diff --git a/README.md b/README.md index d9930e05..dcf2bff6 100644 --- a/README.md +++ b/README.md @@ -19,7 +19,7 @@ helm repo add appuio https://charts.appuio.ch | [![chart downloads](https://img.shields.io/github/downloads/appuio/charts/data-cube-curation-0.3.1/total)](https://github.com/appuio/charts/releases/tag/data-cube-curation-0.3.1) | [data-cube-curation](appuio/data-cube-curation/README.md) | | [![chart downloads](https://img.shields.io/github/downloads/appuio/charts/exoip-1.0.4/total)](https://github.com/appuio/charts/releases/tag/exoip-1.0.4) | [exoip](appuio/exoip/README.md) | | [![chart downloads](https://img.shields.io/github/downloads/appuio/charts/generic-0.1.2/total)](https://github.com/appuio/charts/releases/tag/generic-0.1.2) | [generic](appuio/generic/README.md) | -| [![chart downloads](https://img.shields.io/github/downloads/appuio/charts/haproxy-2.3.1/total)](https://github.com/appuio/charts/releases/tag/haproxy-2.3.1) | [haproxy](appuio/haproxy/README.md) | +| [![chart downloads](https://img.shields.io/github/downloads/appuio/charts/haproxy-2.4.0/total)](https://github.com/appuio/charts/releases/tag/haproxy-2.4.0) | [haproxy](appuio/haproxy/README.md) | | [![chart downloads](https://img.shields.io/github/downloads/appuio/charts/mariadb-galera-1.2.4/total)](https://github.com/appuio/charts/releases/tag/mariadb-galera-1.2.4) | [mariadb-galera](appuio/mariadb-galera/README.md) | | [![chart downloads](https://img.shields.io/github/downloads/appuio/charts/maxscale-2.0.1/total)](https://github.com/appuio/charts/releases/tag/maxscale-2.0.1) | [maxscale](appuio/maxscale/README.md) | | [![chart downloads](https://img.shields.io/github/downloads/appuio/charts/metrics-server-2.12.1/total)](https://github.com/appuio/charts/releases/tag/metrics-server-2.12.1) | [metrics-server](appuio/metrics-server/README.md) | diff --git a/appuio/haproxy/Chart.yaml b/appuio/haproxy/Chart.yaml index ecda95f9..6e527fef 100644 --- a/appuio/haproxy/Chart.yaml +++ b/appuio/haproxy/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: 2.7.3 description: A Helm chart for HAProxy which can be customized by a config map. name: haproxy -version: 2.3.1 +version: 2.4.0 maintainers: - name: APPUiO Team email: info@appuio.ch diff --git a/appuio/haproxy/Dockerfile b/appuio/haproxy/Dockerfile new file mode 100644 index 00000000..9d7daf23 --- /dev/null +++ b/appuio/haproxy/Dockerfile @@ -0,0 +1,7 @@ +from haproxytech/haproxy-debian:2.8.3 + +RUN curl -o mysql.deb https://dev.mysql.com/get/mysql-apt-config_0.8.26-1_all.deb || exit 1 \ + dpkg -i mysql.deb || exit 1 ; \ + apt-get update || exit 1 ; \ + apt-get install -y default-mysql-client || exit 1 ; \ + rm -rf /var/lib/apt/lists/* mysql.deb ; \ No newline at end of file diff --git a/appuio/haproxy/README.md b/appuio/haproxy/README.md index 91285c7f..f04b742c 100644 --- a/appuio/haproxy/README.md +++ b/appuio/haproxy/README.md @@ -1,6 +1,6 @@ # haproxy -![Version: 2.3.1](https://img.shields.io/badge/Version-2.3.1-informational?style=flat-square) ![AppVersion: 2.7.3](https://img.shields.io/badge/AppVersion-2.7.3-informational?style=flat-square) +![Version: 2.4.0](https://img.shields.io/badge/Version-2.4.0-informational?style=flat-square) ![AppVersion: 2.7.3](https://img.shields.io/badge/AppVersion-2.7.3-informational?style=flat-square) A Helm chart for HAProxy which can be customized by a config map. diff --git a/appuio/haproxy/files/galera-check.sh b/appuio/haproxy/files/galera-check.sh new file mode 100644 index 00000000..8445fa02 --- /dev/null +++ b/appuio/haproxy/files/galera-check.sh @@ -0,0 +1,50 @@ +#!/bin/bash + +#==================================================================================================== +### This script is used to check the status of the Galera cluster by HAProxy +### Maintainer: https://github.com/wejdross +### It's sh/dash compatible, because it's used in a haproxy container and bash shell has serious issues to spawn +### logic is simple, it takes 4 parameters and check if they are equal to the expected value +### parameters are returned always in the same manner thanks to ORDER BY, if any of the parameters is not equal to the expected value, script will exit with 1 +#==================================================================================================== +export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +pass=$(/bin/cat /secrets/mariadb-root-password) + +if [ -z "$pass" ]; then + echo "Error: password is empty, please check mount and permission declared in haproxy deployment" + exit 1 +fi + +# sample return -> "WSREP_CLUSTER_STATUS Primary WSREP_CONNECTED ON WSREP_LOCAL_STATE 4 WSREP_READY ON" +return_val=$(/usr/bin/mysql -h $3 -u root -p"$pass" -e "SELECT VARIABLE_NAME, VARIABLE_VALUE FROM information_schema.global_status WHERE VARIABLE_NAME IN ('wsrep_cluster_status','wsrep_ready','wsrep_local_state','wsrep_connected') ORDER BY VARIABLE_NAME ASC;" -Ns) +if [ $? -ne 0 ]; then + exit 1 +else + to_check=$(echo $return_val | cut -d' ' -f2) + + if [ $to_check != "Primary" ]; then + echo "Error: WSREP_CLUSTER_STATUS is not 'Primary' it's: $to_check" + exit 1 + fi + + to_check=$(echo $return_val | cut -d' ' -f4) + + if [ $to_check != "ON" ]; then + echo "Error: WSREP_CONNECTED is not 'ON' it's: $to_check" + exit 1 + fi + + to_check=$(echo $return_val | cut -d' ' -f6) + + if [ $to_check != 4 ]; then + echo "Error: WSREP_LOCAL_STATE is not '4' it's: $to_check" + exit 1 + fi + + to_check=$(echo $return_val | cut -d' ' -f8) + if [ $to_check != "ON" ]; then + echo "Error: WSREP_READY is not 'ON' it's: $to_check" + exit 1 + fi +fi +exit 0 diff --git a/appuio/haproxy/templates/configmap-galera-checkscript.yaml b/appuio/haproxy/templates/configmap-galera-checkscript.yaml new file mode 100644 index 00000000..d56d4f13 --- /dev/null +++ b/appuio/haproxy/templates/configmap-galera-checkscript.yaml @@ -0,0 +1,17 @@ +{{- if or (eq .Values.haproxy.config "galera") (eq .Values.haproxy.config "galerak8s") }} + +kind: ConfigMap +apiVersion: v1 +metadata: + labels: + app.kubernetes.io/name: {{ include "haproxy.name" . }} + helm.sh/chart: {{ include "haproxy.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + name: haproxy-script +data: + script.sh: |- + {{ range .Files.Lines "files/galera-check.sh" }} + {{ . | indent 2 }} + {{- end}} +{{- end}} \ No newline at end of file diff --git a/appuio/haproxy/templates/configmap-galera.yaml b/appuio/haproxy/templates/configmap-galera.yaml index d4f779eb..3d95bc42 100644 --- a/appuio/haproxy/templates/configmap-galera.yaml +++ b/appuio/haproxy/templates/configmap-galera.yaml @@ -12,6 +12,8 @@ metadata: data: haproxy.cfg: | global + external-check # required for mysql-check + insecure-fork-wanted # required for mysql-check log stdout format raw local0 {{- include "haproxy.resolversConfig" . | nindent 4 }} @@ -37,6 +39,8 @@ data: backend galera-nodes mode tcp option srvtcpka + option external-check + external-check command /var/lib/haproxy/script.sh balance {{ $galera.balance }} {{ if and $galera.check.enabled $galera.check.mysql.enabled }}option mysql-check user {{ $galera.check.mysql.user }}{{ end }} default-server init-addr none {{ if $galera.check.enabled }}check {{ end }}resolvers mydns diff --git a/appuio/haproxy/templates/configmap-galerak8s.yaml b/appuio/haproxy/templates/configmap-galerak8s.yaml index 32285505..557bb1fb 100644 --- a/appuio/haproxy/templates/configmap-galerak8s.yaml +++ b/appuio/haproxy/templates/configmap-galerak8s.yaml @@ -13,6 +13,8 @@ data: haproxy.cfg: | global log stdout format raw local0 + external-check # required for mysql-check + insecure-fork-wanted # required for mysql-check {{- include "haproxy.resolversConfig" . | nindent 4 }} defaults @@ -37,6 +39,8 @@ data: backend galera-nodes mode tcp option srvtcpka + option external-check + external-check command /var/lib/haproxy/script.sh balance {{ $galera.balance }} {{ if and $galera.check.enabled $galera.check.mysql.enabled }}option mysql-check user {{ $galera.check.mysql.user }}{{ end }} diff --git a/appuio/haproxy/templates/deployment.yaml b/appuio/haproxy/templates/deployment.yaml index f7998cca..dc2250c6 100644 --- a/appuio/haproxy/templates/deployment.yaml +++ b/appuio/haproxy/templates/deployment.yaml @@ -71,6 +71,12 @@ spec: volumeMounts: - name: haproxy-config mountPath: /etc/haproxy/ + {{- if or (eq .Values.haproxy.config "galera") (eq .Values.haproxy.config "galerak8s") }} + - mountPath: /var/lib/haproxy + name: haproxy-script + - mountPath: /secrets + name: mariadb-creds + {{ end }} {{- if .Values.sidecarContainers }} {{ tpl (toYaml .Values.sidecarContainers) . | indent 8 }} {{- end }} @@ -78,6 +84,17 @@ spec: - name: haproxy-config configMap: name: "{{ include "haproxy.fullname" . }}-{{ .Values.haproxy.config }}" + {{- if or (eq .Values.haproxy.config "galera") (eq .Values.haproxy.config "galerak8s") }} + - name: haproxy-script + configMap: + # it's 0555 read+execute permissions + defaultMode: 365 + name: haproxy-script + - name: mariadb-creds + secret: + secretName: mariadb + defaultMode: 420 + {{ end }} {{- with .Values.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} diff --git a/appuio/haproxy/values.yaml b/appuio/haproxy/values.yaml index c2e4218c..35b996e6 100644 --- a/appuio/haproxy/values.yaml +++ b/appuio/haproxy/values.yaml @@ -1,9 +1,9 @@ replicaCount: 1 image: - registry: docker.io - repository: haproxytech/haproxy-debian - tag: 2.7.3 + registry: ghcr.io + repository: vshn/haproxy-with-mysql + tag: 1.0.0 pullPolicy: IfNotPresent ingress: