MOCO Helm Chart
How to use MOCO Helm repository
You need to add this repository to your Helm repositories:
$ helm repo add moco https://cybozu-go.github.io/moco/
$ helm repo update
Quick start
Installing cert-manager
$ curl -fsL https://github.com/jetstack/cert-manager/releases/latest/download/cert-manager.yaml | kubectl apply -f -
Installing the Chart
NOTE:
This installation method requires cert-manager to be installed beforehand. To install the chart with the release name
moco
using a dedicated namespace(recommended):
$ helm install --create-namespace --namespace moco-system moco moco/moco
Specify parameters using --set key=value[,key=value]
argument to helm install
.
Alternatively a YAML file that specifies the values for the parameters can be provided like this:
$ helm install --create-namespace --namespace moco-system moco -f values.yaml moco/moco
Values
Key | Type | Default | Description |
---|---|---|---|
image.repository | string | "ghcr.io/cybozu-go/moco" | MOCO image repository to use. |
image.tag | string | {{ .Chart.AppVersion }} | MOCO image tag to use. |
resources | object | {"requests":{"cpu":"100m","memory":"20Mi"}} | resources used by moco-controller. |
extraArgs | list | [] | Additional command line flags to pass to moco-controller binary. |
nodeSelector | object | {} | nodeSelector used by moco-controller. |
affinity | object | {} | affinity used by moco-controller. |
tolerations | list | [] | tolerations used by moco-controller. |
topologySpreadConstraints | list | [] | topologySpreadConstraints used by moco-controller. |
Generate Manifests
You can use the helm template
command to render manifests.
$ helm template --namespace moco-system moco moco/moco
Upgrade CRDs
There is no support at this time for upgrading or deleting CRDs using Helm. Users must manually upgrade the CRD if there is a change in the CRD used by MOCO.
https://helm.sh/docs/chart_best_practices/custom_resource_definitions/#install-a-crd-declaration-before-using-the-resource
Migrate to v0.3.0
Chart version v0.3.0 has breaking changes.
The .metadata.name
of the resource generated by Chart is changed.
e.g.
{{ template "moco.fullname" . }}-foo-resources
->moco-foo-resources
Related Issue: cybozu-go/moco#426
If you are using a release name other than moco
, you need to migrate.
The migration steps involve deleting and recreating each MOCO resource once, except CRDs. Since the CRDs are not deleted, the pods running existing MySQL clusters are not deleted, so there is no downtime. However, the migration process should be completed in a short time since the moco-controller will be temporarily deleted and no control over the cluster will be available.
migration steps
-
Show the installed chart
$ helm list -n <YOUR NAMESPACE> NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION moco moco-system 1 2022-08-17 11:28:23.418752 +0900 JST deployed moco-0.2.3 0.12.1
-
Render the manifests
$ helm template --namespace moco-system --version <YOUR CHART VERSION> <YOUR INSTALL NAME> moco/moco > render.yaml
-
Setup kustomize
$ cat > kustomization.yaml <<'EOF' resources: - render.yaml patches: - crd-patch.yaml EOF $ cat > crd-patch.yaml <<'EOF' $patch: delete apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: backuppolicies.moco.cybozu.com --- $patch: delete apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: mysqlclusters.moco.cybozu.com EOF
-
Delete resources
$ kustomize build ./ | kubectl delete -f - serviceaccount "moco-controller-manager" deleted role.rbac.authorization.k8s.io "moco-leader-election-role" deleted clusterrole.rbac.authorization.k8s.io "moco-backuppolicy-editor-role" deleted clusterrole.rbac.authorization.k8s.io "moco-backuppolicy-viewer-role" deleted clusterrole.rbac.authorization.k8s.io "moco-manager-role" deleted clusterrole.rbac.authorization.k8s.io "moco-mysqlcluster-editor-role" deleted clusterrole.rbac.authorization.k8s.io "moco-mysqlcluster-viewer-role" deleted rolebinding.rbac.authorization.k8s.io "moco-leader-election-rolebinding" deleted clusterrolebinding.rbac.authorization.k8s.io "moco-manager-rolebinding" deleted service "moco-webhook-service" deleted deployment.apps "moco-controller" deleted certificate.cert-manager.io "moco-controller-grpc" deleted certificate.cert-manager.io "moco-grpc-ca" deleted certificate.cert-manager.io "moco-serving-cert" deleted issuer.cert-manager.io "moco-grpc-issuer" deleted issuer.cert-manager.io "moco-selfsigned-issuer" deleted mutatingwebhookconfiguration.admissionregistration.k8s.io "moco-mutating-webhook-configuration" deleted validatingwebhookconfiguration.admissionregistration.k8s.io "moco-validating-webhook-configuration" deleted
-
Delete Secret
$ kubectl delete secret sh.helm.release.v1.<YOUR INSTALL NAME>.v1 -n <YOUR NAMESPACE>
-
Re-install the v0.3.0 chart
$ helm install --create-namespace --namespace moco-system --version 0.3.0 moco moco/moco
Release Chart
See RELEASE.md.