Merge pull request #19 from T-Systems-MMS/akvk8s_proxysql

mikaEz · web-flow · commit 17fd8f30d826 · 2022-04-28T18:37:31.000+02:00
proxysql tmpl force k8s secret usage, akv2k8s add more options
diff --git a/akv2k8s/Chart.yaml b/akv2k8s/Chart.yaml
@@ -2,4 +2,4 @@
 apiVersion: v1
 name: akv2k8s
 description: Azure Key Vault to Kubernetes
-version: 0.1.3
+version: 0.1.4
diff --git a/akv2k8s/templates/sync-secret-to-configmap.yaml b/akv2k8s/templates/sync-secret-to-configmap.yaml
@@ -0,0 +1,21 @@
+{{- if .Values.sync_secret_to_configmap -}}
+{{- $sync_secret_to_configmap := .Values.sync_secret_to_configmap }}
+{{- range $secret := $sync_secret_to_configmap.secret.object }}
+---
+apiVersion: spv.no/v2beta1
+kind: AzureKeyVaultSecret
+metadata:
+  name: {{ $secret }}
+  namespace: {{ $sync_secret_to_configmap.namespace }}
+spec:
+  vault:
+    name: {{ $sync_secret_to_configmap.vault.name }}
+    object:
+      name: {{ $secret }}
+      type: secret
+  output:
+    configMap:
+      name: {{ $sync_secret_to_configmap.configmap.name }}
+      dataKey: {{ $secret }}
+{{- end }}
+{{- end }}
diff --git a/akv2k8s/templates/sync-secret.yaml b/akv2k8s/templates/sync-secret.yaml
@@ -0,0 +1,21 @@
+{{- if .Values.sync_secret -}}
+{{- $sync_secret := .Values.sync_secret }}
+{{- range $secret := $sync_secret.secret.object }}
+---
+apiVersion: spv.no/v2beta1
+kind: AzureKeyVaultSecret
+metadata:
+  name: {{ $secret }}
+  namespace: {{ $sync_secret.namespace }}
+spec:
+  vault:
+    name: {{ $sync_secret.vault.name }}
+    object:
+      name: {{ $secret }}
+      type: secret
+  output:
+    secret:
+      name: {{ $secret }}
+      dataKey: value
+{{- end }}
+{{- end }}
diff --git a/proxysql/Chart.yaml b/proxysql/Chart.yaml
@@ -2,4 +2,4 @@
 apiVersion: v1
 name: proxysql
 description: ProxySQL Configuration
-version: 0.1.8
+version: 0.1.9
diff --git a/proxysql/config/proxysql.cnf b/proxysql/config/proxysql.cnf
diff --git a/proxysql/templates/configmap.yaml b/proxysql/templates/configmap.yaml
@@ -10,4 +10,55 @@ metadata:
     {{ $key }}: {{ $value }}
     {{- end }}
 data:
-{{ tpl (.Files.Glob "config/proxysql.cnf").AsConfig . | indent 2  }}
+  proxysql.tmpl: |-
+    {{- $proxysql := .Values.configmap }}
+    datadir  = "{{ $proxysql.datadir }}"
+    errorlog = "{{ $proxysql.errorlog }}"
+
+    admin_variables = { {{- range $key, $value := $proxysql.admin_variables }}
+      {{- if eq $key "admin_credentials" }}
+      {{ $key }} = "{{ $value.username }}:{{ (lookup "v1" "Secret" $.Release.Namespace $value.password).data.value }}" {{- else }}
+      {{ $key }} = "{{ $value }}" {{- end }}{{- end }}
+    }
+
+    mysql_variables = { {{- range $key, $value := $proxysql.mysql_variables }}
+      {{- if eq $key "monitor_password" }}
+      {{ $key }} = "{{ (lookup "v1" "Secret" $.Release.Namespace $value).data.value }}" {{- else }}
+      {{ $key }} = "{{ $value }}" {{- end }}{{- end }}
+    }
+
+    mysql_users = ( {{- range $key, $mysql_user := $proxysql.mysql_users }}
+      {
+        username = "{{ default $key $mysql_user.username }}"
+        default_hostgroup = "{{ default 0 $mysql_user.default_hostgroup }}"
+        active = "{{ default 1 $mysql_user.active }}"
+        password = "{{ (lookup "v1" "Secret" $.Release.Namespace $mysql_user.password).data.value }}"
+      }, {{- end }}
+    )
+
+    mysql_servers = ( {{- range $key, $mysql_server := $proxysql.mysql_servers }}
+      {
+        hostgroup_id = "{{ default 0 $mysql_server.hostgroup_id }}"
+        hostname = "{{ default $key $mysql_server.hostname}}"
+        port = "{{ default 3306 $mysql_server.port }}"
+        use_ssl = "{{ default 1 $mysql_server.use_ssl }}"
+        weight = "{{ default 1 $mysql_server.weight }}"
+        comment = "{{ $mysql_server.comment }}"
+      }, {{- end }}
+    )
+
+    mysql_query_rules = ( {{- range $key, $value := $proxysql.mysql_query_rules }}
+      {{ $key }} = "{{ $value }}" {{- end }}
+    )
+
+    scheduler = ( {{- range $key, $value := $proxysql.scheduler }}
+      {{ $key }} = "{{ $value }}" {{- end }}
+    )
+
+    mysql_replication_hostgroups = ( {{- range $mysql_replication_hostgroup := $proxysql.mysql_replication_hostgroups }}
+      {
+        writer_hostgroup = "{{ default 0 $mysql_replication_hostgroup.writer_hostgroup }}"
+        reader_hostgroup = "{{ default 1 $mysql_replication_hostgroup.reader_hostgroup }}"
+        comment = "{{ $mysql_replication_hostgroup.comment }}"
+      }, {{- end }}
+    )
diff --git a/proxysql/values.yaml b/proxysql/values.yaml
@@ -56,7 +56,6 @@ configmap:
   datadir: "/var/lib/proxysql"
   errorlog: "/var/lib/proxysql/proxysql.log"
   admin_variables:
-    admin_credentials: ""
     mysql_ifaces: "0.0.0.0:6032"
   mysql_variables:
     threads: "8"
@@ -69,8 +68,7 @@ configmap:
     default_schema: "information_schema"
     stacksize: "1048576"
     server_version: "5.7"
-    monitor_username: ""
-    monitor_password: ""
+    monitor_username: "proxysqlmonitor"
     monitor_history: "600000"
     monitor_connect_interval: "60000"
     monitor_ping_interval: "10000"
@@ -92,3 +90,4 @@ configmap:
   mysql_query_rules: {}
   scheduler: {}
   mysql_replication_hostgroups: {}
+
