suse-edge/Factory
SHA256
14
0
Fork 14
Code Issues Pull Requests 5 Actions Packages Projects Releases Wiki Activity

metal3: Upgrade Mariadb #194

Merged
nbelouin merged 3 commits from nbelouin/Factory:mariadb-upgrade into main 2025-06-19 09:51:24 +02:00
Conversation 2 Commits 3 Files Changed 8 +80 -26
8 changed files with 80 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
metal3-chart/Chart.yaml
View File

@@ -1,7 +1,7 @@
#!BuildTag: %%CHART_PREFIX%%metal3:%%CHART_MAJOR%%.0.7_up0.11.5 #!BuildTag: %%CHART_PREFIX%%metal3:%%CHART_MAJOR%%.0.8_up0.11.6
#!BuildTag: %%CHART_PREFIX%%metal3:%%CHART_MAJOR%%.0.7_up0.11.5-%RELEASE% #!BuildTag: %%CHART_PREFIX%%metal3:%%CHART_MAJOR%%.0.8_up0.11.6-%RELEASE%
apiVersion: v2 apiVersion: v2
appVersion: 0.11.5 appVersion: 0.11.6
dependencies: dependencies:
- alias: metal3-baremetal-operator - alias: metal3-baremetal-operator
name: baremetal-operator name: baremetal-operator
@@ -15,7 +15,7 @@ dependencies:
condition: global.enable_mariadb condition: global.enable_mariadb
name: mariadb name: mariadb
repository: file://./charts/mariadb repository: file://./charts/mariadb
version: 0.5.4 version: 0.6.0
- alias: metal3-media - alias: metal3-media
condition: global.enable_metal3_media_server condition: global.enable_metal3_media_server
name: media name: media
@@ -25,4 +25,4 @@ description: A Helm chart that installs all of the dependencies needed for Metal
icon: https://github.com/cncf/artwork/raw/master/projects/metal3/icon/color/metal3-icon-color.svg icon: https://github.com/cncf/artwork/raw/master/projects/metal3/icon/color/metal3-icon-color.svg
name: metal3 name: metal3
type: application type: application
version: "%%CHART_MAJOR%%.0.7+up0.11.5" version: "%%CHART_MAJOR%%.0.8+up0.11.6"

4
metal3-chart/charts/mariadb/Chart.yaml
View File

@@ -1,6 +1,6 @@
apiVersion: v2 apiVersion: v2
appVersion: 10.6.7 appVersion: "10.11"
description: A Helm chart for MariaDB, used by Metal3 description: A Helm chart for MariaDB, used by Metal3
name: mariadb name: mariadb
type: application type: application
version: 0.5.4 version: 0.6.0

13
metal3-chart/charts/mariadb/templates/configmap-mariadb.yaml Normal file
View File

@@ -0,0 +1,13 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: mariadb-config
labels:
{{- include "mariadb.labels" . | nindent 4 }}
data:
ironic.conf: |
[mariadb]
max_connections 64
max_heap_table_size 1M
innodb_buffer_pool_size 5M
innodb_log_buffer_size 512K

5
metal3-chart/charts/mariadb/templates/configmap.yaml
View File

@@ -5,4 +5,7 @@ metadata:
labels: labels:
{{- include "mariadb.labels" . | nindent 4 }} {{- include "mariadb.labels" . | nindent 4 }}
data: data:
RESTART_CONTAINER_CERTIFICATE_UPDATED: "false" MARIADB_USER: ironic
MARIADB_RANDOM_ROOT_PASSWORD: "yes"
MARIADB_DATABASE: ironic
MARIADB_AUTO_UPGRADE: "yes"

59
metal3-chart/charts/mariadb/templates/deployment.yaml
View File

@@ -25,23 +25,50 @@ spec:
serviceAccountName: {{ include "mariadb.serviceAccountName" . }} serviceAccountName: {{ include "mariadb.serviceAccountName" . }}
securityContext: securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }} {{- toYaml .Values.podSecurityContext | nindent 8 }}
initContainers:
# This would run during entrypoint if run as root
- name: set-volume-owners
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
securityContext:
runAsUser: 0
allowPrivilegeEscalation: true
capabilities:
drop:
- ALL
add:
- CHOWN
- FOWNER
- DAC_OVERRIDE
seccompProfile:
type: RuntimeDefault
volumeMounts:
- name: mariadb-conf
mountPath: /etc/mysql/conf.d
- name: mariadb-run
mountPath: /run/mysql
{{- $volmounts }}
command: ['bash', '-c', 'source /usr/local/bin/docker-entrypoint.sh && docker_create_db_directories']
env:
- name: DATADIR
value: /var/lib/mysql
- name: SOCKET
value: /run/mysql/mysql.sock
containers: containers:
- name: mariadb - name: mariadb
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
imagePullPolicy: {{ .Values.image.pullPolicy }} imagePullPolicy: {{ .Values.image.pullPolicy }}
securityContext: securityContext:
{{- toYaml .Values.securityContext | nindent 12 }} {{- toYaml .Values.securityContext | nindent 12 }}
envFrom:
- configMapRef:
name: mariadb-cm
env: env:
- name: MARIADB_PASSWORD - name: MARIADB_PASSWORD
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
key: password key: password
name: ironic-mariadb name: ironic-mariadb
- name: RESTART_CONTAINER_CERTIFICATE_UPDATED
valueFrom:
configMapKeyRef:
name: mariadb-cm
key: RESTART_CONTAINER_CERTIFICATE_UPDATED
lifecycle: lifecycle:
preStop: preStop:
exec: exec:
@@ -52,9 +79,9 @@ spec:
livenessProbe: livenessProbe:
exec: exec:
command: command:
- sh - healthcheck.sh
- -c - --connect
- mysqladmin status -uironic -p$(printenv MARIADB_PASSWORD) - --innodb_initialized
failureThreshold: 10 failureThreshold: 10
initialDelaySeconds: 30 initialDelaySeconds: 30
periodSeconds: 30 periodSeconds: 30
@@ -67,19 +94,29 @@ spec:
readinessProbe: readinessProbe:
exec: exec:
command: command:
- sh - healthcheck.sh
- -c - --connect
- mysqladmin status -uironic -p$(printenv MARIADB_PASSWORD) - --innodb_initialized
failureThreshold: 10 failureThreshold: 10
initialDelaySeconds: 30 initialDelaySeconds: 30
periodSeconds: 30 periodSeconds: 30
successThreshold: 1 successThreshold: 1
timeoutSeconds: 10 timeoutSeconds: 10
volumeMounts: volumeMounts:
- name: mariadb-conf
mountPath: /etc/mysql/conf.d
- name: mariadb-run
mountPath: /run/mysql
{{- $volmounts }} {{- $volmounts }}
{{- with .Values.global.nodeSelector }} {{- with .Values.global.nodeSelector }}
nodeSelector: nodeSelector:
{{- toYaml . | nindent 8 }} {{- toYaml . | nindent 8 }}
{{- end }} {{- end }}
volumes: volumes:
- name: mariadb-conf
configMap:
name: mariadb-config
- name: mariadb-run
emptyDir:
sizeLimit: 20Mi
{{- $volumes }} {{- $volumes }}

9
metal3-chart/charts/mariadb/values.yaml
View File

@@ -12,9 +12,9 @@ service:
targetPort: 3306 targetPort: 3306
image: image:
repository: registry.opensuse.org/isv/suse/edge/metal3/containers/images/suse/mariadb repository: registry.suse.com/suse/mariadb
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
tag: 10.6.15.1 tag: 10.11
nameOverride: "" nameOverride: ""
fullnameOverride: "" fullnameOverride: ""
@@ -31,8 +31,8 @@ serviceAccount:
podAnnotations: {} podAnnotations: {}
podSecurityContext: podSecurityContext:
runAsUser: 10060 runAsUser: 60
fsGroup: 10060 fsGroup: 60
securityContext: securityContext:
allowPrivilegeEscalation: false allowPrivilegeEscalation: false
@@ -60,6 +60,7 @@ persistence:
volumeMounts: volumeMounts:
- name: mariadb-data-volume - name: mariadb-data-volume
mountPath: /var/lib/mysql mountPath: /var/lib/mysql
subPath: data
volumes: volumes:
- name: mariadb-data-volume - name: mariadb-data-volume

4
metal3-chart/values.yaml
View File

@@ -115,8 +115,8 @@ metal3-mariadb:
persistence: persistence:
storageClass: "" storageClass: ""
image: image:
repository: "registry.suse.com/edge/mariadb" repository: "registry.suse.com/suse/mariadb"
tag: "10.6.15.1" tag: "10.11"
# #
# Baremetal Operator # Baremetal Operator

2
release-manifest-image/release_manifest.yaml
View File

@@ -171,7 +171,7 @@ spec:
- prettyName: Metal3 - prettyName: Metal3
releaseName: metal3 releaseName: metal3
chart: "%%CHART_REPO%%/%%CHART_PREFIX%%metal3" chart: "%%CHART_REPO%%/%%CHART_PREFIX%%metal3"
version: "%%CHART_MAJOR%%.0.7+up0.11.5" version: "%%CHART_MAJOR%%.0.8+up0.11.6"
- prettyName: RancherTurtles - prettyName: RancherTurtles
releaseName: rancher-turtles releaseName: rancher-turtles
chart: "%%CHART_REPO%%/%%CHART_PREFIX%%rancher-turtles" chart: "%%CHART_REPO%%/%%CHART_PREFIX%%rancher-turtles"