MariaDB

Helm chart for deploying MariaDB on Kubernetes using the official mariadb Docker image. Supports standalone and GTID-based replication architectures.

Key Features

Official MariaDB image from Docker Hub (11.4 LTS)
Standalone and replication modes with explicit configuration
GTID-based replication using MariaDB-native MASTER_USE_GTID=slave_pos
Configuration presets small, medium, large, oltp, read-heavy, analytics
TLS server-side encryption with optional client enforcement
Prometheus metrics via mysqld-exporter sidecar and ServiceMonitor
S3-compatible backup CronJob with mariadb-dump
NetworkPolicy and PDB for production workloads

Installation

HTTPS Repository

helm repo add helmforge https://repo.helmforge.dev
helm repo update
helm install mariadb helmforge/mariadb

OCI Registry

helm install mariadb oci://ghcr.io/helmforgedev/helm/mariadb

Basic Example

architecture: replication

auth:
  rootPassword: 'change-me'
  database: myapp
  username: myapp
  password: 'change-me'
  replicationPassword: 'change-me'

replication:
  source:
    persistence:
      size: 50Gi
  readReplicas:
    replicaCount: 2
    persistence:
      size: 50Gi

metrics:
  enabled: true
  serviceMonitor:
    enabled: true

backup:
  enabled: true
  schedule: '0 3 * * *'
  s3:
    endpoint: https://s3.amazonaws.com
    bucket: my-backups
    prefix: mariadb
    existingSecret: mariadb-backup-creds

Key Values

Key	Default	Description
`architecture`	`standalone`	Deployment mode: standalone or replication
`image.tag`	`11.4`	MariaDB version (LTS)
`auth.rootPassword`	`""`	Root password (auto-generated if empty)
`auth.database`	`app`	Application database
`auth.username`	`app`	Application user
`auth.password`	`""`	Application password (auto-generated if empty)
`auth.existingSecret`	`""`	Existing secret with passwords
`config.preset`	`none`	Configuration preset: small, medium, large, oltp, read-heavy, analytics
`standalone.persistence.size`	`8Gi`	Standalone PVC size
`replication.readReplicas.replicaCount`	`2`	Number of read replicas
`replication.binlog.format`	`ROW`	Binlog format
`service.type`	`ClusterIP`	Service type
`service.port`	`3306`	MariaDB port
`metrics.enabled`	`false`	Enable mysqld-exporter
`tls.enabled`	`false`	Enable server TLS
`backup.enabled`	`false`	Enable S3 backup CronJob
`backup.schedule`	`"0 3 * * *"`	Backup cron schedule
`networkPolicy.enabled`	`false`	Enable NetworkPolicy

Architecture Selection

When architecture is standalone (default), the chart deploys a single MariaDB instance. Set architecture: replication for one fixed source with asynchronous GTID-based read replicas.

More Information

Chart source and full values reference