Self Hosting production ready MongoDB with Kubernetes

Requirements:

• Minikube
• Kubectl

Sources:

• Install a mongo cluster in a kubernetes cluster : https://www.opcito.com/blogs/ways-to-host-a-mongodb-cluster-on-kubernetes
• Secure containerdized mongodb deployments : https://www.mongodb.com/blog/post/run-secure-containerized-mongodb-deployments-using-the-mongo-db-community-kubernetes-oper
• Mongodb Kubernetes Operator : https://github.com/mongodb/mongodb-kubernetes-operator.git

Process:

Create namespace for Mongo

• Create a namespace for mongo:

kubectl create namespace mongodb

Install Mongo Operator

• Clone the mongodb-kubernetes-operator repository and apply the deploy/clusterwide files:

git clone https://github.com/mongodb/mongodb-kubernetes-operator.git
cd mongodb-kubernetes-operator

kubectl apply -f deploy/clusterwide

• Apply the Role, RoleBinding and ServiceAccount:

kubectl apply -k config/rbac --namespace mongodb 

• Install the Custom Resource Definitions:

kubectl apply -f config/crd/bases/mongodbcommunity.mongodb.com_mongodbcommunity.yaml 

• Verify that the Custom Resource Definitions installed successfully:

kubectl get crd/mongodbcommunity.mongodbcommunity.mongodb.com 

• Install the Operator:

kubectl create -f config/manager/manager.yaml --namespace mongodb

• Verify if the Operator is installed correctly:

kubectl get pods --namespace mongodb

Install cert-manager and generate certificates

• Go to project mongo root directory
• Install Cert Manager:

kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.8.0/cert-manager.yaml

• Generate the CA key:

openssl genrsa -out rootca.key 4096 

• Configure rootca.cnf and generate CA Certificate

openssl req -new -x509 -days 36500 -key rootca.key -out ca.crt -config rootca.cnf 

• Create the certificate configmap and service

kubectl create configmap ca-config-map --from-file="./ca.crt" --namespace mongodb 
kubectl create secret tls ca-key-pair  --cert="./ca.crt"  --key="./rootca.key" --namespace mongodb 

Create a MongoDB replica set in Kubernetes:

kubectl apply -f mongodb-certmanager.yaml 
kubectl apply -f mongodb-replicaset.yaml 
kubectl apply -f mongodb-loadbalancer.yaml 

Integrating Prometeus for metrics

• Create monitoring namespace

kubectl create namespace monitoring

• Clone the kube-prometheus repository

git clone https://github.com/prometheus-operator/kube-prometheus

• Install the kube-prometheus

kubectl apply --server-side -f manifests/setup
until kubectl get servicemonitors --all-namespaces ; do date; sleep 1; echo ""; done
kubectl apply -f manifests/

-

https://github.com/prometheus-operator/kube-prometheus https://www.mongodb.com/blog/post/introducing-mongodb-prometheus-integration