apiVersion: v1 data: config.json: | { "command": "/usr/local/bin/detect_gcomm_and_start.sh", "config_files": [ { "source": "/var/lib/config-data/generated/galera.cnf", "dest": "/etc/my.cnf.d/galera.cnf", "owner": "root", "perm": "0644" }, { "source": "/var/lib/config-data/generated/galera_tls.cnf", "dest": "/etc/my.cnf.d/galera_tls.cnf", "owner": "root", "perm": "0644", "optional": true }, { "source": "/var/lib/config-data/generated/galera_external_tls.cnf", "dest": "/etc/my.cnf.d/galera_external_tls.cnf", "owner": "root", "perm": "0644", "optional": true }, { "source": "/var/lib/config-data/generated/galera_custom.cnf", "dest": "/etc/my.cnf.d/galera_custom.cnf", "owner": "root", "perm": "0644", "optional": true }, { "source": "/var/lib/operator-scripts", "dest": "/usr/local/bin", "owner": "root", "perm": "0755", "merge": "true" }, { "source": "/var/lib/config-data/tls/private/galera.key", "dest": "/etc/pki/tls/private/galera.key", "owner": "mysql", "perm": "0600", "optional": true }, { "source": "/var/lib/config-data/tls/certs/galera.crt", "dest": "/etc/pki/tls/certs/galera.crt", "owner": "mysql", "perm": "0755", "optional": true } ], "permissions": [ { "path": "/var/lib/mysql", "owner": "mysql:mysql", "recurse": "true" }, { "path": "/var/log/mariadb", "owner": "mysql:mysql", "recurse": "true" }, { "path": "/var/local", "owner": "mysql:mysql", "recurse": "true" } ] } galera.cnf.in: | [client] port = 3306 socket = /var/lib/mysql/mysql.sock !includedir /var/local/my.cnf/ [isamchk] key_buffer_size = 16M [mysqld] basedir = /usr bind-address = { PODNAME } binlog_format = ROW datadir = /var/lib/mysql default-storage-engine = innodb expire_logs_days = 10 innodb_autoinc_lock_mode = 2 innodb_file_per_table = ON innodb_flush_log_at_trx_commit = 1 innodb_locks_unsafe_for_binlog = 1 innodb_strict_mode = OFF key_buffer_size = 16M max_allowed_packet = 16M max_binlog_size = 100M max_connections = 4096 open_files_limit = 65536 pid-file = /var/lib/mysql/mariadb.pid port = 3306 query_cache_limit = 1M query_cache_size = 16M skip-external-locking skip-name-resolve = 1 socket = /var/lib/mysql/mysql.sock thread_cache_size = 8 thread_stack = 256K tmpdir = /tmp user = mysql wsrep_notify_cmd = /usr/local/bin/mysql_wsrep_notify.sh wsrep_auto_increment_control = 1 wsrep_causal_reads = 0 wsrep_certify_nonPK = 1 # wsrep_cluster_address = gcomm://database-0.internalapi.redhat.local,database-1.internalapi.redhat.local,database-2.internalapi.redhat.local wsrep_cluster_name = galera_cluster wsrep_convert_LOCK_to_trx = 0 wsrep_debug = 0 wsrep_drupal_282555_workaround = 0 wsrep_on = ON wsrep_provider = /usr/lib64/galera/libgalera_smm.so wsrep_provider_options = pc.wait_prim=FALSE;gcache.recover=no;gmcast.listen_addr=tcp://{ PODIP }:4567 wsrep_retry_autocommit = 1 wsrep_slave_threads = 1 wsrep_sst_method = rsync [mysqld_safe] nice = 0 pid-file = /var/lib/mysql/mariadb.pid socket = /var/lib/mysql/mysql.sock [mysqldump] max_allowed_packet = 16M quick quote-names galera_custom.cnf.in: '' galera_external_tls.cnf.in: | [mysqld] ssl ssl-cert = /etc/pki/tls/certs/galera.crt ssl-key = /etc/pki/tls/private/galera.key ssl-cipher = !SSLv2:kEECDH:kRSA:kEDH:kPSK:+3DES:!aNULL:!eNULL:!MD5:!EXP:!RC4:!SEED:!IDEA:!DES:!SSLv3:!TLSv1 [sst] ssl-mode = DISABLED galera_tls.cnf.in: | [mysqld] ssl ssl-cert = /etc/pki/tls/certs/galera.crt ssl-key = /etc/pki/tls/private/galera.key ssl-ca = /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem ssl-cipher = !SSLv2:kEECDH:kRSA:kEDH:kPSK:+3DES:!aNULL:!eNULL:!MD5:!EXP:!RC4:!SEED:!IDEA:!DES:!SSLv3:!TLSv1 wsrep_provider_options = pc.wait_prim=FALSE;gcache.recover=no;gmcast.listen_addr=tcp://{ PODIP }:4567;socket.ssl_key=/etc/pki/tls/private/galera.key;socket.ssl_cert=/etc/pki/tls/certs/galera.crt;socket.ssl_cipher={ SSL_CIPHER };socket.ssl_ca=/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem; [sst] sockopt = cipher=!SSLv2:kEECDH:kRSA:kEDH:kPSK:+3DES:!aNULL:!eNULL:!MD5:!EXP:!RC4:!SEED:!IDEA:!DES:!SSLv3:!TLSv1 tcert = /etc/pki/tls/certs/galera.crt tkey = /etc/pki/tls/private/galera.key tca = /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem encrypt = 3 ssl-mode = REQUIRED kind: ConfigMap metadata: creationTimestamp: '2026-02-16T17:40:45Z' managedFields: - apiVersion: v1 fieldsType: FieldsV1 fieldsV1: f:data: .: {} f:config.json: {} f:galera.cnf.in: {} f:galera_custom.cnf.in: {} f:galera_external_tls.cnf.in: {} f:galera_tls.cnf.in: {} f:metadata: f:ownerReferences: .: {} k:{"uid":"50face47-cc55-471a-8a59-3da2e2544955"}: {} manager: manager operation: Update time: '2026-02-16T17:40:45Z' name: openstack-cell1-config-data namespace: openstack ownerReferences: - apiVersion: mariadb.openstack.org/v1beta1 blockOwnerDeletion: true controller: true kind: Galera name: openstack-cell1 uid: 50face47-cc55-471a-8a59-3da2e2544955 resourceVersion: '33014' uid: bf373e98-0ea1-4c0e-be07-0a366528192b