KubeBlocks
BlogsKubeBlocks Cloud
Overview
Quickstart

Topologies

MySQL Semi-Synchronous Cluster
MySQL Cluster with ProxySQL
MySQL Group Replication Cluster
MySQL Group Replication with ProxySQL
MySQL Cluster with Orchestrator
MySQL with Orchestrator & ProxySQL

Operations

Lifecycle Management
Vertical Scaling
Horizontal Scaling
Volume Expansion
Manage MySQL Services
Minor Version Upgrade
Modify MySQL Parameters
Planned Switchover in MySQL
Decommission MySQL Replica
Recovering MySQL Replica

Backup And Restores

Create BackupRepo
Create Full Backup
Scheduled Backups
Scheduled Continuous Backup
Restore MySQL Cluster
Restore with PITR

Custom Secret

Custom Password
Custom Password Policy

TLS

MySQL Cluster with TLS
MySQL Cluster with User-Provided TLS
MySQL Cluster with mTLS

Monitoring

Observability for MySQL Clusters

Advanced Pod Management

Custom Scheduling Policies
Custom Pod Resources
Pod Management Parallelism
Using OnDelete for Controlled Pod Updates
Gradual Rolling Update
  1. Prerequisites
  2. Deploying the MySQL Semi-Synchronous Cluster
    1. Step 1: Create a Secret for the Root Account
    2. Step 2: Deploy the MySQL Cluster
  3. Verifying the Deployment
  4. Connecting to the MySQL Cluster
  5. Cleanup
  6. Summary

Create MySQL Cluster With Custom Password on KubeBlocks

This guide demonstrates how to deploy a MySQL cluster in KubeBlocks with a custom root password stored in a Kubernetes Secret.

Prerequisites

Before proceeding, ensure the following:

  • Environment Setup:
    • A Kubernetes cluster is up and running.
    • The kubectl CLI tool is configured to communicate with your cluster.
    • KubeBlocks CLI and KubeBlocks Operator are installed. Follow the installation instructions here.
  • Namespace Preparation: To keep resources isolated, create a dedicated namespace for this tutorial:
kubectl create ns demo

Expected Output:

namespace/demo created

Deploying the MySQL Semi-Synchronous Cluster

KubeBlocks uses a declarative approach for managing MySQL clusters. Below is an example configuration for deploying a MySQL cluster with 2 nodes (1 primary, 1 replicas) in semi-synchronous mode and a custom root password.

Step 1: Create a Secret for the Root Account

The custom root password is stored in a Kubernetes Secret. Create the Secret by applying the following YAML:

kubectl apply -f - <<EOF
apiVersion: v1
data:
  password: Y3VzdG9tcGFzc3dvcmQ= # custompassword
  username: cm9vdA== #root
immutable: true
kind: Secret
metadata:
  name: custom-mysql-root-secret
  namespace: demo
EOF
  • password: Replace custompassword with your desired password and encode it using Base64 (echo -n "custompassword" | base64).
  • username: The default MySQL root user is 'root', encoded as 'cm9vdA=='.

Step 2: Deploy the MySQL Cluster

Apply the following manifest to deploy the MySQL cluster, referencing the Secret created in Step 1 for the root account:

kubectl apply -f - <<EOF
apiVersion: apps.kubeblocks.io/v1
kind: Cluster
metadata:
  name: example-mysql-cluster
  namespace: demo
spec:
  clusterDef: mysql
  topology: semisync
  terminationPolicy: Delete
  componentSpecs:
    - name: mysql
      serviceVersion: 8.0.35
      replicas: 2
      systemAccounts:
        - name: root
          secretRef:
            name: custom-mysql-root-secret
            namespace: demo
      resources:
        limits:
          cpu: '0.5'
          memory: 0.5Gi
        requests:
          cpu: '0.5'
          memory: 0.5Gi
      volumeClaimTemplates:
        - name: data
          spec:
            storageClassName: ""
            accessModes:
              - ReadWriteOnce
            resources:
              requests:
                storage: 20Gi
EOF

Verifying the Deployment

Once the cluster is deployed, check its status by running the following command:

kubectl get cluster example-mysql-cluster -n demo -w

Expected Output:

NAME                          CLUSTER-DEFINITION   TERMINATION-POLICY   STATUS     AGE
example-mysql-cluster   mysql                Delete               Creating   19s
example-mysql-cluster   mysql                Delete               Running    1m

Wait until the STATUS changes to 'Running'.

Connecting to the MySQL Cluster

KubeBlocks automatically creates a secret containing the MySQL root credentials. Retrieve the credentials with the following commands:

kubectl get secrets -n demo example-mysql-cluster-mysql-account-root -o jsonpath='{.data.username}' | base64 -d
root

kubectl get secrets -n demo example-mysql-cluster-mysql-account-root -o jsonpath='{.data.password}' | base64 -d
custompassword

To connect to the cluster's primary node, use the MySQL client with the custom password:

kubectl exec -it -n demo example-mysql-cluster-mysql-0 -c mysql -- mysql -h example-mysql-cluster-mysql.demo.svc.cluster.local -uroot -pcustompassword

Cleanup

To remove all created resources, delete the MySQL cluster along with its namespace:

kubectl delete cluster example-mysql-cluster -n demo
kubectl delete secret custom-mysql-root-secret -n demo
kubectl delete ns demo

Summary

In this guide, you:

  • Created a Kubernetes Secret to securely store a custom MySQL root password.
  • Deployed a MySQL cluster in KubeBlocks with a custom root password.
  • Verified the deployment and connected to the cluster's primary node using the MySQL client.

Using Kubernetes Secrets ensures secure credential management for your MySQL clusters, while KubeBlocks simplifies the deployment and management process.

© 2025 ApeCloud PTE. Ltd.