--- apiVersion: apps/v1 kind: StatefulSet metadata: name: mariadb spec: revisionHistoryLimit: 0 serviceName: mariadb selector: matchLabels: app: mariadb replicas: 1 template: metadata: labels: app: mariadb annotations: prometheus.io/port: '9104' prometheus.io/scrape: 'true' spec: containers: - name: exporter image: mirror.gcr.io/prom/mysqld-exporter:latest env: - name: DATA_SOURCE_NAME value: exporter@tcp(127.0.0.1)/ - name: mariadb image: mirror.gcr.io/library/mariadb:12.1 imagePullPolicy: Always env: - name: MYSQL_ROOT_PASSWORD valueFrom: secretKeyRef: name: mariadb-secrets key: MYSQL_ROOT_PASSWORD - name: MYSQL_USER valueFrom: fieldRef: fieldPath: metadata.namespace - name: MYSQL_DATABASE valueFrom: fieldRef: fieldPath: metadata.namespace - name: MYSQL_PASSWORD valueFrom: secretKeyRef: name: mariadb-secrets key: MYSQL_PASSWORD volumeMounts: - name: mariadb-data mountPath: /var/lib/mysql - name: mariadb-init mountPath: /docker-entrypoint-initdb.d volumes: - name: mariadb-init configMap: name: mariadb-init-config volumeClaimTemplates: - metadata: name: mariadb-data spec: storageClassName: ceph-rbd accessModes: - ReadWriteOnce resources: requests: storage: 2Gi --- apiVersion: codemowers.cloud/v1beta1 kind: SecretClaim metadata: name: mariadb-secrets spec: size: 32 mapping: - key: MYSQL_ROOT_PASSWORD value: "%(plaintext)s" - key: MYSQL_PASSWORD value: "%(plaintext)s" --- apiVersion: v1 kind: Service metadata: name: mariadb spec: ports: - protocol: TCP port: 3306 selector: app: mariadb --- apiVersion: v1 kind: ConfigMap metadata: name: mariadb-init-config data: initdb.sql: | CREATE USER 'exporter'@'127.0.0.1' WITH MAX_USER_CONNECTIONS 3; GRANT PROCESS, REPLICATION CLIENT, SLAVE MONITOR, SELECT ON *.* TO 'exporter'@'127.0.0.1';