Skip to main content
Sign in

Deploy a TiDB Cluster

Permanently deleted user
  • Updated

Deploy a TiDB Cluster

  • Objective: Learn to deploy a TiDB cluster on AWS (with Kubernetes)
  • Prerequisites:
    • background knowledge of TiDB components
    • AWS account
  • Optionality: Required
  • Estimated time: 40min - 60min

Install TiDB Cluster

Optionality: Required

Prepare yaml file

Command

Following command copies the pre-defined db.yaml.example file and replace CLUSTER_NAME with new cluster name my-cluster.

Note: If you have changed the TiDB cluster name (default_cluster_name in variables.tf), remember to replace my-cluster in your configuration.

cluster_name=my-cluster
sed "s/CLUSTER_NAME/$cluster_name/" manifests/db.yaml.example > poc.yaml

namespace=poc
KUBECONFIG=$PWD/credentials/kubeconfig
export KUBECONFIG
kubectl create namespace "$namespace"

Configure

The default configuration in your poc.yaml file will create a fully-functional cluster without any modifications.

However, there are a lot of possible configuration options for the TidbCluster resource. You can read about those at Configure a TiDB Cluster in Kubernetes and the full TidbCluster API reference.

In many cases, the configuration of TidbCluster can be changed even after it's deployed. For example, you can choose to add TiFlash, TiDB-Binlog, TiCDC, and other features after the cluster is already created.

Security

It's best to decide at the time you create your cluster if you want to enable TLS. In TiDB, you can choose to Enable TLS for the MySQL Client and/or Enable TLS between TiDB Components.

In both cases, you need to enable TLS in the CRD and add Kubernetes Secrets to give the cluster resources acceess to TLS certificates.

If you want to enable TLS in your cluster, you should first follow the Create TLS Certificates Using CFSSL guide.

After creating Secrets with your TLS certificates, make these modifications to the poc.yaml file:

  • If you want to enable TLS between MySQL-compatible clients and TiDB server, set spec.tidb.tlsClient.enabled to true
  • If you want to enable TLS between the components of TiDB cluster, set spec.tlsCluster.enabled to true

Create TiDB pods

kubectl create -f poc.yaml -n "$namespace"

A number of different pods will be created in groups. First, the PD pods, then the TiKV pods, and later the TiDB pods.

Verify

You can use kubectl get pod to see the progress of the deployment.

watch kubectl -n "$namespace" get pod
NAME                                   READY   STATUS    RESTARTS   AGE
my-cluster-discovery-d9854558f-gxpsb   1/1     Running   0          7m6s
my-cluster-pd-0                        1/1     Running   0          7m6s
my-cluster-pd-1                        1/1     Running   2          7m6s
my-cluster-pd-2                        1/1     Running   0          7m6s
my-cluster-tidb-0                      2/2     Running   0          3m19s
my-cluster-tidb-1                      2/2     Running   0          3m19s
my-cluster-tikv-0                      1/1     Running   0          3m38s
my-cluster-tikv-1                      1/1     Running   0          3m38s
my-cluster-tikv-2                      1/1     Running   0          3m38s

As soon as you see pods for all 3 pod types and all pods show "Running", you can move on to connecting to your cluster.

Related articles

Comments

0 comments

Please sign in to leave a comment.