diff --git a/linux/rancher/.gitignore b/linux/rancher/.gitignore
new file mode 100644
index 00000000..7c8f562f
--- /dev/null
+++ b/linux/rancher/.gitignore
@@ -0,0 +1 @@
+jy-sql.yaml
diff --git a/linux/rancher/Chart.yaml b/linux/rancher/Chart.yaml
index f1f07b51..00a050d1 100644
--- a/linux/rancher/Chart.yaml
+++ b/linux/rancher/Chart.yaml
@@ -15,7 +15,7 @@ type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.0.1
+version: 0.0.2
# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
diff --git a/linux/rancher/questions.yml b/linux/rancher/questions.yml
index e3ad9081..05eba410 100644
--- a/linux/rancher/questions.yml
+++ b/linux/rancher/questions.yml
@@ -1,10 +1,11 @@
questions:
- - variable: ACCEPT_EULA
- label: ACCEPT_EULA
+ - variable: mssql.conf.eula.accepteula
+ label: Accept the SQL Server EULA
# no current support for html
# description: Accepts the SQL Server EULA (any value confirms acceptance).
description: Accepts the SQL Server EULA (any value confirms acceptance). The EULA is posted @ http://go.microsoft.com/fwlink/?LinkId=746388
required: true
+ default: true
group: SQL Server options
- variable: USE_PRODUCT_KEY
@@ -14,7 +15,7 @@ questions:
default: false
group: SQL Server options
- - variable: MSSQL_PID
+ - variable: mssql.pid
label: SQL Server Edition aka. MSSQL_PID
description: Select a SQL Server Edition
type: enum
@@ -25,18 +26,19 @@ questions:
- Web
- Standard
- Enterprise
- required: true
+ required: true
+ default: Developer
show_if: USE_PRODUCT_KEY=false
group: SQL Server options
- - variable: MSSQL_PID
+ - variable: mssql.pid
label: SQL Server License Key
description: Enter a Product Key of the format "#####-#####-#####-#####-#####"
required: true
show_if: USE_PRODUCT_KEY=true
group: SQL Server options
- - variable: MSSQL_SA_PASSWORD
+ - variable: mssql.sa.password
label: MSSQL SA user password
description: Sets the SA user password. Password requirements @ https://docs.microsoft.com/en-us/sql/relational-databases/security/password-policy?view=sql-server-ver15#password-complexity
type: password
@@ -47,10 +49,16 @@ questions:
required: true
group: SQL Server options
- - variable: MSSQL_AGENT_ENABLED
+ - variable: mssql.conf.lcid
+ label: SQL Server Locale
+ description: Sets SQL Server Locale
+ group: SQL Server options
+
+ - variable: mssql.conf.sqlagent.enabled
label: Enable SQL Server Agent
description: Enables the SQL Server Agent
type: boolean
+ default: true
group: SQL Server options
- variable: defaultContainerImage
@@ -60,44 +68,92 @@ questions:
show_subquestion_if: false
group: Container Image Options
subquestions:
- - variable: image.repository
- default: mcr.microsoft.com/mssql/server
+ - variable: statefulset.template.spec.containers.sqlServer.image.repository
description: Image Repository
label: Image Repository
- - variable: image.pullPolicy
- default: IfNotPresent
+ - variable: statefulset.template.spec.containers.sqlServer.image.pullPolicy
label: Image Pull Policy
type: enum
options:
- IfNotPresent
- Always
- Never
- - variable: image.tag
- default: 2019-latest
+ - variable: statefulset.template.spec.containers.sqlServer.image.tag
label: Image Tag
-
- - variable: replicas
- description: Replicas of the SQL Server StatefulSet
- label: Replicas
- type: int
- group: Kubernetes StatefulSet options
- - variable: podSecurityContext.fsGroup
+ - variable: statefulset.template.spec.securityContext.fsGroup
description: |
- Specifies a supplementary group id for all processes of the container.
+ Specifies a supplementary group id for all pod processes
See https://kubernetes.io/docs/tasks/configure-pod-container/security-context for
additional details.
- label: podSecurityContext.fsGroup
- group: Kubernetes Pod options
+ label: statefulset.template.spec.securityContext.fsGroup
+ group: Kubernetes Statefulset options
- - variable: containers.ports.containerPort
+ - variable: statefulset.template.spec.containers.sqlServer.ports.databaseEngineContainerPort
description: >
- Specifies containerPort for SQL Server
- label: SQL Server Container Port
- group: Kubernetes Pod Options
+ Specifies containerPort for SQL Server Database Engine
+ label: SQL Server Database Engine Container Port
+ group: Kubernetes Statefulset Options
- - variable: service.port
+ - variable: service.spec.ports.sqlServerDatabasePort
description: Kubernetes service port for SQL Server
group: Kubernetes Service Options
label: Kubernetes Service Port
type: int
+
+ - variable: storageClass.provisioner
+ description: StorageClass provisioner for SQL Server
+ group: Kubernetes Storage Options
+ label: Kubernetes StorageClass Provisioner
+ type: enum
+ options:
+ - disk.csi.azure.com
+ - ebs.csi.aws.com
+ - pd.csi.storage.gke.io
+
+ - variable: storageClass.type
+ description: StorageClass Type for Azure Disk CSI. CSI Drivers are default after k8s v1.21
+ group: Kubernetes Storage Options
+ label: Kubernetes StorageClass Type
+ show_if: "storageClass.provisioner=disk.csi.azure.com"
+ type: enum
+ default: Standard_LRS
+ options:
+ - Standard_LRS
+ - Premium_LRS
+ - StandardSSD_LRS
+ - UltraSSD_LRS
+
+ - variable: storageClass.type
+ description: StorageClass Type for AWS EBS CSI. Install the csi driver on the target cluster first. https://docs.aws.amazon.com/eks/latest/userguide/managing-ebs-csi.html#adding-ebs-csi-eks-add-on
+ group: Kubernetes Storage Options
+ label: Kubernetes StorageClass Type
+ show_if: "storageClass.provisioner=ebs.csi.aws.com"
+ type: enum
+ default: standard
+ options:
+ - io1
+ - io2
+ - gp2
+ - gp3
+ - sc1
+ - st1
+ - standard
+
+ - variable: storageClass.type
+ description: StorageClass Type for GCE PD CSI. CSI Driver are default after Linux clusters 1.18.10-gke.2100 or 1.19.3-gke.2100
+ group: Kubernetes Storage Options
+ label: Kubernetes StorageClass Type
+ show_if: "storageClass.provisioner=pd.csi.storage.gke.io"
+ type: enum
+ default: pd-standard
+ options:
+ - pd-standard
+ - pd-balanced
+ - pd-ssd
+ - pd-extreme
+
+ - variable: storage.size
+ description: Size for Storage Volume in Gibibytes (Gi)
+ group: Kubernetes Storage Options
+ label: Kubernetes Storage Size
diff --git a/linux/rancher/readme.md b/linux/rancher/readme.md
index 4ed5f0e7..0d2b2e51 100644
--- a/linux/rancher/readme.md
+++ b/linux/rancher/readme.md
@@ -1,137 +1,40 @@
-# Readme.md
-
-This HELM chart is a sample "as-is" chart provided for reference to help guide with SQL Server deployment on Kubernetes cluster.
+# SQL Server Chart for Rancher
+This helm chart provided for reference to help guide with SQL Server deployments on SUSE Rancher with no warranties or support. While it will be geared towards using on Rancher it's simply a helm chart so can be used in any helm deployments.
## Prerequisites:
-
-1. This chart is built on helm v3. It requires a kubernetes cluster to be running for you to deploy SQL container using this chart.
-2. Ensure you have the helm installed on the client from where you will connect to the kubernetes cluster to deploy using the helm chart.
-3. For minimum hardware requirement for the host to run SQL Server containers please refer to the system requirements section for SQL on Linux.
-4. Requires the following variables to be set or changed in the values.yaml file :
- a. Please ensure that you accept the EULA for SQL Server, by changing the value of ACCEPT_EULA.value=y in values.yaml file or set it during the helm install command --set ACCEPT_EULA.value=Y.
- b. Please do choose the right edition of SQL Server that you would like to install you can change the value of the MSSQL_PID.value in the values file to the edition that you want to install or you can also
- change it during the helm install command using the option --set MSSQL_PID.value=Enterprise, If you do not pass the flag and do not change it in the yaml, then by default it is going to install developer edition.
c. Also please do provide your customized value for the sa_password, if you do not provide it then by default the sa_password will the value as shown in the below table.
-
-Note: Once you deploy SQL server containers using the chart below, please log into SQL Server using sa account and change the password for sa, this ensures that as DBA you have the control of the sa user and password.
-
-
-## Chart usage:
-
-On the client machine where you have the Helm tools installed, download the chart on your machine and make the required changes to the values.yaml file as per your requirement. To see the list of settings that can be changed using the values.yaml file please refer to the table below.
-
-
-
-| Configuration parameters | Description | Default_Value |
-|----------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------- |
-| Values.image.repository | The SQL image to be downloaded and used for container deployment. | mcr.microsoft.com/mssql/server |
-| Values.image.tag | The tag of the image to be download for the specific SQL image. | 2019-latest |
-| Values.ACCEPT_EULA.value | Set the ACCEPT_EULA variable to any value to confirm your acceptance of the SQL Server EULA, please refer environment variable for more details. | Y |
-| Values.MSSQL_PID.value | Set the SQL Server edition or product key. please refer environment variable for more details | Developer |
-| Values.MSSQL_AGENT_ENABLED.value | Enable SQL Server Agent. For example, 'true' is enabled and 'false' is disabled. By default, agent is disabled. please refer environment variable for more details. | TRUE |
-| Values.containers.ports.containerPort | Port on which the SQL Server is listening inside the container. | 1433 |
-| Values.podSecurityContext.fsgroup | Security context at the pod level. | 10001 |
-| Values.service.port | The service port number. | 1433 |
-| Values.replicas | This value controls the number of SQL Server deployments that would be done, consider this as the number of SQL Server instances that will run. | 3 |
-
-
-
-## Deployment details:
-
-> [!NOTE]
-> Here are my deployment details, please make changes to the values.yaml or other files as per your requirement.
-
-
-
-In this scenario, I am deploying three SQL Server containers on a Azure Kubernetes Service (AKS) as statefulset deployments. You can follow [Setup and connect to AKS](https://docs.microsoft.com/en-us/azure/aks/kubernetes-walkthrough-portal) to read instructions on setting up AKS and connecting to it. Also the storage class that I am using here is "Azure-disk". Please do find details below for each of the yaml file used in the template folder of this chart.
-
-| File Name | Description |
-|-|-|
-| _helpers.tpl | Template file with all the template definitions that will be used in this chart. |
-| deployment.yaml | A manifest file to describing the deployment details for SQL Server. |
-| mssqlconfig.yaml | SQL server mssql.conf file and its content that you would like to mount to the SQL Server container. For parameters that you can pass in this file please refer mssql.conf documentation. To modify the mssql.conf settings please modify this file. |
-| sc.yaml | A manifest file that describes the storage class (SC) to be deployed. To make any changes to the sc please modify this file accordingly. |
-| service.yaml | A manifest file that defines the kubernetes service type and port. Because this is a statefulset deployment, this manifest files helps in creating the headless service. Please modify this for any service modification that is needed. |
-
-
-
-With this information, and probably after you have modified the required files you are now ready to deploy SQL Server using this chart. From the client machine where you have the helm chart installed, change the
-directory of the CLI to the directory where you have the chart downloaded and to deploy SQL Server using this chart run the command:
-
-
-
-``` bash
-helm install mssql . --set ACCEPT_EULA.value=Y --set MSSQL_PID.value=Developer
-```
-
-
-After a few minutes this should deploy the SQL Server containers and you can see all the artifacts using the command :
-
-
-```bash
-D:\helm-charts\sql-server-rancher>kubectl get all
-```
-
-The output should look as shown below:
-
-
-
-```bash
-NAME READY STATUS RESTARTS AGE
-pod/mssql-sql-server-rancher-0 1/1 Running 0 12m
-pod/mssql-sql-server-rancher-1 1/1 Running 0 12m
-pod/mssql-sql-server-rancher-2 1/1 Running 0 12m
-
-NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
-service/mssql-sql-server-rancher ClusterIP None 1433/TCP 16m
-
-NAME READY AGE
-statefulset.apps/mssql-sql-server-rancher 3/3 16m
-```
-
-This chart also includes an extra folder called "services" this folder has two more manifest files as described below:
-
-| Name | Description |
-|------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-| ex_service.yaml | This containes sample code to create the external load balancer service for each of the pods created above, so SQL Server can be accessed outside the cluster |
-| ag_endpoint.yaml | This containes sample code to expose the AG endpoint ports within the cluster, so each pod can talk to one another on the AG port. This will be needed if you are setting up AG between the pods. |
-
-
-
-Once you deploy the above files as well, using the commands shown below, you should have an external load balancer service created for each of the pods and another cluster IP service for each of the pod exposing the AG (alwayson) port for each pod within the cluster.
-
-
-```bash
-D:\helm-charts\sql-server-rancher>kubectl apply -f "D:\helm-charts\sql-server-rancher\services\ex_service.yaml"
-D:\helm-charts\sql-server-rancher>kubectl apply -f "D:\helm-charts\sql-server-rancher\services\ag_endpoint.yaml"
-```
-
-
-Finally, after all the deployments here are the resources that you should see:
-
-
-```bash
-D:\>kubectl get all
-NAME READY STATUS RESTARTS AGE
-pod/mssql-sql-server-rancher-0 1/1 Running 0 127m
-pod/mssql-sql-server-rancher-1 1/1 Running 0 126m
-pod/mssql-sql-server-rancher-2 1/1 Running 0 125m
-
-NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
-service/kubernetes ClusterIP 10.0.0.1 443/TCP 220d
-service/mssql-mirror-0 ClusterIP 10.0.148.0 5022/TCP 124m
-service/mssql-mirror-1 ClusterIP 10.0.254.58 5022/TCP 124m
-service/mssql-mirror-2 ClusterIP 10.0.196.129 5022/TCP 124m
-service/mssql-sql-server-rancher ClusterIP None 1433/TCP 127m
-service/mssql-sql-server-rancher-0 LoadBalancer 10.0.238.203 104.211.231.206 1433:30923/TCP 124m
-service/mssql-sql-server-rancher-1 LoadBalancer 10.0.96.108 104.211.203.78 1433:32695/TCP 124m
-service/mssql-sql-server-rancher-2 LoadBalancer 10.0.78.10 104.211.203.159 1433:31042/TCP 124m
-
-NAME READY AGE
-statefulset.apps/mssql-sql-server-rancher 3/3 127m
-```
-
-## Connect to SQL Server
-
-Now you are ready to connect to the SQL Server using any of the familiar tools that you work with, like the [SSMS](https://docs.microsoft.com/en-us/sql/ssms/download-sql-server-management-studio-ssms?view=sql-server-ver15) (SQL Server Management Studio) or [SQLCMD](https://docs.microsoft.com/en-us/sql/tools/sqlcmd-utility?view=sql-server-ver15) or [ADS](https://docs.microsoft.com/en-us/sql/azure-data-studio/download-azure-data-studio?view=sql-server-ver15) (Azure Data Studio), etc. The IP address that you will use to connect is the External-IP address for the pod service which in this case one such example is: to connect to mssql-sql-server-rancher-0 SQL Server, the IP address 104.211.231.206 will be used in ssms or any other client.
-
-For more details on the SQL Server deployment on AKS using manual method please refer [Deploy a SQL Server container in Kubernetes with Azure Kubernetes Services (AKS)](https://docs.microsoft.com/en-us/sql/linux/tutorial-sql-server-containers-kubernetes?view=sql-server-ver15).
+1. Kubernetes 1.19+ cluster
+1. [Helm >= 3.2 client](https://helm.sh/docs/intro/install) installed on the machine where you will deploy from
+1. Connectivity to the Kubenetes cluster api endpoint from your machine
+1. [kubeconfig](https://kubernetes.io/docs/concepts/configuration/organize-cluster-access-kubeconfig/) for the cluster you will deploy to with `cluster-admin` permissions.
+
+## Chart Usage
+
+### SQL Server EULA
+NOTE: By deploying this Chart you are agreeing to the [SQL Server EULA](http://go.microsoft.com/fwlink/?LinkId=746388)
+
+### Quickstart
+1. Clone this repo.
+1. Change to the repo directory
+ - `cd linux/rancher`
+1. Change the `sa` password in [values.example.yaml](./values.example.yaml)
+1. Deploy the chart with:
+ - `helm install --create-namespace -n sql-server -f values.example.yaml .`
+
+### Defaults:
+For chart defaults take a look at [values.yaml](./values.yaml). Some notable ones are:
+- `mssql.pid` to change the SQL Server edition
+- `statefulset.template.spec.containers.sqlServer.image` to change the deployed image
+
+### StorageClasses
+By default the chart uses the default storage class of the cluster. You can configure a
+CSI storage class for AKS/GKE/EKS. Please see [values.test.yaml](./values.test.yaml) for an example.
+Further details are in [storageclass.yaml](./templates/storageclass.yaml)
+
+
+## Contributing
+Contributions are welcome. Please open a pull request. Remember to:
+- bump the version in [Chart.yaml](./Chart.yaml#18) accordingly
+- add any defaults to [values.yaml](./values.yaml)
+- add variables to be tested in [values.test.yaml](./values.test.yaml)
+- ensure the lint passes with `make lint`
+- test your changes on a deployment
diff --git a/linux/rancher/templates/configmap.yaml b/linux/rancher/templates/configmap.yaml
new file mode 100644
index 00000000..50ecfbb5
--- /dev/null
+++ b/linux/rancher/templates/configmap.yaml
@@ -0,0 +1,84 @@
+kind: ConfigMap
+apiVersion: v1
+metadata:
+ name: mssql
+data:
+ mssql.conf: |
+ [EULA]
+ accepteula = {{ .Values.mssql.conf.eula.accepteula }}
+ accepteulaml = {{ .Values.mssql.conf.eula.accepteulaml }}
+
+ [coredump]
+ captureminiandfull = true
+ coredumptype = full
+
+ [hadr]
+ hadrenabled = 1
+
+ [language]
+ lcid = {{ .Values.mssql.conf.lcid }}
+
+ [sqlagent]
+ enabled = {{ .Values.mssql.conf.sqlagent.enabled }}
+
+
+# control.alternatewritethrough Enable optimized write through flush for O_DSYNC requests
+# control.hestacksize Host extension stack size in KB
+# control.stoponguestprocessfault Stops the process if any guest process reports unhandled exception
+# control.writethrough Use O_DSYNC for file flag write through requests
+# coredump.captureminiandfull Capture both mini and full core dumps
+# coredump.coredumptype Core dump type to capture: mini, miniplus, filtered, full
+# distributedtransaction.allowonlysecurerpccalls Configure secure only rpc calls for distributed transactions
+# distributedtransaction.fallbacktounsecurerpcifnecessary Configure security only rpc calls for distributed transactions
+# distributedtransaction.maxlogsize DTC log file size in MB. Default is 64MB
+# distributedtransaction.memorybuffersize Circular buffer size in which traces are stored. This size is in MB and default is 10MB
+# distributedtransaction.servertcpport MSDTC rpc server port
+# distributedtransaction.trace_cm Traces in the connection manager
+# distributedtransaction.trace_contact Traces the contact pool and contacts
+# distributedtransaction.trace_gateway Traces Gateway source
+# distributedtransaction.trace_log Log tracing
+# distributedtransaction.trace_misc Traces that cannot be categorized into the other categories
+# distributedtransaction.trace_proxy Traces that are generated in the MSDTC proxy
+# distributedtransaction.trace_svc Traces service and .exe file startup
+# distributedtransaction.trace_trace The trace infrastructure itself
+# distributedtransaction.trace_util Traces utility routines that are called from multiple locations
+# distributedtransaction.trace_xa XA Transaction Manager (XATM) tracing source
+# distributedtransaction.tracefilepath Folder in which trace files should be stored
+# distributedtransaction.turnoffrpcsecurity Enable or disable RPC security for distributed transactions
+# errorlog.numerrorlogs Number of error log maintained before cycling the log.
+# extensibility.datadirectories Colon separated directory paths available to sp_execute_external_script
+# extensibility.outboundnetworkaccess Enable outbound network access for sp_execute_external_script
+# filelocation.defaultbackupdir Default directory for backup files
+# filelocation.defaultdatadir Default directory for data files
+# filelocation.defaultdumpdir Default directory for crash dump files
+# filelocation.defaultlogdir Default directory for log files
+# filelocation.errorlogfile Error log file location
+# filelocation.masterdatafile Master database data file location
+# filelocation.masterlogfile Master database log file location
+# hadr.hadrenabled Allow SQL Server to use availability groups for high availability and disaster recovery
+# language.lcid Locale identifier for SQL Server to use (e.g. 1033 for US - English)
+# memory.disablememorypressure SQL Server disable memory pressure
+# memory.memory_optimized Enable or disable SQL Server memory optimized features - persistent memory file enlightenment, memory protection
+# memory.memorylimitmb SQL Server memory limit (megabytes)
+# network.disablesssd Disable querying SSSD for AD account information and default to LDAP calls
+# network.enablekdcfromkrb5conf Enable looking up KDC information from krb5.conf
+# network.forceencryption Force encryption of incoming client connections
+# network.forcesecureldap Force using LDAPS to contact domain controller
+# network.ipaddress IP address for incoming connections
+# network.kerberoscredupdatefrequency Time in seconds between checks for kerberos credentials that need to be updated
+# network.kerberoskeytabfile Kerberos keytab file location
+# network.privilegedadaccount Privileged AD user to use for AD authentication
+# network.rpcport TCP port for Rpc endpoint mapper
+# network.tcpport TCP port for incoming connections
+# network.tlscert Path to certificate file for encrypting incoming client connections
+# network.tlsciphers TLS ciphers allowed for encrypted incoming client connections
+# network.tlskey Path to private key file for encrypting incoming client connections
+# network.tlsprotocols TLS protocol versions allowed for encrypted incoming client connections
+# sqlagent.databasemailprofile SQL Agent Database Mail profile name
+# sqlagent.enabled Enable or disable SQLAgent
+# sqlagent.errorlogfile SQL Agent log file path
+# sqlagent.errorlogginglevel SQL Agent logging level bitmask - 1=Errors, 2=Warnings, 4=Info
+# sqlagent.startupwaitforalldb Set to 1 (default) if SqlAgent should wait for all databases on startup; set to 0 to wait for MSDB only
+# telemetry.customerfeedback Telemetry status
+# telemetry.userrequestedlocalauditdirectory Directory for telemetry local audit cache
+# uncmapping. Maps UNC path to a local path. (e.g. ./mssql-conf set uncmapping //servername/sharename /tmp/folder)
\ No newline at end of file
diff --git a/linux/rancher/templates/mssqlconfig.yaml b/linux/rancher/templates/mssqlconfig.yaml
deleted file mode 100644
index 6fc1c729..00000000
--- a/linux/rancher/templates/mssqlconfig.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-kind: ConfigMap
-apiVersion: v1
-metadata:
- name: mssql
-data:
- mssql.conf: |
- [EULA]
- accepteula = Y
- accepteulaml = Y
-
- [coredump]
- captureminiandfull = true
- coredumptype = full
-
- [hadr]
- hadrenabled = 1
-
- [language]
- lcid = 1033
diff --git a/linux/rancher/templates/sc.yaml b/linux/rancher/templates/sc.yaml
deleted file mode 100644
index 21d42e4a..00000000
--- a/linux/rancher/templates/sc.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
-kind: StorageClass
-apiVersion: storage.k8s.io/v1
-metadata:
- name: azure-disk
-provisioner: kubernetes.io/azure-disk
-parameters:
- storageaccounttype: Standard_LRS
- kind: Managed
diff --git a/linux/rancher/templates/secret.yml b/linux/rancher/templates/secret.yaml
similarity index 70%
rename from linux/rancher/templates/secret.yml
rename to linux/rancher/templates/secret.yaml
index 65245e1c..55896926 100644
--- a/linux/rancher/templates/secret.yml
+++ b/linux/rancher/templates/secret.yaml
@@ -6,4 +6,4 @@ metadata:
{{- include "sql-server-rancher.labels" . | nindent 4 }}
type: Opaque
data:
- mssql_sa_password : {{ .Values.MSSQL_SA_PASSWORD | b64enc | quote }}
+ mssql_sa_password : {{ .Values.mssql.sa.password | b64enc | quote }}
diff --git a/linux/rancher/templates/service.yaml b/linux/rancher/templates/service.yaml
index c5b18f30..247b594b 100644
--- a/linux/rancher/templates/service.yaml
+++ b/linux/rancher/templates/service.yaml
@@ -7,7 +7,7 @@ metadata:
spec:
clusterIP: None
ports:
- - port: {{ .Values.service.port }}
+ - port: {{ .Values.service.spec.ports.sqlServerDatabasePort }}
targetPort: http
protocol: TCP
selector:
diff --git a/linux/rancher/templates/statefulset.yaml b/linux/rancher/templates/statefulset.yaml
index d4e7ff40..1c1ef4e3 100644
--- a/linux/rancher/templates/statefulset.yaml
+++ b/linux/rancher/templates/statefulset.yaml
@@ -6,13 +6,13 @@ metadata:
{{- include "sql-server-rancher.labels" . | nindent 4 }}
spec:
serviceName: {{ include "sql-server-rancher.fullname" . }}
- replicas: {{ .Values.replicas }}
+ replicas: 1
selector:
matchLabels:
{{- include "sql-server-rancher.selectorLabels" . | nindent 6 }}
template:
metadata:
- {{- with .Values.podAnnotations }}
+ {{- with .Values.statefulset.template.metadata.annotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
@@ -20,44 +20,51 @@ spec:
{{- include "sql-server-rancher.selectorLabels" . | nindent 8 }}
spec:
securityContext:
- {{- toYaml .Values.podSecurityContext | nindent 8 }}
+ {{- toYaml .Values.statefulset.template.spec.securityContext | nindent 8 }}
containers:
- name: {{ .Chart.Name }}
command:
- /bin/bash
- -c
- - cp /var/opt/config/mssql.conf /var/opt/mssql/mssql.conf && /opt/mssql/bin/sqlservr
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
- imagePullPolicy: {{ .Values.image.pullPolicy }}
+ - /opt/mssql/bin/sqlservr
+ image: {{ .Values.statefulset.template.spec.containers.sqlServer.image.repository }}:{{ .Values.statefulset.template.spec.containers.sqlServer.image.tag | default .Chart.AppVersion }}
+ imagePullPolicy: {{ .Values.statefulset.template.spec.containers.sqlServer.image.pullPolicy }}
ports:
- - containerPort: {{ .Values.containers.ports.containerPort }}
+ - containerPort: {{ .Values.statefulset.template.spec.containers.sqlServer.ports.databaseEngineContainerPort }}
env:
- - name: MSSQL_PID
- value: "{{ .Values.MSSQL_PID }}"
- - name: ACCEPT_EULA
- value: "{{ .Values.ACCEPT_EULA | upper }}"
- - name: MSSQL_AGENT_ENABLED
- value: "{{ .Values.MSSQL_AGENT_ENABLED }}"
- - name: MSSQL_SA_PASSWORD
- valueFrom:
- secretKeyRef:
- name: mssql-secret
- key: mssql_sa_password
+ # prefer mssql-config ConfigMap over env vars
+ - name: MSSQL_PID
+ value: {{ .Values.mssql.pid }}
+ - name: MSSQL_SA_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: mssql-secret
+ key: mssql_sa_password
volumeMounts:
- - name: mssql
- mountPath: /var/opt/mssql
- - name: mssql-config-volume
- mountPath: /var/opt/config
+ - name: mssql
+ mountPath: /var/opt/mssql
+ - name: mssql-config
+ mountPath: /var/opt/mssql/mssql.conf
+ subPath: mssql.conf
+ {{- if .Values.statefulset.template.spec.containers.sqlServer.extraVolumeMounts }}
+ {{- toYaml .Values.statefulset.template.spec.containers.sqlServer.extraVolumeMounts | nindent 12 }}
+ {{- end }}
volumes:
- - name: mssql-config-volume
- configMap:
- name: mssql
+ - name: mssql-config
+ configMap:
+ name: mssql
+ {{- if .Values.statefulset.template.spec.volumes.extraVolumes }}
+ {{- toYaml .Values.statefulset.template.spec.volumes.extraVolumes | nindent 8 }}
+ {{- end }}
volumeClaimTemplates:
- metadata:
- name: mssql
+ name: mssql
spec:
- accessModes:
- - ReadWriteOnce
- resources:
- requests:
- storage: 8Gi
+ accessModes:
+ - ReadWriteOnce
+ resources:
+ requests:
+ storage: {{ .Values.storage.size }}Gi
+ {{- if .Values.storageClass.provisioner }}
+ storageClassName: {{ .Values.storageClass.provisioner }}
+ {{- end }}
diff --git a/linux/rancher/templates/storageclass.yaml b/linux/rancher/templates/storageclass.yaml
new file mode 100644
index 00000000..750978a2
--- /dev/null
+++ b/linux/rancher/templates/storageclass.yaml
@@ -0,0 +1,23 @@
+{{- if .Values.storageClass.provisioner -}}
+kind: StorageClass
+apiVersion: storage.k8s.io/v1
+metadata:
+ name: {{ .Values.storageClass.provisioner }}
+provisioner: {{ .Values.storageClass.provisioner }}
+reclaimPolicy: Delete
+allowVolumeExpansion: true
+mountOptions:
+ - noatime
+parameters:
+ {{- if eq .Values.storageClass.provisioner "disk.csi.azure.com" }}
+ storageAccountType: {{ .Values.storageClass.type }}
+ fsType: xfs
+ {{- else if eq .Values.storageClass.provisioner "ebs.csi.aws.com" }}
+ csi.storage.k8s.io/fstype: xfs
+ type: {{ .Values.storageClass.type }}
+ {{- else if eq .Values.storageClass.provisioner "pd.csi.storage.gke.io" }}
+ csi.storage.k8s.io/fstype: xfs
+ type: {{ .Values.storageClass.type }}
+ {{- end }}
+{{- end -}}
+
diff --git a/linux/rancher/values.example.yaml b/linux/rancher/values.example.yaml
new file mode 100644
index 00000000..6ee0434b
--- /dev/null
+++ b/linux/rancher/values.example.yaml
@@ -0,0 +1,3 @@
+mssql:
+ sa:
+ password: Sfr9nxVVkbMVGTQweKmD
diff --git a/linux/rancher/values.test.yaml b/linux/rancher/values.test.yaml
index 69061768..95544cc1 100644
--- a/linux/rancher/values.test.yaml
+++ b/linux/rancher/values.test.yaml
@@ -1,2 +1,26 @@
# since a default SA_PASSWORD is not set, this is used for helm lint and helm debug, otherwise unused
-MSSQL_SA_PASSWORD: Sfr9nxVVkbMVGTQweKmD
+mssql:
+ sa:
+ password: Sfr9nxVVkbMVGTQweKmD
+
+storageClass:
+ provisioner: disk.csi.azure.com
+ type: Standard_LRS
+
+statefulset:
+ template:
+ spec:
+ containers:
+ sqlServer:
+ extraVolumeMounts:
+ - name: secrets-store
+ mountPath: /mnt/secrets-store
+ readOnly: true
+ volumes:
+ extraVolumes:
+ - name: secrets-store
+ csi:
+ driver: secrets-store.csi.k8s.io
+ readOnly: true
+ volumeAttributes:
+ secretProviderClass: azure-sync
diff --git a/linux/rancher/values.yaml b/linux/rancher/values.yaml
index 52a0c3dc..2373185e 100644
--- a/linux/rancher/values.yaml
+++ b/linux/rancher/values.yaml
@@ -1,24 +1,42 @@
---
-replicas: 3
+mssql:
+ pid: Developer
+ conf:
+ eula:
+ accepteula: true
+ accepteulaml: true
+ lcid: 1033 # english
+ sqlagent:
+ enabled: true
-image:
- repository: mcr.microsoft.com/mssql/server
- pullPolicy: IfNotPresent
- tag: 2019-latest
+statefulset:
+ template:
+ metadata:
+ annotations: {}
+ spec:
+ containers:
+ sqlServer:
+ image:
+ repository: mcr.microsoft.com/mssql/server
+ pullPolicy: IfNotPresent
+ tag: 2019-latest
+ ports:
+ databaseEngineContainerPort: 1433
+ extraVolumeMounts: []
+ volumes:
+ extraVolumes: []
+ securityContext:
+ fsGroup: 10001
-ACCEPT_EULA: "Yes"
-MSSQL_PID: Developer
-MSSQL_AGENT_ENABLED: false
-
-containers:
- ports:
- containerPort: 1433
-
-podAnnotations: {}
+service:
+ spec:
+ ports:
+ sqlServerDatabasePort: 1433
-podSecurityContext:
- fsGroup: 10001
+storageClass:
+ provisioner: null
+ type: null
-service:
- port: 1433
+storage:
+ size: 8