Facebook

Untitled safest cryptocurrency exchange

From Anorexic Bird, 2 Years ago, written in Plain Text.
URL https://pastebin.pl/view/3ffe56d8
Embed
Download Paste or View Raw
Hits: 114
  1. [root@dbaasjump002 deploy]# cat poc_env3_cr.yaml
  2. apiVersion: pxc.percona.com/v1-9-0
  3. kind: PerconaXtraDBCluster
  4. metadata:
  5.   name: xtradb-poc-env3
  6.   finalizers:
  7. #    - delete-pxc-pods-in-order
  8. #    - delete-proxysql-pvc
  9. #    - delete-pxc-pvc
  10. #  annotations:
  11. #    percona.com/issue-vault-token: "true"
  12. spec:
  13.   crVersion: 1.9.0
  14.   secretsName: my-cluster-secrets
  15.   vaultSecretName: keyring-secret-vault
  16.   sslSecretName: my-cluster-ssl
  17.   sslInternalSecretName: my-cluster-ssl-internal
  18.   logCollectorSecretName: my-log-collector-secrets
  19. #  enableCRValidationWebhook: true
  20. #  tls:
  21. #    SANs:
  22. #      - pxc-1.example.com
  23. #      - pxc-2.example.com
  24. #      - pxc-3.example.com
  25. #    issuerConf:
  26. #      name: special-selfsigned-issuer
  27. #      kind: ClusterIssuer
  28. #      group: cert-manager.io
  29.   allowUnsafeConfigurations: false
  30. #  pause: false
  31.   updateStrategy: SmartUpdate
  32.   upgradeOptions:
  33.     versionServiceEndpoint: https://check.percona.com
  34.     apply: 8.0-recommended
  35.     schedule: "0 4 * * *"
  36.   pxc:
  37.     size: 3
  38.     image: percona/percona-xtradb-cluster:8.0.23-14.1
  39.     autoRecovery: true
  40. #    expose:
  41. #      enabled: true
  42. #      type: LoadBalancer
  43. #      trafficPolicy: Local
  44. #      loadBalancerSourceRanges:
  45. #        - 10.0.0.0/8
  46. #      annotations:
  47. #        networking.gke.io/load-balancer-type: "Internal"
  48. #    replicationChannels:
  49. #    - name: pxc1_to_pxc2
  50. #      isSource: true
  51. #    - name: pxc2_to_pxc1
  52. #      isSource: false
  53. #      sourcesList:
  54. #      - host: 10.95.251.101
  55. #        port: 3306
  56. #        weight: 100
  57. #    schedulerName: mycustom-scheduler
  58. #    readinessDelaySec: 15
  59. #    livenessDelaySec: 600
  60. #    forceUnsafeBootstrap: false
  61.     configuration: |
  62.       [mysqld]
  63.       max_allowed_packet=1G
  64.       net_read_timeout=300
  65. #      wsrep_debug=CLIENT
  66. #      wsrep_provider_options="gcache.size=1G; gcache.recover=yes"
  67. #      [sst]
  68. #      xbstream-opts=--decompress
  69. #      [xtrabackup]
  70. #      compress=lz4
  71. #      for PXC 5.7
  72. #      [xtrabackup]
  73. #      compress
  74. #    imagePullSecrets:
  75. #      - name: private-registry-credentials
  76. #    priorityClassName: high-priority
  77. #    annotations:
  78. #      iam.amazonaws.com/role: role-arn
  79. #    labels:
  80. #      rack: rack-22
  81. #    readinessProbes:
  82. #      initialDelaySeconds: 15
  83. #      timeoutSeconds: 15
  84. #      periodSeconds: 30
  85. #      successThreshold: 1
  86. #      failureThreshold: 5
  87. #    livenessProbes:
  88. #      initialDelaySeconds: 300
  89. #      timeoutSeconds: 5
  90. #      periodSeconds: 10
  91. #      successThreshold: 1
  92. #      failureThreshold: 3
  93. #    containerSecurityContext:
  94. #      privileged: false
  95. #    podSecurityContext:
  96. #      runAsUser: 1001
  97. #      runAsGroup: 1001
  98. #      supplementalGroups: [1001]
  99. #    serviceAccountName: percona-xtradb-cluster-operator-workload
  100. #    imagePullPolicy: Always
  101. #    runtimeClassName: image-rc
  102. #    sidecars:
  103. #    - image: busybox
  104. #      command: ["/bin/sh"]
  105. #      args: ["-c", "while true; do trap 'exit 0' SIGINT SIGTERM SIGQUIT SIGKILL; done;"]
  106. #      name: my-sidecar-1
  107. #    envVarsSecret: my-env-var-secrets
  108.     resources:
  109.       requests:
  110.         memory: 4G
  111.         cpu: 600m
  112. #        ephemeral-storage: 1G
  113. #      limits:
  114. #        memory: 1G
  115. #        cpu: "1"
  116. #        ephemeral-storage: 1G
  117. #    nodeSelector:
  118. #      disktype: ssd
  119. #    sidecarResources:
  120. #      requests:
  121. #        memory: 1G
  122. #        cpu: 500m
  123. #      limits:
  124. #        memory: 2G
  125. #        cpu: 600m
  126.     affinity:
  127.       antiAffinityTopologyKey: "kubernetes.io/hostname"
  128. #      advanced:
  129. #        nodeAffinity:
  130. #          requiredDuringSchedulingIgnoredDuringExecution:
  131. #            nodeSelectorTerms:
  132. #            - matchExpressions:
  133. #              - key: kubernetes.io/e2e-az-name
  134. #                operator: In
  135. #                values:
  136. #                - e2e-az1
  137. #                - e2e-az2
  138. #    tolerations:
  139. #    - key: "node.alpha.kubernetes.io/unreachable"
  140. #      operator: "Exists"
  141. #      effect: "NoExecute"
  142. #      tolerationSeconds: 6000
  143.     podDisruptionBudget:
  144.       maxUnavailable: 1
  145. #      minAvailable: 0
  146.     volumeSpec:
  147. # pxc config
  148. #      emptyDir: {}
  149.       #hostPath:
  150.         #path: /var/xtradb001-local/pxc
  151.         #type: DirectoryOrCreate
  152.       persistentVolumeClaim:
  153.         storageClassName: openebs-hostpath
  154.         volumeName: local-vol-env3
  155.         accessModes: [ "ReadWriteOnce" ]
  156.         resources:
  157.           requests:
  158.             storage: 160G
  159.     gracePeriod: 600
  160.   haproxy:
  161.     enabled: true
  162.     size: 3
  163.     image: percona/percona-xtradb-cluster-operator:1.9.0-haproxy
  164. #    imagePullPolicy: Always
  165. #    schedulerName: mycustom-scheduler
  166. #    configuration: |
  167. #      global
  168. #        maxconn 2048
  169. #        external-check
  170. #        insecure-fork-wanted
  171. #        stats socket /var/run/haproxy.sock mode 600 expose-fd listeners level user
  172. #
  173. #      defaults
  174. #        log global
  175. #        mode tcp
  176. #        retries 10
  177. #        timeout client 28800s
  178. #        timeout connect 100500
  179. #        timeout server 28800s
  180. #
  181. #      frontend galera-in
  182. #        bind *:3309 accept-proxy
  183. #        bind *:3306
  184. #        mode tcp
  185. #        option clitcpka
  186. #        default_backend galera-nodes
  187. #
  188. #      frontend galera-replica-in
  189. #        bind *:3307
  190. #        mode tcp
  191. #        option clitcpka
  192. #        default_backend galera-replica-nodes
  193. #    imagePullSecrets:
  194. #      - name: private-registry-credentials
  195. #    annotations:
  196. #      iam.amazonaws.com/role: role-arn
  197. #    labels:
  198. #      rack: rack-22
  199. #    readinessProbes:
  200. #      initialDelaySeconds: 15
  201. #      timeoutSeconds: 1
  202. #      periodSeconds: 5
  203. #      successThreshold: 1
  204. #      failureThreshold: 3
  205. #    livenessProbes:
  206. #      initialDelaySeconds: 60
  207. #      timeoutSeconds: 5
  208. #      periodSeconds: 30
  209. #      successThreshold: 1
  210. #      failureThreshold: 4
  211. #    serviceType: ClusterIP
  212. #    externalTrafficPolicy: Cluster
  213. #    replicasServiceType: ClusterIP
  214. #    replicasExternalTrafficPolicy: Cluster
  215. #    runtimeClassName: image-rc
  216. #    sidecars:
  217. #    - image: busybox
  218. #      command: ["/bin/sh"]
  219. #      args: ["-c", "while true; do trap 'exit 0' SIGINT SIGTERM SIGQUIT SIGKILL; done;"]
  220. #      name: my-sidecar-1
  221. #    envVarsSecret: my-env-var-secrets
  222.     resources:
  223.       requests:
  224.         memory: 1G
  225.         cpu: 600m
  226. #      limits:
  227. #        memory: 1G
  228. #        cpu: 700m
  229. #    priorityClassName: high-priority
  230. #    nodeSelector:
  231. #      disktype: ssd
  232. #    sidecarResources:
  233. #      requests:
  234. #        memory: 1G
  235. #        cpu: 500m
  236. #      limits:
  237. #        memory: 2G
  238. #        cpu: 600m
  239. #    serviceAccountName: percona-xtradb-cluster-operator-workload
  240.     affinity:
  241.       antiAffinityTopologyKey: "kubernetes.io/hostname"
  242. #      advanced:
  243. #        nodeAffinity:
  244. #          requiredDuringSchedulingIgnoredDuringExecution:
  245. #            nodeSelectorTerms:
  246. #            - matchExpressions:
  247. #              - key: kubernetes.io/e2e-az-name
  248. #                operator: In
  249. #                values:
  250. #                - e2e-az1
  251. #                - e2e-az2
  252. #    tolerations:
  253. #    - key: "node.alpha.kubernetes.io/unreachable"
  254. #      operator: "Exists"
  255. #      effect: "NoExecute"
  256. #      tolerationSeconds: 6000
  257.     podDisruptionBudget:
  258.       maxUnavailable: 1
  259. #      minAvailable: 0
  260.     gracePeriod: 30
  261. #    loadBalancerSourceRanges:
  262. #      - 10.0.0.0/8
  263. #    serviceAnnotations:
  264. #      service.beta.kubernetes.io/aws-load-balancer-backend-protocol: http
  265.   proxysql:
  266.     enabled: false
  267.     size: 3
  268.     image: percona/percona-xtradb-cluster-operator:1.9.0-proxysql
  269. #    imagePullPolicy: Always
  270. #    configuration: |
  271. #      datadir="/var/lib/proxysql"
  272. #
  273. #      admin_variables =
  274. #      {
  275. #        admin_credentials="proxyadmin:admin_password"
  276. #        mysql_ifaces="0.0.0.0:6032"
  277. #        refresh_interval=2000
  278. #
  279. #        cluster_username="proxyadmin"
  280. #        cluster_password="admin_password"
  281. #        cluster_check_interval_ms=200
  282. #        cluster_check_status_frequency=100
  283. #        cluster_mysql_query_rules_save_to_disk=true
  284. #        cluster_mysql_servers_save_to_disk=true
  285. #        cluster_mysql_users_save_to_disk=true
  286. #        cluster_proxysql_servers_save_to_disk=true
  287. #        cluster_mysql_query_rules_diffs_before_sync=1
  288. #        cluster_mysql_servers_diffs_before_sync=1
  289. #        cluster_mysql_users_diffs_before_sync=1
  290. #        cluster_proxysql_servers_diffs_before_sync=1
  291. #      }
  292. #
  293. #      mysql_variables=
  294. #      {
  295. #        monitor_password="monitor"
  296. #        monitor_galera_healthcheck_interval=1000
  297. #        threads=2
  298. #        max_connections=2048
  299. #        default_query_delay=0
  300. #        default_query_timeout=10000
  301. #        poll_timeout=2000
  302. #        interfaces="0.0.0.0:3306"
  303. #        default_schema="information_schema"
  304. #        stacksize=1048576
  305. #        connect_timeout_server=10000
  306. #        monitor_history=60000
  307. #        monitor_connect_interval=20000
  308. #        monitor_ping_interval=10000
  309. #        ping_timeout_server=200
  310. #        commands_stats=true
  311. #        sessions_sort=true
  312. #        have_ssl=true
  313. #        ssl_p2s_ca="/etc/proxysql/ssl-internal/ca.crt"
  314. #        ssl_p2s_cert="/etc/proxysql/ssl-internal/tls.crt"
  315. #        ssl_p2s_key="/etc/proxysql/ssl-internal/tls.key"
  316. #        ssl_p2s_cipher="ECDHE-RSA-AES128-GCM-SHA256"
  317. #      }
  318. #    schedulerName: mycustom-scheduler
  319. #    imagePullSecrets:
  320. #      - name: private-registry-credentials
  321. #    annotations:
  322. #      iam.amazonaws.com/role: role-arn
  323. #    labels:
  324. #      rack: rack-22
  325. #    serviceType: ClusterIP
  326. #    externalTrafficPolicy: Cluster
  327. #    runtimeClassName: image-rc
  328. #    sidecars:
  329. #    - image: busybox
  330. #      command: ["/bin/sh"]
  331. #      args: ["-c", "while true; do trap 'exit 0' SIGINT SIGTERM SIGQUIT SIGKILL; done;"]
  332. #      name: my-sidecar-1
  333. #    envVarsSecret: my-env-var-secrets
  334.     resources:
  335.       requests:
  336.         memory: 1G
  337.         cpu: 600m
  338. #      limits:
  339. #        memory: 1G
  340. #        cpu: 700m
  341. #    priorityClassName: high-priority
  342. #    nodeSelector:
  343. #      disktype: ssd
  344. #    sidecarResources:
  345. #      requests:
  346. #        memory: 1G
  347. #        cpu: 500m
  348. #      limits:
  349. #        memory: 2G
  350. #        cpu: 600m
  351. #    serviceAccountName: percona-xtradb-cluster-operator-workload
  352.     affinity:
  353.       antiAffinityTopologyKey: "kubernetes.io/hostname"
  354. #      advanced:
  355. #        nodeAffinity:
  356. #          requiredDuringSchedulingIgnoredDuringExecution:
  357. #            nodeSelectorTerms:
  358. #            - matchExpressions:
  359. #              - key: kubernetes.io/e2e-az-name
  360. #                operator: In
  361. #                values:
  362. #                - e2e-az1
  363. #                - e2e-az2
  364. #    tolerations:
  365. #    - key: "node.alpha.kubernetes.io/unreachable"
  366. #      operator: "Exists"
  367. #      effect: "NoExecute"
  368. #      tolerationSeconds: 6000
  369.     volumeSpec:
  370. # proxysql config
  371. #      emptyDir: {}
  372.       #hostPath:
  373.         #path: /var/xtradb001-local/proxysql-pxc
  374.         #type: DirectoryOrCreate
  375.       persistentVolumeClaim:
  376.         storageClassName: openebs-hostpath
  377.         volumeName: local-persistentvolume2
  378.         accessModes: [ "ReadWriteOnce" ]
  379.         resources:
  380.           requests:
  381.             storage: 2G
  382.     podDisruptionBudget:
  383.       maxUnavailable: 1
  384. #      minAvailable: 0
  385.     gracePeriod: 30
  386. #   loadBalancerSourceRanges:
  387. #     - 10.0.0.0/8
  388. #   serviceAnnotations:
  389. #     service.beta.kubernetes.io/aws-load-balancer-backend-protocol: http
  390.   logcollector:
  391.     enabled: true
  392.     image: percona/percona-xtradb-cluster-operator:1.9.0-logcollector
  393. #    configuration: |
  394. #      [OUTPUT]
  395. #           Name  es
  396. #           Match *
  397. #           Host  192.168.2.3
  398. #           Port  9200
  399. #           Index my_index
  400. #           Type  my_type
  401. #    resources:
  402. #      requests:
  403. #        memory: 200M
  404. #        cpu: 500m
  405.   pmm:
  406.     enabled: false
  407.     image: percona/pmm-client:2.18.0
  408.     serverHost: monitoring-service
  409.     serverUser: admin
  410. #    pxcParams: "--disable-tablestats-limit=2000"
  411. #    proxysqlParams: "--custom-labels=CUSTOM-LABELS"
  412. #    resources:
  413. #      requests:
  414. #        memory: 200M
  415. #        cpu: 500m
  416.   backup:
  417.     image: percona/percona-xtradb-cluster-operator:1.9.0-pxc8.0-backup
  418. #    serviceAccountName: percona-xtradb-cluster-operator
  419. #    imagePullSecrets:
  420. #      - name: private-registry-credentials
  421.     pitr:
  422.       enabled: false
  423.       storageName: STORAGE-NAME-HERE
  424.       timeBetweenUploads: 60
  425.     storages:
  426.       s3-us-west:
  427.         type: s3
  428. #        nodeSelector:
  429. #          storage: tape
  430. #          backupWorker: 'True'
  431. #        resources:
  432. #          requests:
  433. #            memory: 1G
  434. #            cpu: 600m
  435. #        affinity:
  436. #          nodeAffinity:
  437. #            requiredDuringSchedulingIgnoredDuringExecution:
  438. #              nodeSelectorTerms:
  439. #              - matchExpressions:
  440. #                - key: backupWorker
  441. #                  operator: In
  442. #                  values:
  443. #                  - 'True'
  444. #        tolerations:
  445. #          - key: "backupWorker"
  446. #            operator: "Equal"
  447. #            value: "True"
  448. #            effect: "NoSchedule"
  449. #        annotations:
  450. #          testName: scheduled-backup
  451. #        labels:
  452. #          backupWorker: 'True'
  453. #        schedulerName: 'default-scheduler'
  454. #        priorityClassName: 'high-priority'
  455. #        containerSecurityContext:
  456. #          privileged: true
  457. #        podSecurityContext:
  458. #          fsGroup: 1001
  459. #          supplementalGroups: [1001, 1002, 1003]
  460.         s3:
  461.           bucket: S3-BACKUP-BUCKET-NAME-HERE
  462.           credentialsSecret: my-cluster-name-backup-s3
  463.           region: us-west-2
  464.       fs-pvc:
  465.         type: filesystem
  466. #        nodeSelector:
  467. #          storage: tape
  468. #          backupWorker: 'True'
  469. #        resources:
  470. #          requests:
  471. #            memory: 1G
  472. #            cpu: 600m
  473. #        affinity:
  474. #          nodeAffinity:
  475. #            requiredDuringSchedulingIgnoredDuringExecution:
  476. #              nodeSelectorTerms:
  477. #              - matchExpressions:
  478. #                - key: backupWorker
  479. #                  operator: In
  480. #                  values:
  481. #                  - 'True'
  482. #        tolerations:
  483. #          - key: "backupWorker"
  484. #            operator: "Equal"
  485. #            value: "True"
  486. #            effect: "NoSchedule"
  487. #        annotations:
  488. #          testName: scheduled-backup
  489. #        labels:
  490. #          backupWorker: 'True'
  491. #        schedulerName: 'default-scheduler'
  492. #        priorityClassName: 'high-priority'
  493. #        containerSecurityContext:
  494. #          privileged: true
  495. #        podSecurityContext:
  496. #          fsGroup: 1001
  497. #          supplementalGroups: [1001, 1002, 1003]
  498.         volume:
  499.           persistentVolumeClaim:
  500. #            storageClassName: standard
  501.             accessModes: [ "ReadWriteOnce" ]
  502.             resources:
  503.               requests:
  504.                 storage: 6G
  505.     schedule:
  506. #      - name: "sat-night-backup"
  507. #        schedule: "0 0 * * 6"
  508. #        keep: 3
  509. #        storageName: s3-us-west
  510.       - name: "daily-backup"
  511.         schedule: "0 0 * * *"
  512.         keep: 5
  513.         storageName: fs-pvc
  514.  

Reply to "Untitled"