{{- else if $dot.Values.metrics.serviceMonitor.targetPort }}
targetPort: {{ $dot.Values.metrics.serviceMonitor.targetPort }}
{{- else }}
- port: metrics
+ port: tcp-metrics
{{- end }}
{{- if $dot.Values.metrics.serviceMonitor.isHttps }}
scheme: https
spec:
type: {{ .Values.metrics.service.type }}
ports:
- - name: metrics
+ - name: tcp-metrics
port: {{ .Values.metrics.service.port }}
- targetPort: metrics
+ targetPort: tcp-metrics
selector: {{- include "common.matchLabels" . | nindent 4 }}
{{- end }}
{{ include "common.service" . }}
---
{{ include "common.headlessService" . }}
+{{- if (include "common.onServiceMesh" .) }}
+{{- if eq (default "istio" .Values.global.serviceMesh.engine) "istio" }}
+---
+apiVersion: security.istio.io/v1beta1
+kind: PeerAuthentication
+metadata:
+ name: {{ include "common.servicename" . }}
+ namespace: {{ include "common.namespace" . }}
+spec:
+ selector:
+ matchLabels:
+ app: {{ include "common.servicename" . }}
+ portLevelMtls:
+ {{ .Values.service.internalPort }}:
+ mode: DISABLE
+{{- end}}
+{{- end}}
- |
DATA_SOURCE_NAME="$MARIADB_ROOT_USER:$MARIADB_ROOT_PASSWORD@(localhost:3306)/" /bin/mysqld_exporter $MARIADB_METRICS_EXTRA_FLAGS
ports:
- - name: metrics
+ - name: tcp-metrics
containerPort: 9104
livenessProbe:
httpGet:
path: /metrics
- port: metrics
+ port: tcp-metrics
initialDelaySeconds: {{ .Values.metrics.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.metrics.livenessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.metrics.livenessProbe.timeoutSeconds }}
readinessProbe:
httpGet:
path: /metrics
- port: metrics
+ port: tcp-metrics
initialDelaySeconds: {{ .Values.metrics.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.metrics.readinessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.metrics.readinessProbe.timeoutSeconds }}
headless: {}
internalPort: &dbPort 3306
ports:
- - name: mysql
+ - name: tcp-mysql
port: *dbPort
headlessPorts:
- - name: galera
+ - name: tcp-galera
port: 4567
- - name: ist
+ - name: tcp-ist
port: 4568
- - name: sst
+ - name: tcp-sst
port: 4444
## Additional pod annotations for MariaDB Galera pods
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
+## -> here required to enable mariadb-galera in istio
##
-podAnnotations: {}
+podAnnotations:
+ # sidecar.istio.io/inject: "false"
+ traffic.sidecar.istio.io/excludeInboundPorts: "4568"
+ traffic.sidecar.istio.io/includeInboundPorts: '*'
## Pod affinity preset
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
enabled: true
initialDelaySeconds: 1
periodSeconds: 10
- timeoutSeconds: 1
+ timeoutSeconds: 180
successThreshold: 1
failureThreshold: 3
readinessProbe:
enabled: true
initialDelaySeconds: 1
periodSeconds: 10
- timeoutSeconds: 1
+ timeoutSeconds: 180
successThreshold: 1
failureThreshold: 3
startupProbe:
enabled: true
initialDelaySeconds: 10
periodSeconds: 10
- timeoutSeconds: 1
+ timeoutSeconds: 180
successThreshold: 1
# will wait up for initialDelaySeconds + failureThreshold*periodSeconds before
# stating startup wasn't good (910s per default)
release: prometheus
## Rules as a map.
- rules: {}
+ rules: []
# - alert: MariaDB-Down
# annotations:
# message: 'MariaDB instance {{ $labels.instance }} is down'
- /bin/sh
- -c
- |
+ {{- if include "common.onServiceMesh" . }}
+ echo "waiting 15s for istio side cars to be up"; sleep 15s;{{- end }}
/db_init/db_init.sh {{ if or .Values.dbScriptConfigMap .Values.dbScript }} &&
/db_config/db_cmd.sh{{ end }}
env:
{{- end }}
resources:
{{ include "common.resources" . | indent 12 }}
+ {{ include "common.waitForJobContainer" . | indent 6 | trim }}
{{- if .Values.nodeSelector }}
nodeSelector:
{{ toYaml .Values.nodeSelector | indent 10 }}
cpu: 20m
memory: 20Mi
unlimited: {}
+
+wait_for_job_container:
+ containers:
+ - '{{ include "common.name" . }}'
initialDelaySeconds: 120
mariadb-galera:
liveness:
- initialDelaySeconds: 180
+ initialDelaySeconds: 30
periodSeconds: 60
mariadb-galera-server:
liveness: