-
Notifications
You must be signed in to change notification settings - Fork 8
/
Copy pathmssqlserver.yaml
272 lines (238 loc) · 11 KB
/
mssqlserver.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
blocks:
- name: windows_auth
content:
dns_url: "{{ $cndi.get_arg(dns_url) }}"
dns_ip: "{{ $cndi.get_arg(dns_ip) }}"
privilegedadaccount: "{{ $cndi.get_arg(privilegedadaccount) }}"
prompts:
- $cndi.get_block(https://raw.githubusercontent.com/polyseam/cndi/main/blocks/common/cluster/core-prompts.yaml):
{}
- $cndi.get_block(https://raw.githubusercontent.com/polyseam/cndi/main/blocks/{{ $cndi.get_prompt_response(deployment_target_provider) }}/core-prompts.yaml):
{}
- name: mssql_sa_password
default: S@password1234
message: >-
What will be your default password for your 'mssql sa' user?
type: Secret
- name: deploy_mssql_ingress
default: true
message: >-
Do you want to expose Mssql to the web?
type: Confirm
- name: mssql_hostname
default: mymssql.example.com
message: >-
What hostname should Mssql be accessible at?
type: Input
validators:
- hostname # FQDN
- min_length: 3
condition:
- "{{ $cndi.get_prompt_response(deploy_mssql_ingress) }}"
- ==
- true
- name: add_windows_login
default: false
message: >-
Do you want to add windows auth login?
type: Confirm
- name: windows_dns_url
default: mycompany-dc.mycompany.com
message: >-
What is the url of the domain controller?
type: Input
validators:
- hostname # FQDN
- min_length: 3
condition:
- "{{ $cndi.get_prompt_response(add_windows_login) }}"
- ==
- true
- name: windows_dns_ip
default: 0.0.0.0
message: >-
What is the IP of the domain controller?
type: Input
validators:
- min_length: 3
condition:
- "{{ $cndi.get_prompt_response(add_windows_login) }}"
- ==
- true
- name: windows_privilegedadaccount
default: superuser
message: >-
What is the username of the privilegedadaccount?
type: Input
validators:
- min_length: 3
condition:
- "{{ $cndi.get_prompt_response(add_windows_login) }}"
- ==
- true
outputs:
cndi_config:
project_name: "{{ $cndi.get_prompt_response(project_name) }}"
cndi_version: v2
provider: "{{ $cndi.get_prompt_response(deployment_target_provider) }}"
distribution: "{{ $cndi.get_prompt_response(deployment_target_distribution) }}"
# this is a Template comment
infrastructure:
cndi:
$cndi.get_block(https://raw.githubusercontent.com/polyseam/cndi/main/blocks/common/cluster/observability-config.yaml):
condition:
- "{{ $cndi.get_prompt_response(deploy_grafana_ingress) }}"
- ==
- true
$cndi.get_block(https://raw.githubusercontent.com/polyseam/cndi/main/blocks/common/cluster/argocd-config.yaml):
condition:
- "{{ $cndi.get_prompt_response(deploy_argocd_ingress) }}"
- ==
- true
cert_manager:
email: "{{ $cndi.get_prompt_response(cert_manager_email) }}"
external_dns:
$cndi.get_block(https://raw.githubusercontent.com/polyseam/cndi/main/blocks/external-dns/config/{{ $cndi.get_prompt_response(dns_provider) }}.yaml):
condition:
- "{{ $cndi.get_prompt_response(enable_external_dns) }}"
- ==
- true
open_ports:
- number: 1433
name: mssql
namespace: mssql
service: mssql-0
nodes:
$cndi.get_block(https://raw.githubusercontent.com/polyseam/cndi/main/blocks/{{ $cndi.get_prompt_response(deployment_target_provider) }}/basic-node-pool.yaml):
{}
cluster_manifests:
$cndi.comment(mssql-sa-secret): Mssql sa password
mssql-sa-secret:
apiVersion: v1
kind: Secret
metadata:
name: mssql-sa-secret
namespace: mssql
type: Opaque
stringData:
MSSQL_SA_PASSWORD: $cndi_on_ow.seal_secret_from_env_var(MSSQL_SA_PASSWORD)
mssql-ingress:
$cndi.get_block(https://raw.githubusercontent.com/polyseam/cndi/main/blocks/common/cluster/default-ingress.yaml):
args:
ingress_name: mssql-ingress
ingress_class_name: public
hostname: "{{ $cndi.get_prompt_response(mssql_hostname) }}"
service_name: sqlinst1-0
service_port: 1433
namespace: mssql
condition:
- "{{ $cndi.get_prompt_response(deploy_mssql_ingress) }}"
- ==
- true
external-dns-secret:
$cndi.get_block(https://raw.githubusercontent.com/polyseam/cndi/main/blocks/external-dns/secret/{{ $cndi.get_prompt_response(dns_provider) }}.yaml):
condition:
- "{{ $cndi.get_prompt_response(enable_external_dns) }}"
- ==
- true
mssql-ns:
apiVersion: v1
kind: Namespace
metadata:
name: mssql
applications:
mssql:
targetRevision: 0.1.8
destinationNamespace: mssql
repoURL: https://polyseam.github.io/mssql2019-chart
chart: mssql
values:
name: mssql
namespace: mssql
appLabel: mssql
replicas: 1
securityContext:
fsGroup: 10001
container:
name: mssql
image: "mcr.microsoft.com/mssql/server:2019-latest"
saPasswordSecret: mssql-sa-secret
service:
name: mssql-0
namespace: mssql
selector:
podName: mssql-0
ports:
port: 1433
targetPort: 1433
certificate:
name: mssql-certs
namespace: mssql
secretName: mssql-certs-secret
commonName: "{{ $cndi.get_prompt_response(mssql_hostname) }}"
dnsNames:
- "{{ $cndi.get_prompt_response(mssql_hostname) }}"
- "mssql-0.mssql.svc.cluster.local"
configMap:
name: mssql # TODO: @harshil4076 was mssql-config but that was not picked up by pods downstream
data:
EULA: "Y"
accepteulaml: "Y"
captureminiandfull: "true"
coredumptype: "full"
hadrenabled: "1"
lcid: "1033"
tlscert: "/var/opt/mssql/sslcert/tls.crt"
tlskey: "/var/opt/mssql/sslcert/tls.key"
tlsprotocols: "1.2"
forceencryption: "0"
windows_auth:
$cndi.get_block(windows_auth):
condition:
- "{{ $cndi.get_prompt_response(add_windows_login) }}"
- ==
- true
args:
dns_url: "{{ $cndi.get_prompt_response(windows_dns_url) }}"
dns_ip: "{{ $cndi.get_prompt_response(windows_dns_ip) }}"
privilegedadaccount: "{{ $cndi.get_prompt_response(windows_privilegedadaccount) }}"
env:
$cndi.get_block(https://raw.githubusercontent.com/polyseam/cndi/main/blocks/common/git-credentials-{{ $cndi.get_prompt_response(git_credentials_mode) }}-env.yaml):
{}
$cndi.get_block(https://raw.githubusercontent.com/polyseam/cndi/main/blocks/{{ $cndi.get_prompt_response(deployment_target_provider) }}/env.yaml):
{}
$cndi.get_block(https://raw.githubusercontent.com/polyseam/cndi/main/blocks/common/cluster/env.yaml):
{}
$cndi.comment(mssql-sa-password-comment): "Should contain uppercase, lowercase, number, special character and muste be greater than 8 letters"
MSSQL_SA_PASSWORD: "{{ $cndi.get_prompt_response(mssql_sa_password) }}"
readme:
project_name: "# {{ $cndi.get_prompt_response(project_name) }}"
$cndi.get_string(https://raw.githubusercontent.com/polyseam/cndi/main/blocks/common/cluster/core-readme.md):
{}
$cndi.get_string(https://raw.githubusercontent.com/polyseam/cndi/main/blocks/{{ $cndi.get_prompt_response(deployment_target_provider) }}/core.md):
{}
$cndi.get_string(https://raw.githubusercontent.com/polyseam/cndi/main/blocks/{{ $cndi.get_prompt_response(deployment_target_provider) }}/{{ $cndi.get_prompt_response(deployment_target_distribution) }}.md):
{}
mssqlserver: |
# SQL Server Deployment Guide
This guide covers the deployment of Microsoft SQL Server on a Kubernetes cluster using Helm. SQL Server is a relational database management system developed by Microsoft. It's designed for the enterprise environment and offers a wide range of tools for data storage, processing, and analytics. SQL Server supports various data types, making it suitable for a broad array of applications.
## Customizing Your Deployment
You can customize your SQL Server deployment to fit your specific needs by editing the `values.yaml` file in the Helm chart. Important configuration options to consider include:
- **Persistence:** Enable persistent storage to ensure that your data remains safe across pod restarts and deployments.
- **Replication:** Configure replication settings to improve data availability and disaster recovery capabilities.
- **Resources:** Allocate CPU and memory resources to your SQL Server pods to balance performance and resource usage.
- **Authentication:** Setup authentication and authorization to secure access to your databases.
Consult the Helm chart's documentation or the `values.yaml` file for a full list of configurable parameters and their descriptions.
## Verifying SQL Server Accessibility
**Connect to the Database**:
- Use a SQL Server client tool like SQL Server Management Studio (SSMS) or sqlcmd to connect to your instance, specifying the domain you've configured, e.g., `sqlserver.yourdomain.com`.
## Connecting to the Database Step-by-Step
To connect to your SQL Server database, follow these steps:
1. **Install SQL Server Client Tools:** If not already installed, download and install SQL Server Management Studio (SSMS) or the sqlcmd command-line tool from the official Microsoft website.
2. **Gather Connection Details:** Obtain the necessary connection details such as the fully qualified domain name (FQDN) for your SQL Server instance (e.g., `sqlserver.yourdomain.com`), the port (default is `1433`), and the credentials if authentication is enabled.
3. **Open Your Client Tool:** Launch SSMS or open a terminal for sqlcmd.
4. **Construct the Connection String:** In SSMS, use the Connect to Server dialog to enter your server's FQDN or IP address and the authentication details.
In the terminal, use the format `sqlcmd -S tcp:<hostname>,<port> -U <username> -P <password>`, replacing placeholders with your actual details.
5. **Connect to SQL Server:** In SSMS, click Connect. For sqlcmd, enter the command in your terminal.
6. **Verify Connection:** If the connection is successful, you'll be able to execute SQL commands against your database in SSMS or through the sqlcmd terminal.
Ensure to adjust your steps and connection details according to the specific configuration and security settings of your SQL Server deployment.