Sunday, May 9, 2021

Recent Questions - Server Fault

Recent Questions - Server Fault

Recent Questions - Server Fault

Ubuntu Server etc/apt/sources.list (URI parse)

Posted: 09 May 2021 09:28 PM PDT

E: Malformed entry 3 in list file etc/apt/sources.list (URI parse)

I don't know which one the malformed entry points to. Can anybody help me with that?

https://i.stack.imgur.com/WEkQZ.png

The sources.list file

How to pass a different sets of variables for each iteration of loop in an Ansible task

Posted: 09 May 2021 08:09 PM PDT

I have an Ansible task which loops through a list and for each item in the list runs a role, using include_role. For each iteration of loop I want to pass a different set of variables. Currently, I am trying to do this by creating the list as a list of dictionaries which can be specified using --extra-vars at runtime.

For example, I have task:

- name: Run the test role    include_role:      name: test_role    loop: '{{ input_list }}'

And the input_list:

input_list:    - var1: foo      var2: bar      var3: baz    - var1: hello      var3: world

But at this point how would I go about passing the current set of variables to the role? I initially tried defining each variable separately:

- name: Run the test role    include_role:      name: test_role    vars:      var1: '{{ item.var1 }}'        var2: '{{ item.var2 }}'        var3: '{{ item.var3 }}'      loop: '{{ input_list }}'

This works, but if one variable is missing from the input_list (i.e. should fall back to default value specified in the role defaults or at the start of the playbook for that variable) the play will fail. So I tried using Jinja2's default filter:

- name: Run the test role    include_role:      name: test_role    vars:      var1: '{{ item.var1 | default('foo') }}'        var2: '{{ item.var2 | default('bar') }}'        var3: '{{ item.var3 | default('baz') }}'      loop: '{{ input_list }}'

Again, this works, but it is a bit messy as every variable needs to be defined, and it doesn't use the default values from the role. Is there a better way of doing something like this?

I'm looking for a way to configure distance clustering of postfix and dovecot

Posted: 09 May 2021 03:51 PM PDT

I currently have a postfix server and dovecot server sharing files from an NFS server in the UK and the same config in Switzerland. I tried to mailsync but that appeared to lose emails, so then I tried doveadm replication but keeps coredumping and duplicating emails.

I've seen suggestions of using glusterfs and keepalived to manage virtual IPs, but this won't cut the mustard if the servers are on different subnets due to country.

Using keepalived to manage a virtual IP on the local LAN that switches between physical server and port-forward over the WAN, doesn't resolve the issue of split-brain.

Whilst the network is up, I think postfix file locking would be able to manage both postfix servers trying to access the same glusterfs, but what bothers me is split-brain when the network between servers is down, but local in-country networks are up.

Solution 1

Could it work to used DRBD to sync the filesystems from UK to Switzerland, and mail relay postfix from Switzerland to the master in UK, HAproxy redirecting dovecot to UK.

In scenario 1 "split-brain": emails that arrive in Switzerland are queued, and IMAP fails so the user manually reconnects to the current master server in UK.

In scenario 2 "UK postfix server crash", the Swiss server could be promoted to DRBD master, Swiss postfix stops relaying to UK, and HAproxy stops redirecting dovecot to the UK, the UK postfix would be configured upon repair to relay to Switzerland, and UK dovecot get HAproxy to Switzerland.

Does this sound a sensible solution? Or is there a better way, that doesn't get excessively complicated?

Zyxel ATP800: static IP addresses can not access internet

Posted: 09 May 2021 03:36 PM PDT

I install a WiFi device in a company using a Zyxel ATP800 as default (and only) router.

LAN = 192.168.0.0/24
Zyxel = 192.168.0.254
DHCP range = .100 to .199
Free IPs = .50 to .99

If the WiFi device use DHCP, everything is fine.
If the WiFi device has a static IP address, say 192.168.0.50, it can access the internal network, but not internet. It can not even ping the Zyxel.

I tested with my Windows laptop on WiFi and wired Ethernet: same problem.
I tested with a Debian Raspberry Pi on wired Ethernet: same problem.
I tested with a free IP address from the DHCP range: same problem.

I have the admin password of the Zyxel, but I see nothing blatant among the ton of parameters.

Anyone has an idea about the source of this behaviour?

Getting error while connecting with other nodes in cluster

Posted: 09 May 2021 03:10 PM PDT

I create Galera cluster for mysql 8, when i'm restarting the nodes it is connecting in the cluster but after few seconds its getting disconnected. Please help me to fix this issue. Please see the logs-

2021-05-09T19:29:47.376651Z 0 [System] [MY-010116] [Server] /usr/sbin/mysqld (mysqld 8.0.23-26.6) starting as process 4361        2021-05-09T19:29:47.392229Z 0 [Warning] [MY-000000] [WSREP] P: access file(/var/lib/mysql//gvwstate.dat) failed(No such file or directory)            2021-05-09T19:30:17.947192Z 0 [ERROR] [MY-000000] [WSREP] P: failed to open gcomm backend connection: 110: failed to reach primary view: 110 (Connection timed out)            at /home/galera/galera-4-26.4.8+1focal/gcomm/src/pc.cpp:connect():160            2021-05-09T19:30:17.947399Z 0 [ERROR] [MY-000000] [WSREP] P: /home/galera/galera-4-26.4.8+1focal/gcs/src/gcs_core.cpp:gcs_core_open():219: Failed to open backend connection: -110 (Connection timed out)            2021-05-09T19:30:17.948105Z 0 [ERROR] [MY-000000] [WSREP] P: /home/galera/galera-4-26.4.8+1focal/gcs/src/gcs.cpp:gcs_open():1631: Failed to open channel 'galera4' at 'gcomm://192.168.1.4,192.168.1.5,192.168.1.6': -110 (Connection timed out)            2021-05-09T19:30:17.948139Z 0 [ERROR] [MY-000000] [WSREP] P: gcs connect failed: Connection timed out            2021-05-09T19:30:17.949193Z 0 [ERROR] [MY-000000] [WSREP] wsrep::connect(gcomm://192.168.1.4,192.168.1.5,192.168.1.6) failed: 7            2021-05-09T19:30:17.949217Z 0 [ERROR] [MY-010119] [Server] Aborting            2021-05-09T19:30:17.967785Z 0 [System] [MY-010910] [Server] /usr/sbin/mysqld: Shutdown complete (mysqld 8.0.23-26.6) MySQL Wsrep Server - GPL.

Please help me to fix this.

PHP Ajax response sending new line in return data from server

Posted: 09 May 2021 06:09 PM PDT

I work with an open source package call OpenEMR https://github.com/openemr/openemr/.

I am having a problem with the ACL display screen. It displays this error message. ERROR, unable to collect data from server

This is a link to the code in reference. https://github.com/openemr/openemr/blob/2e1087e3c371ee08268cd1e7777c6a76b10e7cfa/interface/usergroup/adminacl.php#L214

I have set traps on the server. The server is send/echoing out the XML. I have captured the XML in a file on the server. So, I know that server side is processing the request and sending a response.

//PROCESS USERNAME REQUESTS  if ($_POST["control"] == "username") {    if ($_POST["action"] == "list") {       //return username list with alert if user is not joined to group        echo username_listings_xml($error);     }  }

https://github.com/openemr/openemr/blob/2e1087e3c371ee08268cd1e7777c6a76b10e7cfa/library/ajax/adminacl_ajax.php#L51

The server is on AWS and is Ubuntu 20.04. PHP 7.4 Apache 2.x.

So, I was digging into the system so more and what I found is that the response from the server has a blank line inserted into the response.

I found this by looking at the browser XHR.

XHR report

So, what can be causing the blank line to appear in the response. The browsers receives the blank line first and stops because it thinks the response is empty.

I checked the file where the content is being echoed from and there is not a closing ?> tag. I tested the system by file_put_contents into a file and the blank line is not there. I believe this to be a server level issue. Until I can prove different.

kubernetes mariadb-galera cluster - bitnami helm chart - Readiness probe failed

Posted: 09 May 2021 03:08 PM PDT

I am trying to setup a mariadb-galera cluster through the bitnami helm chart in my kubernetes cluster (1 master, 3 nodes). I have modified the myvalues.yaml to include an existingClaim: dbstorage and the storageClass: "nfs-storage". The image repository is 10.5.9-debian-10-r52, I added a root password and outcommented the accessModes: as well as the size as that was defined in the existing persistence volume claim. I did not define anything in the section db: and left that as the defaults. I also did not define anything under the galera.mariabackup section like password and left the defaults.

As soon as I run the helm chart with helm install helm install mariadb-galera-cluster -f mariadb-galera.values.yaml bitnami/mariadb-galera --namespace database and describe the pod I get the error message

Readiness probe failed: mysqladmin: connect to server at 'localhost' failed error: 'Can't connect to local MySQL server through socket '/opt/bitnami/mariadb/tmp/mysql.sock' (2)'   Check that mysqld is running and that the socket: '/opt/bitnami/mariadb/tmp/mysql.sock' exists!

When checking the container for that mysql.sock it is true, that it is not available in that location.

I am using a NFS provisioner to provision the persistent storage which works fine. On my nfs server I can see the directory being created and data being stored in it. It is a NFS3 directory that is used by the container.

When I access the container and try to run the scrips "run.sh" or "entrypoint.sh" in the folder /opt/bitnami/scripts/mariadb-galera I am getting an error The mariadb configuration file '/opt/bitnami/mariadb/conf/my.cnf' is not writable or does not exist. Configurations based on environment variables will not be applied for this file. but the file is right in the folder where it should be. All components, like the stateful set are created and started properly as I can tell just the container, in my case it was obviously called mariadb-galera-cluster-0, is not finishing starting up because of the socket it can't find.

Version of Helm:

version.BuildInfo{Version:"v3.5.4", GitCommit:"1b5edb69df3d3a08df77c9902dc17af864ff05d1", GitTreeState:"clean", GoVersion:"go1.15.11"}

Version of Kubernetes

Client Version: version.Info{Major:"1", Minor:"21", GitVersion:"v1.21.0", GitCommit:"cb303e613a121a29364f75cc67d3d580833a7479", GitTreeState:"clean", BuildDate:"2021-04-08T16:31:21Z", GoVersion:"go1.16.1", Compiler:"gc", Platform:"linux/amd64"}    Server Version: version.Info{Major:"1", Minor:"21", GitVersion:"v1.21.0", GitCommit:"cb303e613a121a29364f75cc67d3d580833a7479", GitTreeState:"clean", BuildDate:"2021-04-08T16:25:06Z", GoVersion:"go1.16.1", Compiler:"gc", Platform:"linux/amd64"}

version of the values.yaml file

## Please, note that this will override the image parameters, including dependencies, configured to use the global v$  ## Current available global Docker image parameters: imageRegistry and imagePullSecrets  ##  # global:  #   imageRegistry: myRegistryName  #   imagePullSecrets:  #     - myRegistryKeySecretName  #   storageClass: myStorageClass    ## Bitnami MariaDB Galera image  ## ref: https://hub.docker.com/r/bitnami/mariadb-galera/tags/  ##  image:    registry: docker.io    repository: bitnami/mariadb-galera    tag: 10.5.9-debian-10-r52    ## Specify a imagePullPolicy    ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'    ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images    ##    pullPolicy: IfNotPresent    ## Optionally specify an array of imagePullSecrets.    ## Secrets must be manually created in the namespace.    ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/    ##    # pullSecrets:    #   - myRegistryKeySecretName      ## Set to true if you would like to see extra information on logs    ##    debug: false    ## String to partially override common.names.fullname template (will maintain the release name)  ##  # nameOverride:    ## String to fully override common.names.fullname template  ##  # fullnameOverride:    ## Use an alternate scheduler, e.g. "stork".  ## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/  ##  # schedulerName:    ## Specifies the Kubernetes Cluster's Domain Name.  ##  clusterDomain: cluster.local    ## StatefulSet controller supports relax its ordering guarantees while preserving its uniqueness and identity guaran$  ## ref: https://kubernetes.io/docs/tutorials/stateful-application/basic-stateful-set/#pod-management-policy  ##  podManagementPolicy: OrderedReady    ## Deployment pod host aliases  ## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/  hostAliases: []    ## MariaDB Gallera K8s svc properties  ##  service:    ## Kubernetes service type and port number    ##    type: ClusterIP    port: 3306    # clusterIP: None      ## Specify the nodePort value for the LoadBalancer and NodePort service types.    ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport    ##    # nodePort: 30001      ## Specify the externalIP value ClusterIP service type.    ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#external-ips    ##    # externalIPs: []      ## Set the LoadBalancer service type to internal only.    ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer    ##    # loadBalancerIP:      ## Load Balancer sources    ## https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-$    ##    # loadBalancerSourceRanges:    # - 10.10.10.0/24      ## Provide any additional annotations which may be required. This can be used to    ## set the LoadBalancer service type to internal only.    ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer    ##    annotations: {}      ## Headless service properties    ##    headless:      ## Additional annotations for headless service.      ## Can be useful in case peer-finder is used in a sidecar,      ## e.g.: service.alpha.kubernetes.io/tolerate-unready-endpoints="true"      ##      annotations: {}    ## Pods Service Account  ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/  ##  serviceAccount:    ## Specifies whether a ServiceAccount should be created    ##    create: false    ## The name of the ServiceAccount to use.    ## If not set and create is true, a name is generated using the common.names.fullname template    ##    name: ""    ## An array to add extra environment variables  ## For example:  ## extraEnvVars:  ##  - name: TZ  ##    value: "Europe/Paris"  ##  extraEnvVars:    ## ConfigMap with extra env vars:  ##  extraEnvVarsCM:    ## Secret with extra env vars:  ##  extraEnvVarsSecret:    ## Role Based Access  ## Ref: https://kubernetes.io/docs/admin/authorization/rbac/  ##  rbac:    ## Specifies whether RBAC rules should be created    ##    create: false    ## Pod Security Context  ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/  ##  securityContext:    enabled: true    fsGroup: 1001    runAsUser: 1001    ## Database credentials for root (admin) user  ##  rootUser:    ## MariaDB admin user    ##    user: root    ## MariaDB admin password    ## Password is ignored if existingSecret is specified.    ## ref: https://github.com/bitnami/bitnami-docker-mariadb-galera#setting-the-root-password-on-first-run    ##    password: "ObviouslyIChangedThis"    ## Option to force users to specify a password. That is required for 'helm upgrade' to work properly.    ## If it is not force, a random password will be generated.    ##    forcePassword: false    ## Use existing secret (ignores rootUser.password, db.password, and galera.mariabackup.password)  ##  # existingSecret:    ## Custom db configuration  ##  db:    ## MariaDB username and password    ## Password is ignored if existingSecret is specified.    ## ref: https://github.com/bitnami/bitnami-docker-mariadb-galera#creating-a-database-user-on-first-run    ##    user: ""    password: ""    ## Database to create    ## ref: https://github.com/bitnami/bitnami-docker-mariadb-galera#creating-a-database-on-first-run    ##    name: my_database    ## Option to force users to specify a password. That is required for 'helm upgrade' to work properly.    ## If it is not force, a random password will be generated.    ##    forcePassword: false    ## Galera configuration  ##  galera:    ## Galera cluster name    ##    name: galera      ## Bootstraping options    ## ref: https://github.com/bitnami/bitnami-docker-mariadb-galera#bootstraping    ##    bootstrap:      ## Node to bootstrap from, you will need to change this parameter in case you want to bootstrap from other node      ##      bootstrapFromNode:      ## Force safe_to_bootstrap in grastate.date file.      ## This will set safe_to_bootstrap=1 in the node indicated by bootstrapFromNode.      ##      forceSafeToBootstrap: false      ## Credentials to perform backups    ##    mariabackup:      ## MariaBackup username and password      ## Password is ignored if existingSecret is specified.      ## ref: https://github.com/bitnami/bitnami-docker-mariadb-galera#setting-up-a-multi-master-cluster      ##      user: mariabackup      password: ""      ## Option to force users to specify a password. That is required for 'helm upgrade' to work properly.      ## If it is not force, a random password will be generated.      ##      forcePassword: false    ## LDAP configuration  ##  ldap:    ## Enable LDAP support    ##    enabled: false    uri: ""    base: ""    binddn: ""    bindpw: ""    bslookup:    filter:    map:    nss_initgroups_ignoreusers: root,nslcd    scope:    tls_reqcert:    ## TLS configuration  ##  tls:    ## Enable TLS    ##    enabled: false    ## Name of the secret that contains the certificates    ##    # certificatesSecret:    ## Certificate filename    ##    # certFilename:    ## Certificate Key filename    ##    # certKeyFilename:    ## CA Certificate filename    ##    # certCAFilename:    ## Configure MariaDB with a custom my.cnf file  ## ref: https://mysql.com/kb/en/mysql/configuring-mysql-with-mycnf/#example-of-configuration-file  ## Alternatively, you can put your my.cnf under the files/ directory  mariadbConfiguration: |-    [client]    port=3306    socket=/opt/bitnami/mariadb/tmp/mysql.sock    plugin_dir=/opt/bitnami/mariadb/plugin    [mysqld]    default_storage_engine=InnoDB    basedir=/opt/bitnami/mariadb    datadir=/bitnami/mariadb/data    plugin_dir=/opt/bitnami/mariadb/plugin    tmpdir=/opt/bitnami/mariadb/tmp    socket=/opt/bitnami/mariadb/tmp/mysql.sock    pid_file=/opt/bitnami/mariadb/tmp/mysqld.pid    bind_address=0.0.0.0    ## Character set    ##    collation_server=utf8_unicode_ci    init_connect='SET NAMES utf8'    character_set_server=utf8    ## MyISAM    ##    key_buffer_size=32M    myisam_recover_options=FORCE,BACKUP    ## Safety    ##    skip_host_cache    skip_name_resolve    max_allowed_packet=16M    max_connect_errors=1000000    sql_mode=STRICT_TRANS_TABLES,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_AUTO_VALUE_ON_ZERO,NO_ENGINE_SUBSTI$    sysdate_is_now=1    ## Binary Logging    ##    log_bin=mysql-bin    expire_logs_days=14    # Disabling for performance per http://severalnines.com/blog/9-tips-going-production-galera-cluster-mysql    sync_binlog=0    # Required for Galera    binlog_format=row    ## Caches and Limits    ##    tmp_table_size=32M    max_heap_table_size=32M    # Re-enabling as now works with Maria 10.1.2    query_cache_type=1    query_cache_limit=4M    query_cache_size=256M    max_connections=500    thread_cache_size=50    open_files_limit=65535    table_definition_cache=4096    table_open_cache=4096    ## InnoDB    ##    innodb=FORCE    innodb_strict_mode=1    # Mandatory per https://github.com/codership/documentation/issues/25    innodb_autoinc_lock_mode=2    # Per https://www.percona.com/blog/2006/08/04/innodb-double-write/    innodb_doublewrite=1    innodb_flush_method=O_DIRECT    innodb_log_files_in_group=2    innodb_log_file_size=128M    innodb_flush_log_at_trx_commit=1    innodb_file_per_table=1    # 80% Memory is default reco.    # Need to re-evaluate when DB size grows    innodb_buffer_pool_size=2G    innodb_file_format=Barracuda    ## Logging    ##    log_error=/opt/bitnami/mariadb/logs/mysqld.log    slow_query_log_file=/opt/bitnami/mariadb/logs/mysqld.log    log_queries_not_using_indexes=1    slow_query_log=1    ## SSL    ## Use extraVolumes and extraVolumeMounts to mount /certs filesystem    # ssl_ca=/certs/ca.pem    # ssl_cert=/certs/server-cert.pem    # ssl_key=/certs/server-key.pem    [galera]    wsrep_on=ON    wsrep_provider=/opt/bitnami/mariadb/lib/libgalera_smm.so    wsrep_sst_method=mariabackup    wsrep_slave_threads=4    wsrep_cluster_address=gcomm://    wsrep_cluster_name=galera    wsrep_sst_auth="root:"    # Enabled for performance per https://mariadb.com/kb/en/innodb-system-variables/#innodb_flush_log_at_trx_commit    innodb_flush_log_at_trx_commit=2    # MYISAM REPLICATION SUPPORT #    wsrep_replicate_myisam=ON    [mariadb]    plugin_load_add=auth_pam    ## Data-at-Rest Encryption    ## Use extraVolumes and extraVolumeMounts to mount /encryption filesystem    # plugin_load_add=file_key_management    # file_key_management_filename=/encryption/keyfile.enc    # file_key_management_filekey=FILE:/encryption/keyfile.key    # file_key_management_encryption_algorithm=AES_CTR    # encrypt_binlog=ON    # encrypt_tmp_files=ON    ## InnoDB/XtraDB Encryption    # innodb_encrypt_tables=ON    # innodb_encrypt_temporary_tables=ON    # innodb_encrypt_log=ON    # innodb_encryption_threads=4    # innodb_encryption_rotate_key_age=1    ## Aria Encryption    # aria_encrypt_tables=ON    # encrypt_tmp_disk_tables=ON  ## ConfigMap with MariaDB configuration  ## NOTE: This will override mariadbConfiguration  ##  # configurationConfigMap:    ## Specify dictionary of scripts to be run at first boot  ## Alternatively, you can put your scripts under the files/docker-entrypoint-initdb.d directory  ##  # initdbScripts:  #   my_init_script.sh: |  #      #!/bin/sh  #      echo "Do something."    ## ConfigMap with scripts to be run at first boot  ## Note: This will override initdbScripts  ##  # initdbScriptsConfigMap:    ## MariaDB additional command line flags  ## Can be used to specify command line flags, for example:  ##  ## extraFlags: "--max-connect-errors=1000 --max_connections=155"  ##    ## Desired number of cluster nodes  ##  replicaCount: 3    ## updateStrategy for MariaDB Master StatefulSet  ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies  ##  updateStrategy:    type: RollingUpdate    ## Additional labels for MariaDB Galera pods  ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/  ##  podLabels: {}    ## Additional annotations for MariaDB Galera pods  ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/  ##  podAnnotations: {}    ## Pod affinity preset  ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity  ## Allowed values: soft, hard  ##  podAffinityPreset: ""    ## Pod anti-affinity preset  ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity  ## Allowed values: soft, hard  ##  podAntiAffinityPreset: soft    ## Node affinity preset  ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity  ## Allowed values: soft, hard  ##  nodeAffinityPreset:    ## Node affinity type    ## Node affinity type    ## Allowed values: soft, hard    ##    type: ""    ## Node label key to match    ## E.g.    ## key: "kubernetes.io/e2e-az-name"    ##    key: ""    ## Node label values to match    ## E.g.    ## values:    ##   - e2e-az1    ##   - e2e-az2    ##    values: []    ## Affinity for pod assignment. Evaluated as a template.  ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity  ## Note: podAffinityPreset, podAntiAffinityPreset, and nodeAffinityPreset will be ignored when it's set  ##  affinity: {}    ## Node labels for pod assignment. Evaluated as a template.  ## ref: https://kubernetes.io/docs/user-guide/node-selection/  ##  nodeSelector: {}    ## Tolerations for pod assignment. Evaluated as a template.  ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/  tolerations: []    ## Enable persistence using Persistent Volume Claims  ## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/  ##  persistence:    ## If true, use a Persistent Volume Claim, If false, use emptyDir    ##    enabled: true    # Enable persistence using an existing PVC    existingClaim: dbstorage    # Subdirectory of the volume to mount    # subPath:    mountPath: /bitnami/mariadb    ## selector can be used to match an existing PersistentVolume    ## selector:    ##   matchLabels:    ##     app: my-app    ##    selector: {}    ## Persistent Volume Storage Class    ## If defined, storageClassName: <storageClass>    ## If set to "-", storageClassName: "", which disables dynamic provisioning    ## If undefined (the default) or set to null, no storageClassName spec is    ##   set, choosing the default provisioner.  (gp2 on AWS, standard on    ##   GKE, AWS & OpenStack)    ##    storageClass: "nfs-storage"    ## Persistent Volume Claim annotations    ##    annotations:    ## Persistent Volume Access Mode    ##    #accessModes:    #  - ReadWriteOnce    ## Persistent Volume size    ##    #size: 8Gi    ## Priority Class Name  #  # priorityClassName: 'priorityClass'    ## Additional init containers  ##  extraInitContainers: []  # - name: do-something  #   image: bitnami/minideb  #   command: ['do', 'something']    ## Additional containers  ##  extraContainers: []    ## extraVolumes and extraVolumeMounts allows you to mount other volumes  ## Example Use Cases:  ##  mount certificates to enable data-in-transit encryption  ##  mount keys for data-at-rest encryption using file plugin  # extraVolumes:  # - name: mariadb-certs  #   secret:  #     defaultMode: 288  #     secretName: mariadb-certs  # - name: mariadb-encryption  #   secret:  #     defaultMode: 288  #     secretName: mariadb-encryption  # extraVolumeMounts:  # - name: mariadb-certs  #   mountPath: /certs  #   readOnly: true  # - name: mariadb-encryption  #   mountPath: /encryption  #   readOnly: true    ## MariaDB Galera containers' resource requests and limits  ## ref: http://kubernetes.io/docs/user-guide/compute-resources/  ##  resources:    # We usually recommend not to specify default resources and to leave this as a conscious    # choice for the user. This also increases chances charts run on environments with little    # resources, such as Minikube. If you do want to specify resources, uncomment the following    # lines, adjust them as necessary, and remove the curly braces after 'resources:'.    limits: {}    #   cpu: 0.5    #   memory: 256Mi    requests: {}    #   cpu: 0.5    #   memory: 256Mi    ## MariaDB Galera containers' liveness and readiness probes  ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes  ##  livenessProbe:    enabled: true    ## Initializing the database could take some time    ##    initialDelaySeconds: 120    periodSeconds: 10    timeoutSeconds: 1    successThreshold: 1    failureThreshold: 3  readinessProbe:    enabled: true    initialDelaySeconds: 30    periodSeconds: 10    timeoutSeconds: 1    successThreshold: 1    failureThreshold: 3  startupProbe:    enabled: false    ## Initializing the database could take some time    ##    initialDelaySeconds: 120    periodSeconds: 10    timeoutSeconds: 1    successThreshold: 1    ## Let's wait 600 seconds by default, it should give enough time in any cluster for mysql to init    ##    failureThreshold: 48    ## Pod disruption budget configuration  ##  podDisruptionBudget:    ## Specifies whether a Pod disruption budget should be created    ##    create: false    minAvailable: 1    # maxUnavailable: 1    ## Prometheus exporter configuration  ##  metrics:    enabled: false    ## Bitnami MySQL Prometheus exporter image    ## ref: https://hub.docker.com/r/bitnami/mysqld-exporter/tags/    ##    image:      registry: docker.io      repository: bitnami/mysqld-exporter      tag: 0.12.1-debian-10-r416      pullPolicy: IfNotPresent      ## Optionally specify an array of imagePullSecrets.      ## Secrets must be manually created in the namespace.      ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/      ##      # pullSecrets:      #   - myRegistryKeySecretName    ## MySQL exporter additional command line flags    ## Can be used to specify command line flags    ## E.g.:    ## extraFlags:    ##   - --collect.binlog_size    ##    extraFlags: []    ## MySQL Prometheus exporter containers' resource requests and limits    ## ref: http://kubernetes.io/docs/user-guide/compute-resources/    ##    resources:      # We usually recommend not to specify default resources and to leave this as a conscious      # choice for the user. This also increases chances charts run on environments with little      # resources, such as Minikube. If you do want to specify resources, uncomment the following      # lines, adjust them as necessary, and remove the curly braces after 'resources:'.      limits: {}      #   cpu: 0.5      #   memory: 256Mi      requests: {}      #   cpu: 0.5      #   memory: 256Mi    ## MySQL Prometheus exporter service parameters    ##    service:      type: ClusterIP      port: 9104      annotations:        prometheus.io/scrape: "true"        prometheus.io/port: "9104"      ## Prometheus Operator ServiceMonitor configuration    ##    serviceMonitor:      enabled: false      ## Namespace in which Prometheus is running      ##      # namespace: monitoring        ## Interval at which metrics should be scraped.      ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)