Skip to content

Latest commit

 

History

History
164 lines (118 loc) · 6.71 KB

HELM.md

File metadata and controls

164 lines (118 loc) · 6.71 KB

Helm

Note

This documentation applies to mariadb-operator version >= v0.0.32

Helm is the preferred way to install mariadb-operator in vanilla Kubernetes clusters (i.e. not OpenShift). This doc aims to provide guidance on how to manage the installation and upgrades of both the CRDs and the operator via Helm charts.

Table of contents

Charts

The installation of mariadb-operator is splitted into two different helm charts for better convenience:

Control-plane

The mariadb-operator is an extension of the Kubernetes control-plane, consisting of the following components that are deployed by Helm:

  • operator: The mariadb-operator itself that performs the CRD reconciliation.
  • webhook: The Kubernetes control-plane delegates CRD validations to this HTTP server. Kubernetes requires TLS to communicate with the webhook server.
  • cert-controller: Provisions TLS certificates for the webhook. You can see it as a minimal cert-manager that is intended to work only with the webhook. It is optional and can be replaced by cert-manager.

Installing CRDs

Helm has certain limitations when it comes to manage CRDs. To address this, we are providing the CRDs in a separate chart, as recommended by the official Helm documentation. This allows us to manage the installation and updates of the CRDs independently from the operator. For example, you can uninstall the operator without impacting your existing MariaDB CRDs.

CRDs can be installed in your cluster by running the following commands

helm repo add mariadb-operator https://helm.mariadb.com/mariadb-operator
helm install mariadb-operator-crds mariadb-operator/mariadb-operator-crds

Installing the operator

Once the CRDs are available in the cluster, you can proceed to install the operator:

helm repo add mariadb-operator https://helm.mariadb.com/mariadb-operator
helm install mariadb-operator mariadb-operator/mariadb-operator

If you have the prometheus operator and cert-manager already installed in your cluster, it is recommended to leverage them to scrape the operator metrics and provision the webhook certificate respectively:

helm repo add mariadb-operator https://helm.mariadb.com/mariadb-operator
helm install mariadb-operator mariadb-operator/mariadb-operator \
  --set metrics.enabled=true --set webhook.cert.certManager.enabled=true

Refer to the helm chart README for detailed information about all the supported helm values.

Deployment modes

Deployments are highly configurable via the helm values. In particular the following deployment modes are supported:

Cluster-wide

The operator watches CRDs in all namespaces and requires cluster-wide RBAC permissions to operate. This is the default deployment mode, enabled through the default configuration values:

helm repo add mariadb-operator https://helm.mariadb.com/mariadb-operator
helm install mariadb-operator mariadb-operator/mariadb-operator

Single namespace

By setting currentNamespaceOnly=true, the operator will only watch CRDs within the namespace it is deployed in, and the RBAC permissions will be restricted to that namespace as well:

helm repo add mariadb-operator https://helm.mariadb.com/mariadb-operator
helm install mariadb-operator \
  -n databases --create-namespace \
  --set currentNamespaceOnly=true \
  mariadb-operator/mariadb-operator

Updates

Important

Make sure you read and understand the updates documentation before proceeding to update the operator.

The first step to perform an operator update is upgrading the CRDs:

helm repo update mariadb-operator
helm upgrade --install mariadb-operator-crds \
  --version <new-version> \
  mariadb-operator/mariadb-operator-crds

Once updated, you may proceed to upgrade the operator:

helm repo update mariadb-operator
helm upgrade --install mariadb-operator \
  --version <new-version> \
  mariadb-operator/mariadb-operator

Whenever a new version of the mariadb-operator is released, an upgrade guide is linked in the release notes if additional upgrade steps are required. Be sure to review the release notes and follow the version-specific upgrade guides accordingly.

High availability

The operator can run in high availability mode to ensure that your CRs get reconciled even if the node where the operator runs goes down. For achieving this you need:

  • Multiple replicas
  • Configure Pod anti-affinity
  • Configure PodDisruptionBudgets

You can achieve this by providing the following values to the helm chart:

ha:
  enabled: true
  replicas: 3

affinity:
  podAntiAffinity:
    requiredDuringSchedulingIgnoredDuringExecution:
    - labelSelector:
        matchExpressions:
        - key: app.kubernetes.io/name
          operator: In
          values:
          - mariadb-operator
        - key: app.kubernetes.io/instance
          operator: In
          values:
          - mariadb-operator
      topologyKey: kubernetes.io/hostname

pdb:
  enabled: true
  maxUnavailable: 1

Uninstalling

Caution

Uninstalling the mariadb-operator-crds Helm chart will remove the CRDs and their associated resources, resulting in downtime.

First, uninstall the mariadb-operator Helm chart. This action will not delete your CRDs, so your operands (i.e. MariaDB and MaxScale) will continue to run without the operator's reconciliation.

helm uninstall mariadb-operator

At this point, if you also want to delete CRDs and the operands running in your cluster, you may proceed to uninstall the mariadb-operator-crds Helm chart:

helm uninstall mariadb-operator-crds