OpenShift Quick Start
On this page
- Prerequisites
- Procedure
- Clone the MongoDB Enterprise Kubernetes Operator repository.
- Create a namespace for your Kubernetes deployment.
- Configure
kubectl
to default to your namespace. - Install the MongoDB Enterprise Kubernetes Operator
- Create credentials and store them as a secret.
- Invoke the following command to create a ConfigMap.
- Deploy the MongoDB replica set resource.
- Create a secret with your database user password
- Create a database user.
- Optional: View the newly created user in Cloud Manager or Ops Manager.
- Connect to the MongoDB replica set.
Important
This section is for single Kubernetes cluster deployments only. For multi-Kubernetes cluster MongoDB deployments, see Multi-Kubernetes-Cluster Quick Start.
MongoDB Enterprise Kubernetes Operator uses the Kubernetes API and tools to manage MongoDB clusters. Kubernetes Operator works together with MongoDB Cloud Manager or Ops Manager. This tutorial demonstrates how to deploy and connect to your first replica set in Cloud Manager or Ops Manager from OpenShift with Kubernetes Operator.
Prerequisites
This tutorial requires:
A running Cloud Manager or Ops Manager cluster.
Procedure
Clone the MongoDB Enterprise Kubernetes Operator repository.
git clone https://github.com/mongodb/mongodb-enterprise-kubernetes.git
Install the MongoDB Enterprise Kubernetes Operator
Invoke the following oc command to install the CustomResourceDefinitions for MongoDB deployments:
oc apply -f crds.yaml Add your
<openshift-pull-secret>
to theServiceAccount
definitions in the MongoDB Enterprise Kubernetes Operator YAML file.# Source: mongodb-enterprise-operator/templates/serviceaccount.yaml apiVersion: v1 kind: ServiceAccount metadata: name: enterprise-operator namespace: mongodb imagePullSecrets: - name: <openshift-pull-secret> apiVersion: v1 kind: ServiceAccount metadata: name: mongodb-enterprise-appdb namespace: mongodb imagePullSecrets: - name: <openshift-pull-secret> apiVersion: v1 kind: ServiceAccount metadata: name: mongodb-enterprise-database-pods namespace: mongodb imagePullSecrets: - name: <openshift-pull-secret> Invoke the following oc command to install Kubernetes Operator:
oc apply -f mongodb-enterprise-openshift.yaml
Create credentials and store them as a secret.
Run the following command:
Note
Provide your Public and Private Key values for the following parameters. To learn more, see Create Credentials for the Kubernetes Operator.
kubectl -n mongodb \ create secret generic ops-manager-admin-key \ --from-literal="publicKey=<publicKey>" \ --from-literal="privateKey=<privateKey>"
Invoke the following command to create a ConfigMap.
cat <<EOF | kubectl apply -f - apiVersion: v1 kind: ConfigMap metadata: name: my-project namespace: mongodb data: projectName: myProjectName # this is an optional parameter; when omitted, the Operator creates a project with the resource name orgId: 5b890e0feacf0b76ff3e7183 # this is a required parameter baseUrl: https://ops.example.com:8443 EOF
Key | Type | Description | Example |
---|---|---|---|
| string |
| |
| string |
| |
| string | Label for your Ops Manager Project. The Kubernetes Operator creates the Ops Manager project if it does
not exist. If you omit the To use an existing project in a Cloud Manager or Ops Manager
organization, locate
the |
|
| string | Required. 24 character hex string that uniquely identifies your Cloud Manager or Ops Manager Organization. You can use the Kubernetes Operator to deploy MongoDB resources with Cloud Manager and with Ops Manager version 6.0.x or later. You can use the Atlas Operator to deploy MongoDB resources to Atlas. Specify an existing Organization:
You must have the Organization Project Creator role to create a new project within an existing Cloud Manager or Ops Manager organization. If you provide an empty string as your |
|
| string | URL to your Ops Manager Application including the FQDN and port number. IMPORTANT: If you deploy Ops Manager with the Kubernetes Operator and
Ops Manager will manage MongoDB database resources deployed outside of
the Kubernetes cluster it's deployed to, you must set If you're using Cloud Manager, set the |
|
Deploy the MongoDB replica set resource.
Copy and save the following YAML file:
apiVersion: mongodb.com/v1 kind: MongoDB metadata: name: demo-mongodb-cluster-1 namespace: mongodb spec: members: 3 version: 4.4.5-ent type: ReplicaSet security: authentication: enabled: true modes: ["SCRAM"] cloudManager: configMapRef: name: my-project credentials: organization-secret persistent: true podSpec: podTemplate: spec: containers: - name: mongodb-enterprise-database resources: limits: cpu: 2 memory: 1.5G requests: cpu: 1 memory: 1G persistence: single: storage: 10Gi Run the following command:
kubectl apply -f <replica-set-conf>.yaml
Create a secret with your database user password
You can choose to use a cleartext password or a Base64-encoded
password. Plaintext passwords use stringData.password
and
Base64-encoded passwords use data.password
.
Note
Provide your values for the following parameters. To learn more, see the parameter descriptions.
For a cleartext password, create and save the following YAML file:
apiVersion: v1 kind: Secret metadata: name: mms-user-1-password # corresponds to user.spec.passwordSecretKeyRef.name type: Opaque stringData: password: <my-plain-text-password> # corresponds to user.spec.passwordSecretKeyRef.key
For a Base64-encoded password, create and save the following YAML file:
apiVersion: v1 kind: Secret metadata: name: mms-user-1-password # corresponds to user.spec.passwordSecretKeyRef.name type: Opaque data: password: <base-64-encoded-password> # corresponds to user.spec.passwordSecretKeyRef.key
Create a database user.
Copy and save the following MongoDB User Resource Specification file:
apiVersion: mongodb.com/v1 kind: MongoDBUser metadata: name: mms-scram-user-1 spec: passwordSecretKeyRef: name: mms-user-1-password # Match to metadata.name of the User Secret key: password username: "mms-scram-user-1" db: "admin" # mongodbResourceRef: name: "demo-mongodb-cluster-1" # Match to MongoDB resource using authenticaiton roles: - db: "admin" name: "clusterAdmin" - db: "admin" name: "userAdminAnyDatabase" - db: "admin" name: "readWrite" - db: "admin" name: "userAdminAnyDatabase" Run the following command:
kubectl apply -f <database-user-conf>.yaml
Connect to the MongoDB replica set.
Perform the following steps in the Cloud Manager application:
Click Deployment in the left navigation.
Click for the deployment to which you want to connect.
Click Connect to this instance.
Run the connection command in a terminal to connect to the deployment.