Mariadb-Cluster

Mariadb-Cluster¶

There are various customizations you can do to tailor the deployment of OpenStack Mariadb-Cluster. You can find those below.

General Parameters¶

conf.database.auto_upgrade.disable_upgrade_backup

Type: bool

Description:

false

conf.database.auto_upgrade.enabled

Type: bool

Description:

true

conf.database.config_override

Type: string

Description:

nil
conf.database.galera
Type: string

Description:
[mariadb]
bind-address=0.0.0.0
default_storage_engine=InnoDB
binlog_format=row
innodb_autoinc_lock_mode=2
max_allowed_packet=256M
########################
#
########################
ignore-db-dirs=lost+found

# Charset
character_set_server=utf8
collation_server=utf8_general_ci
skip-character-set-client-handshake

# Logging
slow_query_log=off
slow_query_log_file=/var/log/mysql/mariadb-slow.log
log_warnings=2

# General logging has huge performance penalty therefore is disabled by default
general_log=off
general_log_file=/var/log/mysql/mariadb-error.log

long_query_time=3
log_queries_not_using_indexes=on

# Networking
bind_address=0.0.0.0
port={{ tuple \"oslo_db\" \"direct\" \"mysql\" . | include \"helm-toolkit.endpoints.endpoint_port_lookup\" }}

# When a client connects, the server will perform hostname resolution,
# and when DNS is slow, establishing the connection will become slow as well.
# It is therefore recommended to start the server with skip-name-resolve to
# disable all DNS lookups. The only limitation is that the GRANT statements
# must then use IP addresses only.
skip_name_resolve

# Tuning
user=mysql
max_allowed_packet=256M
open_files_limit=10240
max_connections=8192
max-connect-errors=1000000

# General security settings
# Reference: https://dev.mysql.com/doc/mysql-security-excerpt/8.0/en/general-security-issues.html
# secure_file_priv is set to '/home' because it is read-only, which will
# disable this feature completely.
secure_file_priv=/home
local_infile=0
symbolic_links=0
sql_mode=\"STRICT_ALL_TABLES,STRICT_TRANS_TABLES,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION\"


## Generally, it is unwise to set the query cache to be larger than 64-128M
## as the costs associated with maintaining the cache outweigh the performance
## gains.
## The query cache is a well known bottleneck that can be seen even when
## concurrency is moderate. The best option is to disable it from day 1
## by setting query_cache_size=0 (now the default on MySQL 5.6)
## and to use other ways to speed up read queries: good indexing, adding
## replicas to spread the read load or using an external cache.
query_cache_size=0
query_cache_type=0

sync_binlog=0
thread_cache_size=16
table_open_cache=2048
table_definition_cache=1024

#
# InnoDB
#
# The buffer pool is where data and indexes are cached: having it as large as possible
# will ensure you use memory and not disks for most read operations.
# Typical values are 50..75% of available RAM.
# TODO(tomasz.paszkowski): This needs to by dynamic based on available RAM.
innodb_buffer_pool_size=1024M
innodb_doublewrite=0
innodb_file_per_table=1
innodb_flush_method=O_DIRECT
innodb_io_capacity=500
innodb_log_file_size=128M
innodb_old_blocks_time=1000
innodb_read_io_threads=8
innodb_write_io_threads=8

{{ if .Values.manifests.certificates }}
# TLS
ssl_ca=/etc/mysql/certs/ca.crt
ssl_key=/etc/mysql/certs/tls.key
ssl_cert=/etc/mysql/certs/tls.crt
# tls_version = TLSv1.2,TLSv1.3
{{ end }}


[mysqldump]
max-allowed-packet=16M

[client]
default_character_set=utf8
{{ if .Values.manifests.certificates }}
# TLS
ssl_ca=/etc/mysql/certs/ca.crt
ssl_key=/etc/mysql/certs/tls.key
ssl_cert=/etc/mysql/certs/tls.crt
# tls_version = TLSv1.2,TLSv1.3
{{ end }}
conf.database.init_script
Type: string

Description:
#!/usr/bin/env bash

{{/*
Licensed under the Apache License, Version 2.0 (the \"License\");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

  http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an \"AS IS\" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}

set -x

chown -R \"mysql:mysql\" /var/lib/mysql;
chmod 771 /var/lib/mysql;
conf.database.my
Type: string

Description:
[mysqld]
datadir=/var/lib/mysql
basedir=/usr
ignore-db-dirs=lost+found

[client-server]
!includedir /etc/mysql/conf.d/
conf.database.mysql_histfile

Type: string

Description:

“/dev/null”

conf.galera.agent.gracefulShutdownTimeout

Type: string

Description:

“5s”

conf.galera.agent.kubernetesAuth.enabled

Type: bool

Description:

true

conf.galera.agent.port

Type: int

Description:

5555

conf.galera.enabled

Type: bool

Description:

true

conf.galera.primary.automaticFailover

Type: bool

Description:

true

conf.galera.primary.podIndex

Type: int

Description:

0

conf.galera.recovery.clusterBootstrapTimeout

Type: string

Description:

“10m”

conf.galera.recovery.clusterHealthyTimeout

Type: string

Description:

“3m”

conf.galera.recovery.enabled

Type: bool

Description:

true

conf.galera.recovery.podRecoveryTimeout

Type: string

Description:

“5m”

conf.galera.recovery.podSyncTimeout

Type: string

Description:

“5m”

conf.galera.replicaThreads

Type: int

Description:

1

conf.galera.sst

Type: string

Description:

“mariabackup”

conf.mariadb_server.setup_wait.duration

Type: int

Description:

5

conf.mariadb_server.setup_wait.iteration

Type: int

Description:

30

conf.tests.endpoint

Type: string

Description:

“internal”

conf.tests.params[0]

Type: string

Description:

“–auto-generate-sql”

conf.tests.params[1]

Type: string

Description:

“–concurrency=100”

conf.tests.params[2]

Type: string

Description:

“–number-of-queries=1000”

conf.tests.params[3]

Type: string

Description:

“–number-char-cols=1”

conf.tests.params[4]

Type: string

Description:

“–number-int-cols=1”

dependencies.dynamic.common.local_image_registry.jobs[0]

Type: string

Description:

“mariadb-server-image-repo-sync”

dependencies.dynamic.common.local_image_registry.services[0].endpoint

Type: string

Description:

“node”

dependencies.dynamic.common.local_image_registry.services[0].service

Type: string

Description:

“local_image_registry”

dependencies.static.image_repo_sync.services[0].endpoint

Type: string

Description:

“internal”

dependencies.static.image_repo_sync.services[0].service

Type: string

Description:

“local_image_registry”

dependencies.static.tests.services[0].endpoint

Type: string

Description:

“internal”

dependencies.static.tests.services[0].service

Type: string

Description:

“oslo_db”

endpoints.cluster_domain_suffix

Type: string

Description:

“cluster.local”

endpoints.identity.auth.admin.auth_url

Type: string

Description:

nil

endpoints.identity.auth.admin.password

Type: string

Description:

“password”

endpoints.identity.auth.admin.project_domain_name

Type: string

Description:

“default”

endpoints.identity.auth.admin.project_name

Type: string

Description:

“admin”

endpoints.identity.auth.admin.region_name

Type: string

Description:

“RegionOne”

endpoints.identity.auth.admin.user_domain_name

Type: string

Description:

“default”

endpoints.identity.auth.admin.username

Type: string

Description:

“admin”

endpoints.identity.auth.mariadb-server.auth_url

Type: string

Description:

nil

endpoints.identity.auth.mariadb-server.password

Type: string

Description:

“password”

endpoints.identity.auth.mariadb-server.project_domain_name

Type: string

Description:

“service”

endpoints.identity.auth.mariadb-server.project_name

Type: string

Description:

“service”

endpoints.identity.auth.mariadb-server.region_name

Type: string

Description:

“RegionOne”

endpoints.identity.auth.mariadb-server.role

Type: string

Description:

“admin”

endpoints.identity.auth.mariadb-server.user_domain_name

Type: string

Description:

“service”

endpoints.identity.auth.mariadb-server.username

Type: string

Description:

“mariadb-backup-user”

endpoints.identity.host_fqdn_override.default

Type: string

Description:

nil

endpoints.identity.hosts.default

Type: string

Description:

“keystone”

endpoints.identity.hosts.internal

Type: string

Description:

“keystone-api”

endpoints.identity.name

Type: string

Description:

“backup-storage-auth”

endpoints.identity.namespace

Type: string

Description:

“openstack”

endpoints.identity.path.default

Type: string

Description:

“/v3”

endpoints.identity.port.api.default

Type: int

Description:

80

endpoints.identity.port.api.internal

Type: int

Description:

5000

endpoints.identity.scheme.default

Type: string

Description:

“http”

endpoints.kube_dns.host_fqdn_override.default

Type: string

Description:

nil

endpoints.kube_dns.hosts.default

Type: string

Description:

“kube-dns”

endpoints.kube_dns.name

Type: string

Description:

“kubernetes-dns”

endpoints.kube_dns.namespace

Type: string

Description:

“kube-system”

endpoints.kube_dns.path.default

Type: string

Description:

nil

endpoints.kube_dns.port.dns.default

Type: int

Description:

53

endpoints.kube_dns.port.dns.protocol

Type: string

Description:

“UDP”

endpoints.kube_dns.port.dns_tcp.default

Type: int

Description:

53

endpoints.kube_dns.scheme

Type: string

Description:

“http”

endpoints.local_image_registry.host_fqdn_override.default

Type: string

Description:

nil

endpoints.local_image_registry.hosts.default

Type: string

Description:

“localhost”

endpoints.local_image_registry.hosts.internal

Type: string

Description:

“docker-registry”

endpoints.local_image_registry.hosts.node

Type: string

Description:

“localhost”

endpoints.local_image_registry.name

Type: string

Description:

“docker-registry”

endpoints.local_image_registry.namespace

Type: string

Description:

“docker-registry”

endpoints.local_image_registry.port.registry.node

Type: int

Description:

5000

endpoints.monitoring.host_fqdn_override.default

Type: string

Description:

nil

endpoints.monitoring.hosts.default

Type: string

Description:

“prom-metrics”

endpoints.monitoring.hosts.public

Type: string

Description:

“prometheus”

endpoints.monitoring.name

Type: string

Description:

“prometheus”

endpoints.monitoring.namespace

Type: string

Description:

nil

endpoints.monitoring.path.default

Type: string

Description:

nil

endpoints.monitoring.port.api.default

Type: int

Description:

9090

endpoints.monitoring.port.api.public

Type: int

Description:

80

endpoints.monitoring.scheme.default

Type: string

Description:

“http”

endpoints.oci_image_registry.auth.enabled

Type: bool

Description:

false

endpoints.oci_image_registry.auth.mariadb.password

Type: string

Description:

“password”

endpoints.oci_image_registry.auth.mariadb.username

Type: string

Description:

“mariadb”

endpoints.oci_image_registry.host_fqdn_override.default

Type: string

Description:

nil

endpoints.oci_image_registry.hosts.default

Type: string

Description:

“localhost”

endpoints.oci_image_registry.name

Type: string

Description:

“oci-image-registry”

endpoints.oci_image_registry.namespace

Type: string

Description:

“oci-image-registry”

endpoints.oci_image_registry.port.registry.default

Type: string

Description:

nil

endpoints.oslo_db.auth.admin.password

Type: string

Description:

“password”

endpoints.oslo_db.auth.admin.username

Type: string

Description:

“root”

endpoints.oslo_db.auth.audit.password

Type: string

Description:

“password”

endpoints.oslo_db.auth.audit.username

Type: string

Description:

“audit”

endpoints.oslo_db.auth.exporter.password

Type: string

Description:

“password”

endpoints.oslo_db.auth.exporter.username

Type: string

Description:

“exporter”

endpoints.oslo_db.auth.sst.password

Type: string

Description:

“password”

endpoints.oslo_db.auth.sst.username

Type: string

Description:

“sst”

endpoints.oslo_db.host_fqdn_override.default

Type: string

Description:

nil

endpoints.oslo_db.hosts.default

Type: string

Description:

“mariadb-server-primary”

endpoints.oslo_db.hosts.direct

Type: string

Description:

“mariadb-server-internal”

endpoints.oslo_db.hosts.discovery

Type: string

Description:

“mariadb-discovery”

endpoints.oslo_db.hosts.server

Type: string

Description:

“mariadb-server”

endpoints.oslo_db.namespace

Type: string

Description:

nil

endpoints.oslo_db.path

Type: string

Description:

nil

endpoints.oslo_db.port.mysql.default

Type: int

Description:

3306

endpoints.oslo_db.port.wsrep.default

Type: int

Description:

4567

endpoints.oslo_db.scheme

Type: string

Description:

“mysql+pymysql”

endpoints.prometheus_mysql_exporter.host_fqdn_override.default

Type: string

Description:

nil

endpoints.prometheus_mysql_exporter.hosts.default

Type: string

Description:

“mysql-exporter”

endpoints.prometheus_mysql_exporter.namespace

Type: string

Description:

nil

endpoints.prometheus_mysql_exporter.path.default

Type: string

Description:

“/metrics”

endpoints.prometheus_mysql_exporter.port.metrics.default

Type: int

Description:

9104

endpoints.prometheus_mysql_exporter.scheme.default

Type: string

Description:

“http”

helm3_hook

Type: bool

Description:

true

images.local_registry.active

Type: bool

Description:

false

images.local_registry.exclude[0]

Type: string

Description:

“dep_check”

images.local_registry.exclude[1]

Type: string

Description:

“image_repo_sync”

images.pull_policy

Type: string

Description:

“IfNotPresent”

images.tags.agent

Type: string

Description:

“ghcr.io/mariadb-operator/agent:v0.0.3”

images.tags.dep_check

Type: string

Description:

“quay.io/airshipit/kubernetes-entrypoint:latest-ubuntu_focal”

images.tags.image_repo_sync

Type: string

Description:

“docker.io/library/docker:17.07.0”

images.tags.initContainer

Type: string

Description:

“ghcr.io/mariadb-operator/init:v0.0.6”

images.tags.mariadb

Type: string

Description:

“docker.io/library/mariadb:10.6.14-focal”

images.tags.mariadb_cluster_refresh_statefulset

Type: string

Description:

“quay.io/airshipit/porthole-mysqlclient-utility:latest-ubuntu_focal”

images.tags.prometheus_mysql_exporter

Type: string

Description:

“docker.io/prom/mysqld-exporter:v0.12.1”

images.tags.prometheus_mysql_exporter_helm_tests

Type: string

Description:

“docker.io/openstackhelm/heat:wallaby-ubuntu_focal”

images.tags.scripted_test

Type: string

Description:

“docker.io/library/mariadb:10.6.14-focal”

jobs.mariadb_cluster_refresh_statefulset.activeDeadlineSeconds

Type: int

Description:

3600

jobs.mariadb_cluster_refresh_statefulset.backoffLimit

Type: int

Description:

87600

labels.job.node_selector_key

Type: string

Description:

“openstack-control-plane”

labels.job.node_selector_value

Type: string

Description:

“enabled”

labels.server.node_selector_key

Type: string

Description:

“openstack-control-plane”

labels.server.node_selector_value

Type: string

Description:

“enabled”

labels.test.node_selector_key

Type: string

Description:

“openstack-control-plane”

labels.test.node_selector_value

Type: string

Description:

“enabled”

manifests.certificates

Type: bool

Description:

false

manifests.configmap_bin

Type: bool

Description:

true

manifests.configmap_etc

Type: bool

Description:

true

manifests.job_image_repo_sync

Type: bool

Description:

true

manifests.mariadb

Type: bool

Description:

true

manifests.network_policy

Type: bool

Description:

false

manifests.pod_test

Type: bool

Description:

true

manifests.secret_dbadmin_password

Type: bool

Description:

true

manifests.secret_dbaudit_password

Type: bool

Description:

true

manifests.secret_etc

Type: bool

Description:

true

manifests.secret_registry

Type: bool

Description:

true

manifests.secret_sst_password

Type: bool

Description:

true

manifests.service_primary

Type: bool

Description:

true

monitoring.prometheus.enabled

Type: bool

Description:

false

monitoring.prometheus.mysqld_exporter.scrape

Type: bool

Description:

true

network_policy.mariadb.egress[0]

Type: object

Description:

{}

network_policy.mariadb.ingress[0]

Type: object

Description:

{}

pod.affinity.anti.topologyKey.default

Type: string

Description:

“kubernetes.io/hostname”

pod.affinity.anti.type.default

Type: string

Description:

“preferredDuringSchedulingIgnoredDuringExecution”

pod.affinity.anti.weight.default

Type: int

Description:

10

pod.lifecycle.disruption_budget.mariadb.min_available

Type: int

Description:

0

pod.lifecycle.termination_grace_period.prometheus_mysql_exporter.timeout

Type: int

Description:

30

pod.lifecycle.upgrades.deployments.pod_replacement_strategy

Type: string

Description:

“RollingUpdate”

pod.lifecycle.upgrades.deployments.revision_history

Type: int

Description:

3

pod.lifecycle.upgrades.deployments.rolling_update.max_surge

Type: int

Description:

3

pod.lifecycle.upgrades.deployments.rolling_update.max_unavailable

Type: int

Description:

1

pod.probes.server.mariadb.liveness.enabled

Type: bool

Description:

true

pod.probes.server.mariadb.liveness.params.initialDelaySeconds

Type: int

Description:

120

pod.probes.server.mariadb.liveness.params.periodSeconds

Type: int

Description:

30

pod.probes.server.mariadb.liveness.params.timeoutSeconds

Type: int

Description:

15

pod.probes.server.mariadb.readiness.enabled

Type: bool

Description:

true

pod.probes.server.mariadb.readiness.params.initialDelaySeconds

Type: int

Description:

30

pod.probes.server.mariadb.readiness.params.periodSeconds

Type: int

Description:

30

pod.probes.server.mariadb.readiness.params.timeoutSeconds

Type: int

Description:

15

pod.replicas.prometheus_mysql_exporter

Type: int

Description:

1

pod.replicas.server

Type: int

Description:

3

pod.resources.enabled

Type: bool

Description:

false

pod.resources.jobs.image_repo_sync.limits.cpu

Type: string

Description:

“2000m”

pod.resources.jobs.image_repo_sync.limits.memory

Type: string

Description:

“1024Mi”

pod.resources.jobs.image_repo_sync.requests.cpu

Type: string

Description:

“100m”

pod.resources.jobs.image_repo_sync.requests.memory

Type: string

Description:

“128Mi”

pod.resources.jobs.mariadb_cluster_refresh_statefulset.limits.cpu

Type: string

Description:

“2000m”

pod.resources.jobs.mariadb_cluster_refresh_statefulset.limits.memory

Type: string

Description:

“1024Mi”

pod.resources.jobs.mariadb_cluster_refresh_statefulset.requests.cpu

Type: string

Description:

“100m”

pod.resources.jobs.mariadb_cluster_refresh_statefulset.requests.memory

Type: string

Description:

“128Mi”

pod.resources.jobs.tests.limits.cpu

Type: string

Description:

“2000m”

pod.resources.jobs.tests.limits.memory

Type: string

Description:

“1024Mi”

pod.resources.jobs.tests.requests.cpu

Type: string

Description:

“100m”

pod.resources.jobs.tests.requests.memory

Type: string

Description:

“128Mi”

pod.resources.server.limits.cpu

Type: string

Description:

“2000m”

pod.resources.server.limits.memory

Type: string

Description:

“1024Mi”

pod.resources.server.requests.cpu

Type: string

Description:

“100m”

pod.resources.server.requests.memory

Type: string

Description:

“128Mi”

pod.security_context.mariadb_cluster_refresh_statefulset.container.main.allowPrivilegeEscalation

Type: bool

Description:

false

pod.security_context.mariadb_cluster_refresh_statefulset.container.main.readOnlyRootFilesystem

Type: bool

Description:

true

pod.security_context.mariadb_cluster_refresh_statefulset.pod.runAsUser

Type: int

Description:

0

pod.security_context.server.container.agent.allowPrivilegeEscalation

Type: bool

Description:

false

pod.security_context.server.container.agent.readOnlyRootFilesystem

Type: bool

Description:

false

pod.security_context.server.container.agent.runAsUser

Type: int

Description:

0

pod.security_context.server.container.init-0.readOnlyRootFilesystem

Type: bool

Description:

true

pod.security_context.server.container.init-0.runAsUser

Type: int

Description:

0

pod.security_context.server.container.init.allowPrivilegeEscalation

Type: bool

Description:

false

pod.security_context.server.container.init.readOnlyRootFilesystem

Type: bool

Description:

false

pod.security_context.server.container.init.runAsUser

Type: int

Description:

0

pod.security_context.server.container.mariadb.allowPrivilegeEscalation

Type: bool

Description:

false

pod.security_context.server.container.mariadb.readOnlyRootFilesystem

Type: bool

Description:

false

pod.security_context.server.container.mariadb.runAsUser

Type: int

Description:

0

pod.security_context.server.pod.runAsUser

Type: int

Description:

0

pod.security_context.tests.container.test.readOnlyRootFilesystem

Type: bool

Description:

true

pod.security_context.tests.container.test.runAsUser

Type: int

Description:

999

pod.security_context.tests.pod.runAsUser

Type: int

Description:

999

pod.tolerations.mariadb.enabled

Type: bool

Description:

false

pod.tolerations.mariadb.tolerations[0].effect

Type: string

Description:

“NoSchedule”

pod.tolerations.mariadb.tolerations[0].key

Type: string

Description:

“node-role.kubernetes.io/master”

pod.tolerations.mariadb.tolerations[0].operator

Type: string

Description:

“Exists”

pod.tolerations.mariadb.tolerations[1].effect

Type: string

Description:

“NoSchedule”

pod.tolerations.mariadb.tolerations[1].key

Type: string

Description:

“node-role.kubernetes.io/control-plane”

pod.tolerations.mariadb.tolerations[1].operator

Type: string

Description:

“Exists”

release_group

Type: string

Description:

nil

secrets.identity.admin

Type: string

Description:

“keystone-admin-user”

secrets.oci_image_registry.mariadb

Type: string

Description:

“mariadb-oci-image-registry-key”

secrets.tls.oslo_db.server.internal

Type: string

Description:

“mariadb-tls-direct”

secrets.tls.oslo_db.server.public

Type: string

Description:

“mariadb-tls-server”

volume.backup.class_name

Type: string

Description:

“general”

volume.backup.enabled

Type: bool

Description:

true

volume.backup.size

Type: string

Description:

“5Gi”

volume.class_name

Type: string

Description:

“general”

volume.enabled

Type: bool

Description:

true

volume.galera.class_name

Type: string

Description:

“general”

volume.galera.enabled

Type: bool

Description:

true

volume.galera.size

Type: string

Description:

“300Mi”

volume.size

Type: string

Description:

“5Gi”

this page last updated: 2025-04-03 18:46:59

Creative Commons Attribution 3.0 License

Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.