73bd35173c
Some checks failed
scrum-manager/pipeline/head There was a failure building this commit
Database fixes: - Add hostPath.type=DirectoryOrCreate so kubelet auto-creates /mnt/data/mysql - Add fsGroup=999 so MySQL process can write to the hostPath volume - Add MYSQL_ROOT_HOST=% to allow backend pods to authenticate as root - Fix liveness/readiness probes to include credentials (-p$MYSQL_ROOT_PASSWORD) - Increase probe initialDelaySeconds (30/60s) for slow first-run init - Add 15s grace sleep in backend initContainer after MySQL TCP is up - Add persistentVolumeReclaimPolicy=Retain to prevent accidental data loss - Explicit accessModes+resources in PVC patch to avoid list merge ambiguity - Add nodeAffinity comment in PV for multi-node cluster guidance Ingress/nginx fixes: - Remove broken rewrite-target=/ that was rewriting all paths (incl /api) to / - Route /socket.io directly to backend for WebSocket support - Add /socket.io/ proxy location to both nginx.conf and K8s ConfigMap Frontend fix: - Persist currentUser to localStorage on login so page refresh no longer clears session and redirects users back to the login page Tooling: - Add k8s/overlays/on-premise/deploy.sh for one-command deployment Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
82 lines
2.4 KiB
YAML
82 lines
2.4 KiB
YAML
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: mysql
|
|
labels:
|
|
app.kubernetes.io/name: mysql
|
|
app.kubernetes.io/component: database
|
|
spec:
|
|
replicas: 1
|
|
strategy:
|
|
type: Recreate # MySQL requires Recreate since PVC is ReadWriteOnce
|
|
selector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: mysql
|
|
app.kubernetes.io/component: database
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/name: mysql
|
|
app.kubernetes.io/component: database
|
|
spec:
|
|
# fsGroup 999 = mysql group in the container image.
|
|
# Without this, the hostPath volume is owned by root and MySQL
|
|
# cannot write to /var/lib/mysql → pod CrashLoops immediately.
|
|
securityContext:
|
|
fsGroup: 999
|
|
containers:
|
|
- name: mysql
|
|
image: mysql:8.0
|
|
ports:
|
|
- containerPort: 3306
|
|
name: mysql
|
|
env:
|
|
- name: MYSQL_ROOT_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: mysql-secret
|
|
key: MYSQL_ROOT_PASSWORD
|
|
- name: MYSQL_DATABASE
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: mysql-secret
|
|
key: DB_NAME
|
|
# Allow root to connect from backend pods (any host), not just localhost.
|
|
- name: MYSQL_ROOT_HOST
|
|
value: "%"
|
|
volumeMounts:
|
|
- name: mysql-data
|
|
mountPath: /var/lib/mysql
|
|
resources:
|
|
requests:
|
|
cpu: 250m
|
|
memory: 512Mi
|
|
limits:
|
|
cpu: "1"
|
|
memory: 1Gi
|
|
livenessProbe:
|
|
exec:
|
|
command:
|
|
- sh
|
|
- -c
|
|
- mysqladmin ping -h 127.0.0.1 -u root -p"$MYSQL_ROOT_PASSWORD" --silent
|
|
initialDelaySeconds: 60
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 3
|
|
readinessProbe:
|
|
exec:
|
|
command:
|
|
- sh
|
|
- -c
|
|
- mysqladmin ping -h 127.0.0.1 -u root -p"$MYSQL_ROOT_PASSWORD" --silent
|
|
# MySQL 8.0 first-run initialization takes 30-60s on slow disks.
|
|
initialDelaySeconds: 30
|
|
periodSeconds: 5
|
|
timeoutSeconds: 3
|
|
failureThreshold: 10
|
|
volumes:
|
|
- name: mysql-data
|
|
persistentVolumeClaim:
|
|
claimName: mysql-data-pvc
|