MOCO Helm Chart

How to use MOCO Helm repository

You need to add this repository to your Helm repositories:

$ helm repo add moco https://cybozu-go.github.io/moco/
$ helm repo update

Quick start

Installing cert-manager

$ curl -fsL https://github.com/jetstack/cert-manager/releases/latest/download/cert-manager.yaml | kubectl apply -f -

Installing the Chart

NOTE:

This installation method requires cert-manager to be installed beforehand. To install the chart with the release name moco using a dedicated namespace(recommended):

$ helm install --create-namespace --namespace moco-system moco moco/moco

Specify parameters using --set key=value[,key=value] argument to helm install.

Alternatively a YAML file that specifies the values for the parameters can be provided like this:

$ helm install --create-namespace --namespace moco-system moco -f values.yaml moco/moco

Values

Key	Type	Default	Description
image.repository	string	`"ghcr.io/cybozu-go/moco"`	MOCO image repository to use.
image.tag	string	`{{ .Chart.AppVersion }}`	MOCO image tag to use.
resources	object	`{"requests":{"cpu":"100m","memory":"20Mi"}}`	resources used by moco-controller.
extraArgs	list	`[]`	Additional command line flags to pass to moco-controller binary.
nodeSelector	object	`{}`	nodeSelector used by moco-controller.
affinity	object	`{}`	affinity used by moco-controller.
tolerations	list	`[]`	tolerations used by moco-controller.
topologySpreadConstraints	list	`[]`	topologySpreadConstraints used by moco-controller.

Generate Manifests

You can use the helm template command to render manifests.

$ helm template --namespace moco-system moco moco/moco

Upgrade CRDs

There is no support at this time for upgrading or deleting CRDs using Helm. Users must manually upgrade the CRD if there is a change in the CRD used by MOCO.

https://helm.sh/docs/chart_best_practices/custom_resource_definitions/#install-a-crd-declaration-before-using-the-resource

Migrate to v0.3.0

Chart version v0.3.0 has breaking changes. The .metadata.name of the resource generated by Chart is changed.

e.g.

{{ template "moco.fullname" . }}-foo-resources -> moco-foo-resources

Related Issue: cybozu-go/moco#426

If you are using a release name other than moco, you need to migrate.

The migration steps involve deleting and recreating each MOCO resource once, except CRDs. Since the CRDs are not deleted, the pods running existing MySQL clusters are not deleted, so there is no downtime. However, the migration process should be completed in a short time since the moco-controller will be temporarily deleted and no control over the cluster will be available.

migration steps

Show the installed chart

$ helm list -n <YOUR NAMESPACE>
NAME    NAMESPACE       REVISION        UPDATED                                 STATUS          CHART           APP VERSION
moco    moco-system     1               2022-08-17 11:28:23.418752 +0900 JST    deployed        moco-0.2.3      0.12.1

Render the manifests

$ helm template --namespace moco-system --version <YOUR CHART VERSION> <YOUR INSTALL NAME> moco/moco > render.yaml

Setup kustomize

$ cat > kustomization.yaml <<'EOF'
resources:
  - render.yaml
patches:
  - crd-patch.yaml
EOF

$ cat > crd-patch.yaml <<'EOF'
$patch: delete
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  name: backuppolicies.moco.cybozu.com
---
$patch: delete
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  name: mysqlclusters.moco.cybozu.com
EOF

Delete resources

$ kustomize build ./ | kubectl delete -f -
serviceaccount "moco-controller-manager" deleted
role.rbac.authorization.k8s.io "moco-leader-election-role" deleted
clusterrole.rbac.authorization.k8s.io "moco-backuppolicy-editor-role" deleted
clusterrole.rbac.authorization.k8s.io "moco-backuppolicy-viewer-role" deleted
clusterrole.rbac.authorization.k8s.io "moco-manager-role" deleted
clusterrole.rbac.authorization.k8s.io "moco-mysqlcluster-editor-role" deleted
clusterrole.rbac.authorization.k8s.io "moco-mysqlcluster-viewer-role" deleted
rolebinding.rbac.authorization.k8s.io "moco-leader-election-rolebinding" deleted
clusterrolebinding.rbac.authorization.k8s.io "moco-manager-rolebinding" deleted
service "moco-webhook-service" deleted
deployment.apps "moco-controller" deleted
certificate.cert-manager.io "moco-controller-grpc" deleted
certificate.cert-manager.io "moco-grpc-ca" deleted
certificate.cert-manager.io "moco-serving-cert" deleted
issuer.cert-manager.io "moco-grpc-issuer" deleted
issuer.cert-manager.io "moco-selfsigned-issuer" deleted
mutatingwebhookconfiguration.admissionregistration.k8s.io "moco-mutating-webhook-configuration" deleted
validatingwebhookconfiguration.admissionregistration.k8s.io "moco-validating-webhook-configuration" deleted

Delete Secret

$ kubectl delete secret sh.helm.release.v1.<YOUR INSTALL NAME>.v1 -n <YOUR NAMESPACE>

Re-install the v0.3.0 chart

$ helm install --create-namespace --namespace moco-system --version 0.3.0 moco moco/moco

Release Chart

See RELEASE.md.

MOCO Documentation