uis-cloud-computing/7project/tofu/modules/maxscale/charts/maxscale-helm/templates/config.yaml

apiVersion: k8s.mariadb.com/v1alpha1
kind: MariaDB
metadata:
  name: mariadb-repl
  namespace: mariadb-operator
spec:
  rootPasswordSecretKeyRef:
    name: mariadb-secret
    key: root-password

  username: mariadb
  passwordSecretKeyRef:
    name: mariadb-secret
    key: password
  database: mariadb

  storage:
    size: 5Gi
    storageClassName: longhorn
    resizeInUseVolumes: true
    waitForVolumeResize: true
    volumeClaimTemplate:
      accessModes:
      - ReadWriteOnce
      resources:
        requests:
          storage: 5Gi
      storageClassName: longhorn

  replicas: 3
  replicasAllowEvenNumber: true

  podSpec:
    securityContext:
      allowPrivilegeEscalation: false
      capabilities:
        drop:
          - "ALL"
      seccompProfile:
        type: RuntimeDefault

  maxScale:
    enabled: true

    kubernetesService:
      type: LoadBalancer
      metadata:
        annotations:
          metallb.universe.tf/loadBalancerIPs: {{ .Values.metallb.maxscale_ip | default "" | quote }}

    connection:
      secretName: mxs-repl-conn
      port: 3306

    metrics:
      enabled: true
      serviceMonitor:
        enabled: true
        interval: 30s
        scrapeTimeout: 10s
        prometheusRelease: kube-prometheus-stack
        jobLabel: mariadb-monitoring
    auth:
      generate: true

    tls:
      enabled: true

  replication:
    enabled: true
    primary:
      podIndex: 0
      automaticFailover: true
    replica:
      waitPoint: AfterSync
      gtid: CurrentPos
      replPasswordSecretKeyRef:
        name: mariadb-secret
        key: password
      connectionTimeout: 10s
      connectionRetries: 10
      syncTimeout: 10s
    syncBinlog: 1
    probesEnabled: true

  service:
    type: LoadBalancer
    metadata:
      annotations:
        metallb.universe.tf/loadBalancerIPs: {{ .Values.metallb.service_ip | default "" | quote }}
  connection:
    secretName: mariadb-repl-conn
    secretTemplate:
      key: dsn

  primaryService:
    type: LoadBalancer
    metadata:
      annotations:
        metallb.universe.tf/loadBalancerIPs: {{ .Values.metallb.primary_ip | default "" | quote }}
  primaryConnection:
    secretName: mariadb-repl-conn-primary
    secretTemplate:
      key: dsn

  secondaryService:
    type: LoadBalancer
    metadata:
      annotations:
        metallb.universe.tf/loadBalancerIPs: {{ .Values.metallb.secondary_ip | default "" | quote }}
  secondaryConnection:
    secretName: mariadb-repl-conn-secondary
    secretTemplate:
      key: dsn

  affinity:
    podAntiAffinity:
      preferredDuringSchedulingIgnoredDuringExecution:
        - weight: 100
          podAffinityTerm:
            labelSelector:
              matchExpressions:
                - key: app.kubernetes.io/name
                  operator: In
                  values:
                    - mariadb-repl
            topologyKey: kubernetes.io/hostname

  tolerations:
    - key: "k8s.mariadb.com/ha"
      operator: "Exists"
      effect: "NoSchedule"

  podDisruptionBudget:
    maxUnavailable: 33%

  updateStrategy:
    type: ReplicasFirstPrimaryLast

  myCnf: |
    [mariadb]
    bind-address=*
    default_storage_engine=InnoDB
    binlog_format=row
    innodb_autoinc_lock_mode=2
    innodb_buffer_pool_size=1024M
    max_allowed_packet=256M

  #timeZone: Europe/Prague

  resources:
    requests:
      cpu: 100m
      memory: 128Mi
    limits:
      memory: 1Gi

  livenessProbe:
    initialDelaySeconds: 20
    periodSeconds: 5
    timeoutSeconds: 5

  readinessProbe:
    initialDelaySeconds: 20
    periodSeconds: 5
    timeoutSeconds: 5

  metrics:
    enabled: true
    serviceMonitor:
      enabled: true
      interval: 30s
      scrapeTimeout: 10s
      prometheusRelease: kube-prometheus-stack
      jobLabel: mariadb-monitoring

  tls:
    enabled: true
    required: true

  suspend: false