Merge pull request #23 from mongodb/sharded_cluster-v1

Sharded cluster v1, update operator 1.9.2, Additional Config

README.md

@@ -1,9 +1,24 @@
-# This Repository is NOT a supported MongoDB product
 
 ## MongoDB Helm Charts repositry for Kubernetes
 
 This functionality is in alpha and is subject to change. The code is provided as-is with no warranties. Alpha features are not subject to the support SLA of official GA features.
 
+# Quick Start
+
+```helm repo add mongodb https://github.com/mongodb/helm-charts```
+```helm dependency  update```
+
+In order to install Ops Manager run this command
+
+```helm upgrade opsmanager . -n opsmanager --create-namespace  -i```
+
+In order to install MongoDB DataBase:
+
+```helm upgrade mongodb . --set opsManager.configMap=opsmanager-configmap --set opsManager.secretRef=opsmanager-org-access-key  -n $MONGODB_NAMESPACE --create-namespace -i```
+
+Where `opsmanager-configmap` and `opsmanager-org-access-key` contain OpsManager connection properties
+
+Helper script could be found at ./helpers/MongoDB-deploy.sh It contains an example that automates MongoDB Deployment using mongocli
 
 
 ## Charts
@@ -12,6 +27,6 @@ This repository contains sample HELM charts for different MongoDB products
 
 | charts                  |
 |-------------------------|
-| ent-operator            |
+| ent-operator            | 
 | ent-operator-database   |
 | ent-operator-opsmanager |

charts/ent-operator-database/Chart.yaml

@@ -1,7 +1,7 @@
 apiVersion: v2
 name: mongodb-enterprise-database
 description: MongoDB Kubernetes Enterprise Operator- MongoDB DataBase charts
-version: 0.2.3
+version: 0.2.4
 kubeVersion: '>=1.15-0'
 keywords:
 - mongodb

charts/ent-operator-database/templates/database-shard.yaml

@@ -0,0 +1,89 @@
+{{- if eq .Values.type "ShardedCluster" }}
+---
+apiVersion: mongodb.com/v1
+kind: MongoDB
+metadata:
+  name: {{ .Values.name }}
+  namespace: {{ .Release.Namespace }}
+  annotations:
+    "meta.helm.sh/release-name": {{ .Release.Name }}
+    "meta.helm.sh/release-namespace": {{ .Release.Namespace }}
+  labels:
+    "helm.sh/chart": {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    "app.kubernetes.io/managed-by": {{ .Release.Service }}
+
+spec:
+  type: {{ .Values.type | quote }}
+  version: {{ .Values.version }}
+  persistent : true
+  backup:
+    enabled: {{ .Values.backup }}   
+
+{{- with .Values.mongos }}
+  {{- toYaml . | nindent 2 }}
+{{- end }}
+
+{{- with .Values.shardServer }}
+  {{- toYaml . | nindent 2 }}
+{{- end }}
+
+{{- with .Values.configServer }}
+  {{- toYaml . | nindent 2 }}
+{{- end }}
+
+  opsManager:
+    configMapRef:
+{{- if .Values.opsManager.configMap }}      
+      name: {{ .Values.opsManager.configMap }}
+{{- else }}
+      name: {{ .Values.name }}-configmap
+{{- end }}
+{{- if .Values.opsManager.secretRef }}
+  credentials: {{ .Values.opsManager.secretRef }}
+{{- else }}
+  credentials: {{ .Values.name }}-credential
+{{- end }}
+
+  security:
+    authentication:
+      enabled: true
+      modes: 
+        {{- range .Values.security.authentication.modes }}
+        - {{ . | quote }} # Valid authentication modes are "SCRAM' and "X509"
+        {{- end }}
+    {{- if .Values.security.tls.enabled }}
+    tls:
+      enabled: {{ .Values.security.tls.enabled }}
+      ca: {{  .Values.security.tls.caRef }}
+    {{- end }}
+
+      # Optional field - ignoreUnknownUsers
+      # A value of true means that any users not configured via the Operator or the Ops Manager or Cloud Manager UI
+      # will not be altered in any way
+
+      # If you need to manage MongoDB users directly via the mongods, set this value to true
+      ignoreUnknownUsers: false # default value false
+  podSpec:
+    podTemplate:
+      spec:
+        terminationGracePeriodSeconds: 10
+        topologySpreadConstraints:
+        - maxSkew: 1
+          topologyKey: zone
+          whenUnsatisfiable: DoNotSchedule
+          labelSelector:
+          matchLabels:
+            foo: bar
+          # This container will be added to each pod as a sidecar
+        containers:
+          - name: mongodb-enterprise-database
+            resources:
+              {{- toYaml .Values.resources | nindent 14 }}
+        {{- with .Values.tolerations }}
+        tolerations:
+          {{- toYaml . | nindent 10 }}
+        {{- end }}
+
+    persistence:
+      {{- toYaml .Values.persistence | nindent 6 }}
+{{- end }}

charts/ent-operator-database/templates/database.yaml

@@ -1,3 +1,4 @@
+{{- if eq .Values.type "ReplicaSet" }}
 ---
 apiVersion: mongodb.com/v1
 kind: MongoDB
@@ -13,7 +14,7 @@ metadata:
 
 spec:
   type: {{ .Values.type | quote }}
-  members: {{ .Values.members }}
+  members: {{ .Values.replicaSet.members }}
 
   # Using a version >= 4.0 will enable SCRAM-SHA-256 authentication
   # setting a version < 4.0 will enable SCRAM-SHA-1/MONGODB-CR authentication
@@ -54,6 +55,24 @@ spec:
 
       # If you need to manage MongoDB users directly via the mongods, set this value to true
       ignoreUnknownUsers: false # default value false
+
+
+  additionalMongodConfig:
+{{- with .Values.additionalMongodConfig }}
+{{- toYaml . | nindent 4 }}
+{{- end }}
+
+{{- if .Values.externalConnectivity.enable }}
+  externalConnectivity:
+    {{- with .Values.externalConnectivity.replicaSetHorizons }}
+    replicaSetHorizons:
+      {{- toYaml . | nindent 6 }}
+    {{- end }}    
+{{- end }}
+{{- if .Values.agent }}
+  agent:
+{{- toYaml .Values.agent | nindent 4 }}
+{{- end }}
   podSpec:
     podTemplate:
       spec:
@@ -76,4 +95,5 @@ spec:
         {{- end }}
 
     persistence:
-      {{- toYaml .Values.persistence | nindent 6 }}
+      {{- toYaml .Values.persistence | nindent 6 }}
+{{- end }}

charts/ent-operator-database/values-shard.yaml

@@ -0,0 +1,151 @@
+## MongoDB Enterprise Database
+
+# Set this to true if your cluster is managing SecurityContext for you.
+# If running OpenShift (Cloud, Minishift, etc.), set this to true.
+managedSecurityContext: false
+
+# Section to describe components that needs to be installed
+mongodb-enterprise-operator:
+  enabled: true
+  watchOpsManager: false
+  watchDatabase: true
+
+# Optional configuration.
+deployValidationWebhooks: true
+
+name: mdbreplset
+type: ShardedCluster
+version: 4.4.2-ent
+backup: false
+
+mongos:
+  mongodsPerShardCount: 3
+  mongosCount: 2
+  mongosPodSpec:
+    # additionalMongodConfig: 
+    persistence:
+      single: 1G
+    #   multiple:
+    #     data:
+    #     journal:
+    #     logs:
+    podTemplate:
+      # metadata:
+      spec:
+        containers:
+          - name: mongodb-enterprise-database
+            resources:
+              limits:
+                cpu: "0.8"
+                memory: 1G
+        # tolerations:
+        #   - key: "key"
+        #     operator: "Exists"
+        #     effect: "NoSchedule"
+  agentConfigServer:
+    startupOptions:
+      maxLogFiles: "30"
+      dialTimeoutSeconds: "40"
+
+shardServer:
+  shardCount: 2
+  shardPodSpec:
+    # additionalMongodConfig: 
+    persistence:
+      single: 1G
+    #   multiple:
+    #     data:
+    #     journal:
+    #     logs:
+    podTemplate:
+      # metadata:
+      spec:
+        containers:
+          - name: mongodb-enterprise-database
+            resources:
+              limits:
+                cpu: "0.8"
+                memory: 1G
+        # tolerations:
+        #   - key: "key"
+        #     operator: "Exists"
+        #     effect: "NoSchedule"
+  agentConfigServer:
+    startupOptions:
+      maxLogFiles: "30"
+      dialTimeoutSeconds: "40"
+
+configServer:
+  configServerCount: 3
+  configSrvPodSpec:
+    # additionalMongodConfig: 
+    persistence:
+      single: 1G
+    #   multiple:
+    #     data:
+    #     journal:
+    #     logs:
+    podTemplate:
+      # metadata:
+      spec:
+        containers:
+          - name: mongodb-enterprise-database
+            resources:
+              limits:
+                cpu: "0.8"
+                memory: 1G
+        # tolerations:
+        #   - key: "key"
+        #     operator: "Exists"
+        #     effect: "NoSchedule"
+  agentConfigServer:
+    startupOptions:
+      maxLogFiles: "30"
+      dialTimeoutSeconds: "40"
+
+opsManager:
+  # Ops Manager connection could be configured  with Values and This HELM chart will create
+  # nesessary Secret and Config Map.
+  URL:
+  orgid:
+  APIKey:
+  APISecret:
+  # Alternatevly an existing secret and config map could be provided directly
+  configMap: opsmanager-configmap
+  secretRef: opsmanager-org-access-key
+
+security:
+  authentication:
+    modes: ["SCRAM"]  # Valid authentication modes are "SCRAM", "LDAP" and "X509"
+  tls:
+    enabled: false
+    caRef: mdbreplset-ca
+    # Note: Operator would expect Pem secret to have name: <metadata.name>-cert
+
+clusterName: cluster.local
+
+registry:
+  imagePullSecrets:
+  # TODO: specify for each image and move there?
+  pullPolicy: Always
+  # Specify if images are pulled from private registry
+
+users:
+  - username: admin-user
+    db: admin
+    password: "%SomeLong%password$foradmin"
+    roles:
+      - db: admin
+        name: clusterAdmin
+      - db: admin
+        name: userAdminAnyDatabase
+      - db: admin
+        name: readWrite
+      - db: admin
+        name: userAdminAnyDatabase
+  - username: app-user
+    db: admin
+    password: "%SomeLong%password$"
+    roles:
+      - db: admin
+        name: readWrite

charts/ent-operator-database/values.yaml

@@ -16,9 +16,13 @@ deployValidationWebhooks: true
 name: mdbreplset
 type: ReplicaSet
 version: 4.4.2-ent
-members: 3
 backup: false
 
+# Cluster type selection
+replicaSet:
+  members: 3
+
+
 opsManager:
   # Ops Manager connection could be configured  with Values and This HELM chart will create
   # nesessary Secret and Config Map.
@@ -70,6 +74,18 @@ persistence:
 
 clusterName: cluster.local
 
+additionalMongodConfig:
+  storageEngine: wiredTiger
+
+# External connectivity configuration
+# https://docs.mongodb.com/kubernetes-operator/master/tutorial/connect-from-outside-k8s/
+externalConnectivity:
+  enable: false
+  replicaSetHorizons:
+    - "example-website": "web1.example.com:30907"
+    - "example-website": "web2.example.com:32350"
+    - "example-website": "web3.example.com:31185"
+
 registry:
   imagePullSecrets:
   # TODO: specify for each image and move there?

charts/ent-operator-opsmanager/Chart.yaml

@@ -1,7 +1,7 @@
 apiVersion: v2
 name: mongodb-enterprise-opsmanager
 description: MongoDB Kubernetes Enterprise Operator - Ops Manager Chart
-version: 0.2.4
+version: 0.2.5
 kubeVersion: '>=1.15-0'
 keywords:
 - opsManager

charts/ent-operator-opsmanager/values.yaml

@@ -87,10 +87,10 @@ backup:
 resources:
   limits:
     cpu: 2
-    memory: 8G
+    memory: 6G
   requests:
     cpu: 1
-    memory: 6G
+    memory: 3G
 tolerations: []
 
 # Set this to true if the operator will require Kubernetes CA

charts/ent-operator/Chart.yaml

@@ -1,7 +1,7 @@
 apiVersion: v2
 name: mongodb-enterprise-operator
 description: MongoDB Kubernetes Enterprise Operator deployment
-version: 0.3.0
+version: 0.3.1
 kubeVersion: '>=1.16-0'
 keywords:
 - mongodb