mariadbOperator:
image: mariadb
- appVersion: 11.1.2
+ appVersion: 11.2.2
persistence:
#storageClassName: default
size: 3Gi
galera:
enabled: true
- agentImage: mariadb-operator/agent
- agentVersion: v0.0.3
- initImage: mariadb-operator/init
- initVersion: v0.0.6
+ agentImage: mariadb-operator/mariadb-operator
+ agentVersion: v0.0.28
+ initImage: mariadb-operator/mariadb-operator
+ initVersion: v0.0.28
## String to partially override common.names.fullname template (will maintain the release name)
##
# sidecar.istio.io/inject: "false"
traffic.sidecar.istio.io/excludeInboundPorts: "4444,4567,4568"
traffic.sidecar.istio.io/includeInboundPorts: '*'
- traffic.sidecar.istio.io/excludeOutboundPorts: "4444,4567,4568"
+ traffic.sidecar.istio.io/excludeOutboundPorts: "4444,4567,4568,443"
mariadbOpConfiguration: |-
[mysqld]
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
##
securityContext:
- enabled: true
user_id: 10001
group_id: 10001
+# Old Bitnami Chart does not work without Filesystem access
+containerSecurityContext:
+ readOnlyFileSystem: false
+
## Database credentials for root (admin) user
##
rootUser:
## For this reason the db data pvc needs to have accessMode: ReadWriteMany.
backup:
enabled: false
+ # used in the mariadb-operator to override the backup name (default is DBName)
+ # nameOverride:
+ # defines the backup job execution period
cron: "00 00 * * *"
+ # used by mariadb-operator to set the max retention time
+ maxRetention: 720h
retentionPeriod: 3
+ # used by mariadb-operator to set the backup storage type (PVC, S3, volume)
+ storageType: PVC
+ # configuration used for PVC backup storage
persistence:
## If true, use a Persistent Volume Claim, If false, use emptyDir
##
## Persistent Volume size
##
size: 2Gi
-
+ # requires mariadb-operator v0.24.0
+ # configuration used for S3 backup storage
+ # see: https://github.com/mariadb-operator/mariadb-operator/blob/main/docs/BACKUP.md
+ s3:
+ bucket: backups
+ endpoint: minio.minio.svc.cluster.local:9000
+ #region: us-east-1
+ accessKeyIdSecretKeyRef:
+ name: minio
+ key: access-key-id
+ secretAccessKeySecretKeyRef:
+ name: minio
+ key: secret-access-key
+ tls:
+ enabled: false
+ caSecretKeyRef:
+ name: minio-ca
+ key: ca.crt
+ # configuration used for kubernetes volumes as backup storage
+ # see: https://github.com/mariadb-operator/mariadb-operator/blob/main/docs/BACKUP.md
+ volume: {}
readinessCheck:
wait_for:
- apps:
- - '{{ include "common.name" . }}'
+ services:
+ - '{{ include "common.servicename" . }}'
## TLS configuration
##
resources:
small:
limits:
- cpu: 1
- memory: 4Gi
+ cpu: "1"
+ memory: "4Gi"
requests:
- cpu: 500m
- memory: 2Gi
+ cpu: "500m"
+ memory: "2Gi"
large:
limits:
- cpu: 2
- memory: 6Gi
+ cpu: "2"
+ memory: "6Gi"
requests:
- cpu: 1
- memory: 3Gi
+ cpu: "1"
+ memory: "3Gi"
unlimited: {}
## MariaDB Galera containers' liveness and readiness probes
## - --collect.binlog_size
##
extraFlags: []
+ securityContext:
+ readOnlyRootFilesystem: true
+ privileged: false
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ - CAP_NET_RAW
+ runAsGroup: 10001
+ runAsNonRoot: true
+ runAsUser: 10001
+ seccompProfile:
+ type: RuntimeDefault
## MySQL Prometheus exporter containers' resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
limits:
- cpu: 0.5
- memory: 256Mi
+ cpu: "0.5"
+ memory: "200Mi"
requests:
- cpu: 0.5
- memory: 256Mi
+ cpu: "0.5"
+ memory: "200Mi"
## MariaDB Galera metrics container's liveness and readiness probes
## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
##