More work on mariadb
This commit is contained in:
parent
46d54d7525
commit
5d8db74cbf
|
|
@ -45,15 +45,19 @@ job "[[ .mariadb.instance ]]-manage" {
|
|||
|
||||
template {
|
||||
data = <<_EOT
|
||||
[[- range $idx, $db := .mariadb.manage.databases ]]
|
||||
MY_DB_[[ $idx ]]=[[ $db.name ]]
|
||||
# Databases
|
||||
[[- $idx := 0 ]]
|
||||
[[- range $name, $db := .mariadb.manage.databases ]]
|
||||
MY_DB_[[ $idx ]]=[[ $name ]]
|
||||
[[- if has $db "charset" ]]
|
||||
MY_DB_[[ $idx ]]_CHARSET=[[ $db.charset ]]
|
||||
[[- end ]]
|
||||
[[- if has $db "collate" ]]
|
||||
MY_DB_[[ $idx ]]_COLLATE=[[ $db.collate ]]
|
||||
[[- end ]]
|
||||
[[- $idx = add $idx 1 ]]
|
||||
[[- end ]]
|
||||
# Users
|
||||
[[- $idx := 0 ]]
|
||||
[[- range $name, $user := .mariadb.manage.users ]]
|
||||
MY_USER_[[ $idx ]]=[[ $name ]]
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
|
||||
set -euo pipefail
|
||||
|
||||
echo "Creating vault and backup user"
|
||||
echo "Create vault user"
|
||||
mysql <<_EOSQL
|
||||
CREATE USER IF NOT EXISTS 'vault'@'%' IDENTIFIED BY '${VAULT_INITIAL_PASSWORD}';
|
||||
GRANT ALL PRIVILEGES ON *.* TO 'vault'@'%' WITH GRANT OPTION;
|
||||
|
|
@ -22,7 +22,7 @@ for IDX in $(printenv | grep -E '^MY_DB_([0-9]+)=' | sed -E 's/^MY_DB_([0-9]+)=.
|
|||
_EOSQL
|
||||
done
|
||||
|
||||
echo "Creating users"
|
||||
echo "Create users"
|
||||
for IDX in $(printenv | grep -E '^MY_USER_([0-9]+)=' | sed -E 's/^MY_USER_([0-9]+)=.*/\1/'); do
|
||||
DB_USER=$(printenv MY_USER_${IDX})
|
||||
echo "Found DB User ${DB_USER} to create"
|
||||
|
|
|
|||
|
|
@ -1,74 +1,119 @@
|
|||
---
|
||||
|
||||
mariadb:
|
||||
|
||||
# Name of the instance. Will be used for the job name, and the services names
|
||||
instance: mariadb
|
||||
|
||||
# MariaDB server settings
|
||||
server:
|
||||
image: danielberteaud/mariadb:latest
|
||||
|
||||
# The image to use
|
||||
image: danielberteaud/mariadb:23.10-1
|
||||
|
||||
# Resource allocation
|
||||
resources:
|
||||
cpu: 100
|
||||
cpu: 200
|
||||
memory: 512
|
||||
|
||||
# Custom env var to pass to the container
|
||||
env: {}
|
||||
|
||||
# The address to reach the service from outside of the mesh
|
||||
# This will be used for vault to talk to mariadb to handle dynamic credentials
|
||||
# (as vault is outside of the service mesh
|
||||
public_address: mysql://mariadb.example.org:3306
|
||||
|
||||
# MariaDB can be exposed using Traefik
|
||||
traefik:
|
||||
# Toggle if Traefik support is enabled
|
||||
enabled: false
|
||||
# List of entrypoints to bind the sevrice to. This must be a dedicated TCP entrypoint
|
||||
entrypoints:
|
||||
- mariadb
|
||||
# List of TCP middlewares to apply
|
||||
middlewares: []
|
||||
|
||||
consul:
|
||||
connect:
|
||||
# We disable the default TCP check, as it adds log noise
|
||||
disable_default_tcp_check: true
|
||||
|
||||
# The manager is a batch job which can
|
||||
# - create databases
|
||||
# - create users, and add grants
|
||||
manage:
|
||||
|
||||
# The image to use
|
||||
image: '[[ .docker.repo ]][[ .docker.base_images.mariadb_client.image ]]'
|
||||
|
||||
# Resource allocation
|
||||
resources:
|
||||
cpu: 10
|
||||
memory: 10
|
||||
memory_max: 50
|
||||
memory: 64
|
||||
|
||||
# Custom env vars to pass to the container
|
||||
env: {}
|
||||
|
||||
# Dict of databases to create, eg
|
||||
# databases:
|
||||
# bookstack:
|
||||
# charset: utf8mb4
|
||||
# collate: utf8mb4_general_ci
|
||||
databases: []
|
||||
users: {}
|
||||
|
||||
# Dict of user to create, eg
|
||||
# users:
|
||||
# kimai:
|
||||
# host: %
|
||||
# password: '{{ with secret "[[ .vault.prefix ]]kv/service/[[ .mariadb.instance ]]" }}{{ .Data.data.kimai_pwd }}{{ end }}'
|
||||
# grants:
|
||||
# - 'ALL PRIVILEGES ON kimai.*'
|
||||
users: {}
|
||||
|
||||
# Consul settings
|
||||
consul:
|
||||
connect:
|
||||
upstreams:
|
||||
# Connect to the mariadb service from the service mesh
|
||||
- destination_name: '[[ .mariadb.instance ]][[ .consul.suffix ]]'
|
||||
local_bind_port: 3306
|
||||
|
||||
# Backup service, which can create regular dumps of the databases
|
||||
backup:
|
||||
image: danielberteaud/mariadb-backup:latest
|
||||
image: danielberteaud/mariadb-backup:23.10-1
|
||||
|
||||
# Resource allocation
|
||||
resources:
|
||||
cpu: 200
|
||||
memory: 128
|
||||
|
||||
# Consul settings
|
||||
consul:
|
||||
connect:
|
||||
upstreams:
|
||||
# Connect to MariaDB in the service mesh
|
||||
- destination_name: '[[ .mariadb.instance ]][[ .consul.suffix ]]'
|
||||
local_bind_port: 3306
|
||||
|
||||
# mysqldump cron
|
||||
dumps:
|
||||
enabled: False
|
||||
compression: 6
|
||||
cron: 12 03 * * *
|
||||
|
||||
# Volumes used
|
||||
volumes:
|
||||
# The data volume is opened as single-node-writer
|
||||
# recommended to be a block based volume (iSCSI for example)
|
||||
# Also, this volume will connect per alloc, so the alloc ID will be appended.
|
||||
# You need to create at least mariadb-data[0]
|
||||
data:
|
||||
type: csi
|
||||
source: mariadb-data
|
||||
source: '[[ .mariadb.instance ]]-data'
|
||||
|
||||
# Volume which holds database dumps
|
||||
# will be opened as multi-node-multi-writer (can be NFS for example)
|
||||
backup:
|
||||
type: csi
|
||||
source: mariadb-backup
|
||||
source: '[[ .mariadb.instance ]]-backup'
|
||||
|
|
|
|||
Loading…
Reference in New Issue