summaryrefslogtreecommitdiffstats
path: root/mysql
diff options
context:
space:
mode:
Diffstat (limited to 'mysql')
-rw-r--r--mysql/Dockerfile19
-rw-r--r--mysql/Makefile47
-rw-r--r--mysql/root-galera/etc/yum.repos.d/galera.repo11
-rwxr-xr-xmysql/root-galera/usr/bin/peer-finderbin0 -> 2214569 bytes
-rwxr-xr-xmysql/root-galera/usr/bin/run-mysqld-galera71
-rwxr-xr-xmysql/root-galera/usr/bin/run-mysqld-manager91
-rw-r--r--mysql/root-galera/usr/share/container-scripts/mysql/galera-common.sh61
-rw-r--r--mysql/root-galera/usr/share/container-scripts/mysql/galera-init/60-galera-config.sh6
-rw-r--r--mysql/root-galera/usr/share/container-scripts/mysql/galera-init/galera.cnf.template15
-rw-r--r--mysql/root-galera/usr/share/container-scripts/mysql/galera/cluster.cnf4
-rwxr-xr-xmysql/root-galera/usr/share/container-scripts/mysql/galera/configure-galera.sh48
-rw-r--r--mysql/root-galera/usr/share/container-scripts/mysql/init/50-galera-passwd-change.sh17
-rw-r--r--mysql/root-galera/usr/share/container-scripts/mysql/init/51-extradb.sh14
-rw-r--r--mysql/root-galera/usr/share/container-scripts/mysql/init/52-super.sh12
-rw-r--r--mysql/root-galera/usr/share/container-scripts/mysql/init/53-pma.sh26
-rw-r--r--mysql/root-galera/usr/share/container-scripts/mysql/pre-init/30-ands-tuning.sh24
-rw-r--r--mysql/root-galera/usr/share/container-scripts/mysql/pre-init/ands-slave-logbin.cnf.template2
-rw-r--r--mysql/root-galera/usr/share/container-scripts/mysql/pre-init/ands-slave.cnf.template5
-rw-r--r--mysql/root-galera/usr/share/container-scripts/mysql/pre-init/ands-tuning.cnf.template6
-rw-r--r--mysql/root-galera/usr/share/container-scripts/mysql/pre-init/my-master.cnf.template7
-rw-r--r--mysql/root-galera/usr/share/container-scripts/mysql/pre-init/my-repl-gtid.cnf.template6
-rw-r--r--mysql/root-galera/usr/share/container-scripts/mysql/pre-init/my-slave.cnf.template7
22 files changed, 499 insertions, 0 deletions
diff --git a/mysql/Dockerfile b/mysql/Dockerfile
new file mode 100644
index 0000000..66aa7a0
--- /dev/null
+++ b/mysql/Dockerfile
@@ -0,0 +1,19 @@
+FROM centos/mysql-57-centos7
+
+USER root
+
+RUN INSTALL_PKGS="iproute rsync which socat percona-xtrabackup-24 bind-utils policycoreutils" && \
+ yum install -y epel-release && \
+ yum install -y http://www.percona.com/downloads/percona-release/redhat/0.1-4/percona-release-0.1-4.noarch.rpm && \
+ yum install -y --setopt=tsflags=nodocs $INSTALL_PKGS && \
+ yum install -y --setopt=tsflags=nodocs mc && \
+ rpm -V $INSTALL_PKGS && \
+ yum clean all
+
+COPY root-galera /
+
+RUN rm -rf /etc/my.cnf.d/* && \
+ cp --remove-destination $(readlink /etc/my.cnf) /etc/my.cnf && \
+ /usr/libexec/container-setup && rpm-file-permissions
+
+USER 27
diff --git a/mysql/Makefile b/mysql/Makefile
new file mode 100644
index 0000000..fcf088d
--- /dev/null
+++ b/mysql/Makefile
@@ -0,0 +1,47 @@
+all: build
+install: push
+
+.PHONY: rebuild build push start stop restart bash peer-finder
+
+
+build: Dockerfile
+ docker build --tag chsa/mysql:5.7 .
+
+rebuild: Dockerfile
+ docker build --no-cache --tag chsa/mysql:5.7 .
+
+push: build
+ docker push chsa/mysql:5.7
+
+login:
+ docker login -u `oc whoami` -p `oc whoami -t` docker-registry-default.kaas.kit.edu
+
+kaas: build login
+ docker tag chsa/mysql:5.7 docker-registry-default.kaas.kit.edu/adei/mysql:5.7
+ docker push docker-registry-default.kaas.kit.edu/adei/mysql:5.7
+
+
+start: build
+ if [ `docker ps | grep chsa/mysql | wc -l` -eq 0 ]; then \
+ if [ `docker ps -a | grep mysql | wc -l` -gt 0 ]; then \
+ echo "Removing the stalled copy..." ;\
+ docker stop mysql ;\
+ docker rm mysql ;\
+ fi ;\
+ docker run --name mysql -t -d chsa/mysql:5.7 ;\
+ else \
+ echo "Already running..." ;\
+ fi
+
+stop:
+ @if [ `docker ps | grep mysql | wc -l` -gt 0 ]; then \
+ docker stop mysql ;\
+ docker rm mysql ;\
+ fi
+
+restart:
+ make stop
+ make start
+
+bash: build
+ docker exec -it mysql /bin/bash
diff --git a/mysql/root-galera/etc/yum.repos.d/galera.repo b/mysql/root-galera/etc/yum.repos.d/galera.repo
new file mode 100644
index 0000000..b002165
--- /dev/null
+++ b/mysql/root-galera/etc/yum.repos.d/galera.repo
@@ -0,0 +1,11 @@
+[galera]
+name = Galera
+baseurl = http://releases.galeracluster.com/galera-3/centos/7/x86_64/
+gpgkey = http://releases.galeracluster.com/GPG-KEY-galeracluster.com
+gpgcheck = 1
+
+[mysql-wsrep]
+name = MySQL-wsrep
+baseurl = http://releases.galeracluster.com/mysql-wsrep-5.7/centos/7/x86_64/
+gpgkey = http://releases.galeracluster.com/GPG-KEY-galeracluster.com
+gpgcheck = 1
diff --git a/mysql/root-galera/usr/bin/peer-finder b/mysql/root-galera/usr/bin/peer-finder
new file mode 100755
index 0000000..af52ee1
--- /dev/null
+++ b/mysql/root-galera/usr/bin/peer-finder
Binary files differ
diff --git a/mysql/root-galera/usr/bin/run-mysqld-galera b/mysql/root-galera/usr/bin/run-mysqld-galera
new file mode 100755
index 0000000..1890209
--- /dev/null
+++ b/mysql/root-galera/usr/bin/run-mysqld-galera
@@ -0,0 +1,71 @@
+#!/bin/bash
+
+if [ -v POD_NAMESPACE ]; then
+ cp "${CONTAINER_SCRIPTS_PATH}/galera/cluster.cnf" /etc/my.cnf.d/
+
+ # Is running in Kubernetes/OpenShift, so find all other pods
+ # belonging to the namespace
+ echo "Galera: Finding peers"
+ [ -v MYSQL_GALERA_CLUSTER ] || MYSQL_GALERA_CLUSTER="$(hostname -f | cut -d'.' -f2)"
+ K8S_SVC_NAME=${MYSQL_GALERA_CLUSTER}
+ echo "Using service name: ${K8S_SVC_NAME}"
+ /usr/bin/peer-finder -on-start="${CONTAINER_SCRIPTS_PATH}/galera/configure-galera.sh" -service=${K8S_SVC_NAME}
+else
+ echo "POD_NAMESPACE not set, spin up single node"
+fi
+
+
+export_vars=$(cgroup-limits); export $export_vars
+source ${CONTAINER_SCRIPTS_PATH}/galera-common.sh
+set -eu
+if [[ -v DEBUG_IGNORE_SCRIPT_FAILURES ]]; then
+ set +e
+fi
+
+export_setting_variables
+
+log_volume_info $MYSQL_DATADIR
+
+# pre-init files
+process_extending_files ${APP_DATA}/mysql-pre-init/ ${CONTAINER_SCRIPTS_PATH}/pre-init/
+
+mysql_extra_opts=""
+if [ ! -d "$MYSQL_DATADIR/mysql" -a ! -d "$MYSQL_DATADIR/.sst" ]; then
+ initialize_galera_database "$@"
+
+ # galera files
+ process_extending_files ${APP_DATA}/mysql-galera-init/ ${CONTAINER_SCRIPTS_PATH}/galera-init/
+
+ # init files
+ process_extending_files ${APP_DATA}/mysql-init/ ${CONTAINER_SCRIPTS_PATH}/init/
+
+ # Restart the MySQL server with public IP bindings
+ shutdown_local_mysql
+else
+ no_cluster=$(grep -P "gcomm://$" ${MYSQL_DEFAULTS_FILE}.d/cluster.cnf | cat)
+ if [ -n "$no_cluster" ]; then
+ log_info "Configuration: $MYSQL_DEFAULTS_FILE"
+ log_info "No cluster is configured yet, trying to recover from failure..."
+ log_info "Allowing recovery in $MYSQL_DATADIR/grastate.dat"
+# This seems a bad idea. If another pod is marked safe to bootstrap we may end up in conflict, I guess....
+# Keep it manual for now
+# sed -i'' 's/safe_to_bootstrap:.*/safe_to_bootstrap: 1/' $MYSQL_DATADIR/grastate.dat
+# This seems unneeded
+# mysql_extra_opts="--wsrep-new-cluster"
+ else
+ log_info "Configuration: $MYSQL_DEFAULTS_FILE"
+ log_info "Cluster is configured. Trying to join..."
+ fi
+
+ # galera files
+ process_extending_files ${APP_DATA}/mysql-galera-init/ ${CONTAINER_SCRIPTS_PATH}/galera-init/
+
+# I guess we can't do that once cluster is existing...
+# start_local_mysql --wsrep-on=OFF --wsrep-provider=none "$@"
+fi
+
+unset_env_vars
+log_volume_info $MYSQL_DATADIR
+log_info "Running final exec - mysqld --defaults-file=$MYSQL_DEFAULTS_FILE $mysql_extra_opts $@"
+
+exec ${MYSQL_PREFIX}/libexec/mysqld --defaults-file=$MYSQL_DEFAULTS_FILE $mysql_extra_opts "$@" 2>&1
diff --git a/mysql/root-galera/usr/bin/run-mysqld-manager b/mysql/root-galera/usr/bin/run-mysqld-manager
new file mode 100755
index 0000000..91f3c9c
--- /dev/null
+++ b/mysql/root-galera/usr/bin/run-mysqld-manager
@@ -0,0 +1,91 @@
+#!/bin/bash
+
+export TERM=xterm
+function display_container_header {
+ echo "+====================================================="
+ echo "| Container : $HOSTNAME"
+ echo "| OS : $(</etc/redhat-release)"
+ echo "| kubernetes : $KUBERNETES_SERVICE_HOST"
+ echo "| user : $(whoami)"
+ echo "| home : $HOME"
+ echo "+====================================================="
+}
+
+function start_service {
+ echo "+====================================================="
+ echo "| Container $HOSTNAME is now RUNNING"
+ echo "+====================================================="
+ while true
+ do
+ echo /usr/bin/peer-finder -on-start="${CONTAINER_SCRIPTS_PATH}/galera/configure-galera.sh" -service=${K8S_SVC_NAME}
+ echo ${MYSQL_PREFIX}/libexec/mysqld --defaults-file=$MYSQL_DEFAULTS_FILE $mysql_extra_opts "$@"
+ echo "live... (next try in 1 hour)" & sleep 3600
+ done
+}
+
+
+if [ -v POD_NAMESPACE ]; then
+ cp "${CONTAINER_SCRIPTS_PATH}/galera/cluster.cnf" /etc/my.cnf.d/
+
+ # Is running in Kubernetes/OpenShift, so find all other pods
+ # belonging to the namespace
+ echo "Galera: Skip finding peers to prevent failures due to failed cluster"
+ [ -v MYSQL_GALERA_CLUSTER ] || MYSQL_GALERA_CLUSTER="$(hostname -f | cut -d'.' -f2)"
+ K8S_SVC_NAME=${MYSQL_GALERA_CLUSTER}
+ echo "Using service name: ${K8S_SVC_NAME}"
+ echo /usr/bin/peer-finder -on-start="${CONTAINER_SCRIPTS_PATH}/galera/configure-galera.sh" -service=${K8S_SVC_NAME}
+else
+ echo "POD_NAMESPACE not set, spin up single node"
+fi
+
+
+export_vars=$(cgroup-limits); export $export_vars
+source ${CONTAINER_SCRIPTS_PATH}/galera-common.sh
+set -eu
+if [[ -v DEBUG_IGNORE_SCRIPT_FAILURES ]]; then
+ set +e
+fi
+
+export_setting_variables
+
+log_volume_info $MYSQL_DATADIR
+
+# pre-init files
+process_extending_files ${APP_DATA}/mysql-pre-init/ ${CONTAINER_SCRIPTS_PATH}/pre-init/
+
+mysql_extra_opts=""
+if [ ! -d "$MYSQL_DATADIR/mysql" -a ! -d "$MYSQL_DATADIR/.sst" ]; then
+
+ initialize_galera_database "$@"
+
+ # galera files
+ process_extending_files ${APP_DATA}/mysql-galera-init/ ${CONTAINER_SCRIPTS_PATH}/galera-init/
+
+ # init files
+ process_extending_files ${APP_DATA}/mysql-init/ ${CONTAINER_SCRIPTS_PATH}/init/
+
+ # Restart the MySQL server with public IP bindings
+ shutdown_local_mysql
+else
+ no_cluster=$(grep -P "gcomm://$" | cat)
+ if [ -n "$no_cluster" ]; then
+ echo "No cluster configured, recovering from failure..."
+ sed -i'' -e 's/safe_to_bootstrap:.*/safe_to_bootstrap: 1/' $MYSQL_DATADIR/grastate.dat
+ mysql_extra_opts="--wsrep-new-cluster"
+ fi
+
+ # galera files
+ process_extending_files ${APP_DATA}/mysql-galera-init/ ${CONTAINER_SCRIPTS_PATH}/galera-init/
+
+# I guess we can't do that once cluster is existing...
+# start_local_mysql --wsrep-on=OFF --wsrep-provider=none "$@"
+fi
+
+unset_env_vars
+log_volume_info $MYSQL_DATADIR
+log_info 'Running final exec -- Only MySQL server logs after this point'
+
+
+echo ${MYSQL_PREFIX}/libexec/mysqld --defaults-file=$MYSQL_DEFAULTS_FILE $mysql_extra_opts "$@"
+display_container_header
+start_service
diff --git a/mysql/root-galera/usr/share/container-scripts/mysql/galera-common.sh b/mysql/root-galera/usr/share/container-scripts/mysql/galera-common.sh
new file mode 100644
index 0000000..b4d90e5
--- /dev/null
+++ b/mysql/root-galera/usr/share/container-scripts/mysql/galera-common.sh
@@ -0,0 +1,61 @@
+#!/bin/bash
+
+source ${CONTAINER_SCRIPTS_PATH}/common.sh
+
+# Initialize the MySQL database (create user accounts and the initial database)
+function initialize_galera_database() {
+ log_info 'Initializing database ...'
+ if [[ "$MYSQL_VERSION" < "5.7" ]] ; then
+ # Using --rpm since we need mysql_install_db behaves as in RPM
+ log_info 'Running mysql_install_db ...'
+ mysql_install_db --rpm --datadir=$MYSQL_DATADIR
+ else
+ log_info "Running mysqld --initialize-insecure ..."
+ ${MYSQL_PREFIX}/libexec/mysqld --wsrep-on=OFF --wsrep-provider=none --initialize-insecure --datadir=$MYSQL_DATADIR --ignore-db-dir=lost+found "$@"
+ fi
+
+ start_local_mysql --wsrep-on=OFF --wsrep-provider=none "$@"
+
+ if [ -v MYSQL_RUNNING_AS_SLAVE ]; then
+ log_info 'Initialization finished'
+ return 0
+ fi
+
+ # Do not care what option is compulsory here, just create what is specified
+ if [ -v MYSQL_USER ]; then
+ log_info "Creating user specified by MYSQL_USER (${MYSQL_USER}) ..."
+mysql $mysql_flags <<EOSQL
+ CREATE USER '${MYSQL_USER}'@'%' IDENTIFIED BY '${MYSQL_PASSWORD}';
+EOSQL
+ fi
+
+ if [ -v MYSQL_DATABASE ]; then
+ log_info "Creating database ${MYSQL_DATABASE} ..."
+ mysqladmin $admin_flags create "${MYSQL_DATABASE}"
+ if [ -v MYSQL_USER ]; then
+ log_info "Granting privileges to user ${MYSQL_USER} for ${MYSQL_DATABASE} ..."
+mysql $mysql_flags <<EOSQL
+ GRANT ALL ON \`${MYSQL_DATABASE}\`.* TO '${MYSQL_USER}'@'%' ;
+ FLUSH PRIVILEGES ;
+EOSQL
+ fi
+ fi
+
+ if [ -v MYSQL_ROOT_PASSWORD ]; then
+ log_info "Setting password for MySQL root user ..."
+ # for 5.6 and lower we use the trick that GRANT creates a user if not exists
+ # because IF NOT EXISTS clause does not exist in that versions yet
+ if [[ "$MYSQL_VERSION" > "5.6" ]] ; then
+ mysql $mysql_flags <<EOSQL
+ CREATE USER IF NOT EXISTS 'root'@'%';
+EOSQL
+ fi
+mysql $mysql_flags <<EOSQL
+ GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY '${MYSQL_ROOT_PASSWORD}' WITH GRANT OPTION;
+EOSQL
+ fi
+ log_info 'Initialization finished'
+
+ # remember that the database was just initialized, it may be needed on other places
+ export MYSQL_DATADIR_FIRST_INIT=true
+}
diff --git a/mysql/root-galera/usr/share/container-scripts/mysql/galera-init/60-galera-config.sh b/mysql/root-galera/usr/share/container-scripts/mysql/galera-init/60-galera-config.sh
new file mode 100644
index 0000000..e6cce5a
--- /dev/null
+++ b/mysql/root-galera/usr/share/container-scripts/mysql/galera-init/60-galera-config.sh
@@ -0,0 +1,6 @@
+if [ -v POD_NAMESPACE ]; then
+ [ -v MYSQL_GALERA_CLUSTER ] || export MYSQL_GALERA_CLUSTER="$(hostname -f | cut -d'.' -f2)"
+
+ log_info 'Processing basic Galera configuration files ...'
+ envsubst < ${CONTAINER_SCRIPTS_PATH}/galera-init/galera.cnf.template > /etc/my.cnf.d/galera.cnf
+fi
diff --git a/mysql/root-galera/usr/share/container-scripts/mysql/galera-init/galera.cnf.template b/mysql/root-galera/usr/share/container-scripts/mysql/galera-init/galera.cnf.template
new file mode 100644
index 0000000..c64a8cc
--- /dev/null
+++ b/mysql/root-galera/usr/share/container-scripts/mysql/galera-init/galera.cnf.template
@@ -0,0 +1,15 @@
+[mysqld]
+wsrep_on = ON
+wsrep_provider = /usr/lib64/galera-3/libgalera_smm.so
+wsrep_sst_auth=${MYSQL_GALERA_USER}:${MYSQL_GALERA_PASSWORD}
+wsrep_cluster_name=${MYSQL_GALERA_CLUSTER}
+#wsrep_provider_options="gcache.size=500M; gcache.page_size=500M"
+wsrep_sst_method = xtrabackup-v2
+default_storage_engine = innodb
+binlog_format = row
+
+# Performance settings
+innodb_autoinc_lock_mode = 2
+innodb_flush_log_at_trx_commit = 0
+query_cache_size = 0
+query_cache_type = 0
diff --git a/mysql/root-galera/usr/share/container-scripts/mysql/galera/cluster.cnf b/mysql/root-galera/usr/share/container-scripts/mysql/galera/cluster.cnf
new file mode 100644
index 0000000..5e9d444
--- /dev/null
+++ b/mysql/root-galera/usr/share/container-scripts/mysql/galera/cluster.cnf
@@ -0,0 +1,4 @@
+[mysqld]
+# By default every node is standalone
+wsrep_cluster_address=gcomm://
+wsrep_node_address=127.0.0.1
diff --git a/mysql/root-galera/usr/share/container-scripts/mysql/galera/configure-galera.sh b/mysql/root-galera/usr/share/container-scripts/mysql/galera/configure-galera.sh
new file mode 100755
index 0000000..05829a4
--- /dev/null
+++ b/mysql/root-galera/usr/share/container-scripts/mysql/galera/configure-galera.sh
@@ -0,0 +1,48 @@
+#! /bin/bash
+
+# Copyright 2016 The Kubernetes Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# This script writes out a mysql galera config using a list of newline seperated
+# peer DNS names it accepts through stdin.
+
+# /etc/mysql is assumed to be a shared volume so we can modify my.cnf as required
+# to keep the config up to date, without wrapping mysqld in a custom pid1.
+# The config location is intentionally not /etc/mysql/my.cnf because the
+# standard base image clobbers that location.
+CFG=/etc/my.cnf.d/cluster.cnf
+
+function join {
+ local IFS="$1"; shift; echo "$*";
+}
+
+HOSTNAME=$(hostname)
+while read -ra LINE; do
+ if [[ "${LINE}" == *"${HOSTNAME}"* ]]; then
+ MY_NAME=$LINE
+ fi
+ PEERS=("${PEERS[@]}" $LINE)
+done
+
+if [ "${#PEERS[@]}" = 1 ]; then
+ WSREP_CLUSTER_ADDRESS=""
+else
+ WSREP_CLUSTER_ADDRESS=$(join , "${PEERS[@]}")
+fi
+
+sed -i -e "s|^wsrep_node_address=.*$|wsrep_node_address=${MY_NAME}|" ${CFG}
+sed -i -e "s|^wsrep_cluster_address=.*$|wsrep_cluster_address=gcomm://${WSREP_CLUSTER_ADDRESS}|" ${CFG}
+
+# don't need a restart, we're just writing the conf in case there's an
+# unexpected restart on the node.
diff --git a/mysql/root-galera/usr/share/container-scripts/mysql/init/50-galera-passwd-change.sh b/mysql/root-galera/usr/share/container-scripts/mysql/init/50-galera-passwd-change.sh
new file mode 100644
index 0000000..5789bde
--- /dev/null
+++ b/mysql/root-galera/usr/share/container-scripts/mysql/init/50-galera-passwd-change.sh
@@ -0,0 +1,17 @@
+#!/bin/bash
+
+password_change() {
+mysql $mysql_flags <<EOSQL
+ CREATE USER IF NOT EXISTS '${MYSQL_GALERA_USER}'@'localhost';
+ SET PASSWORD FOR '${MYSQL_GALERA_USER}'@'localhost' = PASSWORD('${MYSQL_GALERA_PASSWORD}');
+ GRANT RELOAD, LOCK TABLES, REPLICATION CLIENT ON *.* TO '${MYSQL_GALERA_USER}'@'localhost';
+ UPDATE mysql.user SET Super_Priv='Y', Process_priv='Y' WHERE user='${MYSQL_GALERA_USER}' AND host='localhost';
+ FLUSH PRIVILEGES;
+EOSQL
+}
+
+if [ -v MYSQL_GALERA_USER -a -v MYSQL_GALERA_PASSWORD ]; then
+ password_change
+fi
+
+unset -f password_change
diff --git a/mysql/root-galera/usr/share/container-scripts/mysql/init/51-extradb.sh b/mysql/root-galera/usr/share/container-scripts/mysql/init/51-extradb.sh
new file mode 100644
index 0000000..c047265
--- /dev/null
+++ b/mysql/root-galera/usr/share/container-scripts/mysql/init/51-extradb.sh
@@ -0,0 +1,14 @@
+extradb() {
+for db in "$MYSQL_EXTRADB"; do
+mysql $mysql_flags <<EOSQL
+ GRANT ALL ON \`${db}\`.* TO '${MYSQL_USER}'@'%' ;
+ FLUSH PRIVILEGES ;
+EOSQL
+done;
+}
+
+if [ -v MYSQL_EXTRADB ]; then
+ extradb
+fi
+
+unset -f extradb
diff --git a/mysql/root-galera/usr/share/container-scripts/mysql/init/52-super.sh b/mysql/root-galera/usr/share/container-scripts/mysql/init/52-super.sh
new file mode 100644
index 0000000..cfa19ed
--- /dev/null
+++ b/mysql/root-galera/usr/share/container-scripts/mysql/init/52-super.sh
@@ -0,0 +1,12 @@
+set_super() {
+mysql $mysql_flags <<EOSQL
+ UPDATE mysql.user SET Super_Priv='Y' WHERE user='${MYSQL_USER}' AND host='%';
+ FLUSH PRIVILEGES;
+EOSQL
+}
+
+if [ -v MYSQL_USER_PRIV_SUPER -a "$MYSQL_USER_PRIV_SUPER" -eq 1 ]; then
+ set_super
+fi
+
+unset -f set_super
diff --git a/mysql/root-galera/usr/share/container-scripts/mysql/init/53-pma.sh b/mysql/root-galera/usr/share/container-scripts/mysql/init/53-pma.sh
new file mode 100644
index 0000000..5644b8f
--- /dev/null
+++ b/mysql/root-galera/usr/share/container-scripts/mysql/init/53-pma.sh
@@ -0,0 +1,26 @@
+set_pma() {
+mysql $mysql_flags <<EOSQL
+ CREATE USER IF NOT EXISTS 'pma'@'%' IDENTIFIED BY '${MYSQL_PMA_PASSWORD}';
+ ALTER USER 'pma'@'%' IDENTIFIED BY '${MYSQL_PMA_PASSWORD}';
+
+ GRANT USAGE ON mysql.* TO 'pma'@'%';
+ GRANT SELECT (
+ Host, User, Select_priv, Insert_priv, Update_priv, Delete_priv,
+ Create_priv, Drop_priv, Reload_priv, Shutdown_priv, Process_priv,
+ File_priv, Grant_priv, References_priv, Index_priv, Alter_priv,
+ Show_db_priv, Super_priv, Create_tmp_table_priv, Lock_tables_priv,
+ Execute_priv, Repl_slave_priv, Repl_client_priv
+ ) ON mysql.user TO 'pma'@'%';
+
+ GRANT SELECT ON mysql.db TO 'pma'@'%';
+ #GRANT SELECT ON mysql.host TO 'pma'@'%';
+ GRANT SELECT (Host, Db, User, Table_name, Table_priv, Column_priv) ON mysql.tables_priv TO 'pma'@'%';
+ GRANT SELECT, INSERT, UPDATE, DELETE ON phpmyadmin.* TO 'pma'@'%';
+EOSQL
+}
+
+if [ -v MYSQL_PMA_PASSWORD ]; then
+ set_pma
+fi
+
+unset -f set_pma
diff --git a/mysql/root-galera/usr/share/container-scripts/mysql/pre-init/30-ands-tuning.sh b/mysql/root-galera/usr/share/container-scripts/mysql/pre-init/30-ands-tuning.sh
new file mode 100644
index 0000000..c717e9d
--- /dev/null
+++ b/mysql/root-galera/usr/share/container-scripts/mysql/pre-init/30-ands-tuning.sh
@@ -0,0 +1,24 @@
+export MYSQL_LOG_BIN=${MYSQL_LOG_BIN:-1}
+export MYSQL_SYNC_BINLOG=${MYSQL_SYNC_BINLOG:-0}
+export MYSQL_LOG_SLAVE_UPDATES=${MYSQL_LOG_SLAVE_UPDATES:-0}
+export MYSQL_BINLOG_SYNC_DELAY=${MYSQL_BINLOG_SYNC_DELAY:-0}
+export MYSQL_BINLOG_NODELAY_COUNT=${MYSQL_BINLOG_NODELAY_COUNT:-0}
+export MYSQL_FLUSH_LOG_TYPE=${MYSQL_FLUSH_LOG_TYPE:-2}
+export MYSQL_FLUSH_LOG_TIMEOUT=${MYSQL_FLUSH_LOG_TIMEOUT:-1}
+
+export MYSQL_SLAVE_WORKERS=${MYSQL_SLAVE_WORKERS:-4}
+export MYSQL_SLAVE_SKIP_ERRORS=${MYSQL_SLAVE_SKIP_ERRORS:-ddl_exist_errors}
+
+log_info 'Processing basic Ands configuration files ...'
+envsubst < ${CONTAINER_SCRIPTS_PATH}/pre-init/ands-tuning.cnf.template > /etc/my.cnf.d/ands-tuning.cnf
+
+if [ -v MYSQL_RUNNING_AS_SLAVE ] ; then
+ log_info 'Processing basic Ands configuration for replication (slave only) files ...'
+ envsubst < ${CONTAINER_SCRIPTS_PATH}/pre-init/ands-slave.cnf.template > /etc/my.cnf.d/ands-slave.cnf
+
+ if [ $MYSQL_LOG_BIN -ne 0 ]; then
+ log_info 'Enabling log-bin in slave configuration files ...'
+ envsubst < ${CONTAINER_SCRIPTS_PATH}/pre-init/ands-slave-logbin.cnf.template > /etc/my.cnf.d/ands-slave-logbin.cnf
+ fi
+fi
+
diff --git a/mysql/root-galera/usr/share/container-scripts/mysql/pre-init/ands-slave-logbin.cnf.template b/mysql/root-galera/usr/share/container-scripts/mysql/pre-init/ands-slave-logbin.cnf.template
new file mode 100644
index 0000000..78c42e8
--- /dev/null
+++ b/mysql/root-galera/usr/share/container-scripts/mysql/pre-init/ands-slave-logbin.cnf.template
@@ -0,0 +1,2 @@
+[mysqld]
+log_bin = ${MYSQL_DATADIR}/mysql-bin.log
diff --git a/mysql/root-galera/usr/share/container-scripts/mysql/pre-init/ands-slave.cnf.template b/mysql/root-galera/usr/share/container-scripts/mysql/pre-init/ands-slave.cnf.template
new file mode 100644
index 0000000..eae1e6a
--- /dev/null
+++ b/mysql/root-galera/usr/share/container-scripts/mysql/pre-init/ands-slave.cnf.template
@@ -0,0 +1,5 @@
+[mysqld]
+slave_parallel_type=LOGICAL_CLOCK
+slave_parallel_workers=${MYSQL_SLAVE_WORKERS}
+log_slave_updates=${MYSQL_LOG_SLAVE_UPDATES}
+slave_skip_errors=${MYSQL_SLAVE_SKIP_ERRORS}
diff --git a/mysql/root-galera/usr/share/container-scripts/mysql/pre-init/ands-tuning.cnf.template b/mysql/root-galera/usr/share/container-scripts/mysql/pre-init/ands-tuning.cnf.template
new file mode 100644
index 0000000..c5991df
--- /dev/null
+++ b/mysql/root-galera/usr/share/container-scripts/mysql/pre-init/ands-tuning.cnf.template
@@ -0,0 +1,6 @@
+[mysqld]
+sync_binlog=${MYSQL_SYNC_BINLOG}
+binlog_group_commit_sync_delay=${MYSQL_BINLOG_SYNC_DELAY}
+binlog_group_commit_sync_no_delay_count=${MYSQL_BINLOG_NODELAY_COUNT}
+innodb_flush_log_at_trx_commit=${MYSQL_FLUSH_LOG_TYPE}
+innodb_flush_log_at_timeout=${MYSQL_FLUSH_LOG_TIMEOUT}
diff --git a/mysql/root-galera/usr/share/container-scripts/mysql/pre-init/my-master.cnf.template b/mysql/root-galera/usr/share/container-scripts/mysql/pre-init/my-master.cnf.template
new file mode 100644
index 0000000..7c4c511
--- /dev/null
+++ b/mysql/root-galera/usr/share/container-scripts/mysql/pre-init/my-master.cnf.template
@@ -0,0 +1,7 @@
+[mysqld]
+
+server-id = ${MYSQL_SERVER_ID}
+log_bin = ${MYSQL_DATADIR}/mysql-bin.log
+#binlog_do_db = mysql
+#binlog_do_db = ${MYSQL_DATABASE}
+binlog_format = ${MYSQL_BINLOG_FORMAT}
diff --git a/mysql/root-galera/usr/share/container-scripts/mysql/pre-init/my-repl-gtid.cnf.template b/mysql/root-galera/usr/share/container-scripts/mysql/pre-init/my-repl-gtid.cnf.template
new file mode 100644
index 0000000..5e985ec
--- /dev/null
+++ b/mysql/root-galera/usr/share/container-scripts/mysql/pre-init/my-repl-gtid.cnf.template
@@ -0,0 +1,6 @@
+[mysqld]
+
+gtid_mode = ON
+#log-slave-updates = ON
+enforce-gtid-consistency = ON
+
diff --git a/mysql/root-galera/usr/share/container-scripts/mysql/pre-init/my-slave.cnf.template b/mysql/root-galera/usr/share/container-scripts/mysql/pre-init/my-slave.cnf.template
new file mode 100644
index 0000000..879b94a
--- /dev/null
+++ b/mysql/root-galera/usr/share/container-scripts/mysql/pre-init/my-slave.cnf.template
@@ -0,0 +1,7 @@
+[mysqld]
+
+server-id = ${MYSQL_SERVER_ID}
+#log_bin = ${MYSQL_DATADIR}/mysql-bin.log
+relay-log = ${MYSQL_DATADIR}/mysql-relay-bin.log
+#binlog_do_db = mysql
+#binlog_do_db = ${MYSQL_DATABASE}