kubedb · Neaj-Morshad-101 · May 15, 2025 · May 15, 2025 · May 15, 2025 · May 19, 2025
diff --git a/docs/guides/mysql/concepts/database/index.md b/docs/guides/mysql/concepts/database/index.md
@@ -115,9 +115,28 @@ spec:
 
 `spec.version` is a required field specifying the name of the [MySQLVersion](/docs/guides/mysql/concepts/catalog/index.md) crd where the docker images are specified. Currently, when you install KubeDB, it creates the following `MySQLVersion` resources,
 
-- `8.0.35`, `8.0.35`, `8.0.17`, `8.0.3-v4`
+- `9.0.1`, `9.1.0`
+- `8.0.35`, `8.0.36`, `8.1.0`, `8.2.0`, `8.4.2`, `8.4.3`
 - `8.0.31-innodb`
-- `5.7.44`, `5.7.35-v1`,`5.7.25-v2`
+- `5.7.44`, `5.7.42-debian`
+
+### Handling `mbind: Operation not permitted`
+On certain platforms (e.g., when using specific security profiles), for some versions of `mysql`, you may see log messages like:   
+`mbind: Operation not permitted`
+
+This indicates that the `mysql` container needs the `SYS_NICE` kernel capability to perform CPU‐affinity or real-time scheduling operations. You can grant this capability by extending your Pod spec as follows:
+```yaml
+spec:
+  podTemplate:
+    spec:
+      containers:
+      - name: mysql
+        securityContext:
+          capabilities:
+            add: ["SYS_NICE"]
+            drop: ["ALL"]
+```
+This ensures that only the SYS_NICE capability is added—while all others are dropped—keeping your container’s security posture minimal.
 
 ### spec.topology
 

diff --git a/docs/guides/percona-xtradb/concepts/perconaxtradb/index.md b/docs/guides/percona-xtradb/concepts/perconaxtradb/index.md
@@ -68,7 +68,25 @@ spec:
 
 `spec.version` is a required field specifying the name of the [PerconaXtraDBVersion](/docs/guides/percona-xtradb/concepts/perconaxtradb-version) crd where the docker images are specified. Currently, when you install KubeDB, it creates the following `PerconaXtraDBVersion` resources,
 
-- `8.0.40`, `8.0.28`
+- `5.7.44`, `8.0.40`, `8.4.3`
+
+### Handling `mbind: Operation not permitted`
+On certain platforms (e.g., when using specific security profiles), for some versions of `perconaxtradb`, you may see log messages like:   
+`mbind: Operation not permitted`   
+
+This indicates that the `perconaxtradb` container needs the `SYS_NICE` kernel capability to perform CPU‐affinity or real-time scheduling operations. You can grant this capability by extending your Pod spec as follows:
+```yaml
+spec:
+  podTemplate:
+    spec:
+      containers:
+      - name: perconaxtradb
+        securityContext:
+          capabilities:
+            add: ["SYS_NICE"]
+            drop: ["ALL"]
+```
+This ensures that only the SYS_NICE capability is added—while all others are dropped—keeping your container’s security posture minimal.
 
 ### spec.replicas
 

diff --git a/docs/guides/proxysql/backends/mariadb-galera/examples/sample-proxysql.yaml b/docs/guides/proxysql/backends/mariadb-galera/examples/sample-proxysql.yaml
@@ -4,7 +4,7 @@ metadata:
   name: mariadb-proxy
   namespace: demo
 spec:
-  version: "2.6.3-debian"
+  version: "2.7.3-debian"
   replicas: 3
   syncUsers: true
   backend:

diff --git a/docs/guides/proxysql/backends/mariadb-galera/index.md b/docs/guides/proxysql/backends/mariadb-galera/index.md
@@ -46,7 +46,7 @@ metadata:
   name: mariadb-galera
   namespace: demo
 spec:
-  version: "10.6.16"
+  version: "11.6.2"
   replicas: 3
   storageType: Durable
   storage:
@@ -69,18 +69,18 @@ Let's wait for the MariaDB to be Ready.
 ```bash
 $ kubectl get md -n demo 
 NAME             VERSION   STATUS   AGE
-mariadb-galera   10.6.16   Ready    4m20s
+mariadb-galera   11.6.2   Ready    4m20s
 ```
 
 Let's first create a user in the backend mariadb server and a database to test the proxy traffic.
 
 ```bash
 $ kubectl exec -it -n demo mariadb-galera-0 -- bash
 Defaulted container "mariadb" out of: mariadb, md-coordinator, mariadb-init (init)
-mysql@mariadb-galera-0:/$ mysql -uroot -p$MYSQL_ROOT_PASSWORD
+mysql@mariadb-galera-0:/$ mariadb -uroot -p$MYSQL_ROOT_PASSWORD
 Welcome to the MariaDB monitor.  Commands end with ; or \g.
 Your MariaDB connection id is 52
-Server version: 10.6.16-MariaDB-1:10.6.16+maria~ubu2004 mariadb.org binary distribution
+Server version: 11.6.2-MariaDB-1:11.6.2+maria~ubu2004 mariadb.org binary distribution
 
 Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
 
@@ -125,7 +125,7 @@ metadata:
   name: mariadb-proxy
   namespace: demo
 spec:
-  version: "2.6.3-debian"
+  version: "2.7.3-debian"
   replicas: 3
   syncUsers: true
   backend:
@@ -145,7 +145,7 @@ Let's wait for the ProxySQL to be Ready.
 ```bash
 $ kubectl get prx -n demo
 NAME            VERSION        STATUS   AGE
-mariadb-proxy   2.6.3-debian   Ready    96s
+mariadb-proxy   2.7.3-debian   Ready    96s
 ```
 
 Let's check the pods and associated kubernetes objects

diff --git a/docs/guides/proxysql/backends/mysqlgrp/examples/sample-proxysql.yaml b/docs/guides/proxysql/backends/mysqlgrp/examples/sample-proxysql.yaml
@@ -4,7 +4,7 @@ metadata:
   name: mysql-proxy
   namespace: demo
 spec:
-  version: "2.6.3-debian"
+  version: "2.7.3-debian"
   replicas: 3
   syncUsers: true
   backend:

diff --git a/docs/guides/proxysql/backends/mysqlgrp/index.md b/docs/guides/proxysql/backends/mysqlgrp/index.md
@@ -46,7 +46,7 @@ metadata:
   name: mysql-server
   namespace: demo
 spec:
-  version: "8.0.36"
+  version: "8.4.3"
   replicas: 3
   topology:
     mode: GroupReplication
@@ -71,7 +71,7 @@ Let's wait for the MySQL to be Ready.
 ```bash
 $ kubectl get my -n demo 
 NAME           VERSION   STATUS   AGE
-mysql-server   8.0.36    Ready    7m6s
+mysql-server   8.4.3    Ready    7m6s
 ```
 
 Let's first create a user in the backend mysql server and a database to test the proxy traffic.
@@ -83,7 +83,7 @@ mysql@mysql-server-0:/$  mysql -uroot -p$MYSQL_ROOT_PASSWORD
 mysql: [Warning] Using a password on the command line interface can be insecure.
 Welcome to the MySQL monitor.  Commands end with ; or \g.
 Your MySQL connection id is 474
-Server version: 8.0.36 MySQL Community Server - GPL
+Server version: 8.4.3 MySQL Community Server - GPL
 
 Copyright (c) 2000, 2024, Oracle and/or its affiliates.
 
@@ -117,9 +117,9 @@ mysql> select * FROM performance_schema.replication_group_members;
 +---------------------------+--------------------------------------+-------------------------------------------+-------------+--------------+-------------+----------------+----------------------------+
 | CHANNEL_NAME              | MEMBER_ID                            | MEMBER_HOST                               | MEMBER_PORT | MEMBER_STATE | MEMBER_ROLE | MEMBER_VERSION | MEMBER_COMMUNICATION_STACK |
 +---------------------------+--------------------------------------+-------------------------------------------+-------------+--------------+-------------+----------------+----------------------------+
-| group_replication_applier | b7ed7a2d-1532-11f0-9b1a-5ad095e72795 | mysql-server-0.mysql-server-pods.demo.svc |        3306 | ONLINE       | PRIMARY     | 8.0.36         | XCom                       |
-| group_replication_applier | b7ed7a33-1532-11f0-9b20-6ec1a256386b | mysql-server-2.mysql-server-pods.demo.svc |        3306 | ONLINE       | SECONDARY   | 8.0.36         | XCom                       |
-| group_replication_applier | bae6c112-1532-11f0-86bb-ce260ac82c19 | mysql-server-1.mysql-server-pods.demo.svc |        3306 | ONLINE       | SECONDARY   | 8.0.36         | XCom                       |
+| group_replication_applier | b7ed7a2d-1532-11f0-9b1a-5ad095e72795 | mysql-server-0.mysql-server-pods.demo.svc |        3306 | ONLINE       | PRIMARY     | 8.4.3         | XCom                       |
+| group_replication_applier | b7ed7a33-1532-11f0-9b20-6ec1a256386b | mysql-server-2.mysql-server-pods.demo.svc |        3306 | ONLINE       | SECONDARY   | 8.4.3         | XCom                       |
+| group_replication_applier | bae6c112-1532-11f0-86bb-ce260ac82c19 | mysql-server-1.mysql-server-pods.demo.svc |        3306 | ONLINE       | SECONDARY   | 8.4.3         | XCom                       |
 +---------------------------+--------------------------------------+-------------------------------------------+-------------+--------------+-------------+----------------+----------------------------+
 3 rows in set (0.00 sec)
 
@@ -145,7 +145,7 @@ metadata:
   name: mysql-proxy
   namespace: demo
 spec:
-  version: "2.6.3-debian"
+  version: "2.7.3-debian"
   replicas: 3
   syncUsers: true
   backend:
@@ -165,7 +165,7 @@ Let's wait for the ProxySQL to be Ready.
 ```bash
 $ kubectl get prx -n demo
 NAME          VERSION        STATUS   AGE
-mysql-proxy   2.6.3-debian   Ready    109s
+mysql-proxy   2.7.3-debian   Ready    109s
 ```
 
 Let's check the pods and associated kubernetes objects

diff --git a/docs/guides/proxysql/backends/xtradb-galera/kubedb/examples/xtradb-proxy.yaml b/docs/guides/proxysql/backends/xtradb-galera/kubedb/examples/xtradb-proxy.yaml
@@ -4,7 +4,7 @@ metadata:
   name: xtradb-proxy
   namespace: demo
 spec:
-  version: "2.6.3-debian"
+  version: "2.7.3-debian"
   replicas: 3
   syncUsers: false
   backend:

diff --git a/docs/guides/proxysql/backends/xtradb-galera/kubedb/index.md b/docs/guides/proxysql/backends/xtradb-galera/kubedb/index.md
@@ -46,7 +46,7 @@ metadata:
   name: xtradb-galera
   namespace: demo
 spec:
-  version: "8.4.3"
+  version: "8.0.40"
   replicas: 3
   storageType: Durable
   storage:
@@ -69,7 +69,7 @@ Let's wait for the PerconaXtraDB to be Ready.
 ```bash
 $ kubectl get px -n demo 
 NAME            VERSION   STATUS   AGE
-xtradb-galera   8.4.3     Ready    8m
+xtradb-galera   8.0.40    Ready    8m
 ```
 
 Let's first create a user in the backend percona-xtradb server and a database to test the proxy traffic.
@@ -81,7 +81,7 @@ bash-5.1$ mysql -uroot -p$MYSQL_ROOT_PASSWORD
 mysql: [Warning] Using a password on the command line interface can be insecure.
 Welcome to the MySQL monitor.  Commands end with ; or \g.
 Your MySQL connection id is 471
-Server version: 8.4.3-3.1 Percona XtraDB Cluster (GPL), Release rel3, Revision cf742b4, WSREP version 26.1.4.3
+Server version: 8.0.40-31.1 Percona XtraDB Cluster (GPL), Release rel3, Revision cf742b4, WSREP version 26.1.4.3
 
 Copyright (c) 2009-2024 Percona LLC and/or its affiliates
 Copyright (c) 2000, 2024, Oracle and/or its affiliates.
@@ -120,7 +120,7 @@ Now we are ready to deploy and test our ProxySQL server.
 
 ## Deploy ProxySQL Server 
 
-With the following yaml we are going to create our desired ProxySQL server.
+With the following YAML, we are going to create our desired ProxySQL server.
 
 `Note`: If your `KubeDB version` is less or equal to `v2024.6.4`, You have to use `kubedb.com/v1alpha2` apiVersion.
 
@@ -131,9 +131,9 @@ metadata:
   name: xtradb-proxy
   namespace: demo
 spec:
-  version: "2.6.3-debian"
+  version: "2.7.3-debian"
   replicas: 3
-  syncUsers: false
+  syncUsers: true
   backend:
     name: xtradb-galera
   deletionPolicy: WipeOut
@@ -151,7 +151,7 @@ Let's wait for the ProxySQL to be Ready.
 ```bash
 $ kubectl get prx -n demo
 NAME            VERSION        STATUS   AGE
-xtradb-proxy    2.6.3-debian   Ready    17m
+xtradb-proxy    2.7.3-debian   Ready    17m
 ```
 
 Let's check the pods and associated kubernetes objects
@@ -239,22 +239,13 @@ Here we can see that all the nodes of our PerconaXtraDB Galera cluster has been
 Let's check the mysql_users table. 
 
 ```bash
-ProxySQLAdmin > INSERT INTO mysql_users (username, password, active, default_hostgroup, backend, frontend, transaction_persistent) 
-             VALUES ('test', 'pass', 1, 2, 1, 1, 1);
-Query OK, 1 row affected (0.001 sec)
-ProxySQLAdmin > LOAD MYSQL USERS TO RUNTIME;
-Query OK, 0 rows affected (0.001 sec)
-
-ProxySQLAdmin > SAVE MYSQL USERS TO DISK;
-Query OK, 0 rows affected (0.049 sec)
 ProxySQLAdmin > select username from mysql_users;
 +----------+
 | username |
 +----------+
 | root     |
 | test     |
 +----------+
-2 rows in set (0.001 sec)
 ```
 
 So test user is automatically synced in proxysql and present in mysql_users, we are now ready to test our traffic proxy.

diff --git a/docs/guides/proxysql/custom-rbac/index.md b/docs/guides/proxysql/custom-rbac/index.md
@@ -14,7 +14,7 @@ section_menu_id: guides
 
 # Using Custom RBAC resources
 
-KubeDB (version 0.13.0 and higher) supports finer user control over role based access permissions provided to a ProxySQL instance. This tutorial will show you how to use KubeDB to run ProxySQL instance with custom RBAC resources.
+KubeDB (version 0.13.0 and higher) supports finer user control over role-based access permissions provided to a ProxySQL instance. This tutorial will show you how to use KubeDB to run ProxySQL instance with custom RBAC resources.
 
 ## Before You Begin
 
@@ -52,8 +52,10 @@ serviceaccount/prx-custom-sa created
 
 It should create a service account.
 
-```yaml
+```bash
 $ kubectl get serviceaccount -n demo prx-custom-sa -oyaml
+```
+```yaml
 apiVersion: v1
 kind: ServiceAccount
 metadata:
@@ -105,8 +107,10 @@ rolebinding.rbac.authorization.k8s.io/prx-custom-rb created
 
 It should bind `prx-custom-role` and `prx-custom-sa` successfully.
 
-```yaml
+```bash
 $ kubectl get rolebinding -n demo prx-custom-rb -o yaml
+```
+```yaml
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata: