github.com/bartle-stripe/trillian@v1.2.1/storage/mysql/kubernetes/galera.yaml (about) 1 apiVersion: storage.k8s.io/v1beta1 2 kind: StorageClass 3 metadata: 4 name: fast 5 provisioner: kubernetes.io/gce-pd 6 parameters: 7 type: pd-ssd 8 --- 9 apiVersion: v1 10 kind: Service 11 metadata: 12 name: mysql 13 labels: 14 app: mysql 15 spec: 16 ports: 17 - port: 3306 18 name: mysql 19 type: LoadBalancer 20 # Make all connections from a particular client go to the same database 21 # replica. This avoids a sequencer connecting to different replicas in 22 # parallel and causing write conflicts that result in transaction rollbacks. 23 sessionAffinity: ClientIP 24 selector: 25 app: galera 26 # Only connections from 10.0.0.0/8 will be accepted. 27 # To allow connections from elsewhere, replace 10.0.0.0/8 with the appropriate 28 # CIDR IP range(s). To allow connections from any IP address, delete the 29 # loadBalancerSourceRanges field. 30 loadBalancerSourceRanges: 31 - 10.0.0.0/8 32 --- 33 apiVersion: v1 34 kind: Service 35 metadata: 36 name: galera 37 labels: 38 app: galera 39 spec: 40 clusterIP: None 41 ports: 42 - port: 3306 43 name: mysql 44 - port: 4444 45 name: state-snapshot-transfer 46 - port: 4567 47 name: replication-traffic 48 - port: 4568 49 name: incremental-state-transfer 50 selector: 51 app: galera 52 --- 53 apiVersion: v1 54 kind: Secret 55 metadata: 56 name: mysql-credentials 57 type: Opaque 58 data: 59 # These values must be base64 encoded. 60 sst-username: c3N0 61 sst-password: c3N0 62 root-password: emFwaG9k 63 --- 64 apiVersion: apps/v1beta1 65 kind: StatefulSet 66 metadata: 67 name: galera 68 spec: 69 serviceName: galera 70 replicas: 3 71 volumeClaimTemplates: 72 - metadata: 73 name: mysql-db 74 annotations: 75 volume.beta.kubernetes.io/storage-class: fast 76 spec: 77 accessModes: 78 - ReadWriteOnce 79 resources: 80 requests: 81 storage: 500Gi 82 template: 83 metadata: 84 labels: 85 app: galera 86 spec: 87 terminationGracePeriodSeconds: 30 88 containers: 89 - resources: 90 limits: 91 cpu: 2 92 readinessProbe: 93 exec: 94 command: ["mysql", "-h", "127.0.0.1", "-u", "dummy", "-e", "SELECT 1"] 95 image: us.gcr.io/trillian-test/galera:experimental 96 imagePullPolicy: Always 97 name: mysql 98 ports: 99 - containerPort: 3306 100 - containerPort: 4444 101 - containerPort: 4567 102 - containerPort: 4568 103 volumeMounts: 104 - name: mysql-db 105 mountPath: /var/lib/mysql 106 env: 107 - name: WSREP_SST_USER 108 valueFrom: 109 secretKeyRef: 110 name: mysql-credentials 111 key: sst-username 112 - name: WSREP_SST_PASSWORD 113 valueFrom: 114 secretKeyRef: 115 name: mysql-credentials 116 key: sst-password 117 - name: MYSQL_ROOT_PASSWORD 118 valueFrom: 119 secretKeyRef: 120 name: mysql-credentials 121 key: root-password 122