WIP

vshn · Oct 28, 2024 · a918ddd · a918ddd
1 parent e9f2087
commit a918ddd
Show file tree

Hide file tree

Showing 9 changed files with 444 additions and 22 deletions.
diff --git a/apis/vshn/v1/dbaas_vshn_mariadb.go b/apis/vshn/v1/dbaas_vshn_mariadb.go
@@ -2,6 +2,7 @@ package v1
 
 import (
 	"fmt"
+
 	xpv1 "github.com/crossplane/crossplane-runtime/apis/common/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )
@@ -78,12 +79,22 @@ type VSHNMariaDBParameters struct {
 
 	// Security defines the security of a service
 	Security Security `json:"security,omitempty"`
+
+	// +kubebuilder:default=1
+	// +kubebuilder:validation:Enum=1;3;
+
+	// Instances configures the number of MariaDB instances for the cluster.
+	// Each instance contains one MariaDB server.
+	// These serves will form a Galera cluster.
+	// An additional ProxySQL statefulset will be deployed to make failovers
+	// as seamless as possible.
+	Instances int `json:"instances,omitempty"`
 }
 
 // VSHNMariaDBServiceSpec contains MariaDB DBaaS specific properties
 type VSHNMariaDBServiceSpec struct {
-	// +kubebuilder:validation:Enum="10.4";"10.5";"10.6";"10.9";"10.10";"10.11";"11.0";"11.1";"11.2";
-	// +kubebuilder:default="11.2"
+	// +kubebuilder:validation:Enum="10.4";"10.5";"10.6";"10.9";"10.10";"10.11";"11.0";"11.1";"11.2";"11.3";"11.4";
+	// +kubebuilder:default="11.4"
 
 	// Version contains supported version of MariaDB.
 	// Multiple versions are supported. The latest version "11.2" is the default version.
@@ -264,7 +275,7 @@ func (v *VSHNMariaDB) GetMonitoring() VSHNMonitoring {
 }
 
 func (v *VSHNMariaDB) GetInstances() int {
-	return 1
+	return v.Spec.Parameters.Instances
 }
 
 func (v *VSHNMariaDB) GetPDBLabels() map[string]string {

diff --git a/crds/vshn.appcat.vshn.io_vshnmariadbs.yaml b/crds/vshn.appcat.vshn.io_vshnmariadbs.yaml
@@ -67,6 +67,18 @@ spec:
                           type: string
                       type: object
                       default: {}
+                    instances:
+                      default: 1
+                      description: |-
+                        Instances configures the number of MariaDB instances for the cluster.
+                        Each instance contains one MariaDB server.
+                        These serves will form a Galera cluster.
+                        An additional ProxySQL statefulset will be deployed to make failovers
+                        as seamless as possible.
+                      enum:
+                        - 1
+                        - 3
+                      type: integer
                     maintenance:
                       description: Maintenance contains settings to control the maintenance of an instance.
                       properties:
@@ -4895,7 +4907,7 @@ spec:
                             - guaranteed
                           type: string
                         version:
-                          default: "11.2"
+                          default: "11.4"
                           description: |-
                             Version contains supported version of MariaDB.
                             Multiple versions are supported. The latest version "11.2" is the default version.
@@ -4909,6 +4921,8 @@ spec:
                             - "11.0"
                             - "11.1"
                             - "11.2"
+                            - "11.3"
+                            - "11.4"
                           type: string
                       type: object
                       default: {}

diff --git a/crds/vshn.appcat.vshn.io_xvshnmariadbs.yaml b/crds/vshn.appcat.vshn.io_xvshnmariadbs.yaml
@@ -111,6 +111,18 @@ spec:
                           (\*|([1-9]|1[0-2])|\*\/([1-9]|1[0-2])) (\*|([0-6])|\*\/([0-6]))$
                         type: string
                     type: object
+                  instances:
+                    default: 1
+                    description: |-
+                      Instances configures the number of MariaDB instances for the cluster.
+                      Each instance contains one MariaDB server.
+                      These serves will form a Galera cluster.
+                      An additional ProxySQL statefulset will be deployed to make failovers
+                      as seamless as possible.
+                    enum:
+                    - 1
+                    - 3
+                    type: integer
                   maintenance:
                     description: Maintenance contains settings to control the maintenance
                       of an instance.
@@ -5623,7 +5635,7 @@ spec:
                         - guaranteed
                         type: string
                       version:
-                        default: "11.2"
+                        default: "11.4"
                         description: |-
                           Version contains supported version of MariaDB.
                           Multiple versions are supported. The latest version "11.2" is the default version.
@@ -5637,6 +5649,8 @@ spec:
                         - "11.0"
                         - "11.1"
                         - "11.2"
+                        - "11.3"
+                        - "11.4"
                         type: string
                     type: object
                   size:

diff --git a/pkg/comp-functions/functions/common/tls.go b/pkg/comp-functions/functions/common/tls.go
@@ -13,7 +13,8 @@ import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )
 
-func CreateTlsCerts(ctx context.Context, ns string, serviceName string, svc *runtime.ServiceRuntime) error {
+// CreateTLSCerts creates ssl/tls certificates. Servicename will be concatenated with the given namespace to generate a proper k8s fqdn.
+func CreateTLSCerts(ctx context.Context, ns string, serviceName string, svc *runtime.ServiceRuntime, additionalSANs ...string) error {
 
 	selfSignedIssuer := &cmv1.Issuer{
 		ObjectMeta: metav1.ObjectMeta{
@@ -132,6 +133,10 @@ func CreateTlsCerts(ctx context.Context, ns string, serviceName string, svc *run
 		},
 	}
 
+	for _, SAN := range additionalSANs {
+		serverCert.Spec.DNSNames = append(serverCert.Spec.DNSNames, SAN+"."+ns+".svc", SAN+"."+ns+".svc.cluster.local")
+	}
+
 	cd := []xkube.ConnectionDetail{
 		{
 			ObjectReference: corev1.ObjectReference{

diff --git a/pkg/comp-functions/functions/vshnkeycloak/deploy.go b/pkg/comp-functions/functions/vshnkeycloak/deploy.go
@@ -122,7 +122,7 @@ func DeployKeycloak(ctx context.Context, comp *vshnv1.VSHNKeycloak, svc *runtime
 
 	svc.Log.Info("Creating Keycloak TLS certs")
 	// The helm chart appends `-keycloakx-http` to the http service.
-	err = common.CreateTlsCerts(ctx, comp.GetInstanceNamespace(), comp.GetName()+"-keycloakx-http", svc)
+	err = common.CreateTLSCerts(ctx, comp.GetInstanceNamespace(), comp.GetName()+"-keycloakx-http", svc)
 	if err != nil {
 		return runtime.NewWarningResult(fmt.Sprintf("cannot add tls certificate: %s", err))
 	}

diff --git a/pkg/comp-functions/functions/vshnmariadb/mariadb_deploy.go b/pkg/comp-functions/functions/vshnmariadb/mariadb_deploy.go
@@ -54,7 +54,13 @@ func DeployMariadb(ctx context.Context, comp *vshnv1.VSHNMariaDB, svc *runtime.S
 	}
 
 	l.Info("Creating tls certificate for mariadb instance")
-	err = common.CreateTlsCerts(ctx, comp.GetInstanceNamespace(), comp.GetName(), svc)
+	err = common.CreateTLSCerts(ctx, comp.GetInstanceNamespace(), comp.GetName(), svc,
+		"mariadb",
+		comp.GetName()+"-0."+comp.GetName()+"-headless",
+		comp.GetName()+"-1."+comp.GetName()+"-headless",
+		comp.GetName()+"-2."+comp.GetName()+"-headless",
+	)
+
 	if err != nil {
 		return runtime.NewWarningResult(fmt.Errorf("cannot create tls certificate: %w", err).Error())
 	}
@@ -124,13 +130,13 @@ func getConnectionDetails(comp *vshnv1.VSHNMariaDB, svc *runtime.ServiceRuntime,
 	}
 	mariadbRootPw := secret.Data["mariadb-root-password"]
 
-	mariadbHost := comp.GetName() + ".vshn-mariadb-" + comp.GetName() + ".svc.cluster.local"
-	mariadbURL := fmt.Sprintf("mysql://%s:%s@%s:%s", mariadbUser, mariadbRootPw, mariadbHost, mariadbPort)
+	// mariadbHost := comp.GetName() + ".vshn-mariadb-" + comp.GetName() + ".svc.cluster.local"
+	// mariadbURL := fmt.Sprintf("mysql://%s:%s@%s:%s", mariadbUser, mariadbRootPw, mariadbHost, mariadbPort)
 
-	svc.SetConnectionDetail("MARIADB_HOST", []byte(mariadbHost))
+	// svc.SetConnectionDetail("MARIADB_HOST", []byte(mariadbHost))
 	svc.SetConnectionDetail("MARIADB_PORT", []byte(mariadbPort))
 	svc.SetConnectionDetail("MARIADB_USERNAME", []byte(mariadbUser))
-	svc.SetConnectionDetail("MARIADB_URL", []byte(mariadbURL))
+	// svc.SetConnectionDetail("MARIADB_URL", []byte(mariadbURL))
 	svc.SetConnectionDetail("MARIADB_PASSWORD", mariadbRootPw)
 
 	return nil
@@ -161,7 +167,7 @@ func newValues(ctx context.Context, svc *runtime.ServiceRuntime, comp *vshnv1.VS
 	values = map[string]interface{}{
 		"existingSecret":   secretName,
 		"fullnameOverride": comp.GetName(),
-		"replicaCount":     1,
+		"replicaCount":     comp.GetInstances(),
 		"resources": map[string]interface{}{
 			"requests": map[string]interface{}{
 				"memory": res.ReqMem.String(),
@@ -186,8 +192,11 @@ func newValues(ctx context.Context, svc *runtime.ServiceRuntime, comp *vshnv1.VS
 			"size":         res.Disk.String(),
 			"storageClass": comp.Spec.Parameters.StorageClass,
 		},
+		// We don't need the startup probe for Galera clusters, as ProxySQL
+		// will check the state independetly and is usually faster than the probe.
+		// Also for single instances it unnecessarily slows downt he provisioning.
 		"startupProbe": map[string]interface{}{
-			"enabled": true,
+			"enabled": false,
 		},
 		"metrics": map[string]interface{}{
 			"enabled": true,
@@ -208,6 +217,9 @@ func newValues(ctx context.Context, svc *runtime.ServiceRuntime, comp *vshnv1.VS
 			"enabled": !svc.GetBoolFromCompositionConfig("isOpenshift"),
 		},
 		"nodeSelector": nodeSelector,
+		"podLabels": map[string]string{
+			"app": "mariadb",
+		},
 	}
 
 	return values, nil