Skip to content
Percona Operators Documentation

For help, click the link below to get free database assistance or contact our experts for personalized support.

Get help from Percona

Install Percona XtraDB Cluster on OpenShift

Percona Operator for Percona XtrabDB Cluster is a Red Hat Certified Operator . This means that Percona Operator is portable across hybrid clouds and fully supports the Red Hat OpenShift lifecycle.

Installing Percona XtraDB Cluster on OpenShift includes two steps:

  • Installing the Percona Operator for MySQL,

  • Install Percona XtraDB Cluster using the Operator.

Install the Operator

You can install Percona Operator for MySQL on OpenShift using the web interface (the Operator Lifecycle Manager ), or using the command line interface.

Install the Operator via the Operator Lifecycle Manager (OLM)

Operator Lifecycle Manager (OLM) is a part of the Operator Framework that allows you to install, update, and manage the Operators lifecycle on the OpenShift platform.

Following steps will allow you to deploy the Operator and Percona XtraDB Cluster on your OLM installation:

  1. Login to the OLM and click the needed Operator on the OperatorHub page:

    image

    Then click “Contiune”, and “Install”.

  2. A new page will allow you to choose the Operator version and the Namespace / OpenShift project you would like to install the Operator into.

    image

    Note

    To install the Operator in multi-namespace (cluster-wide) mode, use the one from the certified catalog. It has the Certified label. Choose values with -cw suffix for the update channel and version, and select the “All namespaces on the cluster” radio button for the installation mode instead of chosing a specific Namespace:

    image

    Click “Install” to install the Operator.

  3. When the installation finishes, you can deploy Percona XtraDB Cluster. In the “Operator Details” you will see Provided APIs (Custom Resources, available for installation). Click “Create instance” for the PerconaXtraDBCluster Custom Resource.

    image

    You will be able to edit manifest to set needed Custom Resource options, and then click “Create” button to deploy your database cluster.

Install the Operator via the command-line interface

  1. Clone the percona-xtradb-cluster-operator repository:

    $ git clone -b v1.17.0 https://github.com/percona/percona-xtradb-cluster-operator
$ cd percona-xtradb-cluster-operator

Note

It is crucial to specify the right branch with the -b option while cloning the code on this step. Please be careful.

  1. Now Custom Resource Definition for Percona XtraDB Cluster should be created from the deploy/crd.yaml file. Custom Resource Definition extends the standard set of resources which Kubernetes “knows” about with the new items (in our case ones which are the core of the operator).

    This step should be done only once; it does not need to be repeated with the next Operator deployments, etc.

    $ oc apply --server-side -f deploy/crd.yaml

    Note

    Setting Custom Resource Definition requires your user to have cluster-admin role privileges.

    If you want to manage your Percona XtraDB Cluster with a non-privileged user, necessary permissions can be granted by applying the next clusterrole:

    $ oc create clusterrole pxc-admin --verb="*" --resource=perconaxtradbclusters.pxc.percona.com,perconaxtradbclusters.pxc.percona.com/status,perconaxtradbclusterbackups.pxc.percona.com,perconaxtradbclusterbackups.pxc.percona.com/status,perconaxtradbclusterrestores.pxc.percona.com,perconaxtradbclusterrestores.pxc.percona.com/status
$ oc adm policy add-cluster-role-to-user pxc-admin <some-user>

    If you have a cert-manager installed, then you have to execute two more commands to be able to manage certificates with a non-privileged user:

    $ oc create clusterrole cert-admin --verb="*" --resource=issuers.certmanager.k8s.io,certificates.certmanager.k8s.io
$ oc adm policy add-cluster-role-to-user cert-admin <some-user>

  2. The next thing to do is to create a new pxc project:

    $ oc new-project pxc

  3. Now RBAC (role-based access control) for Percona XtraDB Cluster should be set up from the deploy/rbac.yaml file. Briefly speaking, role-based access is based on specifically defined roles and actions corresponding to them, allowed to be done on specific Kubernetes resources (details about users and roles can be found in OpenShift documentation ).

    $ oc apply -f deploy/rbac.yaml

    Finally, it’s time to start the operator within OpenShift:

    $ oc apply -f deploy/operator.yaml

    Note

    You can simplify the Operator installation by applying a single deploy/bundle.yaml file instead of running commands from the steps 2 and 4:

    $ oc apply --server-side -f deploy/bundle.yaml

    This will automatically create Custom Resource Definition, set up role-based access control and install the Operator as one single action.

Install Percona XtraDB Cluster

  1. Now that’s time to add the Percona XtraDB Cluster users Secrets with logins and passwords to Kubernetes. By default, the Operator generates users Secrets automatically, and no actions are required at this step.

    Still, you can generate and apply your Secrets by your own. In this case, place logins and plaintext passwords for the user accounts in the data section of the deploy/secrets.yaml file; after editing is finished, create users Secrets with the following command:

    $ oc create -f deploy/secrets.yaml

    More details about secrets can be found in Users.

  2. Now certificates should be generated. By default, the Operator generates certificates automatically, and no actions are required at this step. Still, you can generate and apply your own certificates as secrets according to the TLS instructions.

  3. After the operator is started and user secrets are added, Percona XtraDB Cluster can be created at any time with the following command:

    $ oc apply -f deploy/cr.yaml

    The creation process may take some time. When the process is over your cluster will obtain the ready status. You can check it with the following command:

    $ oc get pxc
    Expected output 
    NAME       ENDPOINT                   STATUS   PXC   PROXYSQL   HAPROXY   AGE
cluster1   cluster1-haproxy.default   ready    3                3         5m51s

Verify the cluster operation

It may take ten minutes to get the cluster started. When the oc get pxc command output shows you the cluster status as ready, you can try to connect to the cluster.

To connect to Percona XtraDB Cluster you will need the password for the root user. Passwords are stored in the Secrets object.

Here’s how to get it:

  1. List the Secrets objects.

    $ oc get secrets
    The Secrets object you are interested in has the cluster1-secrets name by default.

  2. Use the following command to get the password of the root user. Substitute the <namespace> placeholder with your value (and use the different Secrets object name instead of the cluster1-secrets, if needed):

    $ oc get secret cluster1-secrets -n <namespace> --template='{{.data.root | base64decode}}{{"\n"}}'

  3. Run a container with mysql tool and connect its console output to your terminal. The following command does this, naming the new Pod percona-client:

    $ oc run -n <namespace> -i --rm --tty percona-client --image=percona:8.0 --restart=Never -- bash -il

    Executing it may require some time to deploy the corresponding Pod.

  4. Now run the mysql tool in the percona-client command shell using the password obtained from the Secret instead of the <root_password> placeholder. The command will look different depending on whether your cluster provides load balancing with HAProxy (the default choice) or ProxySQL:

    $ mysql -h cluster1-haproxy -uroot -p'<root_password>'

    $ mysql -h cluster1-proxysql -uroot -p'<root_password>'

    This command will connect you to the MySQL server.

Last update: 2025-04-15