Kanister-Enabled MongoDB Replica Set¶
This section describes the steps for a basic installation of an instance of a MongoDB Replica Set (a stateful set with persistent volumes) along with a Kanister Blueprint and a Profile via a Kanister-enabled Helm chart.
$ helm repo add kanister https://charts.kanister.io/
Then install the sample MongoDB replica set application in its own namespace.
# Install Kanister-enabled MongoDB Replica Set $ helm install kanister/kanister-mongodb-replicaset -n mongodb \ --namespace mongodb-test \ --set profile.create='true' \ --set profile.profileName='mongo-test-profile' \ --set profile.location.type='s3Compliant' \ --set profile.location.bucket='kanister-bucket' \ --set profile.location.endpoint='https://my-custom-s3-provider:9000' \ --set profile.aws.accessKey='AKIAIOSFODNN7EXAMPLE' \ --set profile.aws.secretKey='wJalrXUtnFEMI%K7MDENG%bPxRfiCYEXAMPLEKEY' \ --set kanister.controller_namespace="kanister" \ --set replicas=1 \ --set persistentVolume.size=2Gi
The settings in the command above represent the minimum recommended set for your installation of a single node replica set.
The command will also configure a location where artifacts resulting
from Kanister data operations such as backup should go. This is stored as a
profiles.cr.kanister.io CustomResource (CR) which is then referenced in
Kanister ActionSets. Every ActionSet requires a Profile reference whether one
created as part of the application install or not. Support for creating a
Profile as part of install is simply for convenience. This CR can be shared
between Kanister-enabled application instances so one option is to only
create as part of the first instance.
Prior to creating the Profile CR, you will need to do the following:
Create a bucket for artifacts on your S3 store. This will be your
location.bucketparameter to the command.
aws.secretKeycredentials for an account with access to the bucket that you will use.
Configure the permissions on the bucket to allow the account to list, put, get, and delete.
Make sure that your retention policy allows deletions so that artifacts can be reclaimed based on your intended data backup retention.
location.endpoint parameter is only required if you are using an
S3-compatible provider different from AWS.
If you are using an on-premises s3 provider, the endpoint specified needs be accessible from within your Kubernetes cluster.
If, in your environment, the endpoint has a self-signed SSL certificate,
--set verifySSL=false in the above command to disable SSL
verification for the S3 operations in the blueprint.
If not creating a Profile CR, it is possible to use an even simpler command.
# Install Kanister-enabled MongoDB Replica Set $ helm install kanister/kanister-mongodb-replicaset -n mongodb \ --namespace mongodb-test \ --set persistentVolume.size=2Gi
The MongoDB replica set created by the above command will not be secured. This is only acceptable for test purposes. Information to configure authentication can be found here.
The above command will attempt to use dynamic storage provisioning
based on the the default storage class for your cluster. You will to need to
designate a default storage class
or, use a specific storage class by providing a value with the
--set persistence.storageClass option.