # topologySpreadConstraints: # - labelSelector: # matchLabels: # app.kubernetes.io/name: percona-server # maxSkew: 1 # topologyKey: kubernetes.io/hostname # whenUnsatisfiable: DoNotSchedule # containerSecurityContext: # privileged: false # runAsGroup: 1001 # runAsUser: 1001 # podSecurityContext: # fsGroup: 1001 # supplementalGroups: # - 1001 # - 1002 # - 1003 # configuration: |- # # the actual default configuration file can be found here https://github.com/percona/percona-server-mysql-operator/blob/main/build/haproxy-global.cfg # # global # maxconn 2048 # external-check # insecure-fork-wanted # stats socket /etc/haproxy/mysql/haproxy.sock mode 600 expose-fd listeners level admin # # defaults # default-server init-addr last,libc,none # log global # mode tcp # retries 10 # timeout client 28800s # timeout connect 100500 # timeout server 28800s # # frontend mysql-primary-in # bind *:3309 accept-proxy # bind *:3306 # mode tcp # option clitcpka # default_backend mysql-primary # # frontend mysql-replicas-in # bind *:3307 # mode tcp # option clitcpka # default_backend mysql-replicas # # frontend stats # bind *:8404 # mode http # http-request use-service prometheus-exporter if { path /metrics } router: enabled: false # expose: # annotations: # service.beta.kubernetes.io/aws-load-balancer-backend-protocol: tcp # service.beta.kubernetes.io/aws-load-balancer-type: nlb # externalTrafficPolicy: Cluster # internalTrafficPolicy: Cluster # labels: # rack: rack-22 # loadBalancerSourceRanges: # - 10.0.0.0/8 # type: ClusterIP size: 3 image: perconalab/percona-server-mysql-operator:main-router8.4 imagePullPolicy: Always # imagePullSecrets: # - name: my-secret-1 # - name: my-secret-2 # runtimeClassName: image-rc # tolerations: # - effect: NoExecute # key: node.alpha.kubernetes.io/unreachable # operator: Exists # tolerationSeconds: 6000 # annotations: # service.beta.kubernetes.io/aws-load-balancer-backend-protocol: tcp # service.beta.kubernetes.io/aws-load-balancer-type: nlb # labels: # rack: rack-22 # nodeSelector: # topology.kubernetes.io/zone: us-east-1a # priorityClassName: high-priority # schedulerName: default-scheduler # serviceAccountName: some-service-account gracePeriod: 30 # initContainer: # containerSecurityContext: # privileged: false # runAsGroup: 1001 # runAsUser: 1001 # image: perconalab/percona-server-mysql-operator:main # resources: # limits: # cpu: 100m # memory: 100M # requests: # cpu: 200m # memory: 200M # env: # - name: ROUTER_ENV # value: VALUE # envFrom: # - secretRef: # name: router-env-secret podDisruptionBudget: maxUnavailable: 1 # minAvailable: 0 resources: limits: memory: 256M requests: memory: 256M # startupProbe: # failureThreshold: 1 # initialDelaySeconds: 5 # periodSeconds: 5 # successThreshold: 1 # timeoutSeconds: 3 # readinessProbe: # failureThreshold: 3 # periodSeconds: 5 # successThreshold: 1 # timeoutSeconds: 3 # livenessProbe: # failureThreshold: 3 # periodSeconds: 5 # successThreshold: 1 # timeoutSeconds: 3 affinity: # advanced: # nodeAffinity: # requiredDuringSchedulingIgnoredDuringExecution: # nodeSelectorTerms: # - matchExpressions: # - key: kubernetes.io/e2e-az-name # operator: In # values: # - e2e-az1 # - e2e-az2 antiAffinityTopologyKey: kubernetes.io/hostname # topologySpreadConstraints: # - labelSelector: # matchLabels: # app.kubernetes.io/name: percona-server # maxSkew: 1 # topologyKey: kubernetes.io/hostname # whenUnsatisfiable: DoNotSchedule # containerSecurityContext: # privileged: false # runAsGroup: 1001 # runAsUser: 1001 # podSecurityContext: # fsGroup: 1001 # supplementalGroups: # - 1001 # - 1002 # - 1003 # ports: # - name: http # port: 8443 # targetPort: 0 # - name: rw-default # port: 3306 # targetPort: 6446 # - name: read-write # port: 6446 # targetPort: 0 # - name: read-only # port: 6447 # targetPort: 0 # - name: x-read-write # port: 6448 # targetPort: 0 # - name: x-read-only # port: 6449 # targetPort: 0 # - name: x-default # port: 33060 # targetPort: 0 # - name: rw-admin # port: 33062 # targetPort: 0 # - name: custom-port # port: 1111 # targetPort: 6446 # configuration: |- # [default] # logging_folder=/tmp/router/log # [logger] # level=DEBUG orchestrator: enabled: false # expose: # annotations: # service.beta.kubernetes.io/aws-load-balancer-backend-protocol: tcp # service.beta.kubernetes.io/aws-load-balancer-type: nlb # externalTrafficPolicy: Cluster # internalTrafficPolicy: Cluster # labels: # rack: rack-22 # loadBalancerSourceRanges: # - 10.0.0.0/8 # type: ClusterIP size: 3 image: perconalab/percona-server-mysql-operator:main-orchestrator imagePullPolicy: Always # imagePullSecrets: # - name: my-secret-1 # - name: my-secret-2 # runtimeClassName: image-rc # tolerations: # - effect: NoExecute # key: node.alpha.kubernetes.io/unreachable # operator: Exists # tolerationSeconds: 6000 # annotations: # service.beta.kubernetes.io/aws-load-balancer-backend-protocol: tcp # service.beta.kubernetes.io/aws-load-balancer-type: nlb # labels: # rack: rack-22 # nodeSelector: # topology.kubernetes.io/zone: us-east-1a # priorityClassName: high-priority # schedulerName: default-scheduler # serviceAccountName: percona-server-mysql-operator-orchestrator gracePeriod: 30 # initContainer: # containerSecurityContext: # privileged: false # runAsGroup: 1001 # runAsUser: 1001 # image: perconalab/percona-server-mysql-operator:main # resources: # limits: # cpu: 100m # memory: 100M # requests: # cpu: 200m # memory: 200M # env: # - name: ORC_ENV # value: VALUE # envFrom: # - secretRef: # name: orc-env-secret podDisruptionBudget: maxUnavailable: 1 # minAvailable: 0 resources: limits: memory: 256M requests: memory: 128M # startupProbe: # failureThreshold: 3 # periodSeconds: 5 # successThreshold: 1 # timeoutSeconds: 3 # readinessProbe: # failureThreshold: 3 # periodSeconds: 5 # successThreshold: 1 # timeoutSeconds: 3 # livenessProbe: # failureThreshold: 3 # periodSeconds: 5 # successThreshold: 1 # timeoutSeconds: 3 affinity: # advanced: # nodeAffinity: # requiredDuringSchedulingIgnoredDuringExecution: # nodeSelectorTerms: # - matchExpressions: # - key: kubernetes.io/e2e-az-name # operator: In # values: # - e2e-az1 # - e2e-az2 antiAffinityTopologyKey: kubernetes.io/hostname # topologySpreadConstraints: # - labelSelector: # matchLabels: # app.kubernetes.io/name: percona-server # maxSkew: 1 # topologyKey: kubernetes.io/hostname # whenUnsatisfiable: DoNotSchedule # containerSecurityContext: # privileged: false # runAsGroup: 1001 # runAsUser: 1001 # podSecurityContext: # supplementalGroups: # - 1001 configuration: "" pmm: enabled: false image: perconalab/pmm-client:3-dev-latest imagePullPolicy: Always serverHost: monitoring-service # mysqlParams: PMM_ADMIN_CUSTOM_PARAMS # containerSecurityContext: # privileged: false # runAsGroup: 1001 # runAsUser: 1001 resources: # limits: # cpu: 400m # memory: 256M requests: cpu: 300m memory: 150M livenessProbe: failureThreshold: 3 periodSeconds: 5 successThreshold: 1 timeoutSeconds: 3 readinessProbe: failureThreshold: 3 periodSeconds: 5 successThreshold: 1 timeoutSeconds: 3 backup: enabled: true pitr: enabled: false # sourcePod: ps-cluster1-mysql-1 image: perconalab/percona-server-mysql-operator:main-backup8.4 imagePullPolicy: Always # imagePullSecrets: # - name: my-secret-1 # - name: my-secret-2 # schedule: # - keep: 3 # name: sat-night-backup # schedule: 0 0 * * 6 # storageName: s3-us-west # - keep: 5 # name: daily-backup # schedule: 0 0 * * * # storageName: s3 # backoffLimit: 6 # serviceAccountName: some-service-account # initContainer: # containerSecurityContext: # privileged: false # runAsGroup: 1001 # runAsUser: 1001 # image: perconalab/percona-server-mysql-operator:main # resources: # limits: # cpu: 100m # memory: 100M # requests: # cpu: 200m # memory: 200M # containerSecurityContext: # privileged: false # runAsGroup: 1001 # runAsUser: 1001 # resources: # limits: # cpu: 100m # memory: 100M # requests: # cpu: 200m # memory: 200M storages: # azure-blob: # azure: # container: CONTAINER-NAME # credentialsSecret: SECRET-NAME # endpointUrl: https://accountName.blob.core.windows.net # prefix: PREFIX-NAME # storageClass: Cool # containerOptions: # args: # xbcloud: # - --someflag=abc # xbstream: # - --someflag=abc # xtrabackup: # - --someflag=abc # env: # - name: CUSTOM_VAR # value: "false" # containerSecurityContext: # privileged: false # runAsGroup: 1001 # runAsUser: 1001 # podSecurityContext: # fsGroup: 1001 # supplementalGroups: # - 1001 # - 1002 # - 1003 # resources: # limits: # cpu: 100m # memory: 100M # requests: # cpu: 200m # memory: 200M # tolerations: # - effect: NoExecute # key: node.alpha.kubernetes.io/unreachable # operator: Exists # tolerationSeconds: 6000 # topologySpreadConstraints: # - labelSelector: # matchLabels: # app.kubernetes.io/name: percona-server # maxSkew: 1 # topologyKey: kubernetes.io/hostname # whenUnsatisfiable: DoNotSchedule # type: azure # verifyTLS: null # gcp-cs: # containerOptions: # args: # xbcloud: # - --someflag=abc # xbstream: # - --someflag=abc # xtrabackup: # - --someflag=abc # env: # - name: CUSTOM_VAR # value: "false" # containerSecurityContext: # privileged: false # runAsGroup: 1001 # runAsUser: 1001 # gcs: # bucket: BUCKET-NAME # credentialsSecret: SECRET-NAME # endpointUrl: https://storage.googleapis.com # prefix: PREFIX-NAME # storageClass: "" # podSecurityContext: # fsGroup: 1001 # supplementalGroups: # - 1001 # - 1002 # - 1003 # resources: # limits: # cpu: 100m # memory: 100M # requests: # cpu: 200m # memory: 200M # tolerations: # - effect: NoExecute # key: node.alpha.kubernetes.io/unreachable # operator: Exists # tolerationSeconds: 6000 # topologySpreadConstraints: # - labelSelector: # matchLabels: # app.kubernetes.io/name: percona-server # maxSkew: 1 # topologyKey: kubernetes.io/hostname # whenUnsatisfiable: DoNotSchedule # type: gcs s3-us-west: # affinity: # nodeAffinity: # requiredDuringSchedulingIgnoredDuringExecution: # nodeSelectorTerms: # - matchExpressions: # - key: kubernetes.io/e2e-az-name # operator: In # values: # - e2e-az1 # - e2e-az2 # annotations: # testName: scheduled-backup # containerOptions: # args: # xbcloud: # - --someflag=abc # xbstream: # - --someflag=abc # xtrabackup: # - --someflag=abc # env: # - name: CUSTOM_VAR # value: "false" # containerSecurityContext: # privileged: false # runAsGroup: 1001 # runAsUser: 1001 # labels: # backupWorker: "True" # nodeSelector: # topology.kubernetes.io/zone: us-east-1a # podSecurityContext: # fsGroup: 1001 # supplementalGroups: # - 1001 # - 1002 # - 1003 # priorityClassName: high-priority # resources: # limits: # cpu: 100m # memory: 100M # requests: # cpu: 200m # memory: 200M # runtimeClassName: image-rc s3: bucket: S3-BACKUP-BUCKET-NAME-HERE credentialsSecret: ps-cluster1-s3-credentials # endpointUrl: https://s3.amazonaws.com # prefix: PREFIX_NAME region: us-west-2 # schedulerName: default-scheduler # tolerations: # - effect: NoExecute # key: node.alpha.kubernetes.io/unreachable # operator: Exists # tolerationSeconds: 6000 # topologySpreadConstraints: # - labelSelector: # matchLabels: # app.kubernetes.io/name: percona-server # maxSkew: 1 # topologyKey: kubernetes.io/hostname # whenUnsatisfiable: DoNotSchedule type: s3 verifyTLS: true # volumeSpec: # emptyDir: {} # hostPath: # path: /data # type: Directory # persistentVolumeClaim: # accessModes: # - ReadWriteOnce # resources: # requests: # storage: 2Gi # storageClassName: standard toolkit: image: perconalab/percona-server-mysql-operator:main-toolkit imagePullPolicy: Always # imagePullSecrets: # - name: my-secret-1 # - name: my-secret-2 # env: # - name: TOOLKIT_ENV # value: VALUE # envFrom: # - secretRef: # name: toolkit-env-secret # resources: # limits: # cpu: 400m # memory: 256M # requests: # cpu: 100m # memory: 150M # containerSecurityContext: # privileged: false # runAsGroup: 1001 # runAsUser: 1001 # startupProbe: # failureThreshold: 3 # periodSeconds: 5 # successThreshold: 1 # timeoutSeconds: 3 # readinessProbe: # failureThreshold: 3 # periodSeconds: 5 # successThreshold: 1 # timeoutSeconds: 3 # livenessProbe: # failureThreshold: 3 # periodSeconds: 5 # successThreshold: 1 # timeoutSeconds: 3