Cpte-Boot/k8s/manifests/mysql.yaml

# ===== 1. Secret - MySQL 认证信息 =====
kind: Secret
apiVersion: v1
metadata:
  name: mysql-secret
  namespace: cpte-wms
  annotations:
    kubesphere.io/creator: admin
    kubesphere.io/description: MySQL 认证信息
data:
  MYSQL_ROOT_PASSWORD: Y3B0ZUAxMjM=
  MYSQL_DATABASE: Y3B0ZS13bXM=
type: Opaque

---
# ===== 2. ConfigMap - MySQL 配置文件 =====
kind: ConfigMap
apiVersion: v1
metadata:
  name: mysql-conf
  namespace: cpte-wms
  creationTimestamp: '2026-03-16T13:31:47Z'
  annotations:
    kubesphere.io/creator: admin
    kubesphere.io/description: 配置文件
data:
  my.cnf: |
    [client]
    default-character-set = utf8mb4
    socket = /tmp/mysql.sock

    [mysql]
    default-character-set = utf8mb4

    [mysqld]
    # ===== 基础设置 =====
    user = mysql
    datadir = /var/lib/mysql
    socket = /tmp/mysql.sock
    pid-file = /var/run/mysqld/mysqld.pid
    secure-file-priv = /var/lib/mysql-files

    # ===== 连接设置 =====
    max_connections = 200
    max_connect_errors = 100
    max_allowed_packet = 512M

    # ===== 字符集设置 =====
    character-set-server = utf8mb4
    default_authentication_plugin = mysql_native_password
    lower_case_table_names = 1

    # ===== 缓存和缓冲区设置 =====
    # 线程缓存
    thread_cache_size = 512
    thread_stack = 256K

    # 表缓存
    table_open_cache = 8192
    table_definition_cache = 4096
    tmp_table_size = 1G

    # 键缓存
    key_buffer_size = 256M

    # 查询缓存
    join_buffer_size = 4M
    sort_buffer_size = 8M
    read_buffer_size = 2M
    read_rnd_buffer_size = 4M

    # MyISAM
    myisam_sort_buffer_size = 256M

    # ===== InnoDB 设置 =====
    default-storage-engine = INNODB
    innodb_buffer_pool_size = 40G
    innodb_log_file_size = 4G
    innodb_log_buffer_size = 256M
    innodb_flush_log_at_trx_commit = 1


    # ===== 日志设置 =====
    log-bin = mysql-bin
    binlog_format = ROW
    server-id = 1
    max_binlog_cache_size = 2G
    max_binlog_size = 1G
    expire_logs_days = 7

    # 慢查询日志
    slow-query-log=1
    slow-query-log-file = /var/lib/mysql/mysql-slow.log
    long_query_time = 5


    # ===== 其他设置 =====
    sql-mode="STRICT_TRANS_TABLES,NO_ENGINE_SUBSTITUTION"
    open_files_limit = 8192

---
# ===== 3. Headless Service - 用于 StatefulSet =====
apiVersion: v1
kind: Service
metadata:
  name: mysql-headless
  namespace: cpte-wms
  labels:
    app: mysql
spec:
  clusterIP: None
  selector:
    app: mysql
  ports:
    - port: 3306
      targetPort: 3306
      name: mysql

---
# ===== 4. StatefulSet - MySQL 主容器 =====
apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: mysql
  namespace: cpte-wms
  labels:
    app: mysql
  annotations:
    kubesphere.io/description: "8.0.39"
spec:
  serviceName: mysql-headless
  replicas: 1
  selector:
    matchLabels:
      app: mysql
  template:
    metadata:
      labels:
        app: mysql
    spec:
      # ===== Pod 级别安全上下文 =====
      securityContext:
        fsGroup: 999
      containers:
        - name: mysql
          image: docker.io/library/mysql:8.0.39
          imagePullPolicy: IfNotPresent
          ports:
            - containerPort: 3306
              name: mysql
          env:
            - name: MYSQL_ROOT_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: mysql-secret
                  key: MYSQL_ROOT_PASSWORD
            - name: MYSQL_DATABASE
              valueFrom:
                secretKeyRef:
                  name: mysql-secret
                  key: MYSQL_DATABASE
          volumeMounts:
            - name: mysql-data
              mountPath: /var/lib/mysql
            - name: mysql-conf
              mountPath: /etc/mysql/conf.d/my.cnf
              subPath: my.cnf
              readOnly: true
            - name: mysql-log
              mountPath: /var/log/mysql
            - name: mysql-run
              mountPath: /var/run/mysqld
            - name: host-time
              mountPath: /etc/localtime
              readOnly: true
          livenessProbe:
            exec:
              command: ['sh', '-c', 'mysqladmin ping -h localhost -u root -p"$MYSQL_ROOT_PASSWORD" | grep -q alive']
            initialDelaySeconds: 60
            periodSeconds: 10
            failureThreshold: 3
          readinessProbe:
            exec:
              command: ['sh', '-c', 'mysqladmin ping -h localhost -u root -p"$MYSQL_ROOT_PASSWORD" | grep -q alive']
            initialDelaySeconds: 30
            periodSeconds: 5
            failureThreshold: 3
          startupProbe:
            exec:
              command: ['sh', '-c', 'mysqladmin ping -h localhost -u root -p"$MYSQL_ROOT_PASSWORD" | grep -q alive']
            initialDelaySeconds: 0
            periodSeconds: 5
            failureThreshold: 30
          resources:
            requests:
              memory: "4Gi"
              cpu: "500m"
            limits:
              memory: "8Gi"
              cpu: "2000m"
          # ===== 容器级别安全上下文 =====
          securityContext:
            runAsUser: 999
            runAsGroup: 999
      volumes:
        - name: mysql-conf
          configMap:
            name: mysql-conf
        - name: mysql-log
          emptyDir: {}
        - name: mysql-run
          emptyDir: {}
        - name: host-time
          hostPath:
            path: /etc/localtime
            type: File
  volumeClaimTemplates:
    - metadata:
        name: mysql-data
      spec:
        accessModes: ["ReadWriteOnce"]
        storageClassName: local
        resources:
          requests:
            storage: 20Gi

---
# ===== 5. ClusterIP Service - 用于集群内访问 =====
kind: Service
apiVersion: v1
metadata:
  name: mysql-service
  namespace: cpte-wms
  creationTimestamp: '2026-03-16T14:34:50Z'
  labels:
    app: mysql
spec:
  ports:
    - name: mysql
      protocol: TCP
      port: 3306
      targetPort: 3306
      nodePort: 30926
  selector:
    app: mysql
  clusterIP: 10.233.28.135
  clusterIPs:
    - 10.233.28.135
  type: NodePort
  sessionAffinity: None
  externalTrafficPolicy: Cluster
  ipFamilies:
    - IPv4
  ipFamilyPolicy: SingleStack
  internalTrafficPolicy: Cluster
$HUOJIN\92525$ no message 2026-03-16 23:52:17 +08:00			`# ===== 1. Secret - MySQL 认证信息 =====`
			`kind: Secret`
			`apiVersion: v1`
			`metadata:`
			`name: mysql-secret`
			`namespace: cpte-wms`
			`annotations:`
			`kubesphere.io/creator: admin`
			`kubesphere.io/description: MySQL 认证信息`
			`data:`
			`MYSQL_ROOT_PASSWORD: Y3B0ZUAxMjM=`
			`MYSQL_DATABASE: Y3B0ZS13bXM=`
			`type: Opaque`

			`---`
			`# ===== 2. ConfigMap - MySQL 配置文件 =====`
			`kind: ConfigMap`
			`apiVersion: v1`
			`metadata:`
			`name: mysql-conf`
			`namespace: cpte-wms`
			`creationTimestamp: '2026-03-16T13:31:47Z'`
			`annotations:`
			`kubesphere.io/creator: admin`
			`kubesphere.io/description: 配置文件`
			`data:`
			`my.cnf: \|`
			`[client]`
			`default-character-set = utf8mb4`
			`socket = /tmp/mysql.sock`

			`[mysql]`
			`default-character-set = utf8mb4`

			`[mysqld]`
			`# ===== 基础设置 =====`
			`user = mysql`
			`datadir = /var/lib/mysql`
			`socket = /tmp/mysql.sock`
			`pid-file = /var/run/mysqld/mysqld.pid`
			`secure-file-priv = /var/lib/mysql-files`

			`# ===== 连接设置 =====`
			`max_connections = 200`
			`max_connect_errors = 100`
			`max_allowed_packet = 512M`

			`# ===== 字符集设置 =====`
			`character-set-server = utf8mb4`
			`default_authentication_plugin = mysql_native_password`
			`lower_case_table_names = 1`

			`# ===== 缓存和缓冲区设置 =====`
			`# 线程缓存`
			`thread_cache_size = 512`
			`thread_stack = 256K`

			`# 表缓存`
			`table_open_cache = 8192`
			`table_definition_cache = 4096`
			`tmp_table_size = 1G`

			`# 键缓存`
			`key_buffer_size = 256M`

			`# 查询缓存`
			`join_buffer_size = 4M`
			`sort_buffer_size = 8M`
			`read_buffer_size = 2M`
			`read_rnd_buffer_size = 4M`

			`# MyISAM`
			`myisam_sort_buffer_size = 256M`

			`# ===== InnoDB 设置 =====`
			`default-storage-engine = INNODB`
			`innodb_buffer_pool_size = 40G`
			`innodb_log_file_size = 4G`
			`innodb_log_buffer_size = 256M`
			`innodb_flush_log_at_trx_commit = 1`


			`# ===== 日志设置 =====`
			`log-bin = mysql-bin`
			`binlog_format = ROW`
			`server-id = 1`
			`max_binlog_cache_size = 2G`
			`max_binlog_size = 1G`
			`expire_logs_days = 7`

			`# 慢查询日志`
			`slow-query-log=1`
			`slow-query-log-file = /var/lib/mysql/mysql-slow.log`
			`long_query_time = 5`


			`# ===== 其他设置 =====`
			`sql-mode="STRICT_TRANS_TABLES,NO_ENGINE_SUBSTITUTION"`
			`open_files_limit = 8192`

			`---`
			`# ===== 3. Headless Service - 用于 StatefulSet =====`
			`apiVersion: v1`
			`kind: Service`
			`metadata:`
			`name: mysql-headless`
			`namespace: cpte-wms`
			`labels:`
			`app: mysql`
			`spec:`
			`clusterIP: None`
			`selector:`
			`app: mysql`
			`ports:`
			`- port: 3306`
			`targetPort: 3306`
			`name: mysql`

			`---`
			`# ===== 4. StatefulSet - MySQL 主容器 =====`
			`apiVersion: apps/v1`
			`kind: StatefulSet`
			`metadata:`
			`name: mysql`
			`namespace: cpte-wms`
			`labels:`
			`app: mysql`
			`annotations:`
			`kubesphere.io/description: "8.0.39"`
			`spec:`
			`serviceName: mysql-headless`
			`replicas: 1`
			`selector:`
			`matchLabels:`
			`app: mysql`
			`template:`
			`metadata:`
			`labels:`
			`app: mysql`
			`spec:`
			`# ===== Pod 级别安全上下文 =====`
			`securityContext:`
			`fsGroup: 999`
			`containers:`
			`- name: mysql`
			`image: docker.io/library/mysql:8.0.39`
			`imagePullPolicy: IfNotPresent`
			`ports:`
			`- containerPort: 3306`
			`name: mysql`
			`env:`
			`- name: MYSQL_ROOT_PASSWORD`
			`valueFrom:`
			`secretKeyRef:`
			`name: mysql-secret`
			`key: MYSQL_ROOT_PASSWORD`
			`- name: MYSQL_DATABASE`
			`valueFrom:`
			`secretKeyRef:`
			`name: mysql-secret`
			`key: MYSQL_DATABASE`
			`volumeMounts:`
			`- name: mysql-data`
			`mountPath: /var/lib/mysql`
			`- name: mysql-conf`
			`mountPath: /etc/mysql/conf.d/my.cnf`
			`subPath: my.cnf`
			`readOnly: true`
			`- name: mysql-log`
			`mountPath: /var/log/mysql`
			`- name: mysql-run`
			`mountPath: /var/run/mysqld`
			`- name: host-time`
			`mountPath: /etc/localtime`
			`readOnly: true`
			`livenessProbe:`
			`exec:`
			`command: ['sh', '-c', 'mysqladmin ping -h localhost -u root -p"$MYSQL_ROOT_PASSWORD" \| grep -q alive']`
			`initialDelaySeconds: 60`
			`periodSeconds: 10`
			`failureThreshold: 3`
			`readinessProbe:`
			`exec:`
			`command: ['sh', '-c', 'mysqladmin ping -h localhost -u root -p"$MYSQL_ROOT_PASSWORD" \| grep -q alive']`
			`initialDelaySeconds: 30`
			`periodSeconds: 5`
			`failureThreshold: 3`
			`startupProbe:`
			`exec:`
			`command: ['sh', '-c', 'mysqladmin ping -h localhost -u root -p"$MYSQL_ROOT_PASSWORD" \| grep -q alive']`
			`initialDelaySeconds: 0`
			`periodSeconds: 5`
			`failureThreshold: 30`
			`resources:`
			`requests:`
			`memory: "4Gi"`
			`cpu: "500m"`
			`limits:`
			`memory: "8Gi"`
			`cpu: "2000m"`
			`# ===== 容器级别安全上下文 =====`
			`securityContext:`
			`runAsUser: 999`
			`runAsGroup: 999`
			`volumes:`
			`- name: mysql-conf`
			`configMap:`
			`name: mysql-conf`
			`- name: mysql-log`
			`emptyDir: {}`
			`- name: mysql-run`
			`emptyDir: {}`
			`- name: host-time`
			`hostPath:`
			`path: /etc/localtime`
			`type: File`
			`volumeClaimTemplates:`
			`- metadata:`
			`name: mysql-data`
			`spec:`
			`accessModes: ["ReadWriteOnce"]`
			`storageClassName: local`
			`resources:`
			`requests:`
			`storage: 20Gi`

			`---`
			`# ===== 5. ClusterIP Service - 用于集群内访问 =====`
			`kind: Service`
			`apiVersion: v1`
			`metadata:`
			`name: mysql-service`
			`namespace: cpte-wms`
			`creationTimestamp: '2026-03-16T14:34:50Z'`
			`labels:`
			`app: mysql`
			`spec:`
			`ports:`
			`- name: mysql`
			`protocol: TCP`
			`port: 3306`
			`targetPort: 3306`
			`nodePort: 30926`
			`selector:`
			`app: mysql`
			`clusterIP: 10.233.28.135`
			`clusterIPs:`
			`- 10.233.28.135`
			`type: NodePort`
			`sessionAffinity: None`
			`externalTrafficPolicy: Cluster`
			`ipFamilies:`
			`- IPv4`
			`ipFamilyPolicy: SingleStack`
			`internalTrafficPolicy: Cluster`