--- # Source: mysql/templates/networkpolicy.yaml kind: NetworkPolicy apiVersion: networking.k8s.io/v1 metadata: name: mysql namespace: "list-images-for-pods" labels: app.kubernetes.io/instance: mysql app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: mysql app.kubernetes.io/version: 8.4.4 helm.sh/chart: mysql-12.3.1 app.kubernetes.io/part-of: mysql spec: podSelector: matchLabels: app.kubernetes.io/instance: mysql app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: mysql app.kubernetes.io/version: 8.4.4 helm.sh/chart: mysql-12.3.1 policyTypes: - Ingress - Egress egress: - {} ingress: # Allow connection from other cluster pods - ports: - port: 3306 --- # Source: mysql/templates/primary/pdb.yaml apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: mysql namespace: "list-images-for-pods" labels: app.kubernetes.io/instance: mysql app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: mysql app.kubernetes.io/version: 8.4.4 helm.sh/chart: mysql-12.3.1 app.kubernetes.io/part-of: mysql app.kubernetes.io/component: primary spec: maxUnavailable: 1 selector: matchLabels: app.kubernetes.io/instance: mysql app.kubernetes.io/name: mysql app.kubernetes.io/part-of: mysql app.kubernetes.io/component: primary --- # Source: mysql/templates/serviceaccount.yaml apiVersion: v1 kind: ServiceAccount metadata: name: mysql namespace: "list-images-for-pods" labels: app.kubernetes.io/instance: mysql app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: mysql app.kubernetes.io/version: 8.4.4 helm.sh/chart: mysql-12.3.1 app.kubernetes.io/part-of: mysql automountServiceAccountToken: false secrets: - name: mysql --- # Source: mysql/templates/secrets.yaml apiVersion: v1 kind: Secret metadata: name: mysql namespace: "list-images-for-pods" labels: app.kubernetes.io/instance: mysql app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: mysql app.kubernetes.io/version: 8.4.4 helm.sh/chart: mysql-12.3.1 app.kubernetes.io/part-of: mysql type: Opaque data: mysql-root-password: "R0tkcW9jS1hxTA==" mysql-password: "bUZyN0pnUnVrbQ==" --- # Source: mysql/templates/primary/configmap.yaml apiVersion: v1 kind: ConfigMap metadata: name: mysql namespace: "list-images-for-pods" labels: app.kubernetes.io/instance: mysql app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: mysql app.kubernetes.io/version: 8.4.4 helm.sh/chart: mysql-12.3.1 app.kubernetes.io/part-of: mysql app.kubernetes.io/component: primary data: my.cnf: |- [mysqld] authentication_policy='* ,,' skip-name-resolve explicit_defaults_for_timestamp basedir=/opt/bitnami/mysql plugin_dir=/opt/bitnami/mysql/lib/plugin port=3306 mysqlx=0 mysqlx_port=33060 socket=/opt/bitnami/mysql/tmp/mysql.sock datadir=/bitnami/mysql/data tmpdir=/opt/bitnami/mysql/tmp max_allowed_packet=16M bind-address=* pid-file=/opt/bitnami/mysql/tmp/mysqld.pid log-error=/opt/bitnami/mysql/logs/mysqld.log character-set-server=UTF8 slow_query_log=0 long_query_time=10.0 [client] port=3306 socket=/opt/bitnami/mysql/tmp/mysql.sock default-character-set=UTF8 plugin_dir=/opt/bitnami/mysql/lib/plugin [manager] port=3306 socket=/opt/bitnami/mysql/tmp/mysql.sock pid-file=/opt/bitnami/mysql/tmp/mysqld.pid --- # Source: mysql/templates/primary/svc-headless.yaml apiVersion: v1 kind: Service metadata: name: mysql-headless namespace: "list-images-for-pods" labels: app.kubernetes.io/instance: mysql app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: mysql app.kubernetes.io/version: 8.4.4 helm.sh/chart: mysql-12.3.1 app.kubernetes.io/part-of: mysql app.kubernetes.io/component: primary spec: type: ClusterIP clusterIP: None publishNotReadyAddresses: true ports: - name: mysql port: 3306 targetPort: mysql selector: app.kubernetes.io/instance: mysql app.kubernetes.io/name: mysql app.kubernetes.io/component: primary --- # Source: mysql/templates/primary/svc.yaml apiVersion: v1 kind: Service metadata: name: mysql namespace: "list-images-for-pods" labels: app.kubernetes.io/instance: mysql app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: mysql app.kubernetes.io/version: 8.4.4 helm.sh/chart: mysql-12.3.1 app.kubernetes.io/part-of: mysql app.kubernetes.io/component: primary spec: type: ClusterIP sessionAffinity: None ports: - name: mysql port: 3306 protocol: TCP targetPort: mysql nodePort: null selector: app.kubernetes.io/instance: mysql app.kubernetes.io/name: mysql app.kubernetes.io/part-of: mysql app.kubernetes.io/component: primary --- # Source: mysql/templates/primary/statefulset.yaml apiVersion: apps/v1 kind: StatefulSet metadata: name: mysql namespace: "list-images-for-pods" labels: app.kubernetes.io/instance: mysql app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: mysql app.kubernetes.io/version: 8.4.4 helm.sh/chart: mysql-12.3.1 app.kubernetes.io/part-of: mysql app.kubernetes.io/component: primary spec: replicas: 1 podManagementPolicy: "" selector: matchLabels: app.kubernetes.io/instance: mysql app.kubernetes.io/name: mysql app.kubernetes.io/part-of: mysql app.kubernetes.io/component: primary serviceName: mysql-headless updateStrategy: type: RollingUpdate template: metadata: annotations: checksum/configuration: b6d5ede247ae870aee299f83a08b81a91859c6c38996d11339e3a73cf6ed3bd4 labels: app.kubernetes.io/instance: mysql app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: mysql app.kubernetes.io/version: 8.4.4 helm.sh/chart: mysql-12.3.1 app.kubernetes.io/part-of: mysql app.kubernetes.io/component: primary spec: serviceAccountName: mysql automountServiceAccountToken: false affinity: podAffinity: podAntiAffinity: preferredDuringSchedulingIgnoredDuringExecution: - podAffinityTerm: labelSelector: matchLabels: app.kubernetes.io/instance: mysql app.kubernetes.io/name: mysql topologyKey: kubernetes.io/hostname weight: 1 nodeAffinity: securityContext: fsGroup: 1001 fsGroupChangePolicy: Always supplementalGroups: [] sysctls: [] initContainers: - name: preserve-logs-symlinks image: docker.io/bitnami/mysql:8.4.4-debian-12-r4 imagePullPolicy: "IfNotPresent" securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL readOnlyRootFilesystem: true runAsGroup: 1001 runAsNonRoot: true runAsUser: 1001 seLinuxOptions: {} seccompProfile: type: RuntimeDefault resources: limits: cpu: 750m ephemeral-storage: 2Gi memory: 768Mi requests: cpu: 500m ephemeral-storage: 50Mi memory: 512Mi command: - /bin/bash args: - -ec - | #!/bin/bash . /opt/bitnami/scripts/libfs.sh # We copy the logs folder because it has symlinks to stdout and stderr if ! is_dir_empty /opt/bitnami/mysql/logs; then cp -r /opt/bitnami/mysql/logs /emptydir/app-logs-dir fi volumeMounts: - name: empty-dir mountPath: /emptydir containers: - name: mysql image: docker.io/bitnami/mysql:8.4.4-debian-12-r4 imagePullPolicy: "IfNotPresent" securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL readOnlyRootFilesystem: true runAsGroup: 1001 runAsNonRoot: true runAsUser: 1001 seLinuxOptions: {} seccompProfile: type: RuntimeDefault env: - name: BITNAMI_DEBUG value: "false" - name: MYSQL_ROOT_PASSWORD_FILE value: /opt/bitnami/mysql/secrets/mysql-root-password - name: MYSQL_ENABLE_SSL value: "no" - name: MYSQL_PORT value: "3306" - name: MYSQL_DATABASE value: "my_database" envFrom: ports: - name: mysql containerPort: 3306 livenessProbe: failureThreshold: 3 initialDelaySeconds: 5 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 exec: command: - /bin/bash - -ec - | password_aux="${MYSQL_ROOT_PASSWORD:-}" if [[ -f "${MYSQL_ROOT_PASSWORD_FILE:-}" ]]; then password_aux=$(cat "$MYSQL_ROOT_PASSWORD_FILE") fi mysqladmin status -uroot -p"${password_aux}" readinessProbe: failureThreshold: 3 initialDelaySeconds: 5 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 exec: command: - /bin/bash - -ec - | password_aux="${MYSQL_ROOT_PASSWORD:-}" if [[ -f "${MYSQL_ROOT_PASSWORD_FILE:-}" ]]; then password_aux=$(cat "$MYSQL_ROOT_PASSWORD_FILE") fi mysqladmin ping -uroot -p"${password_aux}" | grep "mysqld is alive" startupProbe: failureThreshold: 10 initialDelaySeconds: 15 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 exec: command: - /bin/bash - -ec - | password_aux="${MYSQL_ROOT_PASSWORD:-}" if [[ -f "${MYSQL_ROOT_PASSWORD_FILE:-}" ]]; then password_aux=$(cat "$MYSQL_ROOT_PASSWORD_FILE") fi mysqladmin ping -uroot -p"${password_aux}" | grep "mysqld is alive" resources: limits: cpu: 750m ephemeral-storage: 2Gi memory: 768Mi requests: cpu: 500m ephemeral-storage: 50Mi memory: 512Mi volumeMounts: - name: data mountPath: /bitnami/mysql - name: empty-dir mountPath: /tmp subPath: tmp-dir - name: empty-dir mountPath: /opt/bitnami/mysql/conf subPath: app-conf-dir - name: empty-dir mountPath: /opt/bitnami/mysql/tmp subPath: app-tmp-dir - name: empty-dir mountPath: /opt/bitnami/mysql/logs subPath: app-logs-dir - name: config mountPath: /opt/bitnami/mysql/conf/my.cnf subPath: my.cnf - name: mysql-credentials mountPath: /opt/bitnami/mysql/secrets/ volumes: - name: config configMap: name: mysql - name: mysql-credentials secret: secretName: mysql items: - key: mysql-root-password path: mysql-root-password - key: mysql-password path: mysql-password - name: empty-dir emptyDir: {} volumeClaimTemplates: - metadata: name: data labels: app.kubernetes.io/instance: mysql app.kubernetes.io/name: mysql app.kubernetes.io/component: primary spec: accessModes: - "ReadWriteOnce" resources: requests: storage: "8Gi"