Deploy MariaDB Galera with MaxScale on Kubernetes
Introduction
MariaDB Galera is a multi-primary database cluster that offers a high-availability solution for those running high-workload, production-ready environments. This article explains how I deployed MariaDB Galera with MaxScale on my Kubernetes cluster.
Prerequisites
- A Kubernetes cluster with at least three worker nodes.
- Sealed Secrets installed.
- FluxCD installed.
- Cloudflare Tunnel (optional).
Step-by-step Guide
I used FluxCD to commit my YAML files to Git, as I follow the GitOps approach. However, you can also use standard Helm commands for these steps.
-
Install MaraDB Operator
The MariaDB Operator simplifies the deployment and configuration of MariaDB servers in Kubernetes. I installed it using FluxCD in the
mariadb-operatornamespace:--- apiVersion: source.toolkit.fluxcd.io/v1 kind: HelmRepository metadata: name: mariadb-operator namespace: mariadb-operator spec: interval: 24h url: https://helm.mariadb.com/mariadb-operator --- apiVersion: helm.toolkit.fluxcd.io/v2 kind: HelmRelease metadata: name: mariadb-operator-crds namespace: mariadb-operator spec: interval: 24h chart: spec: chart: mariadb-operator-crds version: '^0.37.1' sourceRef: kind: HelmRepository name: mariadb-operator namespace: mariadb-operator interval: 24h --- apiVersion: helm.toolkit.fluxcd.io/v2 kind: HelmRelease metadata: name: mariadb-operator namespace: mariadb-operator spec: interval: 24h chart: spec: chart: mariadb-operator version: '^0.37.1' sourceRef: kind: HelmRepository name: mariadb-operator namespace: mariadb-operator interval: 24h -
Create a
SealedSecretfor the MariaDB username and passwordIf Sealed Secrets is not installed, you can create a standard Kubernetes secret instead. In this case, I opted for the first option:
kubectl -n mariadb create secret generic mariadb --from-literal=mariadb-username=mariadb --from-literal=mariadb-password=$(openssl rand -base64 24 | tr -d '/+=' | cut -c1-32 ) --dry-run=client -o yaml | kubeseal --format yaml > mariadb.sealed-secret.yaml -
Deploy MariaDB Galera with MaxScale
MaxScale is an advanced database proxy, router, and load balancer, built specifically for MariaDB by its developers. To achieve full high availability (HA), I deployed two replicas of MaxScale and a three-replica MariaDB Galera cluster:
--- apiVersion: k8s.mariadb.com/v1alpha1 kind: MaxScale metadata: name: maxscale-galera namespace: mariadb spec: replicas: 2 mariaDbRef: name: mariadb-galera admin: port: 8989 guiEnabled: true monitor: name: mariadb-monitor module: galeramon interval: 2s cooperativeMonitoring: majority_of_all params: disable_master_failback: 'false' available_when_donor: 'false' disable_master_role_setting: 'false' config: sync: database: mysql interval: 5s timeout: 10s --- apiVersion: k8s.mariadb.com/v1alpha1 kind: MariaDB metadata: name: mariadb-galera namespace: mariadb spec: maxScaleRef: name: maxscale-galera galera: enabled: true config: reuseStorageVolume: true agent: basicAuth: enabled: true replicas: 3 storage: size: 8Gi database: mariadb username: mariadb passwordSecretKeyRef: name: mariadb key: mariadb-password -
Securely expose the MaxScale GUI using Cloudflare Tunnel
This step is optional. I used Cloudflare Tunnel to expose the MaxScale GUI, allowing easy access to a user-friendly dashboard for my MariaDB Galera cluster:
... cloudflare: ingress: - hostname: maxscale.harrytang.com service: http://maxscale-galera-gui.mariadb:8989 ...
Conclusion
Deploying MariaDB Galera on Kubernetes has never been easier thanks to the MariaDB Operator. I hope this article helps you set up your high-availability database cluster in Kubernetes.