MongoDB .local San Francisco 2020: Using MongoDB Services in Kubernetes: any platform

@
#MDBlocal
Kubernetes Persistence
Options with MongoDB
The MongoDB Operator and Open Service Broker
johndohoney

Agenda
MongoDB Kubernetes Support

Kubernetes Overview and
Supporting Toolchain

#MDBLocal
Kubernetes Overview
eksctl create cluster
--name myKubeCluster
--version 1.13
--nodegroup-name standard-workers
--node-type t3.xlarge
--nodes 2
https://eksctl.io/
HA in one command !

#MDBLocal
Helm Architecture
Helm - Package Manager
for Kubernetes
● https://helm.sh/
Package Manager for Kubernetes - A useful tool

#MDBLocal
Kubernetes Service Catalog
It’s Really this easy….
1. Craft resources that define
your application
2. Define the MongoDB Atlas
persistence service it
relies on
3. Seamlessly Connect the
two
The elegance of simplicity

#MDBLocal
Open Service Broker API

#MDBLocal
The service catalog translates CRD into requests to the Atlas Service
Broker, Provisions resources on your behalf, and injects the
credentials for access back into your containers
Kubernetes Service catalog
Easy Mode

#MDBLocal
MongoDB Kubernetes Architectural Alternatives
Hybrid Cloud or Cloud
● MongoDb Open
Service Broker
Best Practice -- depends on requirements
On-Premise - Air gapped
● MongoDB Kubernetes
Operator
● Hybrid Cloud

#MDBLocal
MongoDB Open Service Broker
MongoDB Operator

#MDBLocal
MongoDB Open Service Broker or MongoDB Operator
Considerations
● Is there time/budget for maintenance tasks, like backups, patching and
scaling (up and down)
● Pods are transient, so the likelihood of database application restarts or
failovers is higher
● Databases that are storing more transient and caching layers are better fits
for Kubernetes
● MongoDB Operator uses the Kubernetes StatefulSet. Your data can be stored
on persistent volumes, decoupling the database application from the
persistent storage, so when a pod (MongoDB application) is recreated, all the
data is still there
Containerization Data layer -- finally getting traction

#MDBLocal
#! /usr/bin/env bash
eksctl create cluster
--name atlas-service-catalog
--version 1.13
--nodegroup-name standard-workers
--node-type t3.xlarge
--nodes 3
# Get External IP
kubectl get nodes -o jsonpath='{$.items[*].status.addresses[?(@.type=="ExternalIP")].address }'
echo
echo "Be sure to add external IPs to API Whitelist..."

#MDBLocal
#
echo
echo "Load Tiller and Initialize helm"
echo "Load Service Catalog Repos and then load"
echo "Service Catalog into the cluster"
echo
kubectl create serviceaccount --namespace kube-system tiller
kubectl create clusterrolebinding tiller-cluster-admin
--clusterrole=cluster-admin
--serviceaccount=kube-system:default
helm init
helm repo add svc-cat https://svc-catalog-charts.storage.googleapis.com
echo "Sleeping to wait for Tiller to start..."
sleep 20
helm install svc-cat/catalog
--name catalog --namespace catalog

#MDBLocal
kubectl create namespace atlas
#
# Sanity check
kubectl get namespace
#
# Install the Atlas Open Service Broker
#
kubectl apply -f deployment-and-service.yaml -n atlas

#MDBLocal
---
# Deployment to run the service broker.
apiVersion: apps/v1
kind: Deployment
metadata:
name: atlas-service-broker
labels:
app: atlas-service-broker
spec:
replicas: 1
selector:
matchLabels:
template:
metadata:
labels:
spec:
containers:
- name: atlas-service-broker
image: quay.io/mongodb/mongodb-atlas-service-broker:latest
ports:
- containerPort: 4000
env:
- name: BROKER_HOST
value: "0.0.0.0"

#MDBLocal
---
# Service to expose the service broker inside the cluster.
apiVersion: v1
kind: Service
metadata:
labels:
spec:
selector:
# Will match pods deployed by the "atlas-service-broker" deployment.
ports:
- protocol: TCP
port: 80
targetPort: 4000

#MDBLocal
Atlas API Key (for Kubernetes Secret)
Key Values
● Public Key - Visible
● Private Key -- partial
obfuscated
● username:
○ public Key@Org ID
● password:
○ private Key
Atlas UI
stringData:
username: fdeadoen@5d656831c56c98173cf5dead
password: d7ef8f25-ac31-dead-9723-93463d39dead

#MDBLocal
Project Id (for Kubernetes Secret)
Key Values
● Public Key - Visible
● Private Key -- partial
obfuscated
● username:
○ public Key@Project ID
● password:
○ private Key
Atlas UI
stringData:

#MDBLocal
kubectl apply -f secret.yaml -n atlas
kubectl describe secrets/atlas-service-broker-auth -n atlas
apiVersion: v1
kind: Secret
metadata:
name: atlas-service-broker-auth
type: Opaque
stringData:

#MDBLocal
#
# Register the Atlas Open Service Broker with the Kubernetes Service Catalog
#
kubectl apply -f service-broker.yaml -n atlas
svcat get brokers -n atlas
##
# Check our Work
##
svcat describe broker atlas-service-broker -n atlas
# Deploy ReplicaSet
#
kubectl apply -f replica-set.yaml
# How is the deployment going
svcat describe instance my-atlas-cluster -n atlas

#MDBLocal
Service Options
ClusterServiceBroker
● An Atlas Open Service Broker instance that is registered as a ClusterServiceBroker is available to the
entire Kubernetes cluster. When you deploy a Atlas replica set or sharded cluster, you must use the
associated clusterServiceClass and clusterServicePlan resources.
ServiceBroker
● An Atlas Open Service Broker instance that is registered as a ServiceBroker is available to only a single
namespace within the Kubernetes cluster. When you deploy a Atlas replica set or sharded cluster, you
must use the serviceClass and servicePlan resources scoped to the same namespace.

#MDBLocal
apiVersion: servicecatalog.k8s.io/v1beta1
kind: ServiceBroker
metadata:
spec:
url: http://atlas-service-broker.atlas
authInfo:
basic:
secretRef:
name: atlas-service-broker-auth
namespace: atlas

#MDBLocal
kind: ServiceInstance
metadata:
name: my-atlas-cluster
namespace: atlas
spec:
serviceClassExternalName: mongodb-atlas-aws
servicePlanExternalName: M30
parameters:
cluster:
providerSettings:
regionName: US_WEST_2
autoscaling:
diskGBEnabled: false
backupEnabled: true

#MDBLocal
echo "Make sure your Mongo Atlas ReplicaSet has deployed"
kubectl apply -f atlas-user-test.yaml
svcat describe binding jdohoney -n atlas

#MDBLocal
kind: ServiceBinding
metadata:
name: jdohoney
namespace: atlas
spec:
instanceRef:
name: my-atlas-cluster

#MDBLocal
svcat describe instance my-atlas-cluster -n atlas
#
echo "Get User Name"
USERNAME=`kubectl get secret jdohoney -n atlas -o json | jq .data.username`
echo $USERNAME | sed 's/"//g' | base64 --decode
LUSERNAME=`echo $USERNAME | sed 's/"//g' | base64 --decode`
echo
echo "Get User Password"
PASSWORD=`kubectl get secret jdohoney -n atlas -o json | jq .data.password`
echo $PASSWORD | sed 's/"//g' | base64 --decode
echo
echo "Get mongo connection URI"
URI=`kubectl get secret jdohoney -n atlas -o json | jq .data.uri`
echo $URI | sed 's/"//g' | base64 --decode
LURI=`echo $URI | sed 's/"//g' | base64 --decode`
echo "mongo $LURI --username $LUSERNAME" | sed 's/"//g'
echo
echo "use the decoded password when prompted"
echo
echo "Connect to Compass"

#MDBLocal
kubectl delete servicebindings jdohoney -n atlas
svcat describe instance jdohoney -n atlas

#MDBLocal
#! /bin/bash
eksctl delete cluster --name atlas-service-catalog

#MDBLocal
● The Configuration
○ https://github.com/johndohoneyjr/AWS-MongoDB-Kubernetes-Operator-Demo
● Atlas Service Broker - Documentation Pages
○ https://docs.mongodb.com/atlas-open-service-broker/current/
● MongoDB Enterprise Kubernetes Operator
○ https://docs.mongodb.com/kubernetes-operator/stable/
Resources

MongoDB .local San Francisco 2020: Using MongoDB Services in Kubernetes: any platform

Empfohlen

Empfohlen

Weitere ähnliche Inhalte

Was ist angesagt?

Was ist angesagt? (20)

Ähnlich wie MongoDB .local San Francisco 2020: Using MongoDB Services in Kubernetes: any platform

Ähnlich wie MongoDB .local San Francisco 2020: Using MongoDB Services in Kubernetes: any platform (20)

Mehr von MongoDB

Mehr von MongoDB (20)

Kürzlich hochgeladen

Kürzlich hochgeladen (20)

MongoDB .local San Francisco 2020: Using MongoDB Services in Kubernetes: any platform