chore: Upgrade pxc-operator version (#729)
Co-authored-by: okozachenko1203 <okozachenko1203@users.noreply.github.com>
diff --git a/.github/workflows/pxc.yml b/.github/workflows/pxc.yml
new file mode 100644
index 0000000..d385ca7
--- /dev/null
+++ b/.github/workflows/pxc.yml
@@ -0,0 +1,45 @@
+# Copyright (c) 2023 VEXXHOST, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+name: PXC
+
+on:
+ pull_request:
+ push:
+ branches:
+ - main
+
+jobs:
+ molecule:
+ runs-on: v3-standard-8
+ steps:
+ - name: Checkout project
+ uses: actions/checkout@v4
+
+ - name: Install Poetry
+ run: pipx install poetry
+
+ - name: Setup Python
+ uses: actions/setup-python@v4
+ with:
+ cache: poetry
+
+ - name: Install dependencies
+ run: poetry install --no-interaction --with dev
+
+ - name: Turn off swap
+ run: sudo swapoff -a
+
+ - name: Run Molecule
+ run: poetry run molecule test -s pxc
diff --git a/charts/pxc-operator/Chart.yaml b/charts/pxc-operator/Chart.yaml
index 9113265..8ed6fc3 100644
--- a/charts/pxc-operator/Chart.yaml
+++ b/charts/pxc-operator/Chart.yaml
@@ -1,11 +1,9 @@
apiVersion: v2
-appVersion: 1.12.0
+appVersion: 1.13.0
description: A Helm chart for deploying the Percona Operator for MySQL (based on Percona XtraDB Cluster)
home: https://docs.percona.com/percona-operator-for-mysql/pxc/
icon: https://artifacthub.io/image/0b8875cd-6661-4269-9cf6-0fd92d59017b@1x
maintainers:
-- email: ivan.pylypenko@percona.com
- name: cap1984
- email: tomislav.plavcic@percona.com
name: tplavcic
- email: natalia.marukovich@percona.com
@@ -13,4 +11,4 @@
- email: sergey.pronin@percona.com
name: spron-in
name: pxc-operator
-version: 1.12.0
+version: 1.13.3
diff --git a/charts/pxc-operator/README.md b/charts/pxc-operator/README.md
index 77edfe6..75b4acb 100644
--- a/charts/pxc-operator/README.md
+++ b/charts/pxc-operator/README.md
@@ -7,7 +7,7 @@
* [Operator Documentation](https://www.percona.com/doc/kubernetes-operator-for-pxc/index.html)
## Pre-requisites
-* Kubernetes 1.20+
+* Kubernetes 1.23+
* Helm v3
# Installation
@@ -19,23 +19,26 @@
```sh
helm repo add percona https://percona.github.io/percona-helm-charts/
-helm install my-operator percona/pxc-operator --version 1.12.0 --namespace my-namespace
+helm install my-operator percona/pxc-operator --version 1.13.0 --namespace my-namespace
```
The chart can be customized using the following configurable parameters:
-| Parameter | Description | Default |
-| ------------------------------- | ------------------------------------------------------------------------| -------------------------------------------------|
-| `image` | PXC Operator Container image full path | `percona/percona-xtradb-cluster-operator:1.12.0` |
-| `imagePullPolicy` | PXC Operator Container pull policy | `Always` |
-| `imagePullSecrets` | PXC Operator Pod pull secret | `[]` |
-| `replicaCount` | PXC Operator Pod quantity | `1` |
-| `tolerations` | List of node taints to tolerate | `[]` |
-| `resources` | Resource requests and limits | `{}` |
-| `nodeSelector` | Labels for Pod assignment | `{}` |
-| `logStructured` | Force PXC operator to print JSON-wrapped log messages | `false` |
-| `logLevel` | PXC Operator logging level | `INFO` |
-| `disableTelemetry` | Disable sending PXC Operator telemetry data to Percona | `false` |
+| Parameter | Description | Default |
+| ------------------------------- | -----------------------------------------------------------------------------------------------| -------------------------------------------------|
+| `image` | PXC Operator Container image full path | `percona/percona-xtradb-cluster-operator:1.13.0` |
+| `imagePullPolicy` | PXC Operator Container pull policy | `Always` |
+| `containerSecurityContext` | PXC Operator Container securityContext | `{}` |
+| `imagePullSecrets` | PXC Operator Pod pull secret | `[]` |
+| `replicaCount` | PXC Operator Pod quantity | `1` |
+| `tolerations` | List of node taints to tolerate | `[]` |
+| `resources` | Resource requests and limits | `{}` |
+| `nodeSelector` | Labels for Pod assignment | `{}` |
+| `logStructured` | Force PXC operator to print JSON-wrapped log messages | `false` |
+| `logLevel` | PXC Operator logging level | `INFO` |
+| `disableTelemetry` | Disable sending PXC Operator telemetry data to Percona | `false` |
+| `rbac.create` | If false RBAC will not be created. RBAC resources will need to be created manually | `true` |
+| `serviceAccount.create` | If false the ServiceAccounts will not be created. The ServiceAccounts must be created manually | `true` |
Specify parameters using `--set key=value[,key=value]` argument to `helm install`
diff --git a/charts/pxc-operator/crds/crd.yaml b/charts/pxc-operator/crds/crd.yaml
index b3f0a5a..2b65638 100644
--- a/charts/pxc-operator/crds/crd.yaml
+++ b/charts/pxc-operator/crds/crd.yaml
@@ -144,6 +144,8 @@
type: string
vaultSecretName:
type: string
+ verifyTLS:
+ type: boolean
type: object
type: object
served: true
@@ -288,6 +290,8 @@
type: string
vaultSecretName:
type: string
+ verifyTLS:
+ type: boolean
type: object
pitr:
properties:
@@ -373,6 +377,8 @@
type: string
vaultSecretName:
type: string
+ verifyTLS:
+ type: boolean
type: object
date:
type: string
@@ -383,6 +389,37 @@
type: object
pxcCluster:
type: string
+ resources:
+ properties:
+ claims:
+ items:
+ properties:
+ name:
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ type: object
type: object
status:
properties:
@@ -756,6 +793,8 @@
type: boolean
backup:
properties:
+ allowParallel:
+ type: boolean
annotations:
additionalProperties:
type: string
@@ -780,6 +819,18 @@
type: boolean
resources:
properties:
+ claims:
+ items:
+ properties:
+ name:
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -1326,6 +1377,18 @@
type: string
resources:
properties:
+ claims:
+ items:
+ properties:
+ name:
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -1426,12 +1489,26 @@
type: string
name:
type: string
+ namespace:
+ type: string
required:
- kind
- name
type: object
resources:
properties:
+ claims:
+ items:
+ properties:
+ name:
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -2216,6 +2293,18 @@
type: string
resources:
properties:
+ claims:
+ items:
+ properties:
+ name:
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -2284,12 +2373,26 @@
type: string
name:
type: string
+ namespace:
+ type: string
required:
- kind
- name
type: object
resources:
properties:
+ claims:
+ items:
+ properties:
+ name:
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -2390,6 +2493,18 @@
type: array
sidecarResources:
properties:
+ claims:
+ items:
+ properties:
+ name:
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -2622,12 +2737,26 @@
type: string
name:
type: string
+ namespace:
+ type: string
required:
- kind
- name
type: object
resources:
properties:
+ claims:
+ items:
+ properties:
+ name:
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -3468,8 +3597,33 @@
format: int32
type: integer
type: object
+ resizePolicy:
+ items:
+ properties:
+ resourceName:
+ type: string
+ restartPolicy:
+ type: string
+ required:
+ - resourceName
+ - restartPolicy
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
resources:
properties:
+ claims:
+ items:
+ properties:
+ name:
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -3747,12 +3901,26 @@
type: string
name:
type: string
+ namespace:
+ type: string
required:
- kind
- name
type: object
resources:
properties:
+ claims:
+ items:
+ properties:
+ name:
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -3889,6 +4057,18 @@
type: string
resources:
properties:
+ claims:
+ items:
+ properties:
+ name:
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -3988,6 +4168,18 @@
type: string
resources:
properties:
+ claims:
+ items:
+ properties:
+ name:
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -4733,6 +4925,18 @@
type: string
resources:
properties:
+ claims:
+ items:
+ properties:
+ name:
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -4801,12 +5005,26 @@
type: string
name:
type: string
+ namespace:
+ type: string
required:
- kind
- name
type: object
resources:
properties:
+ claims:
+ items:
+ properties:
+ name:
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -4907,6 +5125,18 @@
type: array
sidecarResources:
properties:
+ claims:
+ items:
+ properties:
+ name:
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -5139,12 +5369,26 @@
type: string
name:
type: string
+ namespace:
+ type: string
required:
- kind
- name
type: object
resources:
properties:
+ claims:
+ items:
+ properties:
+ name:
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -5985,8 +6229,33 @@
format: int32
type: integer
type: object
+ resizePolicy:
+ items:
+ properties:
+ resourceName:
+ type: string
+ restartPolicy:
+ type: string
+ required:
+ - resourceName
+ - restartPolicy
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
resources:
properties:
+ claims:
+ items:
+ properties:
+ name:
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -6264,12 +6533,26 @@
type: string
name:
type: string
+ namespace:
+ type: string
required:
- kind
- name
type: object
resources:
properties:
+ claims:
+ items:
+ properties:
+ name:
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -7092,6 +7375,18 @@
type: array
resources:
properties:
+ claims:
+ items:
+ properties:
+ name:
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -7160,12 +7455,26 @@
type: string
name:
type: string
+ namespace:
+ type: string
required:
- kind
- name
type: object
resources:
properties:
+ claims:
+ items:
+ properties:
+ name:
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -7266,6 +7575,18 @@
type: array
sidecarResources:
properties:
+ claims:
+ items:
+ properties:
+ name:
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -7498,12 +7819,26 @@
type: string
name:
type: string
+ namespace:
+ type: string
required:
- kind
- name
type: object
resources:
properties:
+ claims:
+ items:
+ properties:
+ name:
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -8344,8 +8679,33 @@
format: int32
type: integer
type: object
+ resizePolicy:
+ items:
+ properties:
+ resourceName:
+ type: string
+ restartPolicy:
+ type: string
+ required:
+ - resourceName
+ - restartPolicy
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
resources:
properties:
+ claims:
+ items:
+ properties:
+ name:
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
@@ -8623,12 +8983,26 @@
type: string
name:
type: string
+ namespace:
+ type: string
required:
- kind
- name
type: object
resources:
properties:
+ claims:
+ items:
+ properties:
+ name:
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
diff --git a/charts/pxc-operator/templates/deployment.yaml b/charts/pxc-operator/templates/deployment.yaml
index 5f70d75..69d615d 100644
--- a/charts/pxc-operator/templates/deployment.yaml
+++ b/charts/pxc-operator/templates/deployment.yaml
@@ -2,6 +2,7 @@
kind: Deployment
metadata:
name: {{ include "pxc-operator.fullname" . }}
+ namespace: {{ .Release.Namespace }}
labels:
{{ include "pxc-operator.labels" . | indent 4 }}
spec:
@@ -40,6 +41,11 @@
protocol: TCP
command:
- percona-xtradb-cluster-operator
+ {{- if .Values.containerSecurityContext.readOnlyRootFilesystem }}
+ volumeMounts:
+ - name: tmpdir
+ mountPath: /tmp
+ {{- end }}
env:
- name: WATCH_NAMESPACE
{{- if .Values.watchAllNamespaces }}
@@ -67,6 +73,10 @@
scheme: HTTP
resources:
{{- toYaml .Values.resources | nindent 12 }}
+ {{- with .Values.containerSecurityContext }}
+ securityContext:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
@@ -79,6 +89,11 @@
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
+ {{- if .Values.containerSecurityContext.readOnlyRootFilesystem }}
+ volumes:
+ - name: tmpdir
+ emptyDir: {}
+ {{- end }}
{{- if .Values.watchAllNamespaces }}
---
apiVersion: v1
diff --git a/charts/pxc-operator/templates/namespace.yaml b/charts/pxc-operator/templates/namespace.yaml
index 5de1cbc..6eac7de 100644
--- a/charts/pxc-operator/templates/namespace.yaml
+++ b/charts/pxc-operator/templates/namespace.yaml
@@ -3,4 +3,6 @@
kind: Namespace
metadata:
name: {{ .Values.watchNamespace }}
-{{ end }}
\ No newline at end of file
+ annotations:
+ helm.sh/resource-policy: keep
+{{ end }}
diff --git a/charts/pxc-operator/templates/role-binding.yaml b/charts/pxc-operator/templates/role-binding.yaml
index 43ed7ca..57913f9 100644
--- a/charts/pxc-operator/templates/role-binding.yaml
+++ b/charts/pxc-operator/templates/role-binding.yaml
@@ -1,13 +1,12 @@
+{{- if .Values.serviceAccount.create }}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ include "pxc-operator.fullname" . }}
+ namespace: {{ .Release.Namespace }}
---
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: percona-xtradb-cluster-operator
----
+{{- end }}
+{{- if .Values.rbac.create }}
{{- if or .Values.watchNamespace .Values.watchAllNamespaces }}
kind: ClusterRoleBinding
{{- else }}
@@ -18,6 +17,8 @@
name: {{ include "pxc-operator.fullname" . }}
{{- if .Values.watchNamespace }}
namespace: {{ .Values.watchNamespace }}
+ {{- else if not .Values.watchAllNamespaces }}
+ namespace: {{ .Release.Namespace }}
{{- end }}
labels:
{{ include "pxc-operator.labels" . | indent 4 }}
@@ -35,3 +36,4 @@
{{- end }}
name: {{ include "pxc-operator.fullname" . }}
apiGroup: rbac.authorization.k8s.io
+{{- end }}
diff --git a/charts/pxc-operator/templates/role.yaml b/charts/pxc-operator/templates/role.yaml
index 47c023c..7d3bc46 100644
--- a/charts/pxc-operator/templates/role.yaml
+++ b/charts/pxc-operator/templates/role.yaml
@@ -1,3 +1,4 @@
+{{- if .Values.rbac.create }}
{{- if or .Values.watchNamespace .Values.watchAllNamespaces }}
kind: ClusterRole
{{- else }}
@@ -6,6 +7,7 @@
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: {{ include "pxc-operator.fullname" . }}
+ namespace: {{ .Release.Namespace }}
labels:
{{ include "pxc-operator.labels" . | indent 4 }}
rules:
@@ -131,3 +133,4 @@
- patch
- delete
- deletecollection
+{{- end }}
diff --git a/charts/pxc-operator/values.yaml b/charts/pxc-operator/values.yaml
index f6d7d6d..725945f 100644
--- a/charts/pxc-operator/values.yaml
+++ b/charts/pxc-operator/values.yaml
@@ -15,6 +15,16 @@
# set if operator should be deployed in cluster wide mode. defaults to false
watchAllNamespaces: false
+# rbac: settings for deployer RBAC creation
+rbac:
+ # rbac.create: if false RBAC resources should be in place
+ create: true
+
+# serviceAccount: settings for Service Accounts used by the deployer
+serviceAccount:
+ # serviceAccount.create: Whether to create the Service Accounts or not
+ create: true
+
# set if you want to use a different operator name
# defaults to `percona-xtradb-cluster-operator`
# operatorName:
@@ -35,6 +45,8 @@
cpu: 100m
memory: 20Mi
+containerSecurityContext: {}
+
nodeSelector: {}
tolerations: []
diff --git a/molecule/pxc/converge.yml b/molecule/pxc/converge.yml
new file mode 100644
index 0000000..5a69a77
--- /dev/null
+++ b/molecule/pxc/converge.yml
@@ -0,0 +1,18 @@
+# Copyright (c) 2023 VEXXHOST, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+- hosts: controllers
+ become: true
+ roles:
+ - vexxhost.atmosphere.percona_xtradb_cluster
diff --git a/molecule/pxc/molecule.yml b/molecule/pxc/molecule.yml
new file mode 100644
index 0000000..9514cfb
--- /dev/null
+++ b/molecule/pxc/molecule.yml
@@ -0,0 +1,112 @@
+# Copyright (c) 2023 VEXXHOST, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+dependency:
+ name: galaxy
+driver:
+ name: docker
+platforms:
+ - name: ${MOLECULE_SCENARIO_NAME}
+ image: geerlingguy/docker-${MOLECULE_DISTRO:-ubuntu2004}-ansible:latest
+ command: ${MOLECULE_DOCKER_COMMAND:-""}
+ privileged: true
+ cgroupns_mode: host
+ pre_build_image: true
+ purge_networks: true
+ dns_servers:
+ - 1.1.1.1
+ docker_networks:
+ - name: mgmt
+ ipam_config:
+ - subnet: 10.96.240.0/24
+ gateway: 10.96.240.1
+ - name: public
+ ipam_config:
+ - subnet: 10.96.250.0/24
+ gateway: 10.96.250.1
+ networks:
+ - name: mgmt
+ - name: public
+ published_ports:
+ - 80:80
+ - 443:443
+ security_opts:
+ - apparmor=unconfined
+ volumes:
+ - /dev:/dev
+ - /lib/modules:/lib/modules:ro
+ - /sys/fs/cgroup:/sys/fs/cgroup:rw
+ - /usr/src:/usr/src:ro
+ groups:
+ - controllers
+ - cephs
+ - computes
+provisioner:
+ name: ansible
+ config_options:
+ connection:
+ pipelining: true
+ tags:
+ skip: >-
+ sysctl,
+ ethtool
+ inventory:
+ group_vars:
+ all:
+ # Ceph
+ ceph_fsid: ${MOLECULE_CEPH_FSID:-"d1f9e453-f13a-4d30-9ab1-e5ae1d87b67f"}
+ ceph_conf_overrides:
+ - section: global
+ option: osd crush chooseleaf type
+ value: 0
+ - section: mon
+ option: auth allow insecure global id reclaim
+ value: false
+ # Kubernetes
+ kubernetes_keepalived_interface: eth0
+ kubernetes_keepalived_vrid: 42
+ kubernetes_keepalived_vip: 10.96.240.10
+ kubernetes_hostname: 10.96.240.10
+ # CNI
+ cilium_helm_values:
+ operator:
+ replicas: 1
+ # CSI
+ csi_driver: ${MOLECULE_CSI_DRIVER:-"local-path-provisioner"}
+ ceph_csi_rbd_helm_values:
+ provisioner:
+ replicaCount: 1
+ # Percona XtraDB Cluster
+ percona_xtradb_cluster_spec:
+ allowUnsafeConfigurations: true
+ pxc:
+ size: 1
+ haproxy:
+ size: 1
+ # Common
+ domain_name: "{{ (lookup('env', 'HOST_IP') | default(ansible_default_ipv4.address, true)).replace('.', '-') }}.nip.io"
+ openstack_helm_endpoints_region_name: RegionOne
+ cephs:
+ ceph_osd_devices:
+ - "/dev/ceph-{{ inventory_hostname_short }}-osd0/data"
+ - "/dev/ceph-{{ inventory_hostname_short }}-osd1/data"
+ - "/dev/ceph-{{ inventory_hostname_short }}-osd2/data"
+ # options:
+ # inventory: "${MOLECULE_EPHEMERAL_DIRECTORY}/workspace"
+ # inventory:
+ # links:
+ # host_vars: "${MOLECULE_SCENARIO_DIRECTORY}/host_vars"
+ # group_vars: "${MOLECULE_SCENARIO_DIRECTORY}/group_vars"
+verifier:
+ name: ansible
diff --git a/molecule/pxc/prepare.yml b/molecule/pxc/prepare.yml
new file mode 100644
index 0000000..a357642
--- /dev/null
+++ b/molecule/pxc/prepare.yml
@@ -0,0 +1,25 @@
+# Copyright (c) 2023 VEXXHOST, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+- import_playbook: ../shared/prepare/base.yml
+- import_playbook: ../shared/prepare/kubernetes.yml
+
+- hosts: controllers
+ become: true
+ roles:
+ - role: vexxhost.atmosphere.percona_xtradb_cluster_operator
+ - role: vexxhost.atmosphere.percona_xtradb_cluster
+ vars:
+ atmosphere_images:
+ percona_xtradb_cluster: docker.io/percona/percona-xtradb-cluster:5.7.39-31.61
diff --git a/roles/defaults/vars/main.yml b/roles/defaults/vars/main.yml
index d14443b..c34cf2e 100644
--- a/roles/defaults/vars/main.yml
+++ b/roles/defaults/vars/main.yml
@@ -159,9 +159,10 @@
ovn_ovsdb_nb: quay.io/vexxhost/ovn-central:23.03.0
ovn_ovsdb_sb: quay.io/vexxhost/ovn-central:23.03.0
pause: registry.k8s.io/pause:3.8
- percona_xtradb_cluster_haproxy: docker.io/percona/percona-xtradb-cluster-operator:1.12.0-haproxy
- percona_xtradb_cluster_operator: docker.io/percona/percona-xtradb-cluster-operator:1.12.0
- percona_xtradb_cluster: docker.io/percona/percona-xtradb-cluster:5.7.39-31.61
+ percona_xtradb_cluster_haproxy: docker.io/percona/percona-xtradb-cluster-operator:1.13.0-haproxy
+ percona_xtradb_cluster_operator: docker.io/percona/percona-xtradb-cluster-operator:1.13.0
+ percona_xtradb_cluster: docker.io/percona/percona-xtradb-cluster:8.0.32-24.2
+ percona_version_service: docker.io/perconalab/version-service:main-3325140
placement_db_sync: quay.io/vexxhost/placement@sha256:ae9a7567e3619440b3a7a58b5ab407c5efad372627c06fb0ab0193a85c9d1c70 # image-source: quay.io/vexxhost/placement:zed
placement: quay.io/vexxhost/placement@sha256:ae9a7567e3619440b3a7a58b5ab407c5efad372627c06fb0ab0193a85c9d1c70 # image-source: quay.io/vexxhost/placement:zed
prometheus_config_reloader: quay.io/prometheus-operator/prometheus-config-reloader:v0.67.1
diff --git a/roles/percona_xtradb_cluster/tasks/main.yml b/roles/percona_xtradb_cluster/tasks/main.yml
index 384b701..647a24a 100644
--- a/roles/percona_xtradb_cluster/tasks/main.yml
+++ b/roles/percona_xtradb_cluster/tasks/main.yml
@@ -30,7 +30,100 @@
namespace: openstack
type: Opaque
-- name: Create Percona XtraDB cluster
+- name: Check if the Percona XtraDB cluster exists
+ run_once: true
+ block:
+ - name: Check if the Percona XtraDB cluster exists
+ kubernetes.core.k8s_info:
+ api_version: pxc.percona.com/v1
+ kind: PerconaXtraDBCluster
+ name: percona-xtradb
+ namespace: openstack
+ register: _pxc_cluster
+ ignore_errors: true
+
+ - name: Get current status of the cluster
+ ansible.builtin.set_fact:
+ _pxc_version: "{{ _pxc_cluster.resources[0].status.pxc.version }}"
+ _pxc_status: "{{ _pxc_cluster.resources[0].status.state }}"
+ when: ( _pxc_cluster.resources | length==1 )
+
+- name: Do version upgrade
+ run_once: true
+ when:
+ - _pxc_version is defined
+ - _pxc_status is defined
+ - _pxc_version.startswith('5.7')
+ - (atmosphere_images['percona_xtradb_cluster'] | vexxhost.kubernetes.docker_image('tag')).startswith('8.')
+ block:
+ - name: Assert that the cluster is healthy before upgrade
+ run_once: true
+ ansible.builtin.assert:
+ that:
+ - _pxc_status == 'ready'
+ fail_msg: >-
+ The Percona XtraDB Cluster is not healthy. Please fix the cluster manually first before upgrade.
+
+ - name: Stop PXC-operator
+ kubernetes.core.k8s_scale:
+ api_version: v1
+ kind: Deployment
+ name: pxc-operator
+ namespace: openstack
+ replicas: 0
+ wait_timeout: 60
+
+ - name: Change the cluster Statefulset image to 8.0
+ kubernetes.core.k8s_json_patch:
+ api_version: apps/v1
+ kind: StatefulSet
+ namespace: openstack
+ name: percona-xtradb-pxc
+ patch:
+ - op: replace
+ path: /spec/template/spec/containers/0/image
+ value: "{{ atmosphere_images['percona_xtradb_cluster'] | vexxhost.kubernetes.docker_image('ref') }}"
+
+ - name: Wait until the cluster Statefulset rollout
+ kubernetes.core.k8s_info:
+ api_version: apps/v1
+ kind: StatefulSet
+ name: percona-xtradb-pxc
+ namespace: openstack
+ register: _pxc_cluster_sts
+ retries: 120
+ delay: 5
+ until:
+ - _pxc_cluster_sts.resources[0].status.replicas == _pxc_cluster_sts.resources[0].status.readyReplicas
+
+ - name: Update pxc cluster spec
+ kubernetes.core.k8s:
+ definition:
+ apiVersion: pxc.percona.com/v1
+ kind: PerconaXtraDBCluster
+ metadata:
+ name: percona-xtradb
+ namespace: openstack
+ spec:
+ pxc:
+ image: "{{ atmosphere_images['percona_xtradb_cluster'] | vexxhost.kubernetes.docker_image('ref') }}"
+ wait_sleep: 1
+ wait_timeout: 600
+ wait: true
+ wait_condition:
+ type: ready
+ status: true
+
+ - name: Start PXC-operator
+ kubernetes.core.k8s_scale:
+ api_version: v1
+ kind: Deployment
+ name: pxc-operator
+ namespace: openstack
+ replicas: 1
+ wait_timeout: 60
+
+- name: Apply Percona XtraDB cluster
run_once: true
kubernetes.core.k8s:
state: present
diff --git a/roles/percona_xtradb_cluster/vars/main.yml b/roles/percona_xtradb_cluster/vars/main.yml
index 7836fdb..5a99be1 100644
--- a/roles/percona_xtradb_cluster/vars/main.yml
+++ b/roles/percona_xtradb_cluster/vars/main.yml
@@ -1,5 +1,5 @@
_percona_xtradb_cluster_spec:
- crVersion: "1.12.0"
+ crVersion: "1.13.0"
secretsName: percona-xtradb
pxc:
size: 3
diff --git a/roles/percona_xtradb_cluster/vars_test.go b/roles/percona_xtradb_cluster/vars_test.go
index 9b0deda..f085563 100644
--- a/roles/percona_xtradb_cluster/vars_test.go
+++ b/roles/percona_xtradb_cluster/vars_test.go
@@ -53,7 +53,7 @@
func TestPerconaXtraDBClusterPXCSpec(t *testing.T) {
assert.Equal(t, int32(3), vars.PerconaXtraDBClusterSpec.PXC.Size)
assert.Equal(t, true, *vars.PerconaXtraDBClusterSpec.PXC.AutoRecovery)
- defaults.AssertAtmosphereImage(t, "docker.io/percona/percona-xtradb-cluster:5.7.39-31.61", vars.PerconaXtraDBClusterSpec.PXC.Image)
+ defaults.AssertAtmosphereImage(t, "docker.io/percona/percona-xtradb-cluster:8.0.32-24.2", vars.PerconaXtraDBClusterSpec.PXC.Image)
assert.Equal(t, map[string]string{
"openstack-control-plane": "enabled",