添加 helm 仓库

helm repo add bitnami https://charts.bitnami.com/bitnami

查看 helm 仓库,看看 8.0.36 版本的 mysql 对应哪个版本的 chart 包

helm search repo mysql -l | grep 8.0.36

bitnami 的一般列出来的都挺多的,我一般喜新厌旧

bitnami/mysql           10.2.1          8.0.36          MySQL is a fast, reliable, scalable, and easy t...
bitnami/mysql           10.1.1          8.0.36          MySQL is a fast, reliable, scalable, and easy t...
bitnami/mysql           10.1.0          8.0.36          MySQL is a fast, reliable, scalable, and easy t...
bitnami/mysql           10.0.0          8.0.36          MySQL is a fast, reliable, scalable, and easy t...
bitnami/mysql           9.23.0          8.0.36          MySQL is a fast, reliable, scalable, and easy t...
bitnami/mysql           9.22.0          8.0.36          MySQL is a fast, reliable, scalable, and easy t...
bitnami/mysql           9.21.2          8.0.36          MySQL is a fast, reliable, scalable, and easy t...
bitnami/mysql           9.21.1          8.0.36          MySQL is a fast, reliable, scalable, and easy t...
bitnami/mysql           9.19.1          8.0.36          MySQL is a fast, reliable, scalable, and easy t...
bitnami/mysql           9.19.0          8.0.36          MySQL is a fast, reliable, scalable, and easy t...
bitnami/mysql           9.18.2          8.0.36          MySQL is a fast, reliable, scalable, and easy t...
bitnami/mysql           9.18.0          8.0.36          MySQL is a fast, reliable, scalable, and easy t...
bitnami/mysql           9.17.1          8.0.36          MySQL is a fast, reliable, scalable, and easy t...
bitnami/mysql           9.17.0          8.0.36          MySQL is a fast, reliable, scalable, and easy t...
bitnami/mysql           9.16.4          8.0.36          MySQL is a fast, reliable, scalable, and easy t...

下载 chart 包

helm pull bitnami/mysql --version 10.2.1
tar xf mysql-10.2.1.tgz
cd mysql

修改 values.yml 文件

先备份一下

cp values.yaml{,.bak}

利用 openssl rand 8 来生成八个字符的随机内容,这个内容不可读,利用 -base64 转码变成可读的字符

openssl rand 8 -base64

原配置文件比较长,这里就展示一下我修改过的内容

# 一般 helm 部署的 pod 名字都是 releaseName 开头的,会把整体 pod 名字拉长了
## 直接使用 fullnameOverride 来指定自己想要生成的 pod 名字
fullnameOverride: "mysql-store"
auth:
  rootPassword: "10yX81E4E3A="
  createDatabase: false
primary:
  # 这里是配置 mysql 配置文件的,需要开启 binlog 之类的,自己添加一下就可以了
  configuration: |-
  affinity:
    nodeAffinity:
      requiredDuringSchedulingIgnoredDuringExecution:
        nodeSelectorTerms:
        - matchExpressions:
          - key: kubernetes.io/hostname
            operator: In
            values:
            - 192.168.11.198

安装 mysql

store 是我这边使用的 namespace,大家需要替换成自己的

helm install -n store mysql ./ -f values.yaml --create-namespace

返回类似下面的输出,说明 yaml 没有问题

NAME: mysql
LAST DEPLOYED: Mon Jul 29 14:33:06 2024
NAMESPACE: store
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
CHART NAME: mysql
CHART VERSION: 10.2.1
APP VERSION: 8.0.36

** Please be patient while the chart is being deployed **

Tip:

  Watch the deployment status using the command: kubectl get pods -w --namespace store

Services:

  echo Primary: mysql-store.store.svc.cluster.local:3306

Execute the following to get the administrator credentials:

  echo Username: root
  MYSQL_ROOT_PASSWORD=$(kubectl get secret --namespace store mysql-store -o jsonpath="{.data.mysql-root-password}" | base64 -d)

To connect to your database:

  1. Run a pod that you can use as a client:

      kubectl run mysql-store-client --rm --tty -i --restart='Never' --image  docker.m.daocloud.io/bitnami/mysql:8.0.36-debian-12-r12 --namespace store --env MYSQL_ROOT_PASSWORD=$MYSQL_ROOT_PASSWORD --command -- bash

  2. To connect to primary service (read/write):

      mysql -h mysql-store.store.svc.cluster.local -uroot -p"$MYSQL_ROOT_PASSWORD"

WARNING: There are "resources" sections in the chart not set. Using "resourcesPreset" is not recommended for production. For production installations, please set the following values according to your workload needs:
  - primary.resources
  - secondary.resources
+info https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

创建 pv

因为开启了持久化,所以需要 pv 和 pvc,可以通过下面的命令来查看 pvc 对应的名字,同样的,下面的 pod 名字和 namespace 需要替换成自己的

k describe pod -n store mysql-store-0 | grep ClaimName

我这里直接使用 localpath 的类型来创建 pv,因为 pvc 已经自动创建好了

创建本地目录

mkdir -p /data/k8s-data/mysql-data
chmod 777 /data/k8s-data/mysql-data
  • storage 的大小,需要自己评估了,不要盲目的抄
  • nodeAffinity 是节点绑定的,可以抄,别全抄,你没有我的节点名称的
---
apiVersion: v1
kind: PersistentVolume
metadata:
  name: data-mysql-store-0
spec:
  accessModes:
  - ReadWriteOnce
  capacity:
    storage: 30Gi
  claimRef:
    apiVersion: v1
    kind: PersistentVolumeClaim
    name: data-mysql-store-0
    namespace: store
  hostPath:
    path: /data/k8s-data/mysql-data
    type: "DirectoryOrCreate"
  persistentVolumeReclaimPolicy: Retain
  nodeAffinity:
    required:
      nodeSelectorTerms:
        - matchExpressions:
            - key: kubernetes.io/hostname
              operator: In
              values:
                - 192.168.11.198

apply yaml 文件,查看 pvc 是否处于 Bound 状态

k get pvc -n store | grep mysql

获取到的是 Bound 状态就没问题了

mysql-store-0   Bound    mysql-store-0   30Gi       RWO                           63s

验证 mysql 版本

进入 mysql 容器

k exec -it -n store mysql-store-0 bash

登录 mysql(helm install 的时候有输出这个命令,拿来直接用就行)

mysql -h mysql-store.store.svc.cluster.local -uroot -p"$MYSQL_ROOT_PASSWORD"

执行下面的 sql 查看 mysql 版本

SELECT version();

可以看到,mysql 的版本是 8.0.36

+-----------+
| version() |
+-----------+
| 8.0.36    |
+-----------+
1 row in set (0.00 sec)

创建 mysql 备份 job

创建 mysql 备份用户

  • 先说一下用户权限问题,我只是起了一个测试使用的,这里只包含了下面两个权限
    • SELECT查询权限是肯定要有的,mysqldump 是将查询到的内容转换成 sql 语句
    • LOCK TABLES锁表备份需要有该权限,如果有 --single-transaction 参数不锁表备份,可以不赋予该权限
-- 创建 backupuser 用户
CREATE USER IF NOT EXISTS 'backupuser'@'%';
-- backupuser 用户配置密码
ALTER USER 'backupuser'@'%' IDENTIFIED BY '6xOVfuAg';
-- backupuser 用户赋权
GRANT SELECT,LOCK TABLES ON *.* TO 'backupuser'@'%';
-- 刷新权限
FLUSH PRIVILEGES;
-- 查看用户权限
SHOW GRANTS FOR 'backupuser'@'%';

用户被赋予了 SELECTLOCK TABLES 的权限

+------------------------------------------------------+
| Grants for backupuser@%                              |
+------------------------------------------------------+
| GRANT SELECT, LOCK TABLES ON *.* TO `backupuser`@`%` |
+------------------------------------------------------+
1 row in set (0.00 sec)

使用备份用户登录,验证用户名密码

mysql -h mysql-store.store.svc.cluster.local -ubackupuser -p6xOVfuAg

创建备份目录持久化

同样使用 hostpath 的方式存储

mkdir -p /data/k8s-data/mysql-back
chmod 777 /data/k8s-data/mysql-back

创建 job

---
apiVersion: batch/v1beta1
kind: CronJob
metadata:
  name: mysql-backup
  namespace: store
spec:
  schedule: "0 17 * * *"
  successfulJobsHistoryLimit: 1
  failedJobsHistoryLimit: 2
  jobTemplate:
    spec:
      template:
        spec:
          affinity:
            nodeAffinity:
              requiredDuringSchedulingIgnoredDuringExecution:
                nodeSelectorTerms:
                - matchExpressions:
                  - key: mysql-back
                    operator: Exists
          containers:
          - name: mysql-backup
            imagePullPolicy: IfNotPresent
            image: docker.io/bitnami/mysql:8.0.36-debian-12-r12
            env:
              - name: MYSQL_HOST
                value: mysql-store.store.svc.cluster.local
              - name: TZ
                value: Asia/Shanghai
              - name: LANG
                value: en_US.UTF-8
            command:
            - /bin/sh
            - -c
            - |
              set -ex
              mysqldump --host=${MYSQL_HOST} --user=backupuser \
                        --password=6xOVfuAg \
                        --all-databases --quick \
                        > /mysql-backup/mysql-$(date +"%Y%m%dT%H_%M_%S").sql && find /mysql-backup/ -type f -mtime +3 -exec rm -rf {} \;
            volumeMounts:
            - name: mysql-backup
              mountPath: /mysql-backup
          restartPolicy: OnFailure
          volumes:
          - name: mysql-backup
            hostPath:
              path: /data/k8s-data/mysql-back
              type: DirectoryOrCreate
Logo

腾讯云面向开发者汇聚海量精品云计算使用和开发经验,营造开放的云计算技术生态圈。

更多推荐