MongoDB SoCal 2020: Using MongoDB Services in Kubernetes: Any Platform, Development or Production
1 like1,193 views
The document provides a comprehensive guide on using MongoDB services within Kubernetes for both development and production environments. It covers various topics including the setup of Kubernetes clusters, the use of MongoDB operators, Helm for package management, and considerations for database management within Kubernetes. Key components such as custom resource definitions, service catalogs, and operational tools like MongoDB Ops Manager and Cloud Manager are highlighted for efficient database deployment and management.
![#MDBLocal
#! /usr/bin/env bash
eksctl create cluster
--name service-cluster
--version 1.13
--nodegroup-name standard-workers
--node-type t3.xlarge
--nodes 3
# Get External IP – Atlas and Cloud Manager are Secure by Default
kubectl get nodes -o jsonpath='{$.items[*].status.addresses[?(@.type=="ExternalIP")].address }'
echo "Be sure to add external IPs to API Whitelist..."](https://image.slidesharecdn.com/usingmongodbservicesinkubernetes-irvine1-200220155050/85/MongoDB-SoCal-2020-Using-MongoDB-Services-in-Kubernetes-Any-Platform-Development-or-Production-20-320.jpg)
MongoDB SoCal 2020: Using MongoDB Services in Kubernetes: Any Platform, Development or Production
- 1. @ #MDBlocal Using MongoDB Services in Kubernetes: any platform, development or production johndohoney
- 3. Kubernetes Overview and Supporting Toolchain
- 5. #MDBLocal Kubernetes Overview eksctl create cluster --name myKubeCluster --version 1.14 --nodegroup-name standard-workers --node-type t3.xlarge --nodes 3 https://eksctl.io/ HA in one command !
- 6. #MDBLocal Helm Architecture Helm 2 - Package Manager for Kubernetes (Helm 3 is in Beta – “No Tiller”) ● https://helm.sh/ Do not use Helm charts with MongoDB Kubernetes Operator as upgrades are more complicated with the Helm client Package Manager for Kubernetes - A useful tool
- 7. #MDBLocal Kubernetes Service Catalog It’s Really this easy…. 1. Create resources that define your application 2. Define the MongoDB Atlas persistence service it relies on 3. (Done by MongoDB and contained in Github repo: https://github.com/mongodb/ mongodb-atlas-service- broker ) 4. Seamlessly Connect the two The elegance of simplicity
- 9. #MDBLocal The service catalog translates CRD into requests to the Atlas Service Broker, Provisions resources on your behalf, and injects the credentials for access back into your containers Kubernetes Service catalog Easy Mode
- 10. #MDBLocal • Kubernetes Operator are nothing more than a set of application- specific custom controllers. Controllers have direct access to Kubernetes API, which means they can monitor the cluster, change pods/services, scale up/down and call endpoints of the running applications, all according to custom rules written inside those controllers. • MongoDB’s Operator was created as an effort to make databases easy to manage without locking you to a specific cloud vendor. The operator, supports automated cluster provisioning, elastic scalability, auto recovery, logging, monitoring, shard operations, backup and restore through Ops/Cloud Manager. • MongoDB Cloud Manger and Kubernetes Operators provides a cloud-agnostic application deployment and management. The power of both tools allow us to treat cloud providers like a commodity, allowing seamless migration between them. Kubernetes Operators ü OperatorHub.io – Online resource to Kubernetes Operators ü https://operatorhub.io/operator/ mongodb-enterprise
- 11. #MDBLocal • A custom resource is an object that extends the Kubernetes API or allows you to introduce your own API into a project or a cluster. • A custom resource definition (CRD) file defines your own object kinds and lets the API Server handle the entire lifecycle. Deploying a CRD into the cluster causes the Kubernetes API server to begin serving the specified custom resource. CRD’s – Kubernetes Custom Resources and Custom Resource Definitions API Definition from CDR • /apis/<spec:group>/<spec:version>/<scope>/*/<names-plural>/... API Proxy Stub • /apis/mongodb.com/v1/namespaces/mongodb/mongodb/studentcluster Repo: https://github.com/mongodb/mongodb-enterprise-kubernetes Reference: crds.yaml
- 13. #MDBLocal MongoDB Kubernetes Architectural Alternatives Hybrid Cloud or Cloud ● MongoDb Open Service Broker ● Cloud Manager Best Practice -- depends on requirements On-Premise - Air gapped ● MongoDB Kubernetes Operator
- 14. #MDBLocal MongoDB Cloud Manager Intelligent Agents are the Key ● MongoDB Agents using Automation on each MongoDB host can maintain your MongoDB deployments. Cloud Manager ● Automation Agents can add hosts, deploy and upgrade new and existing clusters. ● Same look and feel as On-Premise MongoDB Ops Manager Works Anywhere – Used with MongoDB Operator
- 15. #MDBLocal MongoDB Ops Manager • Deploy and upgrade your system. Reliably perform the tasks that you have performed manually in the past. • Scale your MongoDB application. Dynamically resize capacity by adding shards and replica set members • Deliver point-in-time recovery and scheduled backups. Restore to any point in time. • Monitor and get performance alerts. Track over 100 key metrics. • Improve Query Performance for slow queries, recommends new indexing strategy For your data center - Used with MongoDB Operator
- 16. #MDBLocal MongoDB Open Service Broker MongoDB Operator On- Premise Or Cloud Hybrid Or Public- Cloud MongoDB Ops Manager and MDB Kubernetes Operator Atlas Cloud Manager and MDB Kubernetes Operator Atlas and Kubernetes Open Server Broker 100% Self Manage Y E S N O Y E S C L O U D O N P R E M
- 17. #MDBLocal MongoDB Open Service Broker or MongoDB Operator Considerations ● Where is the database hosted? In Kubernetes Cluster or outside of Kubernetes cluster? ● Is there time/budget for maintenance tasks, like backups, patching and scaling (up and down) ● Pods are transient, so the likelihood of database application restarts or failovers is higher ● Databases that are storing more transient and caching layers are better fits for Kubernetes ● Enterprise Ops Manager – You do it all, set up Automation and Backup MongoDB Clusters, Set all configuration options, Load Balance Ops Manager GUI ● Cloud Manager – We do it, point and click “Hosted Ops Manager” – Mongo Clusters in Kubernetes Containerization Data layer -- finally getting traction
- 18. #MDBLocal But, I can set up MongoDB Myself ● Who should own the technical debt? ● The people that wrote the database, and know the internals … ● Or, My company that has an expertise in the area of <Fill in your application Domain> ● What is businesses biggest complaint of IT/Project Management/Development ● We want it now, we want it faster (Plus we want you to read our minds – right!!!!) ● We all like to be good stewards of our companies money, but are we? ● MongoDB handles all the system maintenance, both Atlas and Cloud Manager ● Help is a support ticket call away – seriously, these people are REALLY good! ● Free is not free, Yes, it is perfect for Dev Clusters, great for experiments, great for learning, then there are those wonderful people that love us, that we are taking time away from, perhaps unnecessarily. Considerations
- 20. #MDBLocal #! /usr/bin/env bash eksctl create cluster --name service-cluster --version 1.13 --nodegroup-name standard-workers --node-type t3.xlarge --nodes 3 # Get External IP – Atlas and Cloud Manager are Secure by Default kubectl get nodes -o jsonpath='{$.items[*].status.addresses[?(@.type=="ExternalIP")].address }' echo "Be sure to add external IPs to API Whitelist..."
- 21. #MDBLocal API Secrets ● Both Open Service Broker and Operator Uses API Public and Private Key ● Both Use Organization ID ● However, format and locations of data are different But they are different …
- 22. #MDBLocal Open Service Broker Installation Specific
- 23. #MDBLocal #! /usr/bin/env bash # echo echo "Load Tiller and Initialize helm" echo "Load Service Catalog Repos and then load" echo "Service Catalog into the cluster" echo kubectl create serviceaccount --namespace kube-system tiller kubectl create clusterrolebinding tiller-cluster-admin --clusterrole=cluster-admin --serviceaccount=kube-system:default helm init helm repo add svc-cat https://svc-catalog-charts.storage.googleapis.com echo "Sleeping to wait for Tiller to start..." sleep 20 helm install svc-cat/catalog --name catalog --namespace catalog
- 24. #MDBLocal #! /usr/bin/env bash kubectl create namespace atlas # # Sanity check kubectl get namespace # # Install the Atlas Open Service Broker # kubectl apply -f deployment-and-service.yaml -n atlas
- 25. #MDBLocal #! /usr/bin/env bash kubectl apply -f secret.yaml -n atlas kubectl describe secrets/atlas-service-broker-auth -n atlas apiVersion: v1 kind: Secret metadata: name: atlas-service-broker-auth type: Opaque stringData: username: fdeadoen@5d656831c56c98173cf5dead password: d7ef8f25-ac31-dead-9723-93463d39dead
- 26. #MDBLocal #! /usr/bin/env bash # # Register the Atlas Open Service Broker with the Kubernetes Service Catalog # kubectl apply -f service-broker.yaml -n atlas svcat get brokers -n atlas ## # Check our Work ## svcat describe broker atlas-service-broker -n atlas # Deploy ReplicaSet # kubectl apply -f replica-set.yaml # How is the deployment going svcat describe instance my-atlas-cluster -n atlas
- 27. #MDBLocal Service Options ClusterServiceBroker ● An Atlas Open Service Broker instance that is registered as a ClusterServiceBroker is available to the entire Kubernetes cluster. When you deploy a Atlas replica set or sharded cluster, you must use the associated clusterServiceClass and clusterServicePlan resources. ServiceBroker ● An Atlas Open Service Broker instance that is registered as a ServiceBroker is available to only a single namespace within the Kubernetes cluster. When you deploy a Atlas replica set or sharded cluster, you must use the serviceClass and servicePlan resources scoped to the same namespace.
- 28. #MDBLocal apiVersion: servicecatalog.k8s.io/v1beta1 kind: ServiceInstance metadata: name: my-atlas-cluster namespace: atlas spec: serviceClassExternalName: mongodb-atlas-aws servicePlanExternalName: M30 parameters: cluster: providerSettings: regionName: US_WEST_2 autoscaling: diskGBEnabled: false backupEnabled: true
- 29. #MDBLocal #! /usr/bin/env bash echo "Make sure your Mongo Atlas ReplicaSet has deployed" kubectl apply -f atlas-user-test.yaml svcat describe binding jdohoney -n atlas
- 30. #MDBLocal #! /usr/bin/env bash svcat describe instance my-atlas-cluster -n atlas # echo "Get User Name" USERNAME=`kubectl get secret jdohoney -n atlas -o json | jq .data.username` echo $USERNAME | sed 's/"//g' | base64 --decode LUSERNAME=`echo $USERNAME | sed 's/"//g' | base64 --decode` echo echo "Get User Password" PASSWORD=`kubectl get secret jdohoney -n atlas -o json | jq .data.password` echo $PASSWORD | sed 's/"//g' | base64 --decode echo echo "Get mongo connection URI" URI=`kubectl get secret jdohoney -n atlas -o json | jq .data.uri` echo $URI | sed 's/"//g' | base64 --decode LURI=`echo $URI | sed 's/"//g' | base64 --decode` echo "mongo $LURI --username $LUSERNAME" | sed 's/"//g' echo echo "use the decoded password when prompted" echo echo "Connect to Compass"
- 31. #MDBLocal #! /usr/bin/env bash kubectl delete servicebindings jdohoney -n atlas svcat describe instance jdohoney -n atlas
- 33. #MDBLocal #! /bin/bash # Create the namespace for your Kubernetes deployment. kubectl create namespace mongodb # Sanity check kubectl get namespace # Install the Custom Resource Definitions kubectl apply -f ./mongodb-enterprise-kubernetes/crds.yaml # Deploy the operator kubectl apply -f ./mongodb-enterprise-kubernetes/mongodb-enterprise.yaml
- 34. #MDBLocal #! /bin/bash # Create Secret for OpsManager API kubectl -n mongodb create secret generic mongo-cloud-mgr --from-literal="user=cdxrnetm" --from-literal="publicApiKey=5b21f87d-5c19-4295-b87a-13569610ea06" # Sanity Check kubectl describe secrets/mongo-cloud-mgr -n mongodb
- 35. #MDBLocal #! /bin/bash # Tell Ops Manager your configuration kubectl apply -f opsMgr.yaml # Deploy the ReplicaSet Cluster kubectl apply -f replicaset.yaml # Track Status of ReplicaSet Deployment kubectl get mdb studentcluster -n mongodb -o yaml -w ## # (OPTIONAL) Create a AWS LB and a public IP to connect kubectl expose svc studentcluster-svc --port=27017 --target-port=27017 --name=external-connect-mongo --type=LoadBalancer -n mongodb kubectl get svc -n mongodb
- 36. #MDBLocal --- apiVersion: v1 kind: ConfigMap metadata: name: opsmanager-config namespace: mongodb data: projectName: AWS-EKS orgId: 5d656337f2a30db182dc3f0a baseUrl: https://cloud.mongodb.com --- apiVersion: mongodb.com/v1 kind: MongoDB metadata: name: studentcluster namespace: mongodb spec: members: 3 version: 4.2.1 opsManager: configMapRef: name: opsmanager-config credentials: mongo-cloud-mgr type: ReplicaSet persistent: true Ops Manager ConfigMap ReplicaSet ConfigMap
- 37. #MDBLocal # Connect to the Cluster kubectl port-forward studentcluster-0 27017:27017 -n mongodb #Import some data mongoimport --host 127.0.0.1 --db clients --collection cases < sampleData/client_cases.json
- 38. #MDBLocal • Open Service Broker Configuration • https://github.com/johndohoneyjr/MongoDB-DOT-Local-Open-Service-Broker • MongoDB Operator Configuration • https://github.com/johndohoneyjr/AWS-MongoDB-Kubernetes-Operator-Demo • Atlas Service Broker - Documentation Pages • https://docs.mongodb.com/atlas-open-service-broker/current/ • MongoDB Enterprise Kubernetes Operator • https://docs.mongodb.com/kubernetes-operator/stable/ Resources
- 39. #MDBlocal Every session you rate enters you into a drawing for a $200 gift card and TWO passes to MongoDB World 2020! Using MongoDB Services in Kubernetes: Any Platform https://www.surveymonkey.com/r/QRCJHVP
- 40. THANK YOU