Add mongodb things - complete deployment-mongo.yaml

Author: anyflow

k8s/deployment-http-echo.yaml

@@ -1,7 +1,7 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
-  name: deployment-foo
+  name: foo
 spec:
   selector:
     matchLabels:
@@ -30,7 +30,7 @@ spec:
 apiVersion: apps/v1
 kind: Deployment
 metadata:
-  name: deployment-bar
+  name: bar
 spec:
   selector:
     matchLabels:

k8s/deployment-mongo.yaml

@@ -0,0 +1,46 @@
+#https://kubernetes.io/blog/2017/01/running-mongodb-on-kubernetes-with-statefulsets/
+
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: mongo
+spec:
+  selector:
+    matchLabels:
+      app: mongodb
+  replicas: 3
+  template:
+    metadata:
+      labels:
+        app: mongodb
+    spec:
+      containers:
+      - name: mongo
+        image: mongo:5.0.7
+        args:
+        # - '--config'
+        # - '/hostroot/mongo/mongod.conf'
+        - '--bind_ip'
+        - '0.0.0.0'
+        - '--replSet'
+        - 'anyflow-replset'
+        - '--auth'
+        - '--clusterAuthMode'
+        - 'keyFile'
+        - '--keyFile'
+        - '/hostroot/mongo/keyfile'
+        # - "--setParameter"
+        # - "authenticationMechanisms=SCRAM-SHA-1"
+        resources:
+          limits:
+            memory: '128Mi'
+            cpu: '500m'
+        ports:
+        - containerPort: 27017
+        volumeMounts:
+          - name: hostroot
+            mountPath: /hostroot
+      volumes:
+        - name: hostroot
+          hostPath:
+            path: /hostroot

k8s/hostroot_in_node/mongo/keyfile

@@ -0,0 +1,16 @@
+5ID8J/YhZarHwW1jBuq05K2yDxhc7dR4Zk5FJyrwg27EluKgkVcJeGlGwlamu83n
+41dqXiKesAsFGqLkrBY0eJpQ7sJqZFee6LeYvbXdTht9ymTu0KO6FNbUYp/+NO5+
+cJTwia8YOtiew7raS4flIsgb455rMV1BUsdM6s1oTp4Mj2ayqVeXppAHSZD5TgYe
+VMhn8iLvuVDyIYyXNQxj2b9XPSsFV4fw+xsq1jdKZE2R7IGpajpLqOVi5qZiqMis
+UpVxaoNuzoTzKExlMSwV58Uzul2eLFbrnuTLXcnSYvBQjXSAMtEpeUGReyF1+CNh
+2CzlL4WvFLwxpsoVF6l4EIdJLTwRkX1guuC0TVHpgmz+Twg551UFh4U2iAK/mQhW
+yDdSmR9aXVJ/Q61imS+4/3pa0Wl/G6NtvWCWuGxQn7j3tv/M9XKM3tkF1qMy5hwC
+zjQWpjDalKzWIioLoe58nx9sLYuhvh18wPFsJvvwf//DqFMozUuFoxx8d2ry4CeA
+LufFaW/BKgrpmuEpIS7D6di6mPGeeMZtLgCMEe0s6XFNS3hz5sCd6IUMsKTvaNbe
+oTSDJ2SqM+0w/hSA1fpryB5Z0SYln1kX6HVRKZLXMjwap69hf+eFyPIPGlCkhqnY
+JmumcLehBeqvw/NLhiqtHo8+HCX+3IqtGhlxeypKFZHA/wJzZnu9DkVL31LI1Btm
+sxJ2bc7tAEzxJ9UUpAbxMGkFGtFdvie1dIvU33dxuKQyHb5iq+9pgf/8Tjx5kxUb
+rb+YFa9YtPcS1ExIbfyWWAr58/VtLnPxaswLOgejxoET/NP/twPjpb/x831g5/9K
+piVaAX8b3vIZCjYY6fvQiMxI0J19QSGQci27a+XM/ejm+sojMnyA7YZXAftG8meR
+rIFQ1IVKjztOmXgqtRyrCFb4kAtlx1LmEUospBNnaVLkJQD9xHuHI9OLSx9tn47S
+1hMdX3zLqA+cx1tS/30bjDyV5L4Q

k8s/hostroot_in_node/mongo/mongod.conf

@@ -0,0 +1,31 @@
+# mongod.conf
+
+# for documentation of all options, see:
+#   http://docs.mongodb.org/manual/reference/configuration-options/
+
+# storage:
+#   dbPath: /var/lib/mongodb
+#   journal:
+#     enabled: true
+
+net:
+  # bindIp: localhost
+  port: 27017
+
+security:
+  authorization: enabled
+  keyFile: /hostroot/mongo/keyfile
+
+systemLog:
+  # destination: file
+  # logAppend: true
+  # path: /var/log/mongodb/mongod.log
+  destination: syslog
+  timeStampFormat: iso8601-utc
+
+processManagement:
+  timeZoneInfo: /usr/share/zoneinfo
+  # fork: true
+
+replication:
+  replSetName: anyflow-replset

k8s/kind-config.yaml

@@ -30,5 +30,14 @@ nodes:
     protocol: TCP
 
 - role: worker # configuration for worker1 node
+  extraMounts:
+    - hostPath: ./hostroot_in_node
+      containerPath: /hostroot
 - role: worker # configuration for worker2 node
+  extraMounts:
+    - hostPath: ./hostroot_in_node
+      containerPath: /hostroot
 - role: worker # configuration for worker3 node
+  extraMounts:
+    - hostPath: ./hostroot_in_node
+      containerPath: /hostroot

k8s/mongo.md

@@ -0,0 +1,63 @@
+# Description
+
+- mongodb replication cluster를 k8s kind cluster로 설정하
+
+# Prerequisite
+
+- kind cluster 생성 : `./readme.md` 참고
+
+# mongodb replicaset 생성
+
+1. 3개의 mongodb instance 생성
+
+   ```bash
+   > kubectl apply -f ./deployment-mongo.yaml
+   ```
+
+2. 특정 mongodb pod에 접근
+
+   ```bash
+   > kubectl exec --stdin --tty <mongodb pod name> -- /bin/bash
+   ```
+
+3. mongoshell로 해당 mongodb에 접근
+
+   ```bash
+   > mongosh --host localhost:27017
+   ```
+
+4. mongodb localhost exception 설정
+
+   ```bash
+   > rs.initiate() #initiate replica set
+   > use admin # admin db 사용
+   > db.createUser({ #admin 생성
+      user: "m103-admin",
+      pwd: "m103-pass",
+      roles: [{role: "root", db: "admin"}]
+     })
+    > exit #localhost exception 빠져나오기
+   ```
+
+5. replica set cluster 구성
+
+   ```bash
+   > mongosh --host localhost:27017 -u admin -p admin --authenticationDatabase admin #admin으로 login
+   > rs.add('<other mongodb pod ip #1>:27017') #첫 번째 replica를 cluster에 추
+   > rs.add('<other mongodb pod ip #2>:27017') #두 번째 replica를 cluster에 추
+   > cfg = rs.conf() # cfg = rs.config()와 동일
+   > cfg.members[0].host = '<current mongodb pod ip>:27017' # 현재 current node가 pod name으로 host가 설정되어 있는데, 타 노드가 pod name으로는 접근할 수 없기에, ip로 변경
+   > rs.reconfig(cfg)
+   ...
+
+   # 기타 replicaset 관련 명령어
+   > rs.status()
+   > rs.isMaster()
+   > rs.stepDown()
+   ```
+
+6.
+## 참고
+
+- 특정 pod bash에 접근 : `kubectl exec --stdin --tty <pod name> -- /bin/bash`
+- network util pod 생성 및 shell 로그인 `kubectl run my-shell --rm -i --tty --image praqma/network-multitool -- bash`

k8s/mongo.yaml

@@ -0,0 +1,80 @@
+#https://maruftuhin.com/blog/mongodb-replica-set-on-kubernetes/
+
+apiVersion: v1
+kind: Service
+metadata:
+  name: mongodb-service
+  labels:
+    name: mongo
+spec:
+  ports:
+  - port: 27017
+    targetPort: 27017
+  clusterIP: None
+  selector:
+    role: mongo
+---
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: mongod
+spec:
+  serviceName: mongodb-service
+  replicas: 3
+  selector:
+    matchLabels:
+      role: mongo
+      environment: test
+      replicaset: MainRepSet
+  template:
+    metadata:
+      labels:
+        role: mongo
+        environment: test
+        replicaset: MainRepSet
+    spec:
+      containers:
+      - name: mongod-container
+        image: mongo:5.0.7
+        command:
+        - "numactl"
+        - "--interleave=all"
+        - "mongod"
+        - "--bind_ip"
+        - "0.0.0.0"
+        - "--replSet"
+        - "MainRepSet"
+        - "--auth"
+        - "--clusterAuthMode"
+        - "keyFile"
+        - "--keyFile"
+        - "/etc/secrets-volume/internal-auth-mongodb-keyfile"
+        - "--setParameter"
+        - "authenticationMechanisms=SCRAM-SHA-1"
+        resources:
+          requests:
+            cpu: 0.2
+            memory: 200Mi
+        ports:
+        - containerPort: 27017
+        volumeMounts:
+        - name: secrets-volume
+          readOnly: true
+          mountPath: /etc/secrets-volume
+        - name: mongodb-persistent-storage-claim
+          mountPath: /data/db
+      volumes:
+      - name: secrets-volume
+        secret:
+          secretName: shared-bootstrap-data
+          defaultMode: 256
+  volumeClaimTemplates:
+  - metadata:
+      name: mongodb-persistent-storage-claim
+      annotations:
+        volume.beta.kubernetes.io/storage-class: "standard"
+    spec:
+      accessModes: [ "ReadWriteOnce" ]
+      resources:
+        requests:
+          storage: 1Gi

k8s/readme.md

@@ -53,7 +53,7 @@
   - 특히, 로컬에서의 테스트를 위한 전용 포트포워딩 설정이 중요
   - 세부 설정에 대한 설명은 파일 내 comment 참조
 
-- `pods.yaml`
+- `pods-http-echo.yaml`, `deployment-http-echo.yaml`
   - 2개의 http echo 서버(`foo`, `bar`) 컨테이너 pod 설정 (config type : `pod`)
   - http echo 서버는 사전 설정에 따라, 호출 시 단순히 `foo!`, `bar!`를 응답
   - 세부 설정에 대한 설명은 파일 내 comment 참조
@@ -249,22 +249,22 @@ foo-app   1/1     Running   0          45s
 ```bash
 > kubectl apply -f ./deployment-http-echo.yaml
 ...
-deployment.apps/deployment-foo created
-deployment.apps/deployment-bar created
+deployment.apps/foo created
+deployment.apps/bar created
 ...
 > kubectl get deployments
 ...
 NAME             READY   UP-TO-DATE   AVAILABLE   AGE
-deployment-bar   2/2     2            2           13m
-deployment-foo   2/2     2            2           13m
+bar   2/2     2            2           13m
+foo   2/2     2            2           13m
 ...
 > kubectl get pods
 ...
 NAME                              READY   STATUS    RESTARTS   AGE
-deployment-bar-565c58bc76-lv9zn   1/1     Running   0          14m
-deployment-bar-565c58bc76-p2zt4   1/1     Running   0          14m
-deployment-foo-7d77c84f46-lcwnq   1/1     Running   0          14m
-deployment-foo-7d77c84f46-lh6qs   1/1     Running   0          14m
+bar-565c58bc76-lv9zn   1/1     Running   0          14m
+bar-565c58bc76-p2zt4   1/1     Running   0          14m
+foo-7d77c84f46-lcwnq   1/1     Running   0          14m
+foo-7d77c84f46-lh6qs   1/1     Running   0          14m
 ```