The MySQL operator suite consists of the following operators.
- MySQL server - Deploys an
Azure Database for MySQL servergiven the Location, Resource group and other properties. This operator also helps creating read replicas for MySQL server. - MySQL database - Deploys a database under the given
Azure Database for MySQL server - MySQL firewall rule - Deploys a firewall rule to allow access to the
Azure Database for MySQL serverfrom the specified IP range
Here is a sample YAML for the MySQL server.
The value for kind, MySQLServer is the Custom Resource Definition (CRD) name.
mysqlserver-sample is the name of the MySQL server resource that will be created.
The values under spec provide the values for the location where you want to create the server at and the Resource group in which you want to create it under. It also contains other values that are required to create the server like the serverVersion, sslEnforcement and the sku information.
Along with creating the MySQL server, this operator also generates the admin username and password for the MySQL server and stores it in a kube secret or keyvault (based on what is specified) with the same name as the MySQL server.
This secret contains the following fields.
fullyqualifiedservername: Fully qualified name of the MySQL server such as mysqlserver.mysql.database.azure.commysqlservername: MySQL server nameusername: Server adminpassword: Password for the server adminfullyqualifiedusername: Fully qualified user name that is required by some apps such as @
For more information on where and how secrets are stored, look here
The MySQL server operator can also be used to create Read Replicas given the sourceserverid and the location.
The replica inherits all other properties including the admin username and password from the source server.
The operator reads the admin username and password for the source server from its secret (if available) and creates a secret with the same fields as described above for the replica.
For more information on read replicas, refer here
Here is a sample YAML for MySQL database
Update the resourcegroup to where you want to provision the MySQL database. server is the name of the MySQL server where you want to create the database in.
The MySQL firewall rule operator allows you to add a firewall rule to the MySQL server.
Here is a sample YAML for MySQL firewall rule
The server indicates the MySQL server on which you want to configure the new MySQL firewall rule on and resourceGroup is the resource group of the MySQL server. The startIpAddress and endIpAddress indicate the IP range of sources to allow access to the server.
Note: When the startIpAddress and endIpAddress are 0.0.0.0, it denotes a special case that adds a firewall rule to allow all Azure services to access the server.
The MySQL virtual network rule operator allows you to add virtual network rules to the MySQL server.
Here is a sample YAML for MySQL virtual network rule.
The server indicates the MySQL server on which you want to configure the new MySQL virtual network rule on and resourceGroup is the resource group of the MySQL server. Provide the virtual network name and subnet name in the variables vNetName and subnetName, and vNetResourceGroup is the resource group the virtual network is located in. The ignoreMissingServiceEndpoint indicates whether or not to create virtual network rule before the virtual network has vnet service endpoint enabled.
Note: When using MySQL Virtual Network Rules, the Basic SKU is not a valid op
The MySQL user operator allows you to add a new user to an existing MySQL database.
Here is a sample YAML for MySQL user.
The resourceGroup is the resource group of the MySQL server and MySQL database, provide the MySQL server name in server and MySQL database name in dbName.
The operator supports grant specified privileges using the concept of roles, and supports assigning one or more privileges from the list:
SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, PROCESS, REFERENCES, INDEX, ALTER, SHOW DATABASES, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, REPLICATION SLAVE, REPLICATION CLIENT, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER, EVENT, TRIGGER.
The username is defined by username. The MySQL server admin secret is stored in the secret with name adminSecret in the keyvault named adminSecretKeyVault.
You can follow the steps here to deploy, view and delete resources.