diff --git a/linux/rancher/Chart.yaml b/linux/rancher/Chart.yaml new file mode 100644 index 00000000..f1f07b51 --- /dev/null +++ b/linux/rancher/Chart.yaml @@ -0,0 +1,25 @@ +apiVersion: v2 +name: sql-server-rancher +description: A Helm chart for SQL Server on Rancher + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.0.1 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +appVersion: 2019.cu15 + +icon: https://docs.microsoft.com/vi-vn/troubleshoot/media/hub-landing/sql-database-blue.svg diff --git a/linux/rancher/Makefile b/linux/rancher/Makefile new file mode 100644 index 00000000..06acfea7 --- /dev/null +++ b/linux/rancher/Makefile @@ -0,0 +1,7 @@ +.PHONY: lint dry-run + +lint: + helm lint --values ./values.test.yaml + +template: + helm template --values ./values.test.yaml . --debug diff --git a/linux/rancher/Readme b/linux/rancher/Readme deleted file mode 100644 index 8b137891..00000000 --- a/linux/rancher/Readme +++ /dev/null @@ -1 +0,0 @@ - diff --git a/linux/rancher/app-readme.md b/linux/rancher/app-readme.md new file mode 100644 index 00000000..c0b0ba7d --- /dev/null +++ b/linux/rancher/app-readme.md @@ -0,0 +1,5 @@ +# SQL Server + +[Microsoft SQL Server](https://en.wikipedia.org/wiki/Microsoft_SQL_Server/) is a relational database management system developed by Microsoft. As a database server, it is a software product with the primary function of storing and retrieving data as requested by other software applications—which may run either on the same computer or on another computer across a network (including the Internet). Microsoft markets at least a dozen different editions of Microsoft SQL Server, aimed at different audiences and for workloads ranging from small single-machine applications to large Internet-facing applications with many concurrent users. + +This helm chart creates a SQL Server workload using StatefulSet along with a Service and Azure Disk storage class. diff --git a/linux/rancher/questions.yml b/linux/rancher/questions.yml new file mode 100644 index 00000000..e3ad9081 --- /dev/null +++ b/linux/rancher/questions.yml @@ -0,0 +1,103 @@ +questions: + - variable: ACCEPT_EULA + label: ACCEPT_EULA + # no current support for html + # description: Accepts the SQL Server <a href="http://go.microsoft.com/fwlink/?LinkId=746388">EULA</a> (any value confirms acceptance). + description: Accepts the SQL Server EULA (any value confirms acceptance). The EULA is posted @ http://go.microsoft.com/fwlink/?LinkId=746388 + required: true + group: SQL Server options + + - variable: USE_PRODUCT_KEY + label: Use a SQL Server Product Key + description: Enter a Product Key instead of choosing a SQL Server Edition + type: boolean + default: false + group: SQL Server options + + - variable: MSSQL_PID + label: SQL Server Edition aka. MSSQL_PID + description: Select a SQL Server Edition + type: enum + options: + - Evaluation + - Developer + - Express + - Web + - Standard + - Enterprise + required: true + show_if: USE_PRODUCT_KEY=false + group: SQL Server options + + - variable: MSSQL_PID + label: SQL Server License Key + description: Enter a Product Key of the format "#####-#####-#####-#####-#####" + required: true + show_if: USE_PRODUCT_KEY=true + group: SQL Server options + + - variable: MSSQL_SA_PASSWORD + label: MSSQL SA user password + description: Sets the SA user password. Password requirements @ https://docs.microsoft.com/en-us/sql/relational-databases/security/password-policy?view=sql-server-ver15#password-complexity + type: password + min: 8 + max: 128 + default: "" + valid_chars: a-zA-Z0-9(`~!@#$%^&*_-+=|\\{}[]:;\"'<>,.?)/ + required: true + group: SQL Server options + + - variable: MSSQL_AGENT_ENABLED + label: Enable SQL Server Agent + description: Enables the SQL Server Agent + type: boolean + group: SQL Server options + + - variable: defaultContainerImage + label: Use default SQL Server container image + type: boolean + default: true + show_subquestion_if: false + group: Container Image Options + subquestions: + - variable: image.repository + default: mcr.microsoft.com/mssql/server + description: Image Repository + label: Image Repository + - variable: image.pullPolicy + default: IfNotPresent + label: Image Pull Policy + type: enum + options: + - IfNotPresent + - Always + - Never + - variable: image.tag + default: 2019-latest + label: Image Tag + + - variable: replicas + description: Replicas of the SQL Server StatefulSet + label: Replicas + type: int + group: Kubernetes StatefulSet options + + - variable: podSecurityContext.fsGroup + description: | + Specifies a supplementary group id for all processes of the container. + See https://kubernetes.io/docs/tasks/configure-pod-container/security-context for + additional details. + label: podSecurityContext.fsGroup + group: Kubernetes Pod options + + - variable: containers.ports.containerPort + description: > + Specifies containerPort for SQL Server + label: SQL Server Container Port + group: Kubernetes Pod Options + + - variable: service.port + description: Kubernetes service port for SQL Server + group: Kubernetes Service Options + label: Kubernetes Service Port + type: int diff --git a/linux/rancher/readme.md b/linux/rancher/readme.md new file mode 100644 index 00000000..4ed5f0e7 --- /dev/null +++ b/linux/rancher/readme.md @@ -0,0 +1,137 @@ +# Readme.md + +This HELM chart is a sample "as-is" chart provided for reference to help guide with SQL Server deployment on Kubernetes cluster. + +## Prerequisites: + +1. This chart is built on helm v3. It requires a kubernetes cluster to be running for you to deploy SQL container using this chart. +2. Ensure you have the helm installed on the client from where you will connect to the kubernetes cluster to deploy using the helm chart. +3. For minimum hardware requirement for the host to run SQL Server containers please refer to the system requirements section for SQL on Linux. +4. Requires the following variables to be set or changed in the values.yaml file :<br/> + a. Please ensure that you accept the EULA for SQL Server, by changing the value of ACCEPT_EULA.value=y in values.yaml file or set it during the helm install command --set ACCEPT_EULA.value=Y.<br/> + b. Please do choose the right edition of SQL Server that you would like to install you can change the value of the MSSQL_PID.value in the values file to the edition that you want to install or you can also + change it during the helm install command using the option --set MSSQL_PID.value=Enterprise, If you do not pass the flag and do not change it in the yaml, then by default it is going to install developer edition.<br/> c. Also please do provide your customized value for the sa_password, if you do not provide it then by default the sa_password will the value as shown in the below table.<br/> + +Note: Once you deploy SQL server containers using the chart below, please log into SQL Server using sa account and change the password for sa, this ensures that as DBA you have the control of the sa user and password. + + +## Chart usage: + +On the client machine where you have the Helm tools installed, download the chart on your machine and make the required changes to the values.yaml file as per your requirement. To see the list of settings that can be changed using the values.yaml file please refer to the table below. + + + +| Configuration parameters | Description | Default_Value | +|----------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------- | +| Values.image.repository | The SQL image to be downloaded and used for container deployment. | mcr.microsoft.com/mssql/server | +| Values.image.tag | The tag of the image to be download for the specific SQL image. | 2019-latest | +| Values.ACCEPT_EULA.value | Set the ACCEPT_EULA variable to any value to confirm your acceptance of the SQL Server EULA, please refer environment variable for more details. | Y | +| Values.MSSQL_PID.value | Set the SQL Server edition or product key. please refer environment variable for more details | Developer | +| Values.MSSQL_AGENT_ENABLED.value | Enable SQL Server Agent. For example, 'true' is enabled and 'false' is disabled. By default, agent is disabled. please refer environment variable for more details. | TRUE | +| Values.containers.ports.containerPort | Port on which the SQL Server is listening inside the container. | 1433 | +| Values.podSecurityContext.fsgroup | Security context at the pod level. | 10001 | +| Values.service.port | The service port number. | 1433 | +| Values.replicas | This value controls the number of SQL Server deployments that would be done, consider this as the number of SQL Server instances that will run. | 3 | + +<br/> + +## Deployment details: + +> [!NOTE] +> Here are my deployment details, please make changes to the values.yaml or other files as per your requirement. + +<br/> + +In this scenario, I am deploying three SQL Server containers on a Azure Kubernetes Service (AKS) as statefulset deployments. You can follow [Setup and connect to AKS](https://docs.microsoft.com/en-us/azure/aks/kubernetes-walkthrough-portal) to read instructions on setting up AKS and connecting to it. Also the storage class that I am using here is "Azure-disk". Please do find details below for each of the yaml file used in the template folder of this chart. + +| File Name | Description | +|-|-| +| _helpers.tpl | Template file with all the template definitions that will be used in this chart. | +| deployment.yaml | A manifest file to describing the deployment details for SQL Server. | +| mssqlconfig.yaml | SQL server mssql.conf file and its content that you would like to mount to the SQL Server container. For parameters that you can pass in this file please refer mssql.conf documentation. To modify the mssql.conf settings please modify this file. | +| sc.yaml | A manifest file that describes the storage class (SC) to be deployed. To make any changes to the sc please modify this file accordingly. | +| service.yaml | A manifest file that defines the kubernetes service type and port. Because this is a statefulset deployment, this manifest files helps in creating the headless service. Please modify this for any service modification that is needed. | + +<br/> + +With this information, and probably after you have modified the required files you are now ready to deploy SQL Server using this chart. From the client machine where you have the helm chart installed, change the +directory of the CLI to the directory where you have the chart downloaded and to deploy SQL Server using this chart run the command: +<br/> + + +``` bash +helm install mssql . --set ACCEPT_EULA.value=Y --set MSSQL_PID.value=Developer +``` +<br/> + +After a few minutes this should deploy the SQL Server containers and you can see all the artifacts using the command : +<br/> + +```bash +D:\helm-charts\sql-server-rancher>kubectl get all +``` + +The output should look as shown below: + +<br/> + +```bash +NAME READY STATUS RESTARTS AGE +pod/mssql-sql-server-rancher-0 1/1 Running 0 12m +pod/mssql-sql-server-rancher-1 1/1 Running 0 12m +pod/mssql-sql-server-rancher-2 1/1 Running 0 12m + +NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE +service/mssql-sql-server-rancher ClusterIP None <none> 1433/TCP 16m + +NAME READY AGE +statefulset.apps/mssql-sql-server-rancher 3/3 16m +``` + +This chart also includes an extra folder called "services" this folder has two more manifest files as described below: + +| Name | Description | +|------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| ex_service.yaml | This containes sample code to create the external load balancer service for each of the pods created above, so SQL Server can be accessed outside the cluster | +| ag_endpoint.yaml | This containes sample code to expose the AG endpoint ports within the cluster, so each pod can talk to one another on the AG port. This will be needed if you are setting up AG between the pods. | + +<br/> + +Once you deploy the above files as well, using the commands shown below, you should have an external load balancer service created for each of the pods and another cluster IP service for each of the pod exposing the AG (alwayson) port for each pod within the cluster. + + +```bash +D:\helm-charts\sql-server-rancher>kubectl apply -f "D:\helm-charts\sql-server-rancher\services\ex_service.yaml" +D:\helm-charts\sql-server-rancher>kubectl apply -f "D:\helm-charts\sql-server-rancher\services\ag_endpoint.yaml" +``` + + +Finally, after all the deployments here are the resources that you should see: + + +```bash +D:\>kubectl get all +NAME READY STATUS RESTARTS AGE +pod/mssql-sql-server-rancher-0 1/1 Running 0 127m +pod/mssql-sql-server-rancher-1 1/1 Running 0 126m +pod/mssql-sql-server-rancher-2 1/1 Running 0 125m + +NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE +service/kubernetes ClusterIP 10.0.0.1 <none> 443/TCP 220d +service/mssql-mirror-0 ClusterIP 10.0.148.0 <none> 5022/TCP 124m +service/mssql-mirror-1 ClusterIP 10.0.254.58 <none> 5022/TCP 124m +service/mssql-mirror-2 ClusterIP 10.0.196.129 <none> 5022/TCP 124m +service/mssql-sql-server-rancher ClusterIP None <none> 1433/TCP 127m +service/mssql-sql-server-rancher-0 LoadBalancer 10.0.238.203 104.211.231.206 1433:30923/TCP 124m +service/mssql-sql-server-rancher-1 LoadBalancer 10.0.96.108 104.211.203.78 1433:32695/TCP 124m +service/mssql-sql-server-rancher-2 LoadBalancer 10.0.78.10 104.211.203.159 1433:31042/TCP 124m + +NAME READY AGE +statefulset.apps/mssql-sql-server-rancher 3/3 127m +``` + +## Connect to SQL Server + +Now you are ready to connect to the SQL Server using any of the familiar tools that you work with, like the [SSMS](https://docs.microsoft.com/en-us/sql/ssms/download-sql-server-management-studio-ssms?view=sql-server-ver15) (SQL Server Management Studio) or [SQLCMD](https://docs.microsoft.com/en-us/sql/tools/sqlcmd-utility?view=sql-server-ver15) or [ADS](https://docs.microsoft.com/en-us/sql/azure-data-studio/download-azure-data-studio?view=sql-server-ver15) (Azure Data Studio), etc. The IP address that you will use to connect is the External-IP address for the pod service which in this case one such example is: to connect to mssql-sql-server-rancher-0 SQL Server, the IP address 104.211.231.206 will be used in ssms or any other client. + +For more details on the SQL Server deployment on AKS using manual method please refer [Deploy a SQL Server container in Kubernetes with Azure Kubernetes Services (AKS)](https://docs.microsoft.com/en-us/sql/linux/tutorial-sql-server-containers-kubernetes?view=sql-server-ver15). diff --git a/linux/rancher/templates/_helpers.tpl b/linux/rancher/templates/_helpers.tpl new file mode 100644 index 00000000..e16ec75a --- /dev/null +++ b/linux/rancher/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "sql-server-rancher.name" -}} + {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "sql-server-rancher.fullname" -}} + {{- if .Values.fullnameOverride }} + {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} + {{- else }} + {{- $name := default .Chart.Name .Values.nameOverride }} + {{- if contains $name .Release.Name }} + {{- .Release.Name | trunc 63 | trimSuffix "-" }} + {{- else }} + {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} + {{- end }} + {{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "sql-server-rancher.chart" -}} + {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "sql-server-rancher.labels" -}} +helm.sh/chart: {{ include "sql-server-rancher.chart" . }} +{{ include "sql-server-rancher.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "sql-server-rancher.selectorLabels" -}} +app.kubernetes.io/name: {{ include "sql-server-rancher.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "sql-server-rancher.serviceAccountName" -}} + {{- if .Values.serviceAccount.create }} + {{- default (include "sql-server-rancher.fullname" .) .Values.serviceAccount.name }} + {{- else }} + {{- default "default" .Values.serviceAccount.name }} + {{- end }} +{{- end }} diff --git a/linux/rancher/templates/mssqlconfig.yaml b/linux/rancher/templates/mssqlconfig.yaml new file mode 100644 index 00000000..6fc1c729 --- /dev/null +++ b/linux/rancher/templates/mssqlconfig.yaml @@ -0,0 +1,19 @@ +kind: ConfigMap +apiVersion: v1 +metadata: + name: mssql +data: + mssql.conf: | + [EULA] + accepteula = Y + accepteulaml = Y + + [coredump] + captureminiandfull = true + coredumptype = full + + [hadr] + hadrenabled = 1 + + [language] + lcid = 1033 diff --git a/linux/rancher/templates/sc.yaml b/linux/rancher/templates/sc.yaml new file mode 100644 index 00000000..21d42e4a --- /dev/null +++ b/linux/rancher/templates/sc.yaml @@ -0,0 +1,8 @@ +kind: StorageClass +apiVersion: storage.k8s.io/v1 +metadata: + name: azure-disk +provisioner: kubernetes.io/azure-disk +parameters: + storageaccounttype: Standard_LRS + kind: Managed diff --git a/linux/rancher/templates/secret.yml b/linux/rancher/templates/secret.yml new file mode 100644 index 00000000..65245e1c --- /dev/null +++ b/linux/rancher/templates/secret.yml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: Secret +metadata: + name: mssql-secret + labels: + {{- include "sql-server-rancher.labels" . | nindent 4 }} +type: Opaque +data: + mssql_sa_password : {{ .Values.MSSQL_SA_PASSWORD | b64enc | quote }} diff --git a/linux/rancher/templates/service.yaml b/linux/rancher/templates/service.yaml new file mode 100644 index 00000000..c5b18f30 --- /dev/null +++ b/linux/rancher/templates/service.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "sql-server-rancher.fullname" . }} + labels: + {{- include "sql-server-rancher.labels" . | nindent 4 }} +spec: + clusterIP: None + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + selector: + {{- include "sql-server-rancher.selectorLabels" . | nindent 4 }} diff --git a/linux/rancher/templates/statefulset.yaml b/linux/rancher/templates/statefulset.yaml new file mode 100644 index 00000000..d4e7ff40 --- /dev/null +++ b/linux/rancher/templates/statefulset.yaml @@ -0,0 +1,63 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: {{ include "sql-server-rancher.fullname" . }} + labels: + {{- include "sql-server-rancher.labels" . | nindent 4 }} +spec: + serviceName: {{ include "sql-server-rancher.fullname" . }} + replicas: {{ .Values.replicas }} + selector: + matchLabels: + {{- include "sql-server-rancher.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "sql-server-rancher.selectorLabels" . | nindent 8 }} + spec: + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + command: + - /bin/bash + - -c + - cp /var/opt/config/mssql.conf /var/opt/mssql/mssql.conf && /opt/mssql/bin/sqlservr + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - containerPort: {{ .Values.containers.ports.containerPort }} + env: + - name: MSSQL_PID + value: "{{ .Values.MSSQL_PID }}" + - name: ACCEPT_EULA + value: "{{ .Values.ACCEPT_EULA | upper }}" + - name: MSSQL_AGENT_ENABLED + value: "{{ .Values.MSSQL_AGENT_ENABLED }}" + - name: MSSQL_SA_PASSWORD + valueFrom: + secretKeyRef: + name: mssql-secret + key: mssql_sa_password + volumeMounts: + - name: mssql + mountPath: /var/opt/mssql + - name: mssql-config-volume + mountPath: /var/opt/config + volumes: + - name: mssql-config-volume + configMap: + name: mssql + volumeClaimTemplates: + - metadata: + name: mssql + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 8Gi diff --git a/linux/rancher/values.test.yaml b/linux/rancher/values.test.yaml new file mode 100644 index 00000000..69061768 --- /dev/null +++ b/linux/rancher/values.test.yaml @@ -0,0 +1,2 @@ +# since a default SA_PASSWORD is not set, this is used for helm lint and helm debug, otherwise unused +MSSQL_SA_PASSWORD: Sfr9nxVVkbMVGTQweKmD diff --git a/linux/rancher/values.yaml b/linux/rancher/values.yaml new file mode 100644 index 00000000..52a0c3dc --- /dev/null +++ b/linux/rancher/values.yaml @@ -0,0 +1,24 @@ +--- + +replicas: 3 + +image: + repository: mcr.microsoft.com/mssql/server + pullPolicy: IfNotPresent + tag: 2019-latest + +ACCEPT_EULA: "Yes" +MSSQL_PID: Developer +MSSQL_AGENT_ENABLED: false + +containers: + ports: + containerPort: 1433 + +podAnnotations: {} + +podSecurityContext: + fsGroup: 10001 + +service: + port: 1433 diff --git a/linux/sample-helm-chart-statefulset-deployment/Chart.yaml b/linux/sample-helm-chart-statefulset-deployment/Chart.yaml index be245c98..2ebe6be7 100644 --- a/linux/sample-helm-chart-statefulset-deployment/Chart.yaml +++ b/linux/sample-helm-chart-statefulset-deployment/Chart.yaml @@ -15,9 +15,12 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.0 +version: 0.1.1 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. appVersion: 1.16.0 + +annotations: + catalog.cattle.io/hidden: "true" # hide from Rancher catalog diff --git a/linux/sample-helm-chart/Chart.yaml b/linux/sample-helm-chart/Chart.yaml index 23eef3ff..caca28fe 100644 --- a/linux/sample-helm-chart/Chart.yaml +++ b/linux/sample-helm-chart/Chart.yaml @@ -15,9 +15,12 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.0 +version: 0.1.1 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. appVersion: 1.16.0 + +annotations: + catalog.cattle.io/hidden: "true" # hide from Rancher catalog