Tuzki
/
coze_studio
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat(infra): Oceanbase Vector Sql Prevent SQL injection And Complementary helm deployment (#2048)

Browse Source
main
zhouyh 1 month ago committed by GitHub
parent 1f9e1cb1c7
commit 77ebc297f9
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
11 changed files with 757 additions and 57 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 7
      backend/infra/impl/oceanbase/oceanbase.go
  2. 106
      backend/infra/impl/oceanbase/oceanbase_official.go
  3. 1
      docker/docker-compose-oceanbase.yml
  4. 1
      docker/docker-compose-oceanbase_debug.yml
  5. 260
      docs/oceanbase-integration-guide-en.md
  6. 262
      docs/oceanbase-integration-guide.md
  7. 54
      helm/charts/opencoze/templates/oceanbase-secret.yaml
  8. 20
      helm/charts/opencoze/templates/oceanbase-service.yaml
  9. 10
      helm/charts/opencoze/templates/oceanbase-serviceaccount.yaml
  10. 52
      helm/charts/opencoze/templates/oceanbase-statefulset.yaml
  11. 41
      helm/charts/opencoze/values.yaml

7
backend/infra/impl/oceanbase/oceanbase.go
Unescape View File

@ -64,15 +64,16 @@ func (c *OceanBaseClient) BatchInsertVectors(ctx context.Context, collectionName
}
func (c *OceanBaseClient) DeleteVector(ctx context.Context, collectionName string, vectorID string) error {
return c.official.GetDB().WithContext(ctx).Exec("DELETE FROM "+collectionName+" WHERE vector_id = ?", vectorID).Error
return c.official.GetDB().WithContext(ctx).Table(collectionName).Where("vector_id = ?", vectorID).Delete(nil).Error
}
func (c *OceanBaseClient) InitDatabase(ctx context.Context) error {
return c.official.GetDB().WithContext(ctx).Exec("SELECT 1").Error
var result int
return c.official.GetDB().WithContext(ctx).Raw("SELECT 1").Scan(&result).Error
}
func (c *OceanBaseClient) DropCollection(ctx context.Context, collectionName string) error {
return c.official.GetDB().WithContext(ctx).Exec("DROP TABLE IF EXISTS " + collectionName).Error
return c.official.GetDB().WithContext(ctx).Migrator().DropTable(collectionName)
}
type SearchStrategy interface {

106
backend/infra/impl/oceanbase/oceanbase_official.go
Unescape View File

@ -43,6 +43,15 @@ type VectorResult struct {
CreatedAt time.Time `json:"created_at"`
}
type VectorRecord struct {
VectorID string `gorm:"column:vector_id;primaryKey"`
Content string `gorm:"column:content;type:text;not null"`
Metadata string `gorm:"column:metadata;type:json"`
Embedding string `gorm:"column:embedding;type:vector;not null"`
CreatedAt time.Time `gorm:"column:created_at;type:timestamp;default:CURRENT_TIMESTAMP"`
UpdatedAt time.Time `gorm:"column:updated_at;type:timestamp;default:CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP"`
}
type CollectionInfo struct {
Name string `json:"name"`
Dimension int `json:"dimension"`
@ -83,21 +92,23 @@ func (c *OceanBaseOfficialClient) setVectorParameters() error {
}
func (c *OceanBaseOfficialClient) CreateCollection(ctx context.Context, collectionName string, dimension int) error {
createTableSQL := fmt.Sprintf(`
CREATE TABLE IF NOT EXISTS %s (
vector_id VARCHAR(255) PRIMARY KEY,
content TEXT NOT NULL,
metadata JSON,
embedding VECTOR(%d) NOT NULL,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
INDEX idx_created_at (created_at),
INDEX idx_content (content(100))
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci
`, collectionName, dimension)
if err := c.db.WithContext(ctx).Exec(createTableSQL).Error; err != nil {
return fmt.Errorf("failed to create table: %v", err)
if !c.db.WithContext(ctx).Migrator().HasTable(collectionName) {
createTableSQL := fmt.Sprintf(`
CREATE TABLE IF NOT EXISTS %s (
vector_id VARCHAR(255) PRIMARY KEY,
content TEXT NOT NULL,
metadata JSON,
embedding VECTOR(%d) NOT NULL,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
INDEX idx_created_at (created_at),
INDEX idx_content (content(100))
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci
`, collectionName, dimension)
if err := c.db.WithContext(ctx).Exec(createTableSQL).Error; err != nil {
return fmt.Errorf("failed to create table: %v", err)
}
}
createIndexSQL := fmt.Sprintf(`
@ -136,30 +147,19 @@ func (c *OceanBaseOfficialClient) InsertVectors(ctx context.Context, collectionN
}
func (c *OceanBaseOfficialClient) insertBatch(ctx context.Context, collectionName string, batch []VectorResult) error {
placeholders := make([]string, len(batch))
values := make([]interface{}, 0, len(batch)*5)
for j, vector := range batch {
placeholders[j] = "(?, ?, ?, ?, NOW())"
values = append(values,
vector.VectorID,
vector.Content,
vector.Metadata,
c.vectorToString(vector.Embedding),
)
records := make([]VectorRecord, len(batch))
for i, vector := range batch {
records[i] = VectorRecord{
VectorID: vector.VectorID,
Content: vector.Content,
Metadata: vector.Metadata,
Embedding: c.vectorToString(vector.Embedding),
CreatedAt: time.Now(),
UpdatedAt: time.Now(),
}
}
sql := fmt.Sprintf(`
INSERT INTO %s (vector_id, content, metadata, embedding, created_at)
VALUES %s
ON DUPLICATE KEY UPDATE
content = VALUES(content),
metadata = VALUES(metadata),
embedding = VALUES(embedding),
updated_at = NOW()
`, collectionName, strings.Join(placeholders, ","))
return c.db.WithContext(ctx).Exec(sql, values...).Error
return c.db.WithContext(ctx).Table(collectionName).Save(&records).Error
}
func (c *OceanBaseOfficialClient) SearchVectors(
@ -341,24 +341,28 @@ func (c *OceanBaseOfficialClient) DebugCollectionData(ctx context.Context, colle
log.Printf("[Debug] Collection '%s' exists with %d vectors", collectionName, count)
log.Printf("[Debug] Sample data from collection '%s':", collectionName)
rows, err := c.db.WithContext(ctx).Raw(`
SELECT vector_id, content, created_at
FROM ` + collectionName + `
ORDER BY created_at DESC
LIMIT 5
`).Rows()
var samples []struct {
VectorID string `gorm:"column:vector_id"`
Content string `gorm:"column:content"`
CreatedAt time.Time `gorm:"column:created_at"`
}
err := c.db.WithContext(ctx).Table(collectionName).
Select("vector_id, content, created_at").
Order("created_at DESC").
Limit(5).
Find(&samples).Error
if err != nil {
log.Printf("[Debug] Failed to get sample data: %v", err)
} else {
defer rows.Close()
for rows.Next() {
var vectorID, content string
var createdAt time.Time
if err := rows.Scan(&vectorID, &content, &createdAt); err != nil {
log.Printf("[Debug] Failed to scan sample row: %v", err)
continue
for _, sample := range samples {
contentPreview := sample.Content
if len(contentPreview) > 50 {
contentPreview = contentPreview[:50]
}
log.Printf("[Debug] Sample: ID=%s, Content=%s, Created=%s", vectorID, content[:min(50, len(content))], createdAt)
log.Printf("[Debug] Sample: ID=%s, Content=%s, Created=%s",
sample.VectorID, contentPreview, sample.CreatedAt)
}
}

1
docker/docker-compose-oceanbase.yml
Unescape View File

@ -252,6 +252,7 @@ services:
OB_DATAFILE_SIZE: 1G
OB_SYS_PASSWORD: ${OCEANBASE_PASSWORD:-coze123}
OB_TENANT_PASSWORD: ${OCEANBASE_PASSWORD:-coze123}
OB_CLUSTER_NAME: ${OCEANBASE_CLUSTER_NAME:-cozeAi}
ports:
- '2881:2881'
volumes:

1
docker/docker-compose-oceanbase_debug.yml
Unescape View File

@ -345,6 +345,7 @@ services:
OB_DATAFILE_SIZE: 1G
OB_SYS_PASSWORD: ${OCEANBASE_PASSWORD:-coze123}
OB_TENANT_PASSWORD: ${OCEANBASE_PASSWORD:-coze123}
OB_CLUSTER_NAME: ${OCEANBASE_CLUSTER_NAME:-cozeAi}
profiles: ['middleware']
env_file: *env_file
ports:

260
docs/oceanbase-integration-guide-en.md
Unescape View File

@ -225,6 +225,266 @@ docker logs coze-oceanbase | grep "slow query"
mysql -h localhost -P 2881 -u root -p -e "SHOW PROCESSLIST;"
```
## Helm Deployment Guide (Kubernetes)
### 1. Environment Preparation
Ensure the following tools are installed:
- Kubernetes cluster (recommended: k3s or kind)
- Helm 3.x
- kubectl
### 2. Install Dependencies
#### Install cert-manager
```bash
# Add cert-manager Helm repository
helm repo add jetstack https://charts.jetstack.io
helm repo update
# Install cert-manager
kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.16.2/cert-manager.yaml
# Wait for cert-manager to be ready
kubectl wait --for=condition=ready pod -l app.kubernetes.io/name=cert-manager -n cert-manager --timeout=300s
```
#### Install ob-operator
```bash
# Add ob-operator Helm repository
helm repo add ob-operator https://oceanbase.github.io/ob-operator/
helm repo update
# Install ob-operator
helm install ob-operator ob-operator/ob-operator --set reporter=cozeAi --namespace=oceanbase-system --create-namespace
# Wait for ob-operator to be ready
kubectl wait --for=condition=ready pod -l control-plane=controller-manager -n oceanbase-system --timeout=300s
```
### 3. Deploy OceanBase
#### Using Integrated Helm Chart
```bash
# Deploy complete Coze Studio application (including OceanBase)
helm install coze-studio helm/charts/opencoze \
--set oceanbase.enabled=true \
--namespace coze-studio \
--create-namespace
# Or deploy only OceanBase component
helm install oceanbase-only helm/charts/opencoze \
--set oceanbase.enabled=true \
--set mysql.enabled=false \
--set redis.enabled=false \
--set minio.enabled=false \
--set elasticsearch.enabled=false \
--set milvus.enabled=false \
--set rocketmq.enabled=false \
--namespace oceanbase \
--create-namespace
```
#### Custom Configuration
Create `oceanbase-values.yaml` file:
```yaml
oceanbase:
enabled: true
port: 2881
targetPort: 2881
clusterName: 'cozeAi'
clusterId: 1
image:
repository: oceanbase/oceanbase-ce
tag: 'latest'
obAgentVersion: '4.2.2-100000042024011120'
monitorEnabled: true
storageClass: ''
observerConfig:
resource:
cpu: 2
memory: 8Gi
storages:
dataStorage: 10G
redoLogStorage: 5G
logStorage: 5G
monitorResource:
cpu: 100m
memory: 256Mi
generateUserSecrets: true
userSecrets:
root: 'coze123'
monitor: 'coze123'
operator: 'coze123'
proxyro: 'coze123'
topology:
- zone: zone1
replica: 1
parameters:
- name: system_memory
value: '4G'
- name: '__min_full_resource_pool_memory'
value: '4294967296'
annotations: {}
backupVolumeEnabled: false
```
Deploy with custom configuration:
```bash
helm install oceanbase-custom helm/charts/opencoze \
-f oceanbase-values.yaml \
--namespace oceanbase \
--create-namespace
```
### 4. Verify Deployment
```bash
# Check OBCluster status
kubectl get obcluster -n oceanbase
# Check OceanBase pods
kubectl get pods -n oceanbase
# Check services
kubectl get svc -n oceanbase
# View detailed status
kubectl describe obcluster -n oceanbase
```
### 5. Connection Testing
#### Port Forwarding
```bash
# Forward OceanBase port
kubectl port-forward svc/oceanbase-service -n oceanbase 2881:2881
```
#### Using obclient Connection
```bash
# Connect within cluster
kubectl exec -it deployment/oceanbase-obcluster-zone1 -n oceanbase -- obclient -h127.0.0.1 -P2881 -uroot@test -pcoze123 -Dtest
# Connect from external (requires port forwarding)
obclient -h127.0.0.1 -P2881 -uroot@test -pcoze123 -Dtest
```
#### Using MySQL Client Connection
```bash
# Using MySQL client
mysql -h127.0.0.1 -P2881 -uroot@test -pcoze123 -Dtest
```
### 6. Monitoring and Management
#### View Logs
```bash
# View OceanBase logs
kubectl logs -f deployment/oceanbase-obcluster-zone1 -n oceanbase
# View ob-operator logs
kubectl logs -f deployment/oceanbase-controller-manager -n oceanbase-system
```
#### Scaling
```bash
# Scale replica count
kubectl patch obcluster oceanbase-obcluster -n oceanbase --type='merge' -p='{"spec":{"topology":[{"zone":"zone1","replica":2}]}}'
# Adjust resource configuration
kubectl patch obcluster oceanbase-obcluster -n oceanbase --type='merge' -p='{"spec":{"observer":{"resource":{"cpu":4,"memory":"16Gi"}}}}'
```
#### Backup and Recovery
```bash
# Create backup
kubectl apply -f - <<EOF
apiVersion: oceanbase.oceanbase.com/v1alpha1
kind: OBTenantBackupPolicy
metadata:
name: backup-policy
namespace: oceanbase
spec:
obClusterName: oceanbase-obcluster
tenantName: test
backupType: FULL
schedule: "0 2 * * *"
destination:
path: "file:///backup"
EOF
```
### 7. Troubleshooting
#### Common Issues
1. **OBCluster Creation Failed**
```bash
# Check ob-operator status
kubectl get pods -n oceanbase-system
# View detailed errors
kubectl describe obcluster -n oceanbase
```
2. **Image Pull Failed**
```bash
# Check node image pull capability
kubectl describe node
# Manually pull image
docker pull oceanbase/oceanbase-cloud-native:4.3.5.3-103000092025080818
```
3. **Storage Issues**
```bash
# Check PVC status
kubectl get pvc -n oceanbase
# Check storage class
kubectl get storageclass
```
#### Log Analysis
```bash
# View all related logs
kubectl logs -f deployment/oceanbase-controller-manager -n oceanbase-system
kubectl logs -f deployment/oceanbase-obcluster-zone1 -n oceanbase
kubectl logs -f deployment/cert-manager -n cert-manager
```
### 8. Uninstallation
```bash
# Uninstall OceanBase
helm uninstall oceanbase-custom -n oceanbase
# Delete namespace
kubectl delete namespace oceanbase
# Uninstall ob-operator
helm uninstall ob-operator -n oceanbase-system
# Uninstall cert-manager
kubectl delete -f https://github.com/cert-manager/cert-manager/releases/download/v1.16.2/cert-manager.yaml
```
## Integration Features
### 1. Design Principles

262
docs/oceanbase-integration-guide.md
Unescape View File

@ -107,8 +107,6 @@ case "oceanbase":
}
```
## 配置说明
### 环境变量配置
@ -227,6 +225,266 @@ docker logs coze-oceanbase | grep "slow query"
mysql -h localhost -P 2881 -u root -p -e "SHOW PROCESSLIST;"
```
## Helm 部署指南(Kubernetes)
### 1. 环境准备
确保已安装以下工具:
- Kubernetes 集群(推荐使用 k3s 或 kind)
- Helm 3.x
- kubectl
### 2. 安装依赖
#### 安装 cert-manager
```bash
# 添加 cert-manager Helm 仓库
helm repo add jetstack https://charts.jetstack.io
helm repo update
# 安装 cert-manager
kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.16.2/cert-manager.yaml
# 等待 cert-manager 就绪
kubectl wait --for=condition=ready pod -l app.kubernetes.io/name=cert-manager -n cert-manager --timeout=300s
```
#### 安装 ob-operator
```bash
# 添加 ob-operator Helm 仓库
helm repo add ob-operator https://oceanbase.github.io/ob-operator/
helm repo update
# 安装 ob-operator
helm install ob-operator ob-operator/ob-operator --set reporter=cozeAi --namespace=oceanbase-system --create-namespace
# 等待 ob-operator 就绪
kubectl wait --for=condition=ready pod -l control-plane=controller-manager -n oceanbase-system --timeout=300s
```
### 3. 部署 OceanBase
#### 使用集成 Helm Chart
```bash
# 部署完整的 Coze Studio 应用(包含 OceanBase)
helm install coze-studio helm/charts/opencoze \
--set oceanbase.enabled=true \
--namespace coze-studio \
--create-namespace
# 或者只部署 OceanBase 组件
helm install oceanbase-only helm/charts/opencoze \
--set oceanbase.enabled=true \
--set mysql.enabled=false \
--set redis.enabled=false \
--set minio.enabled=false \
--set elasticsearch.enabled=false \
--set milvus.enabled=false \
--set rocketmq.enabled=false \
--namespace oceanbase \
--create-namespace
```
#### 自定义配置
创建 `oceanbase-values.yaml` 文件:
```yaml
oceanbase:
enabled: true
port: 2881
targetPort: 2881
clusterName: 'cozeAi'
clusterId: 1
image:
repository: oceanbase/oceanbase-ce
tag: 'latest'
obAgentVersion: '4.2.2-100000042024011120'
monitorEnabled: true
storageClass: ''
observerConfig:
resource:
cpu: 2
memory: 8Gi
storages:
dataStorage: 10G
redoLogStorage: 5G
logStorage: 5G
monitorResource:
cpu: 100m
memory: 256Mi
generateUserSecrets: true
userSecrets:
root: 'coze123'
monitor: 'coze123'
operator: 'coze123'
proxyro: 'coze123'
topology:
- zone: zone1
replica: 1
parameters:
- name: system_memory
value: '4G'
- name: '__min_full_resource_pool_memory'
value: '4294967296'
annotations: {}
backupVolumeEnabled: false
```
使用自定义配置部署:
```bash
helm install oceanbase-custom helm/charts/opencoze \
-f oceanbase-values.yaml \
--namespace oceanbase \
--create-namespace
```
### 4. 验证部署
```bash
# 检查 OBCluster 状态
kubectl get obcluster -n oceanbase
# 检查 OceanBase pods
kubectl get pods -n oceanbase
# 检查服务
kubectl get svc -n oceanbase
# 查看详细状态
kubectl describe obcluster -n oceanbase
```
### 5. 连接测试
#### 端口转发
```bash
# 转发 OceanBase 端口
kubectl port-forward svc/oceanbase-service -n oceanbase 2881:2881
```
#### 使用 obclient 连接
```bash
# 在集群内连接
kubectl exec -it deployment/oceanbase-obcluster-zone1 -n oceanbase -- obclient -h127.0.0.1 -P2881 -uroot@test -pcoze123 -Dtest
# 从外部连接(需要端口转发)
obclient -h127.0.0.1 -P2881 -uroot@test -pcoze123 -Dtest
```
#### 使用 MySQL 客户端连接
```bash
# 使用 MySQL 客户端
mysql -h127.0.0.1 -P2881 -uroot@test -pcoze123 -Dtest
```
### 6. 监控和管理
#### 查看日志
```bash
# 查看 OceanBase 日志
kubectl logs -f deployment/oceanbase-obcluster-zone1 -n oceanbase
# 查看 ob-operator 日志
kubectl logs -f deployment/oceanbase-controller-manager -n oceanbase-system
```
#### 扩缩容
```bash
# 扩展副本数
kubectl patch obcluster oceanbase-obcluster -n oceanbase --type='merge' -p='{"spec":{"topology":[{"zone":"zone1","replica":2}]}}'
# 调整资源配置
kubectl patch obcluster oceanbase-obcluster -n oceanbase --type='merge' -p='{"spec":{"observer":{"resource":{"cpu":4,"memory":"16Gi"}}}}'
```
#### 备份和恢复
```bash
# 创建备份
kubectl apply -f - <<EOF
apiVersion: oceanbase.oceanbase.com/v1alpha1
kind: OBTenantBackupPolicy
metadata:
name: backup-policy
namespace: oceanbase
spec:
obClusterName: oceanbase-obcluster
tenantName: test
backupType: FULL
schedule: "0 2 * * *"
destination:
path: "file:///backup"
EOF
```
### 7. 故障排除
#### 常见问题
1. **OBCluster 创建失败**
```bash
# 检查 ob-operator 状态
kubectl get pods -n oceanbase-system
# 查看详细错误
kubectl describe obcluster -n oceanbase
```
2. **镜像拉取失败**
```bash
# 检查节点镜像拉取能力
kubectl describe node
# 手动拉取镜像
docker pull oceanbase/oceanbase-cloud-native:4.3.5.3-103000092025080818
```
3. **存储问题**
```bash
# 检查 PVC 状态
kubectl get pvc -n oceanbase
# 检查存储类
kubectl get storageclass
```
#### 日志分析
```bash
# 查看所有相关日志
kubectl logs -f deployment/oceanbase-controller-manager -n oceanbase-system
kubectl logs -f deployment/oceanbase-obcluster-zone1 -n oceanbase
kubectl logs -f deployment/cert-manager -n cert-manager
```
### 8. 卸载
```bash
# 卸载 OceanBase
helm uninstall oceanbase-custom -n oceanbase
# 删除 namespace
kubectl delete namespace oceanbase
# 卸载 ob-operator
helm uninstall ob-operator -n oceanbase-system
# 卸载 cert-manager
kubectl delete -f https://github.com/cert-manager/cert-manager/releases/download/v1.16.2/cert-manager.yaml
```
## 适配特点
### 1. 设计原则

54
helm/charts/opencoze/templates/oceanbase-secret.yaml
Unescape View File

@ -0,0 +1,54 @@
{{- if .Values.oceanbase.enabled }}
{{- $rootPassword := .Values.oceanbase.userSecrets.root | default "coze123" }}
{{- $monitorPassword := .Values.oceanbase.userSecrets.monitor | default "coze123" }}
{{- $operatorPassword := .Values.oceanbase.userSecrets.operator | default "coze123" }}
{{- $proxyroPassword := .Values.oceanbase.userSecrets.proxyro | default "coze123" }}
apiVersion: v1
kind: Secret
metadata:
name: {{ include "opencoze.fullname" . }}-oceanbase-root-secret
namespace: {{ .Release.Namespace }}
labels:
{{- include "opencoze.labels" . | nindent 4 }}
app.kubernetes.io/component: oceanbase
type: Opaque
data:
password: {{ $rootPassword | b64enc | quote }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ include "opencoze.fullname" . }}-oceanbase-monitor-secret
namespace: {{ .Release.Namespace }}
labels:
{{- include "opencoze.labels" . | nindent 4 }}
app.kubernetes.io/component: oceanbase
type: Opaque
data:
password: {{ $monitorPassword | b64enc | quote }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ include "opencoze.fullname" . }}-oceanbase-operator-secret
namespace: {{ .Release.Namespace }}
labels:
{{- include "opencoze.labels" . | nindent 4 }}
app.kubernetes.io/component: oceanbase
type: Opaque
data:
password: {{ $operatorPassword | b64enc | quote }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ include "opencoze.fullname" . }}-oceanbase-proxyro-secret
namespace: {{ .Release.Namespace }}
labels:
{{- include "opencoze.labels" . | nindent 4 }}
app.kubernetes.io/component: oceanbase
type: Opaque
data:
password: {{ $proxyroPassword | b64enc | quote }}
{{- end }}

20
helm/charts/opencoze/templates/oceanbase-service.yaml
Unescape View File

@ -0,0 +1,20 @@
{{- if .Values.oceanbase.enabled }}
apiVersion: v1
kind: Service
metadata:
name: {{ include "opencoze.fullname" . }}-oceanbase
namespace: {{ .Release.Namespace }}
labels:
{{- include "opencoze.labels" . | nindent 4 }}
app.kubernetes.io/component: oceanbase
spec:
type: ClusterIP
ports:
- port: {{ .Values.oceanbase.port }}
targetPort: {{ .Values.oceanbase.targetPort }}
name: oceanbase
selector:
app.kubernetes.io/component: oceanbase
app.kubernetes.io/name: {{ include "opencoze.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}

10
helm/charts/opencoze/templates/oceanbase-serviceaccount.yaml
Unescape View File

@ -0,0 +1,10 @@
{{- if .Values.oceanbase.enabled }}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ include "opencoze.fullname" . }}-oceanbase
namespace: {{ .Release.Namespace }}
labels:
{{- include "opencoze.labels" . | nindent 4 }}
app.kubernetes.io/component: oceanbase
{{- end }}

52
helm/charts/opencoze/templates/oceanbase-statefulset.yaml
Unescape View File

@ -0,0 +1,52 @@
{{- if .Values.oceanbase.enabled }}
apiVersion: oceanbase.oceanbase.com/v1alpha1
kind: OBCluster
metadata:
name: {{ include "opencoze.fullname" . }}-oceanbase
namespace: {{ .Release.Namespace }}
labels:
{{- include "opencoze.labels" . | nindent 4 }}
app.kubernetes.io/component: oceanbase
annotations:
{{- toYaml .Values.oceanbase.annotations | nindent 4 }}
spec:
clusterName: {{ .Values.oceanbase.clusterName | default .Release.Name | quote }}
clusterId: {{ .Values.oceanbase.clusterId | default 1 }}
serviceAccount: {{ include "opencoze.fullname" . }}-oceanbase
userSecrets:
root: {{ include "opencoze.fullname" . }}-oceanbase-root-secret
monitor: {{ include "opencoze.fullname" . }}-oceanbase-monitor-secret
operator: {{ include "opencoze.fullname" . }}-oceanbase-operator-secret
proxyro: {{ include "opencoze.fullname" . }}-oceanbase-proxyro-secret
topology:
{{- toYaml .Values.oceanbase.topology | nindent 4 }}
observer:
image: {{ .Values.oceanbase.image.repository }}:{{ .Values.oceanbase.image.tag }}
{{- with .Values.oceanbase.observerConfig }}
resource:
{{- toYaml .resource | nindent 6 }}
storage:
{{- range $key, $size := .storages }}
{{ $key }}:
storageClass: {{ $.Values.oceanbase.storageClass }}
size: {{ $size }}
{{- end }}
{{- end }}
{{- if .Values.oceanbase.monitorEnabled }}
monitor:
image: oceanbase/obagent:{{ .Values.oceanbase.obAgentVersion }}
resource:
{{- toYaml .Values.oceanbase.monitorResource | nindent 6 }}
{{- end }}
parameters:
{{- range $param := .Values.oceanbase.parameters }}
- name: {{ $param.name }}
value: {{ $param.value | quote }}
{{- end }}
{{- if .Values.oceanbase.backupVolumeEnabled }}
backupVolume:
volume:
name: backup
{{- toYaml .Values.oceanbase.backupVolume | nindent 6 }}
{{- end }}
{{- end }}

41
helm/charts/opencoze/values.yaml
Unescape View File

@ -19,6 +19,46 @@ mysql:
initScripts:
- files/mysql/schema.sql
oceanbase:
enabled: false
port: 2881
targetPort: 2881
clusterName: 'cozeai'
clusterId: 1
image:
repository: oceanbase/oceanbase-cloud-native
tag: '4.3.5.3-103000092025080818'
obAgentVersion: '4.2.2-100000042024011120'
monitorEnabled: true
storageClass: ''
observerConfig:
resource:
cpu: 2
memory: 8Gi
storages:
dataStorage: 30Gi
redoLogStorage: 30Gi
logStorage: 10Gi
monitorResource:
cpu: 100m
memory: 256Mi
generateUserSecrets: true
userSecrets:
root: 'coze123'
monitor: 'coze123'
operator: 'coze123'
proxyro: 'coze123'
topology:
- zone: zone1
replica: 1
parameters:
- name: system_memory
value: '2G'
- name: '__min_full_resource_pool_memory'
value: '2147483648'
annotations: {}
backupVolumeEnabled: false
redis:
enabled: true
image:
@ -266,4 +306,3 @@ ingress:
# - secretName: chart-example-tls
# hosts:
# - chart-example.local

Write Preview
Loading…
Cancel
Save