diff --git a/charts/psmdb-operator-db/Chart.yaml b/charts/psmdb-operator-db/Chart.yaml index 1800cf7..4cc240d 100644 --- a/charts/psmdb-operator-db/Chart.yaml +++ b/charts/psmdb-operator-db/Chart.yaml @@ -6,14 +6,14 @@ version: 1.0.0 appVersion: 1.0.0 dependencies: - name: psmdb-operator - version: 1.16.3 + version: 1.18.0 repository: https://percona.github.io/percona-helm-charts/ alias: psmdb-operator tags: - psmdb-operator condition: psmdb-operator.enabled - name: psmdb-db - version: 1.16.3 + version: 1.18.0 repository: https://percona.github.io/percona-helm-charts/ alias: psmdb-db tags: diff --git a/charts/psmdb-operator-db/backup.yaml b/charts/psmdb-operator-db/backup.yaml index b352a41..b34885a 100644 --- a/charts/psmdb-operator-db/backup.yaml +++ b/charts/psmdb-operator-db/backup.yaml @@ -3,8 +3,8 @@ kind: PerconaServerMongoDBBackup metadata: finalizers: - delete-backup - name: backup + name: backup #specify the backup name. You will use this name to restore from this backup spec: - clusterName: mdb-db-psmdb-db - storageName: azure-blob + clusterName: mdb-db-psmdb-db #specify the name of your cluster. This is the name you specified when deploying Percona Server for MongoDB. + storageName: azure-blob #specify the name of your already configured storage. type: logical diff --git a/charts/psmdb-operator-db/restore.yaml b/charts/psmdb-operator-db/restore.yaml index 1f70940..ef68d97 100644 --- a/charts/psmdb-operator-db/restore.yaml +++ b/charts/psmdb-operator-db/restore.yaml @@ -3,6 +3,5 @@ kind: PerconaServerMongoDBRestore metadata: name: restore1 spec: - clusterName: mdb-db-psmdb-db - backupName: backup - \ No newline at end of file + clusterName: mdb-db-psmdb-db #specify the name of your cluster. This is the name you specified when deploying Percona Server for MongoDB. + backupName: backup #specify the backup name. You will use this name to restore from this backup diff --git a/charts/psmdb-operator-db/values.yaml b/charts/psmdb-operator-db/values.yaml index 3c8d9c8..7b59ead 100644 --- a/charts/psmdb-operator-db/values.yaml +++ b/charts/psmdb-operator-db/values.yaml @@ -1,18 +1,677 @@ psmdb-operator: enabled: true + # Default values for psmdb-operator. + # This is a YAML-formatted file. + # Declare variables to be passed into your templates. + + replicaCount: 1 + + image: + repository: percona/percona-server-mongodb-operator + tag: 1.18.0 + pullPolicy: IfNotPresent + + # disableTelemetry: according to + # https://docs.percona.com/percona-operator-for-mongodb/telemetry.html + # this is how you can disable telemetry collection + # default is false which means telemetry will be collected + disableTelemetry: false + + # set if you want to specify a namespace to watch + # defaults to `.Release.namespace` if left blank + # multiple namespaces can be specified and separated by comma + # watchNamespace: + # set if you want that watched namespaces are created by helm + # createNamespace: false + + # set if operator should be deployed in cluster wide mode. defaults to false + watchAllNamespaces: false + + # rbac: settings for deployer RBAC creation + rbac: + # rbac.create: if false RBAC resources should be in place + create: true + + # serviceAccount: settings for Service Accounts used by the deployer + serviceAccount: + # serviceAccount.create: Whether to create the Service Accounts or not + create: true + # annotations to add to the service account + annotations: {} + + # annotations to add to the operator deployment + annotations: {} + + # labels to add to the operator deployment + labels: {} + + # annotations to add to the operator pod + podAnnotations: {} + # prometheus.io/scrape: "true" + # prometheus.io/port: "8080" + + # labels to the operator pod + podLabels: {} + + podSecurityContext: {} + # runAsNonRoot: true + # runAsUser: 2 + # runAsGroup: 2 + # fsGroup: 2 + # fsGroupChangePolicy: "OnRootMismatch" + + securityContext: {} + # allowPrivilegeEscalation: false + # capabilities: + # drop: + # - ALL + # seccompProfile: + # type: RuntimeDefault + + # set if you want to use a different operator name + # defaults to `percona-server-mongodb-operator` + # operatorName: + + imagePullSecrets: [] + nameOverride: "" + fullnameOverride: "" + + env: + resyncPeriod: 5s + + resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + + nodeSelector: {} + + tolerations: [] + + affinity: {} + + logStructured: false + logLevel: "INFO" psmdb-db: enabled: true + + # Default values for psmdb-cluster. + # This is a YAML-formatted file. + # Declare variables to be passed into your templates. + + # Platform type: kubernetes, openshift + # platform: kubernetes + + # Cluster DNS Suffix + # clusterServiceDNSSuffix: svc.cluster.local + # clusterServiceDNSMode: "Internal" + + finalizers: + ## Set this if you want that operator deletes the primary pod last + - percona.com/delete-psmdb-pods-in-order + ## Set this if you want to delete database persistent volumes on cluster deletion + # - percona.com/delete-psmdb-pvc + ## Set this if you want to delete all pitr chunks on cluster deletion + # - percona.com/delete-pitr-chunks + + nameOverride: "" + fullnameOverride: "" + + crVersion: 1.18.0 + pause: false + unmanaged: false unsafeFlags: + tls: false replsetSize: true + mongosSize: false + terminationGracePeriod: false + backupIfUnhealthy: false + + enableVolumeExpansion: false + + annotations: {} + + # ignoreAnnotations: + # - service.beta.kubernetes.io/aws-load-balancer-backend-protocol + # ignoreLabels: + # - rack + multiCluster: + enabled: false + # DNSSuffix: svc.clusterset.local + updateStrategy: SmartUpdate + upgradeOptions: + versionServiceEndpoint: https://check.percona.com + apply: disabled + schedule: "0 2 * * *" + setFCV: false + + image: + repository: percona/percona-server-mongodb + tag: 7.0.14-8-multi + + imagePullPolicy: Always + # imagePullSecrets: [] + # initImage: + # repository: percona/percona-server-mongodb-operator + # tag: 1.18.0 + # initContainerSecurityContext: {} + # tls: + # mode: preferTLS + # # 90 days in hours + # certValidityDuration: 2160h + # allowInvalidCertificates: true + # issuerConf: + # name: special-selfsigned-issuer + # kind: ClusterIssuer + # group: cert-manager.io + secrets: {} + # If you set users secret here the operator will use existing one or generate random values + # If not set the operator generates the default secret with name -secrets + # users: my-cluster-name-secrets + # encryptionKey: my-cluster-name-mongodb-encryption-key + # keyFile: my-cluster-name-mongodb-keyfile + # vault: my-cluster-name-vault + # ldapSecret: my-ldap-secret + # sse: my-cluster-name-sse + + pmm: + enabled: false + image: + repository: percona/pmm-client + tag: 2.43.2 + serverHost: monitoring-service + # mongodParams: "" + # mongosParams: "" + # resources: {} + # containerSecurityContext: {} + replsets: rs0: name: rs0 size: 3 - backup: + # terminationGracePeriodSeconds: 300 + # externalNodes: + # - host: 34.124.76.90 + # - host: 34.124.76.91 + # port: 27017 + # votes: 0 + # priority: 0 + # - host: 34.124.76.92 + # configuration: | + # operationProfiling: + # mode: slowOp + # systemLog: + # verbosity: 1 + # serviceAccountName: percona-server-mongodb-operator + # topologySpreadConstraints: + # - labelSelector: + # matchLabels: + # app.kubernetes.io/name: percona-server-mongodb + # maxSkew: 1 + # topologyKey: kubernetes.io/hostname + # whenUnsatisfiable: DoNotSchedule + # replsetOverrides: + # my-cluster-name-rs0-0: + # host: my-cluster-name-rs0-0.example.net:27017 + # tags: + # key: value-0 + # my-cluster-name-rs0-1: + # host: my-cluster-name-rs0-1.example.net:27017 + # tags: + # key: value-1 + # my-cluster-name-rs0-2: + # host: my-cluster-name-rs0-2.example.net:27017 + # tags: + # key: value-2 + affinity: + antiAffinityTopologyKey: "kubernetes.io/hostname" + # advanced: + # podAffinity: + # requiredDuringSchedulingIgnoredDuringExecution: + # - labelSelector: + # matchExpressions: + # - key: security + # operator: In + # values: + # - S1 + # topologyKey: failure-domain.beta.kubernetes.io/zone + # tolerations: [] + # primaryPreferTagSelector: + # region: us-west-2 + # zone: us-west-2c + # priorityClass: "" + # annotations: {} + # labels: {} + # podSecurityContext: {} + # containerSecurityContext: {} + # nodeSelector: {} + # livenessProbe: + # failureThreshold: 4 + # initialDelaySeconds: 60 + # periodSeconds: 30 + # timeoutSeconds: 10 + # startupDelaySeconds: 7200 + # readinessProbe: + # failureThreshold: 8 + # initialDelaySeconds: 10 + # periodSeconds: 3 + # successThreshold: 1 + # timeoutSeconds: 2 + # runtimeClassName: image-rc + # storage: + # engine: wiredTiger + # wiredTiger: + # engineConfig: + # cacheSizeRatio: 0.5 + # directoryForIndexes: false + # journalCompressor: snappy + # collectionConfig: + # blockCompressor: snappy + # indexConfig: + # prefixCompression: true + # inMemory: + # engineConfig: + # inMemorySizeRatio: 0.5 + # sidecars: + # - image: busybox + # command: ["/bin/sh"] + # args: ["-c", "while true; do echo echo $(date -u) 'test' >> /dev/null; sleep 5;done"] + # name: rs-sidecar-1 + # volumeMounts: + # - mountPath: /volume1 + # name: sidecar-volume-claim + # - mountPath: /secret + # name: sidecar-secret + # - mountPath: /configmap + # name: sidecar-config + # sidecarVolumes: + # - name: sidecar-secret + # secret: + # secretName: mysecret + # - name: sidecar-config + # configMap: + # name: myconfigmap + # sidecarPVCs: + # - apiVersion: v1 + # kind: PersistentVolumeClaim + # metadata: + # name: sidecar-volume-claim + # spec: + # resources: + # requests: + # storage: 1Gi + # volumeMode: Filesystem + # accessModes: + # - ReadWriteOnce + podDisruptionBudget: + maxUnavailable: 1 + # splitHorizons: + # my-cluster-name-rs0-0: + # external: rs0-0.mycluster.xyz + # external-2: rs0-0.mycluster2.xyz + # my-cluster-name-rs0-1: + # external: rs0-1.mycluster.xyz + # external-2: rs0-1.mycluster2.xyz + # my-cluster-name-rs0-2: + # external: rs0-2.mycluster.xyz + # external-2: rs0-2.mycluster2.xyz + expose: + enabled: false + type: ClusterIP + # loadBalancerIP: 10.0.0.0 + # loadBalancerSourceRanges: + # - 10.0.0.0/8 + # annotations: + # service.beta.kubernetes.io/aws-load-balancer-backend-protocol: http + # labels: + # some-label: some-key + # internalTrafficPolicy: Local + # schedulerName: "" + resources: + limits: + cpu: "300m" + memory: "0.5G" + requests: + cpu: "300m" + memory: "0.5G" + volumeSpec: + # emptyDir: {} + # hostPath: + # path: /data + # type: Directory + pvc: + # annotations: + # volume.beta.kubernetes.io/storage-class: example-hostpath + # labels: + # rack: rack-22 + # storageClassName: standard + # accessModes: [ "ReadWriteOnce" ] + resources: + requests: + storage: 3Gi + # hostAliases: + # - ip: "10.10.0.2" + # hostnames: + # - "host1" + # - "host2" + nonvoting: + enabled: false + # podSecurityContext: {} + # containerSecurityContext: {} + size: 3 + # configuration: | + # operationProfiling: + # mode: slowOp + # systemLog: + # verbosity: 1 + # serviceAccountName: percona-server-mongodb-operator + affinity: + antiAffinityTopologyKey: "kubernetes.io/hostname" + # advanced: + # podAffinity: + # requiredDuringSchedulingIgnoredDuringExecution: + # - labelSelector: + # matchExpressions: + # - key: security + # operator: In + # values: + # - S1 + # topologyKey: failure-domain.beta.kubernetes.io/zone + # tolerations: [] + # priorityClass: "" + # annotations: {} + # labels: {} + # nodeSelector: {} + podDisruptionBudget: + maxUnavailable: 1 + resources: + limits: + cpu: "300m" + memory: "0.5G" + requests: + cpu: "300m" + memory: "0.5G" + volumeSpec: + # emptyDir: {} + # hostPath: + # path: /data + # type: Directory + pvc: + # annotations: + # volume.beta.kubernetes.io/storage-class: example-hostpath + # labels: + # rack: rack-22 + # storageClassName: standard + # accessModes: [ "ReadWriteOnce" ] + resources: + requests: + storage: 3Gi + arbiter: + enabled: false + size: 1 + # serviceAccountName: percona-server-mongodb-operator + affinity: + antiAffinityTopologyKey: "kubernetes.io/hostname" + # advanced: + # podAffinity: + # requiredDuringSchedulingIgnoredDuringExecution: + # - labelSelector: + # matchExpressions: + # - key: security + # operator: In + # values: + # - S1 + # topologyKey: failure-domain.beta.kubernetes.io/zone + # tolerations: [] + # priorityClass: "" + # annotations: {} + # labels: {} + # nodeSelector: {} + + sharding: enabled: true + balancer: + enabled: true + + configrs: + size: 3 + # terminationGracePeriodSeconds: 300 + # externalNodes: + # - host: 34.124.76.90 + # - host: 34.124.76.91 + # port: 27017 + # votes: 0 + # priority: 0 + # - host: 34.124.76.92 + # configuration: | + # operationProfiling: + # mode: slowOp + # systemLog: + # verbosity: 1 + # serviceAccountName: percona-server-mongodb-operator + # topologySpreadConstraints: + # - labelSelector: + # matchLabels: + # app.kubernetes.io/name: percona-server-mongodb + # maxSkew: 1 + # topologyKey: kubernetes.io/hostname + # whenUnsatisfiable: DoNotSchedule + affinity: + antiAffinityTopologyKey: "kubernetes.io/hostname" + # advanced: + # podAffinity: + # requiredDuringSchedulingIgnoredDuringExecution: + # - labelSelector: + # matchExpressions: + # - key: security + # operator: In + # values: + # - S1 + # topologyKey: failure-domain.beta.kubernetes.io/zone + # tolerations: [] + # priorityClass: "" + # annotations: {} + # labels: {} + # podSecurityContext: {} + # containerSecurityContext: {} + # nodeSelector: {} + # livenessProbe: {} + # readinessProbe: {} + # runtimeClassName: image-rc + # sidecars: + # - image: busybox + # command: ["/bin/sh"] + # args: ["-c", "while true; do echo echo $(date -u) 'test' >> /dev/null; sleep 5;done"] + # name: rs-sidecar-1 + # volumeMounts: + # - mountPath: /volume1 + # name: sidecar-volume-claim + # sidecarPVCs: [] + # sidecarVolumes: [] + podDisruptionBudget: + maxUnavailable: 1 + expose: + enabled: false + type: ClusterIP + # loadBalancerIP: 10.0.0.0 + # loadBalancerSourceRanges: + # - 10.0.0.0/8 + # annotations: + # service.beta.kubernetes.io/aws-load-balancer-backend-protocol: http + # labels: + # some-label: some-key + # internalTrafficPolicy: Local + resources: + limits: + cpu: "300m" + memory: "0.5G" + requests: + cpu: "300m" + memory: "0.5G" + volumeSpec: + # emptyDir: {} + # hostPath: + # path: /data + # type: Directory + pvc: + # annotations: + # volume.beta.kubernetes.io/storage-class: example-hostpath + # labels: + # rack: rack-22 + # storageClassName: standard + # accessModes: [ "ReadWriteOnce" ] + resources: + requests: + storage: 3Gi + # hostAliases: + # - ip: "10.10.0.2" + # hostnames: + # - "host1" + # - "host2" + + mongos: + size: 3 + # terminationGracePeriodSeconds: 300 + # configuration: | + # systemLog: + # verbosity: 1 + # serviceAccountName: percona-server-mongodb-operator + # topologySpreadConstraints: + # - labelSelector: + # matchLabels: + # app.kubernetes.io/name: percona-server-mongodb + # maxSkew: 1 + # topologyKey: kubernetes.io/hostname + # whenUnsatisfiable: DoNotSchedule + affinity: + antiAffinityTopologyKey: "kubernetes.io/hostname" + # advanced: + # podAffinity: + # requiredDuringSchedulingIgnoredDuringExecution: + # - labelSelector: + # matchExpressions: + # - key: security + # operator: In + # values: + # - S1 + # topologyKey: failure-domain.beta.kubernetes.io/zone + # tolerations: [] + # priorityClass: "" + # annotations: {} + # labels: {} + # podSecurityContext: {} + # containerSecurityContext: {} + # nodeSelector: {} + # livenessProbe: {} + # readinessProbe: {} + # runtimeClassName: image-rc + # sidecars: + # - image: busybox + # command: ["/bin/sh"] + # args: ["-c", "while true; do echo echo $(date -u) 'test' >> /dev/null; sleep 5;done"] + # name: rs-sidecar-1 + # volumeMounts: + # - mountPath: /volume1 + # name: sidecar-volume-claim + # sidecarPVCs: [] + # sidecarVolumes: [] + podDisruptionBudget: + maxUnavailable: 1 + resources: + limits: + cpu: "300m" + memory: "0.5G" + requests: + cpu: "300m" + memory: "0.5G" + expose: + enabled: false + type: ClusterIP + # loadBalancerIP: 10.0.0.0/8 + # loadBalancerSourceRanges: + # - 10.0.0.0/8 + # annotations: + # service.beta.kubernetes.io/aws-load-balancer-backend-protocol: http + # labels: + # some-label: some-key + # internalTrafficPolicy: Local + # nodePort: 32017 + # auditLog: + # destination: file + # format: BSON + # filter: '{}' + # hostAliases: + # - ip: "10.10.0.2" + # hostnames: + # - "host1" + # - "host2" + + # users: + # - name: my-user + # db: admin + # passwordSecretRef: + # name: my-user-password + # key: my-user-password-key + # roles: + # - name: clusterAdmin + # db: admin + # - name: userAdminAnyDatabase + # db: admin + # - name: my-usr + # db: admin + # passwordSecretRef: + # name: my-user-pwd + # key: my-user-pwd-key + # roles: + # - name: dbOwner + # db: sometest + + # roles: + # - role: myClusterwideAdmin + # db: admin + # privileges: + # - resource: + # cluster: true + # actions: + # - addShard + # - resource: + # db: config + # collection: '' + # actions: + # - find + # - update + # - insert + # - remove + # roles: + # - role: read + # db: admin + # - role: my-role + # db: myDb + # privileges: + # - resource: + # db: '' + # collection: '' + # actions: + # - find + # authenticationRestrictions: + # - clientSource: + # - 127.0.0.1 + # serverAddress: + # - 127.0.0.1 + + + backup: + enabled: false image: repository: percona/percona-backup-mongodb - tag: 2.4.1 + tag: 2.7.0-multi # annotations: # iam.amazonaws.com/role: role-arn # podSecurityContext: {} @@ -20,10 +679,10 @@ psmdb-db: # resources: # limits: # cpu: "300m" - # memory: "0.5G" + # memory: "1.2G" # requests: # cpu: "300m" - # memory: "0.5G" + # memory: "1G" storages: # s3-us-west: # type: s3 @@ -60,3 +719,64 @@ psmdb-db: # prefix: backups # endpointUrl: https://perconasa.blob.core.windows.net # credentialsSecret: perconasasecret + pitr: + enabled: false + oplogOnly: false + # oplogSpanMin: 10 + # compressionType: gzip + # compressionLevel: 6 + # configuration: + # backupOptions: + # priority: + # "localhost:28019": 2.5 + # "localhost:27018": 2.5 + # timeouts: + # startingStatus: 33 + # oplogSpanMin: 10 + # restoreOptions: + # batchSize: 500 + # numInsertionWorkers: 10 + # numDownloadWorkers: 4 + # maxDownloadBufferMb: 0 + # downloadChunkMb: 32 + # mongodLocation: /usr/bin/mongo + # mongodLocationMap: + # "node01:2017": /usr/bin/mongo + # "node03:27017": /usr/bin/mongo + tasks: + # - name: daily-s3-us-west + # enabled: true + # schedule: "0 0 * * *" + # keep: 3 + # storageName: s3-us-west + # compressionType: gzip + # - name: weekly-s3-us-west + # enabled: false + # schedule: "0 0 * * 0" + # keep: 5 + # storageName: s3-us-west + # compressionType: gzip + # - name: weekly-s3-us-west-physical + # enabled: false + # schedule: "0 5 * * 0" + # keep: 5 + # type: physical + # storageName: s3-us-west + # compressionType: gzip + # compressionLevel: 6 + + # If you set systemUsers here the secret will be constructed by helm with these values + # systemUsers: + # MONGODB_BACKUP_USER: backup + # MONGODB_BACKUP_PASSWORD: backup123456 + # MONGODB_DATABASE_ADMIN_USER: databaseAdmin + # MONGODB_DATABASE_ADMIN_PASSWORD: databaseAdmin123456 + # MONGODB_CLUSTER_ADMIN_USER: clusterAdmin + # MONGODB_CLUSTER_ADMIN_PASSWORD: clusterAdmin123456 + # MONGODB_CLUSTER_MONITOR_USER: clusterMonitor + # MONGODB_CLUSTER_MONITOR_PASSWORD: clusterMonitor123456 + # MONGODB_USER_ADMIN_USER: userAdmin + # MONGODB_USER_ADMIN_PASSWORD: userAdmin123456 + # PMM_SERVER_API_KEY: apikey + # # PMM_SERVER_USER: admin + # # PMM_SERVER_PASSWORD: admin