Added support and documentation for MYSQL Enterprise

Author: bcurrerb

docs/enterprise-edition-example.md

@@ -0,0 +1,62 @@
+# Enterprise edition tutorial
+This tutorial will explain how to create a mysqlcluster that runs the enterprise version of mysql.
+
+## Prerequisites
+- A Kubernetes Cluster running on Kubernetes 1.7.0+.
+- The mysql-operator repository checked out locally.
+- Access to a Docker registry that contains the enterprise version of mysql.
+
+##Create the Operator
+This file bundles the creation of various resources:
+
+1. Custom resources 
+2. RBAC configuration <sup>*</sup>
+3. The Operator 
+4. The Agent
+
+Section 3 of the file pulls the sql enterprise image from the docker store: `store/oracle/mysql-enterprise-server`. If you wish to pull the image from somewhere else you will need to swap out this address.
+```
+kubectl apply -f examples/example-enterprise-deployment.yaml
+```
+
+##Create a secret with registry credentials
+To be able to pull the mysql enterprise edition from docker it is necessary to provide credentials, these credentials must be supplied in the form of a Kubernetes secret.
+
+- The name of the secret `myregistrykey` must match the name in the `imagepullsecrets` which is found in Section 3 of the `example-enterprise-deployment.yaml`.
+- The secret must be created in the same namespace as the mysqlcluster which we will make in the next step.
+- If you are pulling the mysql enterprise image from a different registry then the secret must contain the relevant credentials for that registry.
+
+>For alternative ways to create Kubernetes secretes see their documentation on [creating secrets from docker configs](https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod) or [creating secrets manually](https://kubernetes.io/docs/concepts/containers/images/#creating-a-secret-with-a-docker-config).
+
+Enter your credentials into the following command and execute it to create a Kubernetes secret that will enable pulling images from the Docker store.
+```
+kubectl create secret docker-registry myregistrykey \
+--docker-server=https://index.docker.io/v1/ \
+--docker-username= \
+--docker-password= \
+--docker-email=
+```
+##Create your mysqlcluster
+Finally, create the mysqlcluster. 
+
+- The version to be used has been specified in the file. Without this a default version is used which is **not** guaranteed to match an available image of mysql enterprise.
+- The lowest version supported by the mysql operator is **8.0.11**
+- The namespace of the cluster  must match the namespace of the secret we created in the previous step. This file omits namespace in the metadata so the cluster will be created in the default namespace.
+```
+kubectl apply -f examples/cluster/cluster-with-3-members-enterprise-version.yaml
+```
+You can now run the following command to see the newly created mysql cluster
+```
+kubectl describe mysqlcluster mysql
+```
+
+## Clean up
+
+To remove the mysqlcluster and each of the components created in this tutorial, execute the following:
+```
+kubectl delete -f examples/cluster/cluster-with-3-members-enterprise-version.yaml
+kubectl delete secret myregistrykey
+kubectl delete -f examples/example-enterprise-deployment.yaml 
+```
+
+><sup>*</sup>If you run into issues when creating RBAC roles see [Access controls](https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengabouta]ccesscontrol.htm?) for more information.

examples/cluster/cluster-with-3-members-enterprise-version.yaml

@@ -0,0 +1,7 @@
+apiVersion: mysql.oracle.com/v1alpha1
+kind: Cluster
+metadata:
+  name: mysql
+spec:
+  members: 3
+  version: "8.0.11"

examples/example-enterprise-deployment.yaml

@@ -0,0 +1,287 @@
+# 01 - Custom resources
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: mysql-operator
+---
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  name: mysqlclusters.mysql.oracle.com
+spec:
+  group: mysql.oracle.com
+  version: v1alpha1
+  scope: Namespaced
+  names:
+    kind: Cluster
+    singular: mysqlcluster
+    plural: mysqlclusters
+---
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  name: mysqlbackups.mysql.oracle.com
+spec:
+  group: mysql.oracle.com
+  version: v1alpha1
+  scope: Namespaced
+  names:
+    kind: Backup
+    singular: mysqlbackup
+    plural: mysqlbackups
+---
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  name: mysqlrestores.mysql.oracle.com
+spec:
+  group: mysql.oracle.com
+  version: v1alpha1
+  scope: Namespaced
+  names:
+    kind: Restore
+    singular: mysqlrestore
+    plural: mysqlrestores
+---
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  name: mysqlbackupschedules.mysql.oracle.com
+spec:
+  group: mysql.oracle.com
+  version: v1alpha1
+  scope: Namespaced
+  names:
+    kind: BackupSchedule
+    singular: mysqlbackupschedule
+    plural: mysqlbackupschedules
+#02
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: mysql-operator
+  namespace: mysql-operator
+
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: mysql-agent
+  namespace: default
+
+#RBAC
+---
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: ClusterRole
+metadata:
+  name: mysql-operator
+  namespace: mysql-operator
+rules:
+  - apiGroups: [""]
+    resources: ["pods"]
+    verbs:
+    - get
+    - list
+    - patch
+    - update
+    - watch
+
+  - apiGroups: [""]
+    resources: ["secrets"]
+    verbs: ["create"]
+
+  - apiGroups: [""]
+    resources: ["services"]
+    verbs:
+    - create
+    - get
+    - list
+    - watch
+
+  - apiGroups: [""]
+    resources: ["events"]
+    verbs:
+    - create
+    - update
+    - patch
+
+  - apiGroups: ["apps"]
+    resources: ["statefulsets"]
+    verbs:
+    - create
+    - get
+    - list
+    - patch
+    - update
+    - watch
+
+  - apiGroups: ["mysql.oracle.com"]
+    resources:
+    - mysqlbackups
+    - mysqlbackupschedules
+    - mysqlclusters
+    - mysqlclusters/finalizers
+    - mysqlrestores
+    verbs:
+    - get
+    - list
+    - patch
+    - update
+    - watch
+
+  - apiGroups: ["mysql.oracle.com"]
+    resources: ["mysqlbackups"]
+    verbs: ["create"]
+
+---
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: ClusterRole
+metadata:
+  name: mysql-agent
+  namespace: mysql-operator
+rules:
+  - apiGroups: [""]
+    resources: ["pods"]
+    verbs:
+    - get
+    - list
+    - patch
+    - update
+    - watch
+
+  - apiGroups: [""]
+    resources: ["secrets"]
+    verbs: ["get"]
+
+  - apiGroups: [""]
+    resources: ["events"]
+    verbs:
+    - create
+    - update
+    - patch
+
+  - apiGroups: ["mysql.oracle.com"]
+    resources:
+    - mysqlbackups
+    - mysqlbackupschedules
+    - mysqlclusters
+    - mysqlclusters/finalizers
+    - mysqlrestores
+    verbs:
+    - get
+    - list
+    - patch
+    - update
+    - watch
+
+---
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind:  ClusterRoleBinding
+metadata:
+  name: mysql-operator
+  namespace: mysql-operator
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind:  ClusterRole
+  name: mysql-operator
+subjects:
+- kind: ServiceAccount
+  name: mysql-operator
+  namespace: mysql-operator
+
+---
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind:  ClusterRoleBinding
+metadata:
+  name: mysql-agent
+  namespace: mysql-operator
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind:  ClusterRole
+  name: mysql-agent
+subjects:
+- kind: ServiceAccount
+  name: mysql-agent
+  namespace: mysql-operator
+
+#03 - The operator
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: mysql-operator-config
+  namespace: mysql-operator
+  labels:
+    app: mysql-operator
+data:
+  mysql-operator-config.yaml: |
+    images:
+      mysqlServer: store/oracle/mysql-enterprise-server #Enterprise sql image
+      mysqlAgent: iad.ocir.io/oracle/mysql-agent
+      imagePullSecret: 
+        name: myregistrykey #Name of secret with docker credentials
+---
+apiVersion: apps/v1beta1
+kind: Deployment
+metadata:
+  name: mysql-operator
+  namespace: mysql-operator
+  labels:
+    app: mysql-operator
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: mysql-operator
+  template:
+    metadata:
+      labels:
+        app: mysql-operator
+      annotations:
+        prometheus.io/scrape: "true"
+        prometheus.io/port: "8080"
+    spec:
+      serviceAccountName: mysql-operator
+      imagePullSecrets:
+        - name: docker-secret
+      volumes:
+        - name: mysql-operator-config-volume
+          configMap:
+            name: mysql-operator-config
+      containers:
+      - name: mysql-operator-controller
+        imagePullPolicy: Always
+        image: iad.ocir.io/oracle/mysql-operator:0.2.0
+        ports:
+        - containerPort: 10254
+        volumeMounts:
+          - name: mysql-operator-config-volume
+            mountPath: /etc/mysql-operator
+        args:
+          - --v=4
+          - --mysql-agent-image=iad.ocir.io/oracle/mysql-agent
+
+#04 - The Agent
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: mysql-agent
+  namespace: default
+
+---
+kind: RoleBinding
+apiVersion: rbac.authorization.k8s.io/v1beta1
+metadata:
+  name: mysql-agent
+  namespace: default
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: mysql-agent
+subjects:
+- kind: ServiceAccount
+  name: mysql-agent
+  namespace: default       

pkg/apis/mysql/v1alpha1/helpers.go

@@ -50,7 +50,7 @@ func getOperatorVersionLabel(labelMap map[string]string) string {
 	return labelMap[constants.MySQLOperatorVersionLabel]
 }
 
-// EnsureDefaults will ensure that if a user omits and fields in the
+// EnsureDefaults will ensure that if a user omits any fields in the
 // spec that are required, we set some sensible defaults.
 // For example a user can choose to omit the version
 // and number of members.

pkg/options/operator/options.go

@@ -20,6 +20,8 @@ import (
 	"path/filepath"
 	"time"
 
+	"k8s.io/api/core/v1"
+
 	"github.com/golang/glog"
 	"github.com/pkg/errors"
 	"github.com/spf13/pflag"
@@ -36,8 +38,9 @@ const (
 // Images is the configuration of required MySQLOperator images. Remember to configure the appropriate
 // credentials for the target repositories.
 type Images struct {
-	MySQLServerImage string `yaml:"mysqlServer"`
-	MySQLAgentImage  string `yaml:"mysqlAgent"`
+	MySQLServerImage string                   `yaml:"mysqlServer"`
+	MySQLAgentImage  string                   `yaml:"mysqlAgent"`
+	ImagePullSecret  *v1.LocalObjectReference `yaml:"imagePullSecret"`
 }
 
 // MySQLOperatorOpts holds the options for the MySQLOperator.
@@ -65,7 +68,7 @@ type MySQLOperatorOpts struct {
 	MinResyncPeriod metav1.Duration `yaml:"minResyncPeriod"`
 }
 
-// MySQLOperatorOpts will create a new MySQLOperatorOpts. If a valid
+// NewMySQLOperatorOpts will create a new MySQLOperatorOpts. If a valid
 // config file is specified and exists, it will be used to initialise the
 // server. Otherwise, a default server will be created.
 //