-
Notifications
You must be signed in to change notification settings - Fork 8
/
Copy pathmongodb.yaml
262 lines (228 loc) · 11.2 KB
/
mongodb.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
blocks:
- name: mongodb-server-ingress
content:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: mongodb-server-ingress
namespace: "{{ $cndi.get_arg(namespace) }}"
annotations:
cert-manager.io/cluster-issuer: cluster-issuer
kubernetes.io/tls-acme: "true"
nginx.ingress.kubernetes.io/backend-protocol: HTTPS
spec:
ingressClassName: public
tls:
- hosts:
- "{{ $cndi.get_arg(hostname) }}"
secretName: cluster-issuer-private-key
rules:
- host: "{{ $cndi.get_arg(hostname) }}"
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: mongodb-replica-set-svc
port:
name: mongodb
- name: mongo-open-tcp
content:
nginx:
public:
values:
tcp:
"27017": "mongodb/mongodb-replica-set-svc:27017"
prompts:
- $cndi.get_block(https://raw.githubusercontent.com/polyseam/cndi/main/blocks/common/cluster/core-prompts.yaml):
{}
- $cndi.get_block(https://raw.githubusercontent.com/polyseam/cndi/main/blocks/{{ $cndi.get_prompt_response(deployment_target_provider) }}/core-prompts.yaml):
{}
- name: deploy_mongodb_ingress
default: true
message: >-
Do you want to expose Mongodb with an Ingress?
type: Confirm
- name: mongodb_hostname
default: mongodb.example.com
message: >-
What hostname should Mongodb be accessible at?
type: Input
validators:
- hostname # FQDN
condition:
- "{{ $cndi.get_prompt_response(deploy_mongodb_ingress) }}"
- ==
- true
- name: mongodb_replica_sets
message: Please enter the number of ReplicaSet you want to deploy
default: 3
type: Number
- name: mongodb_user
message: Please enter the username for your mongodb admin
default: admin
type: Input
- name: mongodb_password
message: >-
Please enter the mongodb password you want to use for your mongodb
database:
default: password
type: Secret
- name: mongodb_name
message: "Please enter the name for the mongodb database you want to use:"
default: my-mongodb-database
type: Input
- name: mongodb_namespace
message: "Please enter your destination namespace for your mongoDb database:"
default: mongodb
type: Input
outputs:
cndi_config:
cndi_version: v2
project_name: "{{ $cndi.get_prompt_response(project_name) }}"
provider: "{{ $cndi.get_prompt_response(deployment_target_provider) }}"
distribution: "{{ $cndi.get_prompt_response(deployment_target_distribution) }}"
infrastructure:
cndi:
$cndi.get_block(https://raw.githubusercontent.com/polyseam/cndi/main/blocks/common/cluster/observability-config.yaml):
condition:
- "{{ $cndi.get_prompt_response(deploy_grafana_ingress) }}"
- ==
- true
$cndi.get_block(https://raw.githubusercontent.com/polyseam/cndi/main/blocks/common/cluster/argocd-config.yaml):
condition:
- "{{ $cndi.get_prompt_response(deploy_argocd_ingress) }}"
- ==
- true
ingress:
$cndi.get_block(mongo-open-tcp):
condition:
- "{{ $cndi.get_prompt_response(deploy_mongodb_ingress) }}"
- ==
- true
cert_manager:
email: "{{ $cndi.get_prompt_response(cert_manager_email) }}"
external_dns:
$cndi.get_block(https://raw.githubusercontent.com/polyseam/cndi/main/blocks/external-dns/config/{{ $cndi.get_prompt_response(dns_provider) }}.yaml):
condition:
- "{{ $cndi.get_prompt_response(enable_external_dns) }}"
- ==
- true
nodes:
$cndi.get_block(https://raw.githubusercontent.com/polyseam/cndi/main/blocks/{{ $cndi.get_prompt_response(deployment_target_provider) }}/basic-node-pool.yaml):
{}
cluster_manifests:
mongodb-ingress:
$cndi.get_block(mongodb-server-ingress):
args:
ingress_name: mongodb-server-ingress
hostname: "{{ $cndi.get_prompt_response(mongodb_hostname) }}"
namespace: "{{ $cndi.get_prompt_response(mongodb_namespace) }}"
condition:
- "{{ $cndi.get_prompt_response(deploy_mongodb_ingress) }}"
- ==
- true
external-dns-secret:
$cndi.get_block(https://raw.githubusercontent.com/polyseam/cndi/main/blocks/external-dns/secret/{{ $cndi.get_prompt_response(dns_provider) }}.yaml):
condition:
- "{{ $cndi.get_prompt_response(enable_external_dns) }}"
- ==
- true
my-user-password:
apiVersion: v1
kind: Secret
metadata:
name: my-user-password
namespace: "{{ $cndi.get_prompt_response(mongodb_namespace) }}"
type: Opaque
stringData:
password: $cndi_on_ow.seal_secret_from_env_var(MONGODB_PASSWORD)
mongodb-community-crd:
apiVersion: mongodbcommunity.mongodb.com/v1
kind: MongoDBCommunity
metadata:
name: mongodb-replica-set
namespace: "{{ $cndi.get_prompt_response(mongodb_namespace) }}"
annotations:
argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true
spec:
members: "{{ $cndi.get_prompt_response(mongodb_replica_sets) }}"
type: ReplicaSet
version: 4.4.0
security:
authentication:
modes:
- SCRAM
users:
- name: "{{ $cndi.get_prompt_response(mongodb_user) }}"
db: "{{ $cndi.get_prompt_response(mongodb_name) }}"
passwordSecretRef:
name: my-user-password
roles:
- name: clusterAdmin
db: "{{ $cndi.get_prompt_response(mongodb_name) }}"
- name: userAdminAnyDatabase
db: "{{ $cndi.get_prompt_response(mongodb_name) }}"
- name: dbOwner
db: "{{ $cndi.get_prompt_response(mongodb_name) }}"
scramCredentialsSecretName: my-scram
mongodb-ns:
apiVersion: v1
kind: Namespace
metadata:
name: "{{ $cndi.get_prompt_response(mongodb_namespace) }}"
applications:
mongodb:
targetRevision: 0.10.0
destinationNamespace: "{{ $cndi.get_prompt_response(mongodb_namespace) }}"
repoURL: "https://mongodb.github.io/helm-charts"
chart: community-operator
env:
$cndi.get_block(https://raw.githubusercontent.com/polyseam/cndi/main/blocks/common/git-credentials-{{ $cndi.get_prompt_response(git_credentials_mode) }}-env.yaml):
{}
$cndi.get_block(https://raw.githubusercontent.com/polyseam/cndi/main/blocks/{{ $cndi.get_prompt_response(deployment_target_provider) }}/env.yaml):
{}
$cndi.get_block(https://raw.githubusercontent.com/polyseam/cndi/main/blocks/common/cluster/env.yaml):
{}
$cndi.comment(mongodb-heading): Mongodb Connection Parameters
MONGODB_DATABASE: "{{ $cndi.get_prompt_response(mongodb_name) }}"
MONGODB_USER: "{{ $cndi.get_prompt_response(mongodb_user) }}"
MONGODB_PASSWORD: "{{ $cndi.get_prompt_response(mongodb_password) }}"
MONGODB_CONNECTION_STRING: "mongodb://{{ $cndi.get_prompt_response(mongodb_user) }}:{{ $cndi.get_prompt_response(mongodb_password) }}@{{$cndi.get_prompt_response(mongodb_hostname) }}/{{ $cndi.get_prompt_response(mongodb_name) }}?directConnection=true"
MONGODB_REPLICA_SETS: "{{ $cndi.get_prompt_response(mongodb_replica_sets) }}"
MONGODB_NAMESPACE: "{{ $cndi.get_prompt_response(mongodb_namespace) }}"
readme:
project_name: "# {{ $cndi.get_prompt_response(project_name) }}"
$cndi.get_string(https://raw.githubusercontent.com/polyseam/cndi/main/blocks/common/cluster/core-readme.md):
{}
$cndi.get_string(https://raw.githubusercontent.com/polyseam/cndi/main/blocks/{{ $cndi.get_prompt_response(deployment_target_provider) }}/core.md):
{}
$cndi.get_string(https://raw.githubusercontent.com/polyseam/cndi/main/blocks/{{ $cndi.get_prompt_response(deployment_target_provider) }}/{{ $cndi.get_prompt_response(deployment_target_distribution) }}.md):
{}
mongodb: |
# MongoDB Deployment Guide
This Template deploys a Standalone production ready [MongoDB database](https://github.com/mongodb/mongodb-kubernetes-operator) on Kubernetes cluster using Helm.
MongoDB is a powerful, open-source, NoSQL database designed with scalability and developer agility in mind.
It supports a wide variety of data types and is ideal for applications requiring rapid iteration and flexible schema designs.
## Customizing Your Deployment
To tailor your MongoDB deployment according to your requirements, you can modify the `values.yaml` file in the Helm chart. Key configuration options to consider include:
- **Persistence:** Enable persistent storage to ensure data is safely stored outside of pod lifecycles.
- **Replication:** Configure replication settings to enhance data availability and durability.
- **Resources:** Specify CPU and memory limits and requests to manage the resource usage of MongoDB pods effectively.
- **Authentication:** Set up authentication mechanisms to secure access to your MongoDB databases.
For detailed information on all configurable parameters, refer to the Helm chart's documentation or the `values.yaml` file within the chart repository.
## Verifying MongoDB Accessibility
After deploying MongoDB and setting up access (either through port forwarding, Ingress, or ExternalDNS), ensure that the database is properly accessible:
**Connect to the Database**:
- Use a MongoDB client to connect to your instance, specifying the domain you've configured, e.g., `mongodb://mongodb.yourdomain.com:27017`.
- Successful connection indicates that your MongoDB instance is ready for use.
## Connecting to the Database Step-by-Step
To connect to your MongoDB database, follow these steps:
1. **Install MongoDB Client:** Ensure that you have a [MongoDB client](https://www.mongodb.com/docs/mongodb-shell/install) installed on your local machine.
2. **Gather Connection Details:** Obtain the necessary connection details such as the hostname (e.g., `mongodb.yourdomain.com`), port (default is `27017`), and credentials if authentication is enabled.
3. **Open Your Terminal:** Launch the terminal on your local machine.
4. **Construct the Connection String:** Create the connection string using the format `mongodb://<username>:<password>@<hostname>:<port>/<database>`, replacing placeholders with your actual details. If authentication is not enabled, the connection string may simply be `mongodb://<hostname>:<port>`.
5. **Connect to MongoDB:** Enter the command `mongo <connection-string>` in your terminal, replacing `<connection-string>` with your actual connection string. For example:
`mongosh mongodb://admin:[email protected]`
You can find the `MONGODB_CONNECTION_STRING` in the `.env` file in your project directory.