Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[keystone][pxc-db] Add support for PXC galera cluster #7583

Draft
wants to merge 1 commit into
base: master
Choose a base branch
from
Draft
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 9 additions & 9 deletions openstack/keystone/Chart.lock
Original file line number Diff line number Diff line change
Expand Up @@ -2,26 +2,26 @@ dependencies:
- name: mariadb
repository: oci://keppel.eu-de-1.cloud.sap/ccloud-helm
version: 0.14.2
- name: mariadb-galera
- name: pxc-db
repository: oci://keppel.eu-de-1.cloud.sap/ccloud-helm
version: 0.29.3
version: 0.2.0
- name: memcached
repository: oci://keppel.eu-de-1.cloud.sap/ccloud-helm
version: 0.5.3
- name: mysql_metrics
repository: oci://keppel.eu-de-1.cloud.sap/ccloud-helm
version: 0.3.5
version: 0.4.1
- name: owner-info
repository: oci://keppel.eu-de-1.cloud.sap/ccloud-helm
version: 0.2.3
version: 1.0.0
- name: percona_cluster
repository: oci://keppel.eu-de-1.cloud.sap/ccloud-helm
version: 1.1.7
version: 1.1.9
- name: utils
repository: oci://keppel.eu-de-1.cloud.sap/ccloud-helm
version: 0.15.0
version: 0.21.0
- name: linkerd-support
repository: oci://keppel.eu-de-1.cloud.sap/ccloud-helm
version: 0.1.4
digest: sha256:7f3e9665e9e649af94735fe7b6233667353fe5aca639dc86e295def90a56f4b7
generated: "2024-09-30T20:42:46.060829+05:30"
version: 1.1.0
digest: sha256:5b96192207a4b1db506ca740ba0d812d5e98eb5865c628b10086e19d38694e71
generated: "2024-12-20T15:22:39.713091+02:00"
20 changes: 10 additions & 10 deletions openstack/keystone/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -9,34 +9,34 @@ maintainers:
name: keystone
sources:
- https://github.com/sapcc/keystone
version: 0.8.0
version: 0.9.0
dependencies:
- condition: mariadb.enabled
name: mariadb
repository: oci://keppel.eu-de-1.cloud.sap/ccloud-helm
version: 0.14.2
- condition: mariadb_galera.enabled
name: mariadb-galera
alias: mariadb_galera
- condition: pxc_db.enabled
name: pxc-db
alias: pxc_db
repository: oci://keppel.eu-de-1.cloud.sap/ccloud-helm
version: 0.29.3
version: 0.2.0
- name: memcached
repository: oci://keppel.eu-de-1.cloud.sap/ccloud-helm
version: 0.5.3
- condition: mysql_metrics.enabled
name: mysql_metrics
repository: oci://keppel.eu-de-1.cloud.sap/ccloud-helm
version: 0.3.5
version: 0.4.1
- name: owner-info
repository: oci://keppel.eu-de-1.cloud.sap/ccloud-helm
version: 0.2.3
version: 1.0.0
- condition: percona_cluster.enabled
name: percona_cluster
repository: oci://keppel.eu-de-1.cloud.sap/ccloud-helm
version: 1.1.7
version: 1.1.9
- name: utils
repository: oci://keppel.eu-de-1.cloud.sap/ccloud-helm
version: 0.15.0
version: 0.21.0
- name: linkerd-support
repository: oci://keppel.eu-de-1.cloud.sap/ccloud-helm
version: 0.1.4
version: 1.1.0
17 changes: 16 additions & 1 deletion openstack/keystone/ci/test-values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ global:
db_region: local
region: test
master_password: test
registryAlternateRegion: test
registryAlternateRegion: test
dockerHubMirror: mirror0
dockerHubMirrorAlternateRegion: test2
osprofiler:
Expand All @@ -23,6 +23,21 @@ osprofiler:
jager:
enabled: true

mariadb:
root_password: topSecret!
backup_v2:
enabled: false
users:
keystone:
name: keystone
password: topSecret!
backup:
name: backup
password: topSecret!

mysql_metrics:
db_password: topSecret!

rabbitmq:
users:
default:
Expand Down
17 changes: 0 additions & 17 deletions openstack/keystone/templates/_helpers.tpl
Original file line number Diff line number Diff line change
Expand Up @@ -15,16 +15,6 @@ We truncate at 63 chars because some Kubernetes name fields are limited to this
{{- printf "%s-%s" .Release.Name $name | trunc 63 | replace "_" "-" | trimSuffix "-" -}}
{{- end -}}

{{- define "db_host" -}}
{{- if .Values.global.clusterDomain -}}
{{.Release.Name}}-mariadb.{{.Release.Namespace}}.svc.{{.Values.global.clusterDomain}}
{{- else if and .Values.mariadb_galera.enabled .Values.databaseKind (eq .Values.databaseKind "galera") -}}
{{.Release.Name}}-mariadb.{{.Release.Namespace}}
{{- else -}}
{{.Release.Name}}-mariadb.{{.Release.Namespace}}.svc.kubernetes.{{.Values.global.region}}.{{.Values.global.tld}}
{{- end -}}
{{- end -}}

{{- define "memcached_host" -}}
{{- if .Values.global.clusterDomain -}}
{{.Release.Name}}-memcached.{{.Release.Namespace}}.svc.{{.Values.global.clusterDomain}}
Expand All @@ -45,13 +35,6 @@ We truncate at 63 chars because some Kubernetes name fields are limited to this
{{- end -}}
{{- end -}}

{{/*
To satisfy common/mysql_metrics :(
*/}}

{{define "keystone_db_host"}}{{- if .Values.global.clusterDomain }}{{.Release.Name}}-mariadb.{{.Release.Namespace}}.svc.{{.Values.global.clusterDomain}}{{ else }}{{.Release.Name}}-mariadb.{{.Release.Namespace}}.svc.kubernetes.{{.Values.global.region}}.{{.Values.global.tld}}{{- end -}}{{end}}


{{- define "2faproxy.selectorLabels" -}}
app.kubernetes.io/name: 2faproxy
app.kubernetes.io/instance: {{ .Release.Name }}
Expand Down
13 changes: 3 additions & 10 deletions openstack/keystone/templates/etc/_secrets.conf.tpl
Original file line number Diff line number Diff line change
@@ -1,17 +1,10 @@
[database]
# Database connection string - MariaDB for regional setup
# and Percona Cluster for inter-regional setup:
{{ if .Values.percona_cluster.enabled -}}
{{/* in caase percona is active and we need to switch the connection string to mariadb-galera cluster without removing the percona cluster objects */}}
{{- if and .Values.mariadb_galera.enabled .Values.databaseKind (eq .Values.databaseKind "galera") -}}
connection = mysql+pymysql://{{ .Values.mariadb_galera.mariadb.users.keystone.username }}:{{.Values.mariadb_galera.mariadb.users.keystone.password }}@{{include "db_host" .}}/{{ .Values.mariadb_galera.mariadb.database_name_to_connect }}?charset=utf8
{{- else }}
{{- if or .Values.percona_cluster.enabled (eq .Values.dbType "pxc-global") }}
connection = {{ include "db_url_pxc" . }}
{{- end }}
{{- else if .Values.global.clusterDomain -}}
connection = mysql+pymysql://{{ default .Release.Name .Values.global.dbUser }}:{{.Values.global.dbPassword }}@{{include "db_host" .}}/{{ default .Release.Name .Values.mariadb.name }}?charset=utf8
{{- else if and .Values.mariadb_galera.enabled .Values.databaseKind (eq .Values.databaseKind "galera") -}}
connection = mysql+pymysql://{{ .Values.mariadb_galera.mariadb.users.keystone.username }}:{{.Values.mariadb_galera.mariadb.users.keystone.password }}@{{include "db_host" .}}/{{ .Values.mariadb_galera.mariadb.database_name_to_connect }}?charset=utf8
{{- else if .Values.dbType }}
connection = {{ include "utils.db_url" . }}
{{- else }}
connection = {{ include "db_url_mysql" . }}
{{- end }}
Expand Down
32 changes: 29 additions & 3 deletions openstack/keystone/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -296,10 +296,36 @@ mariadb:
# Annotate the Deployment, StatefulSet or DaemonSet with vpa-butler.cloud.sap/main-container=$MAIN_CONTAINER. That will distribute 75% of the maximum available capacity to the main container and the rest evenly across all others
set_main_container: true

# MariaDB Galera cluster as database backend
# mariadb.enabled has to be false if Galera is enabled
mariadb_galera:
pxc_db:
enabled: false
name: keystone
initdb_job: true
alerts:
support_group: identity
databases:
- keystone
users:
keystone:
name: keystone
grants:
- "ALL PRIVILEGES on keystone.*"
pxc:
resources:
requests:
memory: 1Gi
persistence:
size: 10Gi
backup:
enabled: false
s3:
secrets:
aws_access_key_id: null
aws_secret_access_key: null
config:
region: DEFINED-IN-SECRETS
endpointUrl: DEFINED-IN-SECRETS
pitr:
enabled: false

mysql_metrics:
enabled: true
Expand Down
Loading