From 42960250b86355e90a7f7bc717be7a079d941499 Mon Sep 17 00:00:00 2001 From: Julio Pasinatto Date: Mon, 25 Nov 2024 08:04:47 -0300 Subject: [PATCH 01/21] K8SPXC-1446 - Update PXC charts for 1.16.0 release --- charts/pxc-db/Chart.yaml | 4 ++-- charts/pxc-db/README.md | 4 ++-- charts/pxc-db/values.yaml | 4 ++-- charts/pxc-operator/Chart.yaml | 4 ++-- charts/pxc-operator/README.md | 4 ++-- 5 files changed, 10 insertions(+), 10 deletions(-) diff --git a/charts/pxc-db/Chart.yaml b/charts/pxc-db/Chart.yaml index 061ea223..1e591d5e 100644 --- a/charts/pxc-db/Chart.yaml +++ b/charts/pxc-db/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: 1.15.1 +appVersion: 1.16.0 description: A Helm chart for installing Percona XtraDB Cluster Databases using the PXC Operator. name: pxc-db home: https://www.percona.com/doc/kubernetes-operator-for-pxc/kubernetes.html -version: 1.15.1 +version: 1.16.0 maintainers: - name: tplavcic email: tomislav.plavcic@percona.com diff --git a/charts/pxc-db/README.md b/charts/pxc-db/README.md index 08a04306..d66d2d01 100644 --- a/charts/pxc-db/README.md +++ b/charts/pxc-db/README.md @@ -20,14 +20,14 @@ To install the chart with the `pxc` release name using a dedicated namespace (re ```sh helm repo add percona https://percona.github.io/percona-helm-charts/ -helm install my-db percona/pxc-db --version 1.15.1 --namespace my-namespace +helm install my-db percona/pxc-db --version 1.16.0 --namespace my-namespace ``` The chart can be customized using the following configurable parameters: | Parameter | Description | Default | | ------------------------------------------------- | ---------------------------------------------------------------------------------------------------- | ------------------------------------ | -| `crVersion` | Version of the Operator the Custom Resource belongs to | `1.15.1` | +| `crVersion` | Version of the Operator the Custom Resource belongs to | `1.16.0` | | `ignoreAnnotations` | Operator will not remove following annotations | `[]` | | `ignoreLabels` | Operator will not remove following labels | `[]` | | `pause` | Stop PXC Database safely | `false` | diff --git a/charts/pxc-db/values.yaml b/charts/pxc-db/values.yaml index e710e65f..be7d1f43 100644 --- a/charts/pxc-db/values.yaml +++ b/charts/pxc-db/values.yaml @@ -19,7 +19,7 @@ annotations: {} operatorImageRepository: percona/percona-xtradb-cluster-operator -crVersion: 1.15.1 +crVersion: 1.16.0 enableVolumeExpansion: false @@ -29,7 +29,7 @@ ignoreLabels: [] # - rack pause: false # initContainer: -# image: "percona/percona-xtradb-cluster-operator:1.15.1" +# image: "percona/percona-xtradb-cluster-operator:1.16.0" # resources: # requests: # memory: 100M diff --git a/charts/pxc-operator/Chart.yaml b/charts/pxc-operator/Chart.yaml index 0ef7970e..379e9f22 100644 --- a/charts/pxc-operator/Chart.yaml +++ b/charts/pxc-operator/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: 1.15.1 +appVersion: 1.16.0 description: A Helm chart for deploying the Percona Operator for MySQL (based on Percona XtraDB Cluster) name: pxc-operator home: https://docs.percona.com/percona-operator-for-mysql/pxc/ -version: 1.15.1 +version: 1.16.0 maintainers: - name: tplavcic email: tomislav.plavcic@percona.com diff --git a/charts/pxc-operator/README.md b/charts/pxc-operator/README.md index 93b4aa3f..7c14a900 100644 --- a/charts/pxc-operator/README.md +++ b/charts/pxc-operator/README.md @@ -19,14 +19,14 @@ To install the chart with the `pxc` release name using a dedicated namespace (re ```sh helm repo add percona https://percona.github.io/percona-helm-charts/ -helm install my-operator percona/pxc-operator --version 1.15.1 --namespace my-namespace +helm install my-operator percona/pxc-operator --version 1.16.0 --namespace my-namespace ``` The chart can be customized using the following configurable parameters: | Parameter | Description | Default | | ------------------------------- | -----------------------------------------------------------------------------------------------| -------------------------------------------------| -| `image` | PXC Operator Container image full path | `percona/percona-xtradb-cluster-operator:1.15.1` | +| `image` | PXC Operator Container image full path | `percona/percona-xtradb-cluster-operator:1.16.0` | | `imagePullPolicy` | PXC Operator Container pull policy | `Always` | | `containerSecurityContext` | PXC Operator Container securityContext | `{}` | | `imagePullSecrets` | PXC Operator Pod pull secret | `[]` | From 395fddfcaa368633d2e228db7c168a9b7947ce52 Mon Sep 17 00:00:00 2001 From: Eleonora Zinchenko Date: Mon, 25 Nov 2024 21:31:44 +0200 Subject: [PATCH 02/21] K8SPXC-1456: Add securityContexts for initContainer to helm charts (#430) * K8SPXC-1456: Add securityContexts for initContainer to helm charts --- charts/pxc-db/README.md | 1 + charts/pxc-db/templates/cluster.yaml | 4 ++ charts/pxc-db/values.yaml | 4 ++ charts/pxc-operator/crds/crd.yaml | 72 ++++++++++++++++++++++++++++ 4 files changed, 81 insertions(+) diff --git a/charts/pxc-db/README.md b/charts/pxc-db/README.md index d66d2d01..eb8beea7 100644 --- a/charts/pxc-db/README.md +++ b/charts/pxc-db/README.md @@ -38,6 +38,7 @@ The chart can be customized using the following configurable parameters: | `unsafeFlags.backupIfUnhealthy` | Allows running a backup even if the cluster status is not `ready` | `false` | | `enableCRValidationWebhook` | Enables or disables schema validation before applying custom resource | `false` | | `initContainer.image` | An alternative image for the initial Operator installation | `""` | +| `initContainer.containerSecurityContext` | A custom Kubernetes Security Context for a Container to be used instead of the default | `{}` | | `initContainer.resources.requests` | Init container resource requests | `{}` | | `initContainer.resources.limits` | Init container resource limits | `{}` | | `updateStrategy` | Regulates the way how PXC Cluster Pods will be updated after setting a new image | `SmartUpdate` | diff --git a/charts/pxc-db/templates/cluster.yaml b/charts/pxc-db/templates/cluster.yaml index e10adefb..f4e6ffb1 100644 --- a/charts/pxc-db/templates/cluster.yaml +++ b/charts/pxc-db/templates/cluster.yaml @@ -55,6 +55,10 @@ spec: image: {{ .Values.initContainer.image }} {{- else }} image: {{ include "pxc-db.operator-image" . }} + {{- end }} + {{- if .Values.initContainer.containerSecurityContext }} + containerSecurityContext: +{{ tpl (.Values.initContainer.containerSecurityContext | toYaml) $ | indent 6 }} {{- end }} {{- if .Values.initContainer.resources }} resources: diff --git a/charts/pxc-db/values.yaml b/charts/pxc-db/values.yaml index be7d1f43..19024c19 100644 --- a/charts/pxc-db/values.yaml +++ b/charts/pxc-db/values.yaml @@ -30,6 +30,10 @@ ignoreLabels: [] pause: false # initContainer: # image: "percona/percona-xtradb-cluster-operator:1.16.0" +# containerSecurityContext: +# privileged: false +# runAsUser: 1001 +# runAsGroup: 1001 # resources: # requests: # memory: 100M diff --git a/charts/pxc-operator/crds/crd.yaml b/charts/pxc-operator/crds/crd.yaml index f8d6ddc7..af2f8ea0 100644 --- a/charts/pxc-operator/crds/crd.yaml +++ b/charts/pxc-operator/crds/crd.yaml @@ -4881,6 +4881,78 @@ spec: type: array initContainer: properties: + containerSecurityContext: + properties: + allowPrivilegeEscalation: + type: boolean + appArmorProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + capabilities: + properties: + add: + items: + type: string + type: array + x-kubernetes-list-type: atomic + drop: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object image: type: string resources: From a8226742bb93ff2815f26353a693e487ebddb17a Mon Sep 17 00:00:00 2001 From: Julio Pasinatto Date: Tue, 26 Nov 2024 14:41:31 -0300 Subject: [PATCH 03/21] K8SPXC-1315 - Cannot disable parallel backups in pxc-db helm chart --- charts/pxc-db/templates/cluster.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/pxc-db/templates/cluster.yaml b/charts/pxc-db/templates/cluster.yaml index f4e6ffb1..baadca3d 100644 --- a/charts/pxc-db/templates/cluster.yaml +++ b/charts/pxc-db/templates/cluster.yaml @@ -510,7 +510,7 @@ spec: {{- $backup := .Values.backup }} {{- if $backup.enabled }} backup: - {{- if $backup.allowParallel }} + {{- if hasKey $backup "allowParallel" }} allowParallel: {{ $backup.allowParallel }} {{- end }} image: {{ $backup.image.repository }}:{{ $backup.image.tag }} From 06edd235350948ba461b60d55b1444e76cf9b85d Mon Sep 17 00:00:00 2001 From: Inel Pandzic Date: Thu, 28 Nov 2024 17:34:48 +0100 Subject: [PATCH 04/21] User management. --- charts/pxc-db/README.md | 9 +++++++++ charts/pxc-db/templates/cluster.yaml | 4 ++++ charts/pxc-db/values.yaml | 17 +++++++++++++++++ 3 files changed, 30 insertions(+) diff --git a/charts/pxc-db/README.md b/charts/pxc-db/README.md index 08a04306..7ff470fa 100644 --- a/charts/pxc-db/README.md +++ b/charts/pxc-db/README.md @@ -250,6 +250,15 @@ The chart can be customized using the following configurable parameters: | `pmm.pxcParams` | Additional parameters which will be passed to the [pmm-admin add mysql](https://docs.percona.com/percona-monitoring-and-management/setting-up/client/mysql.html#add-service) command for `pxc` Pods | `""` | | `pmm.proxysqlParams` | Additional parameters which will be passed to the [pmm-admin add proxysql](https://docs.percona.com/percona-monitoring-and-management/setting-up/client/proxysql.html) command for `proxysql` Pods | `""` | | `pmm.containerSecurityContext` | A custom Kubernetes Security Context for a Container to be used instead of the default one | `{}` | + +| `users.name` | The username of the PXC application user | `""` | +| `users.dbs` | Database that will be applied to the user | `[]` | +| `users.grants` | Grants that will be applied to the user | `[]` | +| `users.withGrantOption` | Set grant options for the user | `[]` | +| `users.passwordSecretRef.name` | Name of the secret that contains the user's password | `""` | +| `users.passwordSecretRef.key` | Key in the secret that corresponds to the value of the user's password | `""` | + + | | | `backup.enabled` | Enables backups for PXC cluster | `true` | | `backup.allowParallel` | Allow taking multiple backups in parallel | `true` | diff --git a/charts/pxc-db/templates/cluster.yaml b/charts/pxc-db/templates/cluster.yaml index e10adefb..193c648d 100644 --- a/charts/pxc-db/templates/cluster.yaml +++ b/charts/pxc-db/templates/cluster.yaml @@ -471,6 +471,10 @@ spec: {{ tpl ($logcollector.containerSecurityContext | toYaml) $ | indent 6 }} {{- end }} {{- end }} +{{- if .Values.users }} + users: +{{ .Values.users | toYaml | indent 2 }} + {{- end }} pmm: {{- if not .Values.pmm.enabled }} enabled: false diff --git a/charts/pxc-db/values.yaml b/charts/pxc-db/values.yaml index e710e65f..efae6f3b 100644 --- a/charts/pxc-db/values.yaml +++ b/charts/pxc-db/values.yaml @@ -549,6 +549,23 @@ logcollector: # containerSecurityContext: # privileged: false +# users: +# - name: my-user +# dbs: +# - db1 +# - db2 +# hosts: +# - localhost +# grants: +# - SELECT +# - DELETE +# - INSERT +# withGrantOption: true +# passwordSecretRef: +# name: my-user-pwd +# key: my-user-pwd-key +# - name: my-user-two + pmm: enabled: false image: From 9fee404daba2b69c1aac01c5218bd2af63137323 Mon Sep 17 00:00:00 2001 From: Edith Puclla Date: Wed, 11 Dec 2024 16:34:25 +0000 Subject: [PATCH 05/21] docs: update Percona Everest Helm chart link in documentation --- README.md | 38 +++++++++++++++++++++----------------- 1 file changed, 21 insertions(+), 17 deletions(-) diff --git a/README.md b/README.md index d69dd8b9..ab2916fb 100644 --- a/README.md +++ b/README.md @@ -5,17 +5,20 @@ [Percona](https://www.percona.com/) is committed to simplify the deployment and management of databases on Kubernetes. [Helm](https://helm.sh/) enables users to package, run, share and manage even complex applications. This repository contains Helm charts for the following Percona products. -* [Percona Operator for MySQL](charts/pxc-operator/) -* [Percona XtraDB Cluster](charts/pxc-db/) -* [Percona Operator for MongoDB](charts/psmdb-operator/) -* [Percona Server for MongoDB](charts/psmdb-db/) -* [Percona Operator for PostgreSQL](charts/pg-operator/) -* [Percona Distribution for PostgreSQL](charts/pg-db/) -* [Percona Monitoring and Management (PMM)](charts/pmm/) +- [Percona Operator for MySQL](charts/pxc-operator/) +- [Percona XtraDB Cluster](charts/pxc-db/) +- [Percona Operator for MongoDB](charts/psmdb-operator/) +- [Percona Server for MongoDB](charts/psmdb-db/) +- [Percona Operator for PostgreSQL](charts/pg-operator/) +- [Percona Distribution for PostgreSQL](charts/pg-db/) +- [Percona Monitoring and Management (PMM)](charts/pmm/) +- [Percona Everest](charts/everest/) Useful links: -* [About Percona Kubernetes Operators](https://www.percona.com/software/percona-kubernetes-operators) -* [About Percona Monitoring and Management](https://www.percona.com/software/database-tools/percona-monitoring-and-management) + +- [About Percona Kubernetes Operators](https://www.percona.com/software/percona-kubernetes-operators) +- [About Percona Monitoring and Management](https://www.percona.com/software/database-tools/percona-monitoring-and-management) +- [About Percona Everest](https://docs.percona.com/everest/index.html) ## Installing Charts from this Repository @@ -23,10 +26,10 @@ You will need [Helm v3](https://github.com/helm/helm) for the installation. See # Need help? -**Commercial Support** | **Community Support** | -:-: | :-: | -|
Enterprise-grade assistance for your mission-critical database deployments in containers and Kubernetes. Get expert guidance for complex tasks like multi-cloud replication, database migration and building platforms.

|
Connect with our engineers and fellow users for general questions, troubleshooting, and sharing feedback and ideas.

| -| **[Get Percona Support](https://hubs.ly/Q02ZTH8Q0)** | **[Visit our Forum](https://forums.percona.com/)** | +| **Commercial Support** | **Community Support** | +| :------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------: | :--------------------------------------------------------------------------------------------------------------------------------: | +|
Enterprise-grade assistance for your mission-critical database deployments in containers and Kubernetes. Get expert guidance for complex tasks like multi-cloud replication, database migration and building platforms.

|
Connect with our engineers and fellow users for general questions, troubleshooting, and sharing feedback and ideas.

| +| **[Get Percona Support](https://hubs.ly/Q02ZTH8Q0)** | **[Visit our Forum](https://forums.percona.com/)** | # Contributing @@ -38,9 +41,10 @@ See the [Contribution Guide](CONTRIBUTING.md) for more information. If you find a bug related to one of these Helm charts, please submit a report to the appropriate project's Jira issue tracker: -* [Percona Operator for MySQL](https://jira.percona.com/projects/K8SPXC) -* [Percona Operator for MongoDB](https://jira.percona.com/projects/K8SPSMDB) -* [Percona Operator for PostgreSQL](https://jira.percona.com/projects/K8SPG) -* [Percona Monitoring and Management](https://jira.percona.com/projects/PMM) +- [Percona Operator for MySQL](https://jira.percona.com/projects/K8SPXC) +- [Percona Operator for MongoDB](https://jira.percona.com/projects/K8SPSMDB) +- [Percona Operator for PostgreSQL](https://jira.percona.com/projects/K8SPG) +- [Percona Monitoring and Management](https://jira.percona.com/projects/PMM) +- [Percona Everest](https://docs.percona.com/everest/contribute.html#submit-a-bug-report-or-feature-request) Learn more about submitting bugs, new feature ideas, and improvements in the [Contribution Guide](CONTRIBUTING.md). From a948e77f8294c46f08783ac54fae2ab11e362865 Mon Sep 17 00:00:00 2001 From: Julio Pasinatto Date: Thu, 12 Dec 2024 14:43:34 -0300 Subject: [PATCH 06/21] Remove clustercheck user --- charts/pxc-db/README.md | 1 - charts/pxc-db/templates/cluster-secret.yaml | 1 - charts/pxc-db/values.yaml | 1 - 3 files changed, 3 deletions(-) diff --git a/charts/pxc-db/README.md b/charts/pxc-db/README.md index 467ed471..8f19b059 100644 --- a/charts/pxc-db/README.md +++ b/charts/pxc-db/README.md @@ -294,7 +294,6 @@ The chart can be customized using the following configurable parameters: | `secrets.passwords.root` | Default user secret | `insecure-root-password` | | `secrets.passwords.xtrabackup` | Default user secret | `insecure-xtrabackup-password` | | `secrets.passwords.monitor` | Default user secret | `insecure-monitor-password` | -| `secrets.passwords.clustercheck` | Default user secret | `insecure-clustercheck-password` | | `secrets.passwords.proxyadmin` | Default user secret | `insecure-proxyadmin-password` | | `secrets.passwords.pmmserver` | Default user secret | `insecure-pmmserver-password` | | `secrets.passwords.pmmserverkey` | PMM server API key | `` | diff --git a/charts/pxc-db/templates/cluster-secret.yaml b/charts/pxc-db/templates/cluster-secret.yaml index da07f331..07772a1e 100644 --- a/charts/pxc-db/templates/cluster-secret.yaml +++ b/charts/pxc-db/templates/cluster-secret.yaml @@ -15,7 +15,6 @@ data: root: {{ .Values.secrets.passwords.root | b64enc }} xtrabackup: {{ .Values.secrets.passwords.xtrabackup | b64enc }} monitor: {{ .Values.secrets.passwords.monitor | b64enc }} - clustercheck: {{ .Values.secrets.passwords.clustercheck | b64enc }} proxyadmin: {{ .Values.secrets.passwords.proxyadmin | b64enc }} {{- if hasKey .Values.secrets.passwords "pmmserverkey" }} pmmserverkey: {{ .Values.secrets.passwords.pmmserverkey | b64enc }} diff --git a/charts/pxc-db/values.yaml b/charts/pxc-db/values.yaml index 3ad3799b..f43a1be5 100644 --- a/charts/pxc-db/values.yaml +++ b/charts/pxc-db/values.yaml @@ -710,7 +710,6 @@ secrets: # root: insecure-root-password # xtrabackup: insecure-xtrabackup-password # monitor: insecure-monitor-password - # clustercheck: insecure-clustercheck-password # proxyadmin: insecure-proxyadmin-password # pmmserver: insecure-pmmserver-password # # If pmmserverkey is set in that case pmmserver pass will not be included From cc552a31d9649438c0c7480f843b63e89f2131fb Mon Sep 17 00:00:00 2001 From: Julio Pasinatto Date: Thu, 12 Dec 2024 16:05:35 -0300 Subject: [PATCH 07/21] Add backup.activeDeadlineSeconds --- charts/pxc-db/README.md | 1 + charts/pxc-db/templates/cluster.yaml | 3 + charts/pxc-db/values.yaml | 1 + charts/pxc-operator/crds/crd.yaml | 148 ++++++++++++++++++++++++++- 4 files changed, 149 insertions(+), 4 deletions(-) diff --git a/charts/pxc-db/README.md b/charts/pxc-db/README.md index 8f19b059..34a6dd8a 100644 --- a/charts/pxc-db/README.md +++ b/charts/pxc-db/README.md @@ -266,6 +266,7 @@ The chart can be customized using the following configurable parameters: | `backup.image.repository` | Backup Container image | `percona/percona-xtradb-cluster-operator` | | `backup.image.tag` | Backup Container tag | `1.15.1-pxc8.0-backup-pxb8.0.35` | | `backup.backoffLimit` | The number of retries to make a backup | `10` | +| `backup.activeDeadlineSeconds` | Maximum duration in seconds for a bacup job to run. The job will be terminated if it exceeds this time | `` | | `backup.imagePullSecrets` | Backup Container pull secret | `[]` | | `backup.imagePullPolicy` | The policy used to update images | `` | | `backup.pitr.enabled` | Enable point in time recovery | `false` | diff --git a/charts/pxc-db/templates/cluster.yaml b/charts/pxc-db/templates/cluster.yaml index 176d4247..2b7489a3 100644 --- a/charts/pxc-db/templates/cluster.yaml +++ b/charts/pxc-db/templates/cluster.yaml @@ -521,6 +521,9 @@ spec: {{- if $backup.backoffLimit }} backoffLimit: {{ $backup.backoffLimit }} {{- end }} + {{- if $backup.activeDeadlineSeconds }} + activeDeadlineSeconds: {{ $backup.activeDeadlineSeconds }} + {{- end }} {{- if $backup.serviceAccountName }} serviceAccountName: {{ $backup.serviceAccountName }} {{- end }} diff --git a/charts/pxc-db/values.yaml b/charts/pxc-db/values.yaml index f43a1be5..5284ada9 100644 --- a/charts/pxc-db/values.yaml +++ b/charts/pxc-db/values.yaml @@ -596,6 +596,7 @@ backup: repository: percona/percona-xtradb-cluster-operator tag: 1.15.1-pxc8.0-backup-pxb8.0.35 # backoffLimit: 6 + # activeDeadlineSeconds: 3600 # serviceAccountName: percona-xtradb-cluster-operator # imagePullPolicy: Always imagePullSecrets: [] diff --git a/charts/pxc-operator/crds/crd.yaml b/charts/pxc-operator/crds/crd.yaml index af2f8ea0..e85d7e56 100644 --- a/charts/pxc-operator/crds/crd.yaml +++ b/charts/pxc-operator/crds/crd.yaml @@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.3 name: perconaxtradbclusterbackups.pxc.percona.com spec: group: pxc.percona.com @@ -56,6 +56,9 @@ spec: type: string spec: properties: + activeDeadlineSeconds: + format: int64 + type: integer containerOptions: properties: args: @@ -243,7 +246,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.3 name: perconaxtradbclusterrestores.pxc.percona.com spec: group: pxc.percona.com @@ -565,6 +568,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -613,7 +618,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.3 name: perconaxtradbclusters.pxc.percona.com spec: group: pxc.percona.com @@ -955,6 +960,9 @@ spec: type: boolean backup: properties: + activeDeadlineSeconds: + format: int64 + type: integer allowParallel: type: boolean annotations: @@ -988,6 +996,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -1683,6 +1693,8 @@ spec: runAsUser: format: int64 type: integer + seLinuxChangePolicy: + type: string seLinuxOptions: properties: level: @@ -1709,6 +1721,8 @@ spec: type: integer type: array x-kubernetes-list-type: atomic + supplementalGroupsPolicy: + type: string sysctls: items: properties: @@ -1743,6 +1757,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -2731,6 +2747,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -2839,6 +2856,8 @@ spec: runAsUser: format: int64 type: integer + seLinuxChangePolicy: + type: string seLinuxOptions: properties: level: @@ -2865,6 +2884,8 @@ spec: type: integer type: array x-kubernetes-list-type: atomic + supplementalGroupsPolicy: + type: string sysctls: items: properties: @@ -2914,6 +2935,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -3002,6 +3024,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -3215,6 +3239,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -3265,10 +3291,12 @@ spec: diskURI: type: string fsType: + default: ext4 type: string kind: type: string readOnly: + default: false type: boolean required: - diskName @@ -3628,6 +3656,13 @@ spec: required: - path type: object + image: + properties: + pullPolicy: + type: string + reference: + type: string + type: object iscsi: properties: chapAuthDiscovery: @@ -3641,6 +3676,7 @@ spec: iqn: type: string iscsiInterface: + default: default type: string lun: format: int32 @@ -3889,6 +3925,7 @@ spec: image: type: string keyring: + default: /etc/ceph/keyring type: string monitors: items: @@ -3896,6 +3933,7 @@ spec: type: array x-kubernetes-list-type: atomic pool: + default: rbd type: string readOnly: type: boolean @@ -3907,6 +3945,7 @@ spec: type: object x-kubernetes-map-type: atomic user: + default: admin type: string required: - image @@ -3915,6 +3954,7 @@ spec: scaleIO: properties: fsType: + default: xfs type: string gateway: type: string @@ -3932,6 +3972,7 @@ spec: sslEnabled: type: boolean storageMode: + default: ThinProvisioned type: string storagePool: type: string @@ -4259,6 +4300,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -4365,6 +4407,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -4446,6 +4489,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -4563,6 +4608,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -4962,6 +5008,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -5082,6 +5130,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -5204,6 +5254,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -5961,6 +6013,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -6069,6 +6122,8 @@ spec: runAsUser: format: int64 type: integer + seLinuxChangePolicy: + type: string seLinuxOptions: properties: level: @@ -6095,6 +6150,8 @@ spec: type: integer type: array x-kubernetes-list-type: atomic + supplementalGroupsPolicy: + type: string sysctls: items: properties: @@ -6144,6 +6201,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -6224,6 +6282,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -6437,6 +6497,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -6487,10 +6549,12 @@ spec: diskURI: type: string fsType: + default: ext4 type: string kind: type: string readOnly: + default: false type: boolean required: - diskName @@ -6850,6 +6914,13 @@ spec: required: - path type: object + image: + properties: + pullPolicy: + type: string + reference: + type: string + type: object iscsi: properties: chapAuthDiscovery: @@ -6863,6 +6934,7 @@ spec: iqn: type: string iscsiInterface: + default: default type: string lun: format: int32 @@ -7111,6 +7183,7 @@ spec: image: type: string keyring: + default: /etc/ceph/keyring type: string monitors: items: @@ -7118,6 +7191,7 @@ spec: type: array x-kubernetes-list-type: atomic pool: + default: rbd type: string readOnly: type: boolean @@ -7129,6 +7203,7 @@ spec: type: object x-kubernetes-map-type: atomic user: + default: admin type: string required: - image @@ -7137,6 +7212,7 @@ spec: scaleIO: properties: fsType: + default: xfs type: string gateway: type: string @@ -7154,6 +7230,7 @@ spec: sslEnabled: type: boolean storageMode: + default: ThinProvisioned type: string storagePool: type: string @@ -7481,6 +7558,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -7587,6 +7665,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -7668,6 +7747,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -7785,6 +7866,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -8821,6 +8903,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -8929,6 +9012,8 @@ spec: runAsUser: format: int64 type: integer + seLinuxChangePolicy: + type: string seLinuxOptions: properties: level: @@ -8955,6 +9040,8 @@ spec: type: integer type: array x-kubernetes-list-type: atomic + supplementalGroupsPolicy: + type: string sysctls: items: properties: @@ -9004,6 +9091,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -9117,6 +9205,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -9330,6 +9420,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -9380,10 +9472,12 @@ spec: diskURI: type: string fsType: + default: ext4 type: string kind: type: string readOnly: + default: false type: boolean required: - diskName @@ -9743,6 +9837,13 @@ spec: required: - path type: object + image: + properties: + pullPolicy: + type: string + reference: + type: string + type: object iscsi: properties: chapAuthDiscovery: @@ -9756,6 +9857,7 @@ spec: iqn: type: string iscsiInterface: + default: default type: string lun: format: int32 @@ -10004,6 +10106,7 @@ spec: image: type: string keyring: + default: /etc/ceph/keyring type: string monitors: items: @@ -10011,6 +10114,7 @@ spec: type: array x-kubernetes-list-type: atomic pool: + default: rbd type: string readOnly: type: boolean @@ -10022,6 +10126,7 @@ spec: type: object x-kubernetes-map-type: atomic user: + default: admin type: string required: - image @@ -10030,6 +10135,7 @@ spec: scaleIO: properties: fsType: + default: xfs type: string gateway: type: string @@ -10047,6 +10153,7 @@ spec: sslEnabled: type: boolean storageMode: + default: ThinProvisioned type: string storagePool: type: string @@ -10374,6 +10481,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -10480,6 +10588,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -10561,6 +10670,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -10678,6 +10789,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -11034,6 +11146,34 @@ spec: versionServiceEndpoint: type: string type: object + users: + items: + properties: + dbs: + items: + type: string + type: array + grants: + items: + type: string + type: array + hosts: + items: + type: string + type: array + name: + type: string + passwordSecretRef: + properties: + key: + type: string + name: + type: string + type: object + withGrantOption: + type: boolean + type: object + type: array vaultSecretName: type: string type: object @@ -11198,4 +11338,4 @@ spec: labelSelectorPath: .status.pxc.labelSelectorPath specReplicasPath: .spec.pxc.size statusReplicasPath: .status.pxc.size - status: {} + status: {} \ No newline at end of file From 380cfa23f05443ad1c840d8910f459dbf642fcca Mon Sep 17 00:00:00 2001 From: Julio Pasinatto Date: Fri, 13 Dec 2024 15:43:26 -0300 Subject: [PATCH 08/21] Update maintainer --- charts/pxc-db/Chart.yaml | 4 ++-- charts/pxc-operator/Chart.yaml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/pxc-db/Chart.yaml b/charts/pxc-db/Chart.yaml index 1e591d5e..2a565a5f 100644 --- a/charts/pxc-db/Chart.yaml +++ b/charts/pxc-db/Chart.yaml @@ -5,10 +5,10 @@ name: pxc-db home: https://www.percona.com/doc/kubernetes-operator-for-pxc/kubernetes.html version: 1.16.0 maintainers: - - name: tplavcic - email: tomislav.plavcic@percona.com - name: spron-in email: sergey.pronin@percona.com - name: nmarukovich email: natalia.marukovich@percona.com + - name: jvpasinatto + email: julio.pasinatto@percona.com icon: https://artifacthub.io/image/0b8875cd-6661-4269-9cf6-0fd92d59017b@1x diff --git a/charts/pxc-operator/Chart.yaml b/charts/pxc-operator/Chart.yaml index 379e9f22..70463711 100644 --- a/charts/pxc-operator/Chart.yaml +++ b/charts/pxc-operator/Chart.yaml @@ -5,10 +5,10 @@ name: pxc-operator home: https://docs.percona.com/percona-operator-for-mysql/pxc/ version: 1.16.0 maintainers: - - name: tplavcic - email: tomislav.plavcic@percona.com - name: nmarukovich email: natalia.marukovich@percona.com - name: spron-in email: sergey.pronin@percona.com + - name: jvpasinatto + email: julio.pasinatto@percona.com icon: https://artifacthub.io/image/0b8875cd-6661-4269-9cf6-0fd92d59017b@1x From ae40ce13f038b756623de7d05660ad94c220e88a Mon Sep 17 00:00:00 2001 From: Julio Pasinatto Date: Fri, 13 Dec 2024 15:49:16 -0300 Subject: [PATCH 09/21] Update image versions --- charts/pxc-db/README.md | 12 ++++++------ charts/pxc-db/values.yaml | 12 ++++++------ 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/charts/pxc-db/README.md b/charts/pxc-db/README.md index 34a6dd8a..17f83b91 100644 --- a/charts/pxc-db/README.md +++ b/charts/pxc-db/README.md @@ -60,7 +60,7 @@ The chart can be customized using the following configurable parameters: | `pxc.size` | PXC Cluster target member (pod) quantity. Can't even if `unsafeFlags.pxcSize` is `true` | `3` | | `pxc.clusterSecretName` | Specify if you want to use custom or Operator generated users secret (if the one specified doesn't exist) | `` | | `pxc.image.repository` | PXC Container image repository | `percona/percona-xtradb-cluster` | -| `pxc.image.tag` | PXC Container image tag | `8.0.36-28.1` | +| `pxc.image.tag` | PXC Container image tag | `8.0.39-30.1` | | `pxc.imagePullPolicy` | The policy used to update images | `` | | `pxc.autoRecovery` | Enable full cluster crash auto recovery | `true` | | `pxc.expose.enabled` | Enable or disable exposing `Percona XtraDB Cluster` nodes with dedicated IP addresses | `true` | @@ -126,7 +126,7 @@ The chart can be customized using the following configurable parameters: | | | `haproxy.enabled` | Use HAProxy as TCP proxy for PXC cluster | `true` | | `haproxy.size` | HAProxy target pod quantity. Can't even if `unsafeFlags.pxcSize` is `true` | `3` | -| `haproxy.image` | HAProxy Container image repository | `percona/haproxy:2.8.5` | +| `haproxy.image` | HAProxy Container image repository | `percona/haproxy:2.8.11` | | `haproxy.imagePullPolicy` | The policy used to update images | `` | | `haproxy.imagePullSecrets` | HAProxy Container pull secret | `[]` | | `haproxy.configuration` | User defined HAProxy options according to HAProxy configuration file syntax | `` | @@ -186,7 +186,7 @@ The chart can be customized using the following configurable parameters: | | | `proxysql.enabled` | Use ProxySQL as TCP proxy for PXC cluster | `false` | | `proxysql.size` | ProxySQL target pod quantity. Can't even if `unsafeFlags.pxcSize` is `true` | `3` | -| `proxysql.image` | ProxySQL Container image | `percona/proxysql2:2.5.5` | +| `proxysql.image` | ProxySQL Container image | `percona/proxysql2:2.7.1` | | `proxysql.imagePullPolicy` | The policy used to update images | `` | | `proxysql.imagePullSecrets` | ProxySQL Container pull secret | `[]` | | `proxysql.configuration` | User defined ProxySQL options according to ProxySQL configuration file syntax | `` | @@ -231,7 +231,7 @@ The chart can be customized using the following configurable parameters: | `proxysql.podSecurityContext` | A custom Kubernetes Security Context for a Pod to be used instead of the default one | `{}` | | | | `logcollector.enabled` | Enable log collector container | `true` | -| `logcollector.image` | Log collector image repository | `percona/percona-xtradb-cluster-operator:1.15.1-logcollector-fluentbit3.1.4` | +| `logcollector.image` | Log collector image repository | `percona/percona-xtradb-cluster-operator:1.16.0-logcollector-fluentbit3.2.2` | | `logcollector.imagePullSecrets` | Log collector pull secret | `[]` | | `logcollector.imagePullPolicy` | The policy used to update images | `` | | `logcollector.configuration` | User defined configuration for logcollector | `` | @@ -241,7 +241,7 @@ The chart can be customized using the following configurable parameters: | | | `pmm.enabled` | Enable integration with [Percona Monitoring and Management software](https://www.percona.com/doc/kubernetes-operator-for-pxc/monitoring.html) | `false` | | `pmm.image.repository` | PMM Container image repository | `percona/pmm-client` | -| `pmm.image.tag` | PMM Container image tag | `2.42.0` | +| `pmm.image.tag` | PMM Container image tag | `2.43.2` | | `pmm.imagePullSecrets` | PMM Container pull secret | `[]` | | `pmm.imagePullPolicy` | The policy used to update images | `` | | `pmm.serverHost` | PMM server related K8S service hostname | `monitoring-service` | @@ -264,7 +264,7 @@ The chart can be customized using the following configurable parameters: | `backup.enabled` | Enables backups for PXC cluster | `true` | | `backup.allowParallel` | Allow taking multiple backups in parallel | `true` | | `backup.image.repository` | Backup Container image | `percona/percona-xtradb-cluster-operator` | -| `backup.image.tag` | Backup Container tag | `1.15.1-pxc8.0-backup-pxb8.0.35` | +| `backup.image.tag` | Backup Container tag | `1.16.0-pxc8.0-backup-pxb8.0.35` | | `backup.backoffLimit` | The number of retries to make a backup | `10` | | `backup.activeDeadlineSeconds` | Maximum duration in seconds for a bacup job to run. The job will be terminated if it exceeds this time | `` | | `backup.imagePullSecrets` | Backup Container pull secret | `[]` | diff --git a/charts/pxc-db/values.yaml b/charts/pxc-db/values.yaml index 5284ada9..82d3a07d 100644 --- a/charts/pxc-db/values.yaml +++ b/charts/pxc-db/values.yaml @@ -67,7 +67,7 @@ pxc: size: 3 image: repository: percona/percona-xtradb-cluster - tag: 8.0.36-28.1 + tag: 8.0.39-30.1 # imagePullPolicy: Always autoRecovery: true # expose: @@ -214,7 +214,7 @@ pxc: haproxy: enabled: true size: 3 - image: percona/haproxy:2.8.5 + image: percona/haproxy:2.8.11 # imagePullPolicy: Always imagePullSecrets: [] # - name: private-registry-credentials @@ -381,7 +381,7 @@ haproxy: proxysql: enabled: false size: 3 - image: "percona/proxysql2:2.5.5" + image: "percona/proxysql2:2.7.1" # imagePullPolicy: Always imagePullSecrets: [] # configuration: | @@ -533,7 +533,7 @@ proxysql: logcollector: enabled: true - image: percona/percona-xtradb-cluster-operator:1.15.1-logcollector-fluentbit3.1.4 + image: percona/percona-xtradb-cluster-operator:1.16.0-logcollector-fluentbit3.2.2 # imagePullPolicy: Always imagePullSecrets: [] # configuration: | @@ -574,7 +574,7 @@ pmm: enabled: false image: repository: percona/pmm-client - tag: 2.42.0 + tag: 2.43.2 # imagePullPolicy: Always imagePullSecrets: [] serverHost: monitoring-service @@ -594,7 +594,7 @@ backup: # allowParallel: true image: repository: percona/percona-xtradb-cluster-operator - tag: 1.15.1-pxc8.0-backup-pxb8.0.35 + tag: 1.16.0-pxc8.0-backup-pxb8.0.35 # backoffLimit: 6 # activeDeadlineSeconds: 3600 # serviceAccountName: percona-xtradb-cluster-operator From 16134d30bad0e36427e86ca13eca759b5edcf08b Mon Sep 17 00:00:00 2001 From: Julio Pasinatto Date: Mon, 16 Dec 2024 14:59:24 -0300 Subject: [PATCH 10/21] Update pmm version --- charts/pxc-db/README.md | 2 +- charts/pxc-db/values.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/pxc-db/README.md b/charts/pxc-db/README.md index 17f83b91..31d5d849 100644 --- a/charts/pxc-db/README.md +++ b/charts/pxc-db/README.md @@ -241,7 +241,7 @@ The chart can be customized using the following configurable parameters: | | | `pmm.enabled` | Enable integration with [Percona Monitoring and Management software](https://www.percona.com/doc/kubernetes-operator-for-pxc/monitoring.html) | `false` | | `pmm.image.repository` | PMM Container image repository | `percona/pmm-client` | -| `pmm.image.tag` | PMM Container image tag | `2.43.2` | +| `pmm.image.tag` | PMM Container image tag | `2.44.0` | | `pmm.imagePullSecrets` | PMM Container pull secret | `[]` | | `pmm.imagePullPolicy` | The policy used to update images | `` | | `pmm.serverHost` | PMM server related K8S service hostname | `monitoring-service` | diff --git a/charts/pxc-db/values.yaml b/charts/pxc-db/values.yaml index 82d3a07d..617a3bf6 100644 --- a/charts/pxc-db/values.yaml +++ b/charts/pxc-db/values.yaml @@ -574,7 +574,7 @@ pmm: enabled: false image: repository: percona/pmm-client - tag: 2.43.2 + tag: 2.44.0 # imagePullPolicy: Always imagePullSecrets: [] serverHost: monitoring-service From 554f2524f81bddba3082d0cc0ccfdf5b5c2db3a3 Mon Sep 17 00:00:00 2001 From: Mayank Shah Date: Thu, 19 Dec 2024 15:55:54 +0530 Subject: [PATCH 11/21] improve post install message Signed-off-by: Mayank Shah --- charts/everest/templates/NOTES.txt | 51 ++++++++++++++++-------------- 1 file changed, 27 insertions(+), 24 deletions(-) diff --git a/charts/everest/templates/NOTES.txt b/charts/everest/templates/NOTES.txt index 2f211c71..7c526472 100644 --- a/charts/everest/templates/NOTES.txt +++ b/charts/everest/templates/NOTES.txt @@ -1,34 +1,37 @@ -{{ if .Release.IsInstall }} -Thank you for installing Everest! +{{- if .Release.IsInstall }} +Thank you for installing Everest (v{{ .Chart.AppVersion }})! -Get started by following the below steps: +Follow the steps below to get started: +{{ if not .Values.dbNamespace.enabled }} +PROVISION A NAMESPACE FOR YOUR DATABASES +========================================= -1. Access the Everest UI: +Install a namespace for your databases using the following command: -Setup a port-forward to the Everest service: + helm install everest/everest-db-namespace --namespace everest --create-namespace -kubectl port-forward svc/everest 8080:8080 -n everest-system +{{- end }} -Next, open your browser at http://localhost:8080. +RETRIEVE THE INITIAL ADMIN PASSWORD +==================================== -2. Retrieve the initial admin password: +Run the following command to fetch the initial admin password: -kubectl get secret everest-accounts -n everest-system -o jsonpath='{.data.users\.yaml}' | base64 --decode | yq '.admin.passwordHash' + kubectl get secret everest-accounts -n everest-system -o jsonpath='{.data.users\.yaml}' | base64 --decode | yq '.admin.passwordHash' -{{if (not .Values.dbNamespace.enabled) }} -3. Provision a namespace for your databases: +**Note:** The initial password is stored in plain text. For security, change it immediately using the following command: -cat < Date: Fri, 20 Dec 2024 20:10:10 +0530 Subject: [PATCH 12/21] fix notes.txt Signed-off-by: Mayank Shah --- charts/everest/templates/NOTES.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/everest/templates/NOTES.txt b/charts/everest/templates/NOTES.txt index 7c526472..1ad84cb2 100644 --- a/charts/everest/templates/NOTES.txt +++ b/charts/everest/templates/NOTES.txt @@ -8,7 +8,7 @@ PROVISION A NAMESPACE FOR YOUR DATABASES Install a namespace for your databases using the following command: - helm install everest/everest-db-namespace --namespace everest --create-namespace + helm install everest everest/everest-db-namespace --namespace everest --create-namespace {{- end }} From f90743aa515bba813062aa435c300e57de433473 Mon Sep 17 00:00:00 2001 From: Mayank Shah Date: Fri, 20 Dec 2024 20:11:53 +0530 Subject: [PATCH 13/21] fix repo name Signed-off-by: Mayank Shah --- charts/everest/templates/NOTES.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/everest/templates/NOTES.txt b/charts/everest/templates/NOTES.txt index 1ad84cb2..769e0baf 100644 --- a/charts/everest/templates/NOTES.txt +++ b/charts/everest/templates/NOTES.txt @@ -8,7 +8,7 @@ PROVISION A NAMESPACE FOR YOUR DATABASES Install a namespace for your databases using the following command: - helm install everest everest/everest-db-namespace --namespace everest --create-namespace + helm install everest percona/everest-db-namespace --namespace everest --create-namespace {{- end }} From d0d4ab7aea4401e28abc3ee20c83ea6167819778 Mon Sep 17 00:00:00 2001 From: Eleonora Zinchenko Date: Tue, 24 Dec 2024 09:02:18 +0200 Subject: [PATCH 14/21] K8SPXC-1537: Update PXC charts for 1.16.1 release --- charts/pxc-db/Chart.yaml | 4 ++-- charts/pxc-db/README.md | 8 ++++---- charts/pxc-db/values.yaml | 8 ++++---- charts/pxc-operator/Chart.yaml | 4 ++-- charts/pxc-operator/README.md | 4 ++-- 5 files changed, 14 insertions(+), 14 deletions(-) diff --git a/charts/pxc-db/Chart.yaml b/charts/pxc-db/Chart.yaml index 2a565a5f..39edb23a 100644 --- a/charts/pxc-db/Chart.yaml +++ b/charts/pxc-db/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: 1.16.0 +appVersion: 1.16.1 description: A Helm chart for installing Percona XtraDB Cluster Databases using the PXC Operator. name: pxc-db home: https://www.percona.com/doc/kubernetes-operator-for-pxc/kubernetes.html -version: 1.16.0 +version: 1.16.1 maintainers: - name: spron-in email: sergey.pronin@percona.com diff --git a/charts/pxc-db/README.md b/charts/pxc-db/README.md index a34cbd78..32eb67f7 100644 --- a/charts/pxc-db/README.md +++ b/charts/pxc-db/README.md @@ -20,14 +20,14 @@ To install the chart with the `pxc` release name using a dedicated namespace (re ```sh helm repo add percona https://percona.github.io/percona-helm-charts/ -helm install my-db percona/pxc-db --version 1.16.0 --namespace my-namespace +helm install my-db percona/pxc-db --version 1.16.1 --namespace my-namespace ``` The chart can be customized using the following configurable parameters: | Parameter | Description | Default | | ------------------------------------------------- | ---------------------------------------------------------------------------------------------------- | ------------------------------------ | -| `crVersion` | Version of the Operator the Custom Resource belongs to | `1.16.0` | +| `crVersion` | Version of the Operator the Custom Resource belongs to | `1.16.1` | | `ignoreAnnotations` | Operator will not remove following annotations | `[]` | | `ignoreLabels` | Operator will not remove following labels | `[]` | | `pause` | Stop PXC Database safely | `false` | @@ -231,7 +231,7 @@ The chart can be customized using the following configurable parameters: | `proxysql.podSecurityContext` | A custom Kubernetes Security Context for a Pod to be used instead of the default one | `{}` | | | | `logcollector.enabled` | Enable log collector container | `true` | -| `logcollector.image` | Log collector image repository | `percona/percona-xtradb-cluster-operator:1.16.0-logcollector-fluentbit3.2.2` | +| `logcollector.image` | Log collector image repository | `percona/percona-xtradb-cluster-operator:1.16.1-logcollector-fluentbit3.2.2` | | `logcollector.imagePullSecrets` | Log collector pull secret | `[]` | | `logcollector.imagePullPolicy` | The policy used to update images | `` | | `logcollector.configuration` | User defined configuration for logcollector | `` | @@ -264,7 +264,7 @@ The chart can be customized using the following configurable parameters: | `backup.enabled` | Enables backups for PXC cluster | `true` | | `backup.allowParallel` | Allow taking multiple backups in parallel | `true` | | `backup.image.repository` | Backup Container image | `percona/percona-xtradb-cluster-operator` | -| `backup.image.tag` | Backup Container tag | `1.16.0-pxc8.0-backup-pxb8.0.35` | +| `backup.image.tag` | Backup Container tag | `1.16.1-pxc8.0-backup-pxb8.0.35` | | `backup.backoffLimit` | The number of retries to make a backup | `10` | | `backup.activeDeadlineSeconds` | Maximum duration in seconds for a bacup job to run. The job will be terminated if it exceeds this time | `` | | `backup.imagePullSecrets` | Backup Container pull secret | `[]` | diff --git a/charts/pxc-db/values.yaml b/charts/pxc-db/values.yaml index 617a3bf6..0932e9ae 100644 --- a/charts/pxc-db/values.yaml +++ b/charts/pxc-db/values.yaml @@ -19,7 +19,7 @@ annotations: {} operatorImageRepository: percona/percona-xtradb-cluster-operator -crVersion: 1.16.0 +crVersion: 1.16.1 enableVolumeExpansion: false @@ -29,7 +29,7 @@ ignoreLabels: [] # - rack pause: false # initContainer: -# image: "percona/percona-xtradb-cluster-operator:1.16.0" +# image: "percona/percona-xtradb-cluster-operator:1.16.1" # containerSecurityContext: # privileged: false # runAsUser: 1001 @@ -533,7 +533,7 @@ proxysql: logcollector: enabled: true - image: percona/percona-xtradb-cluster-operator:1.16.0-logcollector-fluentbit3.2.2 + image: percona/percona-xtradb-cluster-operator:1.16.1-logcollector-fluentbit3.2.2 # imagePullPolicy: Always imagePullSecrets: [] # configuration: | @@ -594,7 +594,7 @@ backup: # allowParallel: true image: repository: percona/percona-xtradb-cluster-operator - tag: 1.16.0-pxc8.0-backup-pxb8.0.35 + tag: 1.16.1-pxc8.0-backup-pxb8.0.35 # backoffLimit: 6 # activeDeadlineSeconds: 3600 # serviceAccountName: percona-xtradb-cluster-operator diff --git a/charts/pxc-operator/Chart.yaml b/charts/pxc-operator/Chart.yaml index 70463711..a0eebc14 100644 --- a/charts/pxc-operator/Chart.yaml +++ b/charts/pxc-operator/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: 1.16.0 +appVersion: 1.16.1 description: A Helm chart for deploying the Percona Operator for MySQL (based on Percona XtraDB Cluster) name: pxc-operator home: https://docs.percona.com/percona-operator-for-mysql/pxc/ -version: 1.16.0 +version: 1.16.1 maintainers: - name: nmarukovich email: natalia.marukovich@percona.com diff --git a/charts/pxc-operator/README.md b/charts/pxc-operator/README.md index 7663b372..43f7c5e9 100644 --- a/charts/pxc-operator/README.md +++ b/charts/pxc-operator/README.md @@ -19,14 +19,14 @@ To install the chart with the `pxc` release name using a dedicated namespace (re ```sh helm repo add percona https://percona.github.io/percona-helm-charts/ -helm install my-operator percona/pxc-operator --version 1.16.0 --namespace my-namespace +helm install my-operator percona/pxc-operator --version 1.16.1 --namespace my-namespace ``` The chart can be customized using the following configurable parameters: | Parameter | Description | Default | | ------------------------------- | -----------------------------------------------------------------------------------------------| -------------------------------------------------| -| `image` | PXC Operator Container image full path | `percona/percona-xtradb-cluster-operator:1.16.0` | +| `image` | PXC Operator Container image full path | `percona/percona-xtradb-cluster-operator:1.16.1` | | `imagePullPolicy` | PXC Operator Container pull policy | `Always` | | `containerSecurityContext` | PXC Operator Container securityContext | `{}` | | `imagePullSecrets` | PXC Operator Pod pull secret | `[]` | From 3a7e5b8c82ea9cce8ca252552dfa36194dd8e593 Mon Sep 17 00:00:00 2001 From: Diogo Recharte Date: Tue, 7 Jan 2025 13:33:23 +0000 Subject: [PATCH 15/21] EVEREST-107 remove tech preview badge --- charts/everest/README.md | 4 ---- charts/everest/README.md.gotmpl | 4 ---- 2 files changed, 8 deletions(-) diff --git a/charts/everest/README.md b/charts/everest/README.md index 2a4e7a90..c95645f9 100644 --- a/charts/everest/README.md +++ b/charts/everest/README.md @@ -7,10 +7,6 @@ Useful links: - [Percona Everest GitHub](https://github.com/percona/everest) - [Deploying with ArgoCD](./docs/argocd.md) -> :warning: Note: This chart is currently in technical preview. -Future releases could potentially introduce breaking changes, and we cannot promise a migration path. We do not recommend using this in production environment, -but if you do so, please be aware of the risks. - ## Usage ### 1. Add the Percona Helm repository diff --git a/charts/everest/README.md.gotmpl b/charts/everest/README.md.gotmpl index 607dd00e..61e9c1bf 100644 --- a/charts/everest/README.md.gotmpl +++ b/charts/everest/README.md.gotmpl @@ -7,10 +7,6 @@ Useful links: - [Percona Everest GitHub](https://github.com/percona/everest) - [Deploying with ArgoCD](./docs/argocd.md) -> :warning: Note: This chart is currently in technical preview. -Future releases could potentially introduce breaking changes, and we cannot promise a migration path. We do not recommend using this in production environment, -but if you do so, please be aware of the risks. - ## Usage ### 1. Add the Percona Helm repository From b3afdd48d11bac4d3f7880d539ef3c2528b1e4c6 Mon Sep 17 00:00:00 2001 From: Mayank Shah Date: Fri, 10 Jan 2025 00:07:53 +0530 Subject: [PATCH 16/21] remove test.yaml Signed-off-by: Mayank Shah --- charts/everest/test.yaml | 0 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 charts/everest/test.yaml diff --git a/charts/everest/test.yaml b/charts/everest/test.yaml deleted file mode 100644 index e69de29b..00000000 From 71fa627a292ab8d55429b33242a10f99c405e09c Mon Sep 17 00:00:00 2001 From: Mayank Shah Date: Tue, 14 Jan 2025 18:01:43 +0530 Subject: [PATCH 17/21] add clusterrolebinding for openshift Signed-off-by: Mayank Shah --- .../ksm-openshift-clusterrolebinding.yaml | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 charts/everest/templates/ksm-openshift-clusterrolebinding.yaml diff --git a/charts/everest/templates/ksm-openshift-clusterrolebinding.yaml b/charts/everest/templates/ksm-openshift-clusterrolebinding.yaml new file mode 100644 index 00000000..d8fe372a --- /dev/null +++ b/charts/everest/templates/ksm-openshift-clusterrolebinding.yaml @@ -0,0 +1,17 @@ +# We need a separate ClusterRoleBinding for OpenShift, as the one that comes pre-intalled cannot be bound to the ServiceAccount used +# for Everest's kube-state-metrics installation. +{{- $ksm := (index .Values "kube-state-metrics") -}} +{{- if (and $ksm.enabled .Values.compatibility.openshift )}} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: ksm-openshift-cluster-role-binding +roleRef: + kind: "ClusterRole" + apiGroup: "rbac.authorization.k8s.io" + name: kube-state-metrics +subjects: + - kind: "ServiceAccount" + name: kube-state-metrics + namespace: {{ $ksm.namespaceOverride }} +{{- end -}} From cbea54a4c80b7f081012dcaea50bf6e733eb911c Mon Sep 17 00:00:00 2001 From: Mayank Shah Date: Tue, 14 Jan 2025 18:01:53 +0530 Subject: [PATCH 18/21] add document for openshift Signed-off-by: Mayank Shah --- charts/everest/docs/openshift.md | 57 ++++++++++++++++++++++++++++++++ 1 file changed, 57 insertions(+) create mode 100644 charts/everest/docs/openshift.md diff --git a/charts/everest/docs/openshift.md b/charts/everest/docs/openshift.md new file mode 100644 index 00000000..7aa1386c --- /dev/null +++ b/charts/everest/docs/openshift.md @@ -0,0 +1,57 @@ +# Installing Percona Everest on OpenShift + +The Percona Everest Helm chart can be installed on OpenShift with some additional configuration steps. + +> Note: Support for OpenShift is currently in progress, so it may not work as expected. If you encounter any issues, please report them by creating a new issue [here](https://github.com/percona/everest/issues/new). + +## 1. Install Everest + +Run the following command to install Everest with OpenShift compatibility enabled: + +```sh +helm install everest-core percona/everest \ + --namespace everest-system \ + --create-namespace \ + --set compatibility.openshift=true \ + --set dbNamespace.compatibility.openshift=true \ + --set kube-state-metrics.securityContext.enabled=false \ + --set kube-state-metrics.rbac.create=false +``` + +## 2. (Optional) Update RBAC for kube-state-metrics + +If you're using a chart version older than 1.5.0, you must manually create a `ClusterRoleBinding` for kube-state-metrics. Use the following YAML: + +```sh +cat < Note: For versions 1.5.0 and above, this `ClusterRoleBinding` is created automatically when you set `compatibility.openshift=true`. + +## 3. (Optional) Install additional database namespaces + +If you need to add database namespaces, run the following command with OpenShift compatibility enabled: + +``` +helm install everest \ + percona/everest-db-namespace \ + --create-namespace \ + --namespace everest \ + --set compatibility.openshift=true +``` + +For detailed instructions, refer to the guide linked [here](../README.md), but adjust the installation parameters according to the values specified in this document. + From b4bfdadb0591e372999831eea4a2043c1e7cb79a Mon Sep 17 00:00:00 2001 From: Mayank Shah Date: Tue, 14 Jan 2025 18:02:50 +0530 Subject: [PATCH 19/21] add reference Signed-off-by: Mayank Shah --- charts/everest/README.md | 1 + charts/everest/README.md.gotmpl | 1 + 2 files changed, 2 insertions(+) diff --git a/charts/everest/README.md b/charts/everest/README.md index c95645f9..71089282 100644 --- a/charts/everest/README.md +++ b/charts/everest/README.md @@ -6,6 +6,7 @@ Useful links: - [Percona Everest Documentation](https://docs.percona.com/everest/index.html) - [Percona Everest GitHub](https://github.com/percona/everest) - [Deploying with ArgoCD](./docs/argocd.md) +- [Installing on OpenShift](./docs/openshift.md) ## Usage diff --git a/charts/everest/README.md.gotmpl b/charts/everest/README.md.gotmpl index 61e9c1bf..0b48d5a9 100644 --- a/charts/everest/README.md.gotmpl +++ b/charts/everest/README.md.gotmpl @@ -6,6 +6,7 @@ Useful links: - [Percona Everest Documentation](https://docs.percona.com/everest/index.html) - [Percona Everest GitHub](https://github.com/percona/everest) - [Deploying with ArgoCD](./docs/argocd.md) +- [Installing on OpenShift](./docs/openshift.md) ## Usage From d92412d3696e11df5af5f43caf2fc31e8f58e6c6 Mon Sep 17 00:00:00 2001 From: Mayank Shah Date: Tue, 14 Jan 2025 18:10:58 +0530 Subject: [PATCH 20/21] Update charts/everest/templates/ksm-openshift-clusterrolebinding.yaml Co-authored-by: Tomislav Plavcic --- charts/everest/templates/ksm-openshift-clusterrolebinding.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/everest/templates/ksm-openshift-clusterrolebinding.yaml b/charts/everest/templates/ksm-openshift-clusterrolebinding.yaml index d8fe372a..5f38bb78 100644 --- a/charts/everest/templates/ksm-openshift-clusterrolebinding.yaml +++ b/charts/everest/templates/ksm-openshift-clusterrolebinding.yaml @@ -1,4 +1,4 @@ -# We need a separate ClusterRoleBinding for OpenShift, as the one that comes pre-intalled cannot be bound to the ServiceAccount used +# We need a separate ClusterRoleBinding for OpenShift, as the one that comes pre-installed cannot be bound to the ServiceAccount used # for Everest's kube-state-metrics installation. {{- $ksm := (index .Values "kube-state-metrics") -}} {{- if (and $ksm.enabled .Values.compatibility.openshift )}} From 7f34dc2cc1687149add710329500717767a4059a Mon Sep 17 00:00:00 2001 From: Rojin Ebrahimi Date: Tue, 14 Jan 2025 18:45:43 +0330 Subject: [PATCH 21/21] Remove extra creationTimestamp null in OLM --- charts/everest/crds/olm.yaml | 8 -------- 1 file changed, 8 deletions(-) diff --git a/charts/everest/crds/olm.yaml b/charts/everest/crds/olm.yaml index afa49b3a..80f11011 100644 --- a/charts/everest/crds/olm.yaml +++ b/charts/everest/crds/olm.yaml @@ -3,7 +3,6 @@ kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.9.0 - creationTimestamp: null name: catalogsources.operators.coreos.com spec: group: operators.coreos.com @@ -260,7 +259,6 @@ kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.9.0 - creationTimestamp: null name: clusterserviceversions.operators.coreos.com spec: group: operators.coreos.com @@ -5559,7 +5557,6 @@ kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.9.0 - creationTimestamp: null name: installplans.operators.coreos.com spec: group: operators.coreos.com @@ -5825,7 +5822,6 @@ kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.9.0 - creationTimestamp: null name: olmconfigs.operators.coreos.com spec: group: operators.coreos.com @@ -5923,7 +5919,6 @@ kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.9.0 - creationTimestamp: null name: operatorconditions.operators.coreos.com spec: group: operators.coreos.com @@ -6230,7 +6225,6 @@ kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.9.0 - creationTimestamp: null name: operatorgroups.operators.coreos.com spec: group: operators.coreos.com @@ -6517,7 +6511,6 @@ kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.9.0 - creationTimestamp: null name: operators.operators.coreos.com spec: group: operators.coreos.com @@ -6656,7 +6649,6 @@ kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.9.0 - creationTimestamp: null name: subscriptions.operators.coreos.com spec: group: operators.coreos.com