서비스 메시 없이 MongoDB 엔터프라이즈 Kubernetes Operator 배포하기
여러 Kubernetes 클러스터에 MongoDB 리소스의 여러 인스턴스를 배포 하려면 먼저 Kubernetes 클러스터 중 하나에 Kubernetes Operator를 배포 해야 합니다. Kubernetes Operator가 연산자 Kubernetes 클러스터 에 배포되면, 연산자 Kubernetes 클러스터 에 업데이트를 적용하여 모든 Kubernetes cluster에서 모든 MongoDB 리소스를 생성하고 관리 할 수 있습니다.
전제 조건
다음 절차를 시작하기 전에 다음 조치를 수행하세요.
kubectl를 설치합니다.Helm 을(를) 설치합니다.
GKE 클러스터 절차 또는 이에 상응하는 절차를 완료합니다.
TLS 인증서 절차 또는 이에 상응하는 절차를 완료합니다.
Istio 서비스 메시 절차 또는 이에 상응하는 절차를 완료합니다.
kubectl mongodb플러그인을 설치합니다.kubectl mongodb플러그인을 설치하려면 다음을 수행합니다.1원하는 Kubernetes 연산자 패키지 버전을 다운로드합니다.
MongoDB Enterprise Kubernetes Operator Repository의릴리스 페이지 에서 Kubernetes 원하는 Operator 패키지 버전을 다운로드합니다.
패키지 이름에
kubectl-mongodb_{{ .Version }}_{{ .Os }}_{{ .Arch }}.tar.gz패턴을 사용합니다.다음 패키지 중 하나를 사용합니다.
kubectl-mongodb_{{ .Version }}_darwin_amd64.tar.gzkubectl-mongodb_{{ .Version }}_darwin_arm64.tar.gzkubectl-mongodb_{{ .Version }}_linux_amd64.tar.gzkubectl-mongodb_{{ .Version }}_linux_arm64.tar.gz
23플러그인 바이너리를 찾아 원하는
kubectl mongodb대상에 복사합니다.다음 예와 같이 압축을 푼 디렉토리에서
kubectl-mongodb바이너리를 찾아 Kubernetes 연산자 사용자의 PATH 내 원하는 대상으로 이동합니다.mv kubectl-mongodb /usr/local/bin/kubectl-mongodb 이제 다음 명령을 사용하여
kubectl mongodb플러그인을 실행할 수 있습니다.kubectl mongodb multicluster setup kubectl mongodb multicluster recover 지원되는 플래그에 대해 자세히 알아보려면 MongoDB kubectl 플러그인 참고를 참조하세요.
필요에 따라 업데이트하고 다음
env_variables.sh파일 에 정의된 환경 변수를 설정하다 .1 # Namespace in which Ops Manager and AppDB will be deployed 2 export OM_NAMESPACE="mongodb-om" 3 # Namespace in which the operator will be installed 4 export OPERATOR_NAMESPACE="mongodb-operator" 5 # Namespace in which MongoDB resources will be deployed 6 export MDB_NAMESPACE="mongodb" 7 8 # comma-separated key=value pairs for additional parameters passed to the helm-chart installing the operator 9 export OPERATOR_ADDITIONAL_HELM_VALUES="${OPERATOR_ADDITIONAL_HELM_VALUES:-""}" 10 11 export OFFICIAL_OPERATOR_HELM_CHART="mongodb/enterprise-operator" 12 export OPERATOR_HELM_CHART="${OPERATOR_HELM_CHART:-${OFFICIAL_OPERATOR_HELM_CHART}}"
소스 코드
절차
1
각 Kubernetes 클러스터에 Kubernetes Operator, MongoDB 및 MongoDB Ops Manager 대한 네임스페이스를 생성합니다.
kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" create namespace "${OPERATOR_NAMESPACE}" kubectl --context "${K8S_CLUSTER_1_CONTEXT_NAME}" create namespace "${OPERATOR_NAMESPACE}" kubectl --context "${K8S_CLUSTER_2_CONTEXT_NAME}" create namespace "${OPERATOR_NAMESPACE}" kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" create namespace "${OM_NAMESPACE}" kubectl --context "${K8S_CLUSTER_1_CONTEXT_NAME}" create namespace "${OM_NAMESPACE}" kubectl --context "${K8S_CLUSTER_2_CONTEXT_NAME}" create namespace "${OM_NAMESPACE}" kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" create namespace "${MDB_NAMESPACE}" kubectl --context "${K8S_CLUSTER_1_CONTEXT_NAME}" create namespace "${MDB_NAMESPACE}" kubectl --context "${K8S_CLUSTER_2_CONTEXT_NAME}" create namespace "${MDB_NAMESPACE}"
2
이미지 가져오기 시크릿을 생성합니다.
mkdir -p secrets kubectl create secret generic "image-registries-secret" \ --from-file=.dockerconfigjson="${HOME}/.docker/config.json" --type=kubernetes.io/dockerconfigjson \ --dry-run=client -o yaml > secrets/image-registries-secret.yaml kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" -n "${OPERATOR_NAMESPACE}" apply -f secrets/image-registries-secret.yaml kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" -n "${OM_NAMESPACE}" apply -f secrets/image-registries-secret.yaml kubectl --context "${K8S_CLUSTER_1_CONTEXT_NAME}" -n "${OM_NAMESPACE}" apply -f secrets/image-registries-secret.yaml kubectl --context "${K8S_CLUSTER_2_CONTEXT_NAME}" -n "${OM_NAMESPACE}" apply -f secrets/image-registries-secret.yaml kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" -n "${MDB_NAMESPACE}" apply -f secrets/image-registries-secret.yaml kubectl --context "${K8S_CLUSTER_1_CONTEXT_NAME}" -n "${MDB_NAMESPACE}" apply -f secrets/image-registries-secret.yaml kubectl --context "${K8S_CLUSTER_2_CONTEXT_NAME}" -n "${MDB_NAMESPACE}" apply -f secrets/image-registries-secret.yaml
3
Kubernetes 클러스터를 구성합니다.
다음 명령을 실행하여 Kubernetes 클러스터를 구성합니다.
1 kubectl mongodb multicluster setup \ 2 --central-cluster="${K8S_CLUSTER_0_CONTEXT_NAME}" \ 3 --member-clusters="${K8S_CLUSTER_0_CONTEXT_NAME},${K8S_CLUSTER_1_CONTEXT_NAME},${K8S_CLUSTER_2_CONTEXT_NAME}" \ 4 --member-cluster-namespace="${OM_NAMESPACE}" \ 5 --central-cluster-namespace="${OPERATOR_NAMESPACE}" \ 6 --create-service-account-secrets \ 7 --install-database-roles=true \ 8 --image-pull-secrets=image-registries-secret 9 10 kubectl mongodb multicluster setup \ 11 --central-cluster="${K8S_CLUSTER_0_CONTEXT_NAME}" \ 12 --member-clusters="${K8S_CLUSTER_0_CONTEXT_NAME},${K8S_CLUSTER_1_CONTEXT_NAME},${K8S_CLUSTER_2_CONTEXT_NAME}" \ 13 --member-cluster-namespace="${MDB_NAMESPACE}" \ 14 --central-cluster-namespace="${OPERATOR_NAMESPACE}" \ 15 --create-service-account-secrets \ 16 --install-database-roles=true \ 17 --image-pull-secrets=image-registries-secret
Build: , Ensured namespaces exist in all clusters. creating central cluster roles in cluster: gke_scratch-kubernetes-team_europe-central2-a_k8s-mdb-0-67d0389d75b70a0007e5894a created clusterrole: mongodb-enterprise-operator-multi-cluster-role-telemetry created clusterrolebinding: mongodb-enterprise-operator-multi-telemetry-cluster-role-binding created clusterrole: mongodb-enterprise-operator-multi-cluster-role-telemetry created clusterrolebinding: mongodb-enterprise-operator-multi-telemetry-cluster-role-binding creating member roles in cluster: gke_scratch-kubernetes-team_europe-central2-b_k8s-mdb-1-67d0389d75b70a0007e5894a created clusterrole: mongodb-enterprise-operator-multi-cluster-role-telemetry created clusterrolebinding: mongodb-enterprise-operator-multi-telemetry-cluster-role-binding created clusterrole: mongodb-enterprise-operator-multi-cluster-role-telemetry created clusterrolebinding: mongodb-enterprise-operator-multi-telemetry-cluster-role-binding creating member roles in cluster: gke_scratch-kubernetes-team_europe-central2-c_k8s-mdb-2-67d0389d75b70a0007e5894a created clusterrole: mongodb-enterprise-operator-multi-cluster-role-telemetry created clusterrolebinding: mongodb-enterprise-operator-multi-telemetry-cluster-role-binding created clusterrole: mongodb-enterprise-operator-multi-cluster-role-telemetry created clusterrolebinding: mongodb-enterprise-operator-multi-telemetry-cluster-role-binding Ensured ServiceAccounts and Roles. Creating KubeConfig secret mongodb-operator/mongodb-enterprise-operator-multi-cluster-kubeconfig in cluster gke_scratch-kubernetes-team_europe-central2-a_k8s-mdb-0-67d0389d75b70a0007e5894a Ensured database Roles in member clusters. Creating Member list Configmap mongodb-operator/mongodb-enterprise-operator-member-list in cluster gke_scratch-kubernetes-team_europe-central2-a_k8s-mdb-0-67d0389d75b70a0007e5894a Build: , Ensured namespaces exist in all clusters. creating central cluster roles in cluster: gke_scratch-kubernetes-team_europe-central2-a_k8s-mdb-0-67d0389d75b70a0007e5894a created clusterrole: mongodb-enterprise-operator-multi-cluster-role-telemetry created clusterrolebinding: mongodb-enterprise-operator-multi-telemetry-cluster-role-binding created clusterrole: mongodb-enterprise-operator-multi-cluster-role-telemetry created clusterrolebinding: mongodb-enterprise-operator-multi-telemetry-cluster-role-binding creating member roles in cluster: gke_scratch-kubernetes-team_europe-central2-b_k8s-mdb-1-67d0389d75b70a0007e5894a created clusterrole: mongodb-enterprise-operator-multi-cluster-role-telemetry created clusterrolebinding: mongodb-enterprise-operator-multi-telemetry-cluster-role-binding created clusterrole: mongodb-enterprise-operator-multi-cluster-role-telemetry created clusterrolebinding: mongodb-enterprise-operator-multi-telemetry-cluster-role-binding creating member roles in cluster: gke_scratch-kubernetes-team_europe-central2-c_k8s-mdb-2-67d0389d75b70a0007e5894a created clusterrole: mongodb-enterprise-operator-multi-cluster-role-telemetry created clusterrolebinding: mongodb-enterprise-operator-multi-telemetry-cluster-role-binding created clusterrole: mongodb-enterprise-operator-multi-cluster-role-telemetry created clusterrolebinding: mongodb-enterprise-operator-multi-telemetry-cluster-role-binding Ensured ServiceAccounts and Roles. Creating KubeConfig secret mongodb-operator/mongodb-enterprise-operator-multi-cluster-kubeconfig in cluster gke_scratch-kubernetes-team_europe-central2-a_k8s-mdb-0-67d0389d75b70a0007e5894a Ensured database Roles in member clusters. Creating Member list Configmap mongodb-operator/mongodb-enterprise-operator-member-list in cluster gke_scratch-kubernetes-team_europe-central2-a_k8s-mdb-0-67d0389d75b70a0007e5894a
4
Kubernetes 용 MongoDB Helm Charts 추가합니다.
용 Helm 추가 리포지토리를 MongoDB Helm에 Charts 추가합니다.Kubernetes
1 helm repo add mongodb https://mongodb.github.io/helm-charts 2 helm repo update mongodb 3 helm search repo "${OFFICIAL_OPERATOR_HELM_CHART}"
"mongodb" has been added to your repositories Hang tight while we grab the latest from your chart repositories... ...Successfully got an update from the "mongodb" chart repository Update Complete. ⎈Happy Helming!⎈ NAME CHART VERSION APP VERSION DESCRIPTION mongodb/enterprise-operator 1.32.0 MongoDB Kubernetes Enterprise Operator
5
Kubernetes 연산자를 배포합니다.
용 Helm 사용 MongoDB Operator를 Charts Kubernetes 배포합니다.Kubernetes
1 helm upgrade --install \ 2 --debug \ 3 --kube-context "${K8S_CLUSTER_0_CONTEXT_NAME}" \ 4 mongodb-enterprise-operator-multi-cluster \ 5 "${OPERATOR_HELM_CHART}" \ 6 --namespace="${OPERATOR_NAMESPACE}" \ 7 --set namespace="${OPERATOR_NAMESPACE}" \ 8 --set operator.namespace="${OPERATOR_NAMESPACE}" \ 9 --set operator.watchNamespace="${OM_NAMESPACE}\,${MDB_NAMESPACE}" \ 10 --set operator.name=mongodb-enterprise-operator-multi-cluster \ 11 --set operator.createOperatorServiceAccount=false \ 12 --set operator.createResourcesServiceAccountsAndRoles=false \ 13 --set "multiCluster.clusters={${K8S_CLUSTER_0_CONTEXT_NAME},${K8S_CLUSTER_1_CONTEXT_NAME},${K8S_CLUSTER_2_CONTEXT_NAME}}" \ 14 --set "${OPERATOR_ADDITIONAL_HELM_VALUES:-"dummy=value"}" \ 15 --set operator.env=dev
Release "mongodb-enterprise-operator-multi-cluster" does not exist. Installing it now. NAME: mongodb-enterprise-operator-multi-cluster LAST DEPLOYED: Tue Mar 11 13:36:49 2025 NAMESPACE: mongodb-operator STATUS: deployed REVISION: 1 TEST SUITE: None USER-SUPPLIED VALUES: dummy: value multiCluster: clusters: - gke_scratch-kubernetes-team_europe-central2-a_k8s-mdb-0-67d0389d75b70a0007e5894a - gke_scratch-kubernetes-team_europe-central2-b_k8s-mdb-1-67d0389d75b70a0007e5894a - gke_scratch-kubernetes-team_europe-central2-c_k8s-mdb-2-67d0389d75b70a0007e5894a namespace: mongodb-operator operator: createOperatorServiceAccount: false createResourcesServiceAccountsAndRoles: false env: dev mdbDefaultArchitecture: static name: mongodb-enterprise-operator-multi-cluster namespace: mongodb-operator watchNamespace: mongodb-om,mongodb COMPUTED VALUES: agent: name: mongodb-agent-ubi version: 108.0.2.8729-1 database: name: mongodb-enterprise-database-ubi version: 1.32.0 dummy: value initAppDb: name: mongodb-enterprise-init-appdb-ubi version: 1.32.0 initDatabase: name: mongodb-enterprise-init-database-ubi version: 1.32.0 initOpsManager: name: mongodb-enterprise-init-ops-manager-ubi version: 1.32.0 managedSecurityContext: false mongodb: appdbAssumeOldFormat: false imageType: ubi8 name: mongodb-enterprise-server repo: quay.io/mongodb mongodbLegacyAppDb: name: mongodb-enterprise-appdb-database-ubi repo: quay.io/mongodb multiCluster: clusterClientTimeout: 10 clusters: - gke_scratch-kubernetes-team_europe-central2-a_k8s-mdb-0-67d0389d75b70a0007e5894a - gke_scratch-kubernetes-team_europe-central2-b_k8s-mdb-1-67d0389d75b70a0007e5894a - gke_scratch-kubernetes-team_europe-central2-c_k8s-mdb-2-67d0389d75b70a0007e5894a kubeConfigSecretName: mongodb-enterprise-operator-multi-cluster-kubeconfig performFailOver: true namespace: mongodb-operator operator: additionalArguments: [] affinity: {} createOperatorServiceAccount: false createResourcesServiceAccountsAndRoles: false deployment_name: mongodb-enterprise-operator enablePVCResize: true env: dev maxConcurrentReconciles: 1 mdbDefaultArchitecture: static name: mongodb-enterprise-operator-multi-cluster namespace: mongodb-operator nodeSelector: {} operator_image_name: mongodb-enterprise-operator-ubi replicas: 1 resources: limits: cpu: 1100m memory: 1Gi requests: cpu: 500m memory: 200Mi telemetry: collection: clusters: {} deployments: {} frequency: 1h operators: {} send: frequency: 168h tolerations: [] vaultSecretBackend: enabled: false tlsSecretRef: "" version: 1.32.0 watchNamespace: mongodb-om,mongodb watchedResources: - mongodb - opsmanagers - mongodbusers webhook: installClusterRole: true registerConfiguration: true opsManager: name: mongodb-enterprise-ops-manager-ubi registry: agent: quay.io/mongodb appDb: quay.io/mongodb database: quay.io/mongodb imagePullSecrets: null initAppDb: quay.io/mongodb initDatabase: quay.io/mongodb initOpsManager: quay.io/mongodb operator: quay.io/mongodb opsManager: quay.io/mongodb pullPolicy: Always subresourceEnabled: true HOOKS: MANIFEST: --- # Source: enterprise-operator/templates/operator-roles.yaml kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 metadata: name: mongodb-enterprise-operator-mongodb-webhook rules: - apiGroups: - "admissionregistration.k8s.io" resources: - validatingwebhookconfigurations verbs: - get - create - update - delete - apiGroups: - "" resources: - services verbs: - get - list - watch - create - update - delete --- # Source: enterprise-operator/templates/operator-roles.yaml # Additional ClusterRole for clusterVersionDetection kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 metadata: name: mongodb-enterprise-operator-multi-cluster-cluster-telemetry rules: # Non-resource URL permissions - nonResourceURLs: - "/version" verbs: - get # Cluster-scoped resource permissions - apiGroups: - '' resources: - namespaces resourceNames: - kube-system verbs: - get - apiGroups: - '' resources: - nodes verbs: - list --- # Source: enterprise-operator/templates/operator-roles.yaml kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 metadata: name: mongodb-enterprise-operator-multi-cluster-mongodb-operator-webhook-binding roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: mongodb-enterprise-operator-mongodb-webhook subjects: - kind: ServiceAccount name: mongodb-enterprise-operator-multi-cluster namespace: mongodb-operator --- # Source: enterprise-operator/templates/operator-roles.yaml # ClusterRoleBinding for clusterVersionDetection kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 metadata: name: mongodb-enterprise-operator-multi-cluster-mongodb-operator-cluster-telemetry-binding roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: mongodb-enterprise-operator-multi-cluster-cluster-telemetry subjects: - kind: ServiceAccount name: mongodb-enterprise-operator-multi-cluster namespace: mongodb-operator --- # Source: enterprise-operator/templates/operator.yaml apiVersion: apps/v1 kind: Deployment metadata: name: mongodb-enterprise-operator-multi-cluster namespace: mongodb-operator spec: replicas: 1 selector: matchLabels: app.kubernetes.io/component: controller app.kubernetes.io/name: mongodb-enterprise-operator-multi-cluster app.kubernetes.io/instance: mongodb-enterprise-operator-multi-cluster template: metadata: labels: app.kubernetes.io/component: controller app.kubernetes.io/name: mongodb-enterprise-operator-multi-cluster app.kubernetes.io/instance: mongodb-enterprise-operator-multi-cluster spec: serviceAccountName: mongodb-enterprise-operator-multi-cluster securityContext: runAsNonRoot: true runAsUser: 2000 containers: - name: mongodb-enterprise-operator-multi-cluster image: "quay.io/mongodb/mongodb-enterprise-operator-ubi:1.32.0" imagePullPolicy: Always args: - -watch-resource=mongodb - -watch-resource=opsmanagers - -watch-resource=mongodbusers - -watch-resource=mongodbmulticluster command: - /usr/local/bin/mongodb-enterprise-operator volumeMounts: - mountPath: /etc/config/kubeconfig name: kube-config-volume resources: limits: cpu: 1100m memory: 1Gi requests: cpu: 500m memory: 200Mi env: - name: OPERATOR_ENV value: dev - name: MDB_DEFAULT_ARCHITECTURE value: static - name: NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace - name: WATCH_NAMESPACE value: "mongodb-om,mongodb" - name: MDB_OPERATOR_TELEMETRY_COLLECTION_FREQUENCY value: "1h" - name: MDB_OPERATOR_TELEMETRY_SEND_FREQUENCY value: "168h" - name: CLUSTER_CLIENT_TIMEOUT value: "10" - name: IMAGE_PULL_POLICY value: Always # Database - name: MONGODB_ENTERPRISE_DATABASE_IMAGE value: quay.io/mongodb/mongodb-enterprise-database-ubi - name: INIT_DATABASE_IMAGE_REPOSITORY value: quay.io/mongodb/mongodb-enterprise-init-database-ubi - name: INIT_DATABASE_VERSION value: 1.32.0 - name: DATABASE_VERSION value: 1.32.0 # Ops Manager - name: OPS_MANAGER_IMAGE_REPOSITORY value: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi - name: INIT_OPS_MANAGER_IMAGE_REPOSITORY value: quay.io/mongodb/mongodb-enterprise-init-ops-manager-ubi - name: INIT_OPS_MANAGER_VERSION value: 1.32.0 # AppDB - name: INIT_APPDB_IMAGE_REPOSITORY value: quay.io/mongodb/mongodb-enterprise-init-appdb-ubi - name: INIT_APPDB_VERSION value: 1.32.0 - name: OPS_MANAGER_IMAGE_PULL_POLICY value: Always - name: AGENT_IMAGE value: "quay.io/mongodb/mongodb-agent-ubi:108.0.2.8729-1" - name: MDB_AGENT_IMAGE_REPOSITORY value: "quay.io/mongodb/mongodb-agent-ubi" - name: MONGODB_IMAGE value: mongodb-enterprise-server - name: MONGODB_REPO_URL value: quay.io/mongodb - name: MDB_IMAGE_TYPE value: "ubi9" - name: PERFORM_FAILOVER value: 'true' - name: MDB_MAX_CONCURRENT_RECONCILES value: "1" volumes: - name: kube-config-volume secret: defaultMode: 420 secretName: mongodb-enterprise-operator-multi-cluster-kubeconfig
6
MongoDB 엔터프라이즈 Kubernetes Operator의 상태를 확인합니다.
1 kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" -n "${OPERATOR_NAMESPACE}" rollout status deployment/mongodb-enterprise-operator-multi-cluster 2 echo "Operator deployment in ${OPERATOR_NAMESPACE} namespace" 3 kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" -n "${OPERATOR_NAMESPACE}" get deployments 4 echo; echo "Operator pod in ${OPERATOR_NAMESPACE} namespace" 5 kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" -n "${OPERATOR_NAMESPACE}" get pods
Waiting for deployment "mongodb-enterprise-operator-multi-cluster" rollout to finish: 0 of 1 updated replicas are available... deployment "mongodb-enterprise-operator-multi-cluster" successfully rolled out Operator deployment in mongodb-operator namespace NAME READY UP-TO-DATE AVAILABLE AGE mongodb-enterprise-operator-multi-cluster 1/1 1 1 9s Operator pod in mongodb-operator namespace NAME READY STATUS RESTARTS AGE mongodb-enterprise-operator-multi-cluster-786c8fcd9b-9k465 2/2 Running 1 (3s ago) 10s