Docs Menu
Docs Home
/
MongoDB Enterprise Kubernetes Operator

Quick Start for the Kubernetes Operator

On this page

Important

This section is for single Kubernetes cluster deployments only. For multi-Kubernetes cluster MongoDB deployments, see Multi-Kubernetes-Cluster Quick Start.

The MongoDB Enterprise Kubernetes Operator uses the Kubernetes API and tools to manage MongoDB clusters running within your Kubernetes cluster. Kubernetes Operator works together with MongoDB Cloud Manager or Ops Manager. This tutorial demonstrates how to deploy and connect to your first MongoDB replica set in MongoDB Cloud Manager with Kubernetes Operator. You can use Kind to quickly set up a cluster. To learn more, see Kind.

This tutorial requires:

  • A running MongoDB Cloud Manager cluster.

  • A running Kubernetes cluster.

  • Kubernetes nodes running on supported hardware architectures.

  • The MongoDB Shell installed on your local machine.

1
helm repo add mongodb https://mongodb.github.io/helm-charts
2

To install the Kubernetes Operator with Helm, see the instructions in the repository.

Example

The following command installs the MongoDB Enterprise Kubernetes Operator in the mongodb namespace with the optional --create-namespace option. By default, Kubernetes Operator uses the default namespace.

helm install enterprise-operator mongodb/enterprise-operator --namespace mongodb --create-namespace
3

If you haven't already, run the following command to execute all kubectl commands in the namespace you created:

kubectl config set-context $(kubectl config current-context) --namespace=mongodb
4
  1. Go to the Kubernetes Setup Page in the Cloud Manager UI.

  2. Click Create New API Keys or Use Existing API Keys.

  3. Complete the form. To learn more, see Programmatic Access to Cloud Manager.

  4. Click Generate Key and YAML.

5

Copy and save the generated config-map.yaml file.

Example:

apiVersion: v1
kind: ConfigMap
metadata:
name: my-project
namespace: mongodb
data:
baseUrl: https://cloud.mongodb.com
projectName: my-project # this is an optional parameter
orgId: 5ecd252f8c1a75033c74106c # this is a required parameter

To learn more, see the parameter descriptions.

6

Copy and save the generated secret.yaml file.

Example:

apiVersion: v1
kind: Secret
metadata:
name: organization-secret
namespace: mongodb
stringData:
user: <public_key>
publicAPIKey: <private_key>

For security purposes, MongoDB Cloud Manager displays this file only once.

7

Run the following command:

kubectl apply -f secret.yaml -f config-map.yaml
8
  1. Copy and save the following YAML file:

    apiVersion: mongodb.com/v1
    kind: MongoDB
    metadata:
    name: demo-mongodb-cluster-1
    namespace: mongodb
    spec:
    members: 3
    version: 4.4.5-ent
    type: ReplicaSet
    security:
    authentication:
    enabled: true
    modes: ["SCRAM"]
    cloudManager:
    configMapRef:
    name: my-project
    credentials: organization-secret
    persistent: true
    podSpec:
    podTemplate:
    spec:
    containers:
    - name: mongodb-enterprise-database
    resources:
    limits:
    cpu: 2
    memory: 1.5G
    requests:
    cpu: 1
    memory: 1G
    persistence:
    single:
    storage: 10Gi
  2. Run the following command:

    kubectl apply -f <replica-set-conf>.yaml
9

You can choose to use a cleartext password or a Base64-encoded password. Plaintext passwords use stringData.password and Base64-encoded passwords use data.password.

Note

Provide your values for the following parameters. To learn more, see the parameter descriptions.

For a cleartext password, create and save the following YAML file:

apiVersion: v1
kind: Secret
metadata:
name: mms-user-1-password
# corresponds to user.spec.passwordSecretKeyRef.name
type: Opaque
stringData:
password: <my-plain-text-password>
# corresponds to user.spec.passwordSecretKeyRef.key

For a Base64-encoded password, create and save the following YAML file:

apiVersion: v1
kind: Secret
metadata:
name: mms-user-1-password
# corresponds to user.spec.passwordSecretKeyRef.name
type: Opaque
data:
password: <base-64-encoded-password>
# corresponds to user.spec.passwordSecretKeyRef.key
10
  1. Copy and save the following MongoDB User Resource Specification file:

    apiVersion: mongodb.com/v1
    kind: MongoDBUser
    metadata:
    name: mms-scram-user-1
    spec:
    passwordSecretKeyRef:
    name: mms-user-1-password
    # Match to metadata.name of the User Secret
    key: password
    username: "mms-scram-user-1"
    db: "admin" #
    mongodbResourceRef:
    name: "demo-mongodb-cluster-1"
    # Match to MongoDB resource using authenticaiton
    roles:
    - db: "admin"
    name: "clusterAdmin"
    - db: "admin"
    name: "userAdminAnyDatabase"
    - db: "admin"
    name: "readWrite"
    - db: "admin"
    name: "userAdminAnyDatabase"
  2. Run the following command:

    kubectl apply -f <database-user-conf>.yaml
11

You can view the newly-created user in Cloud Manager or Ops Manager:

  1. From the Project's Deployment view, click the Security tab.

  2. Click the MongoDB Users nested tab.

12

Perform the following steps in the Cloud Manager application:

  1. Click Deployment in the left navigation.

  2. Click for the deployment to which you want to connect.

  3. Click Connect to this instance.

  4. Run the connection command in a terminal to connect to the deployment.

Back

MongoDB Enterprise Kubernetes Operator