Create MySQL Cluster With Custom Password on KubeBlocks
This guide demonstrates how to deploy a MySQL cluster in KubeBlocks with a custom root password stored in a Kubernetes Secret.
Prerequisites
Before proceeding, ensure the following:
- Environment Setup:
- A Kubernetes cluster is up and running.
- The kubectl CLI tool is configured to communicate with your cluster.
- KubeBlocks CLI and KubeBlocks Operator are installed. Follow the installation instructions here.
- Namespace Preparation: To keep resources isolated, create a dedicated namespace for this tutorial:
kubectl create ns demo
Expected Output:
namespace/demo created
Deploying the MySQL Semi-Synchronous Cluster
KubeBlocks uses a declarative approach for managing MySQL clusters. Below is an example configuration for deploying a MySQL cluster with 2 nodes (1 primary, 1 replicas) in semi-synchronous mode and a custom root password.
Step 1: Create a Secret for the Root Account
The custom root password is stored in a Kubernetes Secret. Create the Secret by applying the following YAML:
kubectl apply -f - <<EOF
apiVersion: v1
data:
password: Y3VzdG9tcGFzc3dvcmQ=
username: cm9vdA==
immutable: true
kind: Secret
metadata:
name: custom-mysql-root-secret
namespace: demo
EOF
- password: Replace custompassword with your desired password and encode it using Base64 (
echo -n "custompassword" | base64).
- username: The default MySQL root user is 'root', encoded as 'cm9vdA=='.
Step 2: Deploy the MySQL Cluster
Apply the following manifest to deploy the MySQL cluster, referencing the Secret created in Step 1 for the root account:
kubectl apply -f - <<EOF
apiVersion: apps.kubeblocks.io/v1
kind: Cluster
metadata:
name: example-mysql-cluster
namespace: demo
spec:
clusterDef: mysql
topology: semisync
terminationPolicy: Delete
componentSpecs:
- name: mysql
serviceVersion: 8.0.35
replicas: 2
systemAccounts:
- name: root
secretRef:
name: custom-mysql-root-secret
namespace: demo
resources:
limits:
cpu: '0.5'
memory: 0.5Gi
requests:
cpu: '0.5'
memory: 0.5Gi
volumeClaimTemplates:
- name: data
spec:
storageClassName: ""
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 20Gi
EOF
Verifying the Deployment
Once the cluster is deployed, check its status by running the following command:
kubectl get cluster example-mysql-cluster -n demo -w
Expected Output:
NAME CLUSTER-DEFINITION TERMINATION-POLICY STATUS AGE
example-mysql-cluster mysql Delete Creating 19s
example-mysql-cluster mysql Delete Running 1m
Wait until the STATUS changes to 'Running'.
Connecting to the MySQL Cluster
KubeBlocks automatically creates a secret containing the MySQL root credentials. Retrieve the credentials with the following commands:
kubectl get secrets -n demo example-mysql-cluster-mysql-account-root -o jsonpath='{.data.username}' | base64 -d
root
kubectl get secrets -n demo example-mysql-cluster-mysql-account-root -o jsonpath='{.data.password}' | base64 -d
custompassword
To connect to the cluster's primary node, use the MySQL client with the custom password:
kubectl exec -it -n demo example-mysql-cluster-mysql-0 -c mysql -- mysql -h example-mysql-cluster-mysql.demo.svc.cluster.local -uroot -pcustompassword
Cleanup
To remove all created resources, delete the MySQL cluster along with its namespace:
kubectl delete cluster example-mysql-cluster -n demo
kubectl delete secret custom-mysql-root-secret -n demo
kubectl delete ns demo
Summary
In this guide, you:
- Created a Kubernetes Secret to securely store a custom MySQL root password.
- Deployed a MySQL cluster in KubeBlocks with a custom root password.
- Verified the deployment and connected to the cluster's primary node using the MySQL client.
Using Kubernetes Secrets ensures secure credential management for your MySQL clusters, while KubeBlocks simplifies the deployment and management process.
