Deploy in Restricted Networks
This tutorial demonstrates how to deploy MongoDB Enterprise Operator, an Ops Manager instance, and a MongoDB replica set using the Kubernetes Operator in a restricted network OpenShift environment.
Procedure
Mirror the Operator catalog and disable the default catalog.
Red Hat Operator catalogs contain metadata that OLM queries to install Operators and their dependencies on a cluster. You must create a copy of the Operator catalog and then disable the default catalog as a cluster administrator.
The relatedImages in the operator bundle lists the following
images:
Images directly used by the operator, which are the current version of
mongodb-enterprise-init-database-ubi,mongodb-enterprise-init-ops-manager-ubi,mongodb-enterprise-init-appdb-ubi,mongodb-enterprise-init-database-ubi.All currently supported images of Ops Manager, AppDB and
mongodb-agent-ubithat can be configured in an Ops Manager deployment.
For init images, use only the version that is present in the
latest Kubernetes Operator version.
The size of all related images referenced by the operator bundle is over 26 GB.
Your mirroring command won't pick unsupported versions of the AppDB images. If you want to use any other unsupported version, you must manually provide these images to the mirror registry. For other versions for a given operator version, see image for Deployment.
For the full list of images defined in the RELATED_IMAGE_*
environment variables, see the CSV
file.
To mirror, see Mirroring images for a disconnected installation.
When you run the
oc adm catalog mirrorcommand to mirror the catalog, it generates theimageContentSourcePolicy.yamlfile, which you must apply to remap original source to mirrored images. For example:oc apply -f ./<output dir>/imageContentSourcePolicy.yaml To learn more, see Mirroring Operator catalogs for use with disconnected clusters. For a list of supported MongoDB versions for each Ops Manager version, see Compatible MongoDB Version.
To disable the default catalog, add
disableAllDefaultSources: trueto theOperatorHubobject.
To learn more, see Using Operator Lifecycle Manager on restricted networks.
Deploy Ops Manager in Local Mode.
To deploy Ops Manager in Local Mode, you must do the following:
Copy the following example Ops Manager Kubernetes object and save it as a
.yamlfile.Use the Ops Manager configuration setting
automation.versions.source: localinspec.configurationto enable Local Mode.Define a Persistent Volume for the Ops Manager StatefulSet to store the MongoDB installation archive. MongoDB Agent's running in MongoDB database resource containers that you create with the Kubernetes Operator download the installation archives from Ops Manager instead of from the Internet.
1 apiVersion: mongodb.com/v1 2 kind: MongoDBOpsManager 3 metadata: 4 name: ops-manager-localmode 5 spec: 6 replicas: 2 7 version: "6.0.0" 8 adminCredentials: ops-manager-admin-secret 9 configuration: 10 # this enables local mode in Ops Manager 11 automation.versions.source: local 12 statefulSet: 13 spec: 14 # the Persistent Volume Claim will be created for each Ops Manager Pod 15 volumeClaimTemplates: 16 - metadata: 17 name: mongodb-versions 18 spec: 19 accessModes: [ "ReadWriteOnce" ] 20 resources: 21 requests: 22 storage: "20Gi" 23 template: 24 spec: 25 containers: 26 - name: mongodb-ops-manager 27 volumeMounts: 28 - name: mongodb-versions 29 # this is the directory in each Pod where all MongoDB 30 # archives must be put 31 mountPath: /mongodb-ops-manager/mongodb-releases 32 backup: 33 enabled: false 34 applicationDatabase: 35 members: 3 36 persistent: true To learn more about the settings, see Deploy an Ops Manager Resource.
Configure
octo default to your namespace.oc config set-context $(oc config current-context) --namespace=<metadata.namespace> Copy the following Ops Manager resource settings, paste into your existing Ops Manager resource, and save your Ops Manager config file.
1 configuration: 2 # this enables local mode in Ops Manager 3 automation.versions.source: local 4 statefulSet: 5 spec: 6 # the Persistent Volume Claim will be created for each Ops Manager Pod 7 volumeClaimTemplates: 8 - metadata: 9 name: mongodb-versions 10 spec: 11 accessModes: [ "ReadWriteOnce" ] 12 resources: 13 requests: 14 storage: "20Gi" 15 template: 16 spec: 17 containers: 18 - name: mongodb-ops-manager 19 volumeMounts: 20 - name: mongodb-versions 21 # this is the directory in each Pod where all MongoDB 22 # archives must be put 23 mountPath: /mongodb-ops-manager/mongodb-releases Copy the MongoDB installation archive to the Ops Manager Persistent Volume.
To learn how to copy MongoDB installation archive, see step 10 in the Configure an Ops Manager Resource to use Local Mode procedure.
Create credentials and store them as a secret.
Run the following command:
Note
Provide your public and private key values for the following parameters. To learn more, see Create Credentials for the Kubernetes Operator.
oc \ create secret generic ops-manager-admin-key \ --from-literal="publicKey=<publicKey>" \ --from-literal="privateKey=<privateKey>" Create a ConfigMap similar to the following:
cat <<EOF | oc apply -f - apiVersion: v1 kind: ConfigMap metadata: name: my-project namespace: mongodb data: projectName: myProjectName # this is an optional parameter orgId: 5b890e0feacf0b76ff3e7183 # this is a required parameter baseUrl: https://ops.example.com:8443 EOF To learn more about the settings in the ConfigMap, see step 7 in the OpenShift Quick Start.
To learn more about deploying Ops Manager in Local Mode, see Configure an Ops Manager Resource to use Local Mode.
Deploy a MongoDB Database Resource.
You can Deploy a Replica Set or a Deploy a Sharded Cluster. To learn more, see Deploy a MongoDB Database Resource.