Merge pull request #68 from percona/pxco-180

K8SPXC-674 - Update for PXCO 1.8.0 release and merge community contributions
percona · Apr 28, 2021 · 2346485 · 2346485
2 parents 614a164 + 8d288d8
commit 2346485
Show file tree

Hide file tree

Showing 12 changed files with 152 additions and 33 deletions.
diff --git a/charts/pxc-db/Chart.yaml b/charts/pxc-db/Chart.yaml
@@ -1,9 +1,9 @@
 apiVersion: v1
-appVersion: "1.7.0"
+appVersion: "1.8.0"
 description: A Helm chart for installing Percona XtraDB Cluster Databases using the PXC Operator.
 name: pxc-db
 home: https://www.percona.com/doc/kubernetes-operator-for-pxc/kubernetes.html
-version: 0.1.16
+version: 0.1.17
 maintainers:
   - name: cap1984
     email: ivan.pylypenko@percona.com

diff --git a/charts/pxc-db/README.md b/charts/pxc-db/README.md
@@ -5,7 +5,7 @@ This chart implements Percona XtraDB Cluster deployment in Kubernets via Custom
 
 ## Pre-requisites
 * [PXC operator](https://hub.helm.sh/charts/percona/pxc-operator) running in you K8S cluster
-* Kubernetes 1.15+
+* Kubernetes 1.16+
 * PV support on the underlying infrastructure - only if you are provisioning persistent volume(s).
 * Helm v3
 
@@ -24,7 +24,7 @@ To install the chart with the `pxc` release name using a dedicated namespace (re
 
 ```sh
 helm repo add percona https://percona.github.io/percona-helm-charts/
-helm install my-db percona/pxc-db --version 0.1.15 --namespace my-namespace
+helm install my-db percona/pxc-db --version 0.1.17 --namespace my-namespace
 ```
 
 The chart can be customized using the following configurable parameters:
@@ -35,11 +35,14 @@ The chart can be customized using the following configurable parameters:
 | `allowUnsafeConfigurations`     | Allows forbidden configurations like even number of PXC cluster pods          | `false`                                   |
 | `updateStrategy`                | Regulates the way how PXC Cluster Pods will be updated after setting a new image | `SmartUpdate`                          |
 | `upgradeOptions.versionServiceEndpoint` | Endpoint for actual PXC Versions provider                             | `https://check.percona.com/versions`      |
-| `upgradeOptions.apply`          | PXC image to apply from version service - `recommended`, `latest`, actual version like `8.0.19-10.1` | `recommended` |
+| `upgradeOptions.apply`          | PXC image to apply from version service - `recommended`, `latest`, actual version like `8.0.19-10.1` | `8.0-recommended` |
 | `upgradeOptions.schedule`          | Cron formatted time to execute the update | `"0 4 * * *"` |
+| `finalizers:delete-pxc-pods-in-order`  | Set this if you want to delete PXC pods in order on cluster deletion |   |
+| `finalizers:delete-proxysql-pvc`  | Set this if you want to delete proxysql persistent volumes on cluster deletion |   |
+| `finalizers:delete-pxc-pvc`  | Set this if you want to delete database persistent volumes on cluster deletion |   |
 | `pxc.size`                      | PXC Cluster target member (pod) quantity. Can't even if `allowUnsafeConfigurations` is `true` | `3` |
 | `pxc.image.repository`              | PXC Container image repository                                           | `percona/percona-xtradb-cluster` |
-| `pxc.image.tag`                     | PXC Container image tag                                       | `8.0.21-12.1`                              |
+| `pxc.image.tag`                     | PXC Container image tag                                       | `8.0.22-13.1`                              |
 | `pxc.autoRecovery`                     | Enable full cluster crash auto recovery                    | `true`                              |
 | `pxc.imagePullSecrets`             | PXC Container pull secret                                                | `[]`                                      |
 | `pxc.annotations`             | PXC Pod user-defined annotations                                         | `{}` |
@@ -68,10 +71,14 @@ The chart can be customized using the following configurable parameters:
 | `haproxy.enabled` | Use HAProxy as TCP proxy for PXC cluster | `true` |
 | `haproxy.size`                      | HAProxy target pod quantity. Can't even if `allowUnsafeConfigurations` is `true` | `3` |
 | `haproxy.image.repository`              | HAProxy Container image repository                                           | `percona/percona-xtradb-cluster-operator` |
-| `haproxy.image.tag`                     | HAProxy Container image tag                                       | `1.7.0-haproxy`                              |
+| `haproxy.image.tag`                     | HAProxy Container image tag                                       | `1.8.0-haproxy`                              |
 | `haproxy.imagePullSecrets`             | HAProxy Container pull secret                                                | `[]`                                      |
 | `haproxy.annotations`             | HAProxy Pod user-defined annotations                                         | `{}` |
 | `haproxy.priorityClassName`       | HAProxy Pod priority Class defined by user                                   |  |
+| `haproxy.externalTrafficPolicy`   | Desire service to route external traffic to node-local or cluster-wide endpoints  |  |
+| `haproxy.loadBalancerSourceRanges` | Limit which client IP's can access the Network Load Balancer                | `[]` |
+| `haproxy.serviceType`             | Specify what kind of Service you want                                        | `ClusterIP` |
+| `haproxy.serviceAnnotations`      | Specify service annotations                                                  | `{}` |
 | `haproxy.labels`                  | HAProxy Pod user-defined labels                                              | `{}` |
 | `haproxy.readinessDelaySec`       | HAProxy Pod delay for readiness probe in seconds                             | `15` |
 | `haproxy.livenessDelaySec`        | HAProxy Pod delay for liveness probe in seconds                             | `300` |
@@ -88,10 +95,14 @@ The chart can be customized using the following configurable parameters:
 | `proxysql.enabled` | Use ProxySQL as TCP proxy for PXC cluster | `false` |
 | `proxysql.size`                      | ProxySQL target pod quantity. Can't even if `allowUnsafeConfigurations` is `true` | `3` |
 | `proxysql.image.repository`              | ProxySQL Container image repository                                           | `percona/percona-xtradb-cluster-operator` |
-| `proxysql.image.tag`                     | ProxySQL Container image tag                                       | `1.7.0-proxysql`                              |
+| `proxysql.image.tag`                     | ProxySQL Container image tag                                       | `1.8.0-proxysql`                              |
 | `proxysql.imagePullSecrets`             | ProxySQL Container pull secret                                                | `[]`                                      |
 | `proxysql.annotations`             | ProxySQL Pod user-defined annotations                                         | `{}` |
 | `proxysql.priorityClassName`       | ProxySQL Pod priority Class defined by user                                   |  |
+| `proxysql.externalTrafficPolicy`   | Desire service to route external traffic to node-local or cluster-wide endpoints  |  |
+| `proxysql.loadBalancerSourceRanges` | Limit which client IP's can access the Network Load Balancer                 | `[]` |
+| `proxysql.serviceType`             | Specify what kind of Service you want                                         | `ClusterIP` |
+| `proxysql.serviceAnnotations`      | Specify service annotations                                                   | `{}` |
 | `proxysql.labels`                  | ProxySQL Pod user-defined labels                                              | `{}` |
 | `proxysql.readinessDelaySec`       | ProxySQL Pod delay for readiness probe in seconds                             | `15` |
 | `proxysql.livenessDelaySec`        | ProxySQL Pod delay for liveness probe in seconds                             | `300` |
@@ -112,7 +123,7 @@ The chart can be customized using the following configurable parameters:
 | |
 | `logcollector.enabled` | Enable log collector container | `true` |
 | `logcollector.image.repository`              | Log collector image repository                                           | `percona/percona-xtradb-cluster-operator` |
-| `logcollector.image.tag`                     | Log collector image tag                                       | `1.7.0-logcollector`                              |
+| `logcollector.image.tag`                     | Log collector image tag                                       | `1.8.0-logcollector`                              |
 | |
 | `pmm.enabled` | Enable integration with [Percona Monitoting and Management software](https://www.percona.com/doc/kubernetes-operator-for-pxc/monitoring.html) | `false` |
 | `pmm.image.repository`              | PMM Container image repository                                           | `percona/pmm-client` |
@@ -122,7 +133,7 @@ The chart can be customized using the following configurable parameters:
 | |
 | `backup.enabled` | Enables backups for PXC cluster | `true` |
 | `backup.image.repository`              | Backup Container image repository                                           | `percona/percona-xtradb-cluster-operator` |
-| `backup.image.tag`                     | Backup Container image tag                      | `1.7.0-pxc8.0-backup`                              |
+| `backup.image.tag`                     | Backup Container image tag                      | `1.8.0-pxc8.0-backup`                              |
 | `backup.imagePullSecrets`             | Backup Container pull secret                                                | `[]`                                      |
 | `backup.pitr.enabled`             | Enable point in time recovery                                                | `false`                                      |
 | `backup.pitr.storageName`             | Storage name for PITR                                                | `s3-us-west-binlogs`                                      |

diff --git a/charts/pxc-db/crds/crd.yaml b/charts/pxc-db/crds/crd.yaml
@@ -36,6 +36,9 @@ spec:
       storage: false
       served: true
     - name: v1-7-0
+      storage: false
+      served: true
+    - name: v1-8-0
       storage: true
       served: true
     - name: v1alpha1
@@ -65,6 +68,10 @@ spec:
       JSONPath: .metadata.creationTimestamp
   subresources:
     status: {}
+    scale:
+      specReplicasPath: .spec.pxc.size
+      statusReplicasPath: .status.pxc.ready
+      labelSelectorPath: .status.pxc.labelSelectorPath
 ---
 apiVersion: apiextensions.k8s.io/v1beta1
 kind: CustomResourceDefinition

diff --git a/charts/pxc-db/production-values.yaml b/charts/pxc-db/production-values.yaml
@@ -13,7 +13,7 @@ finalizers:
 nameOverride: "production"
 fullnameOverride: "production"
 
-crVersion: 1.7.0
+crVersion: 1.8.0
 pause: false
 allowUnsafeConfigurations: false
 updateStrategy: SmartUpdate
@@ -26,7 +26,7 @@ pxc:
   size: 3
   image:
     repository: percona/percona-xtradb-cluster
-    tag: 8.0.21-12.1
+    tag: 8.0.22-13.1
   autoRecovery: true
   imagePullSecrets: []
   # - name: private-registry-credentials
@@ -99,13 +99,19 @@ haproxy:
   size: 3
   image:
     repository: percona/percona-xtradb-cluster-operator
-    tag: 1.7.0-haproxy
+    tag: 1.8.0-haproxy
   imagePullSecrets: []
   # - name: private-registry-credentials
   annotations: {}
   #  iam.amazonaws.com/role: role-arn
   labels: {}
   #  rack: rack-22
+  # serviceType: ClusterIP
+  # externalTrafficPolicy: Cluster
+  # loadBalancerSourceRanges:
+  #   - 10.0.0.0/8
+  # serviceAnnotations:
+  #   service.beta.kubernetes.io/aws-load-balancer-backend-protocol: http
   # priorityClassName:
   readinessDelaySec: 15
   livenessDelaySec: 300
@@ -146,13 +152,19 @@ proxysql:
   size: 3
   image:
     repository: percona/percona-xtradb-cluster-operator
-    tag: 1.7.0-proxysql
+    tag: 1.8.0-proxysql
   imagePullSecrets: []
   # - name: private-registry-credentials
   annotations: {}
   #  iam.amazonaws.com/role: role-arn
   labels: {}
   #  rack: rack-22
+  # serviceType: ClusterIP
+  # externalTrafficPolicy: Cluster
+  # loadBalancerSourceRanges:
+  #   - 10.0.0.0/8
+  # serviceAnnotations:
+  #   service.beta.kubernetes.io/aws-load-balancer-backend-protocol: http
   # priorityClassName:
   readinessDelaySec: 15
   livenessDelaySec: 300
@@ -197,7 +209,7 @@ logcollector:
   enabled: true
   image:
     repository: percona/percona-xtradb-cluster-operator
-    tag: 1.7.0-logcollector
+    tag: 1.8.0-logcollector
 
 pmm:
   enabled: false
@@ -211,7 +223,7 @@ backup:
   enabled: true
   image:
     repository: percona/percona-xtradb-cluster-operator
-    tag: 1.7.0-pxc8.0-backup
+    tag: 1.8.0-pxc8.0-backup
   imagePullSecrets: []
   # - name: private-registry-credentials
   pitr:
@@ -233,7 +245,10 @@ backup:
     #   type: s3
     #   s3:
     #     bucket: S3-BACKUP-BUCKET-NAME-HERE
+    #     # Use credentialsSecret OR credentialsAccessKey/credentialsSecretKey
     #     credentialsSecret: my-cluster-name-backup-s3
+    #     #credentialsAccessKey: REPLACE-WITH-AWS-ACCESS-KEY
+    #     #credentialsSecretKey: REPLACE-WITH-AWS-SECRET-KEY
     #     region: us-west-2
     #     endpointUrl: https://sfo2.digitaloceanspaces.com
     # s3-us-west-binlogs:

diff --git a/charts/pxc-db/templates/_helpers.tpl b/charts/pxc-db/templates/_helpers.tpl
@@ -43,3 +43,24 @@ app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
 {{- end }}
 app.kubernetes.io/managed-by: {{ .Release.Service }}
 {{- end -}}
+
+{{/*
+This filters the backup.storages hash for S3 credentials. If we detect them, they go in a separate secret.
+*/}}
+{{- define "pxc-database.storages" -}}
+{{- $storages := dict -}}
+{{- range $key, $value := .Values.backup.storages -}}
+{{- if and (hasKey $value "type") (eq $value.type "s3") (hasKey $value "s3") (hasKey (index $value "s3") "credentialsAccessKey") (hasKey (index $value "s3") "credentialsSecretKey") }}
+{{- if hasKey (index $value "s3") "credentialsSecret" -}}
+{{- fail "credentialsSecret and credentialsAccessKey/credentialsSecretKey isn't supported!" -}}
+{{- end -}}
+{{- $secretName := printf "%s-s3-%s" (include "pxc-database.fullname" $) $key -}}
+{{- $s3 := set (omit (index $value "s3") "credentialsAccessKey" "credentialsSecretKey") "credentialsSecret" $secretName -}}
+{{- $_value := set (omit $value "s3") "s3" $s3 -}}
+{{- $_ := set $storages $key $_value -}}
+{{- else -}}
+{{- $_ := set $storages $key $value -}}
+{{- end -}}
+{{- end -}}
+{{- $storages | toYaml -}}
+{{- end -}}
diff --git a/charts/pxc-db/templates/cluster.yaml b/charts/pxc-db/templates/cluster.yaml
@@ -1,9 +1,9 @@
-apiVersion: pxc.percona.com/v1-7-0
+apiVersion: pxc.percona.com/v1-8-0
 kind: PerconaXtraDBCluster
 metadata:
   annotations:
     kubectl.kubernetes.io/last-applied-configuration: |
-      {"apiVersion":"pxc.percona.com/v1-7-0","kind":"PerconaXtraDBCluster"}
+      {"apiVersion":"pxc.percona.com/v1-8-0","kind":"PerconaXtraDBCluster"}
   name: {{ include "pxc-database.fullname" . }}
   labels:
 {{ include "pxc-database.labels" . | indent 4 }}
@@ -124,6 +124,20 @@ spec:
     {{- end }}
 {{- if hasKey $haproxy "priorityClassName" }}
     priorityClassName: {{ $haproxy.priorityClassName }}
+{{- end }}
+{{- if hasKey $haproxy "externalTrafficPolicy" }}
+    externalTrafficPolicy: {{ $haproxy.externalTrafficPolicy }}
+{{- end }}
+{{- if hasKey $haproxy "loadBalancerSourceRanges" }}
+    loadBalancerSourceRanges:
+{{ $haproxy.loadBalancerSourceRanges | toYaml | indent 6 }}
+{{- end }}
+{{- if hasKey $haproxy "serviceType" }}
+    serviceType: {{ $haproxy.serviceType }}
+{{- end }}
+{{- if hasKey $haproxy "serviceAnnotations" }}
+    serviceAnnotations:
+{{ $haproxy.serviceAnnotations | toYaml | indent 6 }}
 {{- end }}
     annotations:
 {{ $haproxy.annotations | toYaml | indent 6 }}
@@ -161,6 +175,20 @@ spec:
     {{- end }}
 {{- if hasKey $proxysql "priorityClassName" }}
     priorityClassName: {{ $proxysql.priorityClassName }}
+{{- end }}
+{{- if hasKey $proxysql "externalTrafficPolicy" }}
+    externalTrafficPolicy: {{ $proxysql.externalTrafficPolicy }}
+{{- end }}
+{{- if hasKey $proxysql "loadBalancerSourceRanges" }}
+    loadBalancerSourceRanges:
+{{ $proxysql.loadBalancerSourceRanges | toYaml | indent 6 }}
+{{- end }}
+{{- if hasKey $proxysql "serviceType" }}
+    serviceType: {{ $proxysql.serviceType }}
+{{- end }}
+{{- if hasKey $proxysql "serviceAnnotations" }}
+    serviceAnnotations:
+{{ $proxysql.serviceAnnotations | toYaml | indent 6 }}
 {{- end }}
     annotations:
 {{ $proxysql.annotations | toYaml | indent 6 }}
@@ -242,8 +270,8 @@ spec:
       timeBetweenUploads: {{ $backup.pitr.timeBetweenUploads }}
     {{- end }}
     storages:
-{{ $backup.storages | toYaml | indent 6 }}
+{{ include "pxc-database.storages" . | indent 6 }}
 {{- if $backup.enabled }}
     schedule:
 {{ $backup.schedule | toYaml | indent 6 }}
-{{- end }}
+{{- end }}
diff --git a/charts/pxc-db/templates/s3-secret.yaml b/charts/pxc-db/templates/s3-secret.yaml
@@ -0,0 +1,15 @@
+{{- range $key, $value := .Values.backup.storages }}
+{{- if and (hasKey $value "type") (eq $value.type "s3") (hasKey $value "s3") (hasKey (index $value "s3") "credentialsAccessKey") (hasKey (index $value "s3") "credentialsSecretKey") }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ include "pxc-database.fullname" $ }}-s3-{{ $key }}
+  labels:
+{{ include "pxc-database.labels" $ | indent 4 }}
+type: Opaque
+data:
+  AWS_ACCESS_KEY_ID: {{ index $value "s3" "credentialsAccessKey" | b64enc }}
+  AWS_SECRET_ACCESS_KEY: {{ index $value "s3" "credentialsSecretKey" | b64enc }}
+{{- end }}
+{{- end }}