Kubernetes 연산자 사용한 MongoDB Search 및 MongoDB Vector Search 배포 지원은 미리보기 기능 으로 제공됩니다. 기능 및 해당 설명서는 미리 보기 기간에 언제든지 변경될 수 있습니다. 자세히 학습 미리보기 기능을 참조하세요.
Kubernetes Operator를 사용하여 MongoDB Search 및 Vector Search 리소스를 배포 Kubernetes 클러스터 에서 MongoDB 엔터프라이즈 v8.0.10 이상으로 실행 수 있습니다. 이 절차에서는 Kubernetes 클러스터 의 신규 또는 기존 복제본 세트 와 함께 실행 mongot 프로세스 배포 하고 구성하는 방법을 보여 줍니다.
중요
8.2 미만의 MongoDB 버전에 대한 지원은 이제 더 이상 사용되지 않습니다. MongoDB v8.2 이상으로 업그레이드합니다.
전제 조건
MongoDB Search 및 Vector Search를 배포 하려면 다음이 필요합니다.
로컬에서 사용할 수 있는
kubeconfig가 포함 실행 Kubernetes 클러스터 입니다.Kubernetes 명령줄 도구인
kubectl이(가) 클러스터 와 통신하도록 구성되었습니다.Kubernetes 용 패키지 관리자인Helm을 사용하여 Kubernetes Operator를 설치합니다.
이 튜토리얼의 명령을 실행 하려면 Bash v5.1 이상을 사용해야 합니다.
MongoDB Ops Manager 또는 MongoDB Cloud Manager 프로젝트 및 API 자격 증명.
절차
1
필수 사항입니다. 환경 변수를 설정합니다.
이 절차의 후속 단계에서 사용할 환경 변수를 설정하다 하려면 다음을 복사하고 환경 변수의 값을 설정하다 다음 환경 변수를 로드합니다.
1 # set it to the context name of the k8s cluster 2 export K8S_CTX="<local cluster context>" 3 4 # the following namespace will be created if not exists 5 export MDB_NS="mongodb" 6 7 # name of the MongoDB Custom Resource. 8 export MDB_RESOURCE_NAME="mdb-rs" 9 10 # OM/CM's project name to be used to manage mongodb replica set 11 export OPS_MANAGER_PROJECT_NAME="<arbitrary project name>" 12 13 # URL to Cloud Manager or Ops Manager instance 14 export OPS_MANAGER_API_URL="https://cloud-qa.mongodb.com" 15 16 # The API key can be an Org Owner - the operator can create the project automatically then. 17 # The API key can also be created in a particular project that was created manually with the Project Owner scope. 18 export OPS_MANAGER_API_USER="<SET API USER>" 19 export OPS_MANAGER_API_KEY="<SET API KEY>" 20 export OPS_MANAGER_ORG_ID="<SET ORG ID>" 21 22 # minimum required MongoDB version for running MongoDB Search is 8.2.0 23 export MDB_VERSION="8.2.0-ent" 24 25 # root admin user for convenience, not used here at all in this guide 26 export MDB_ADMIN_USER_PASSWORD="admin-user-password-CHANGE-ME" 27 # regular user performing restore and search queries on sample mflix database 28 export MDB_USER_PASSWORD="mdb-user-password-CHANGE-ME" 29 # user for MongoDB Search to connect to the replica set to synchronise data from 30 export MDB_SEARCH_SYNC_USER_PASSWORD="search-sync-user-password-CHANGE-ME" 31 32 export OPERATOR_HELM_CHART="mongodb/mongodb-kubernetes" 33 # comma-separated key=value pairs for additional parameters passed to the helm-chart installing the operator 34 export OPERATOR_ADDITIONAL_HELM_VALUES="" 35 36 export MDB_CONNECTION_STRING="mongodb://mdb-user:${MDB_USER_PASSWORD}@${MDB_RESOURCE_NAME}-svc.${MDB_NS}.svc.cluster.local:27017/?replicaSet=${MDB_RESOURCE_NAME}"
2
조건부. MongoDB Helm 리포지토리 추가합니다.
Helm 은 Kubernetes 에서 MongoDB 인스턴스의 배포서버 및 관리 자동화합니다. Kubernetes Operator 연산자 설치를 위한 Helm 차트 포함된 Helm 리포지토리 이미 추가한 경우 이 단계를 건너뜁니다. 그렇지 않으면 Helm 리포지토리 추가합니다.
다음 명령을 추가, 복사, 붙여넣기 및 실행 하려면 다음을 수행하세요.
1 helm repo add mongodb https://mongodb.github.io/helm-charts 2 helm repo update mongodb 3 helm search repo mongodb/mongodb-kubernetes
1 "mongodb" has been added to your repositories 2 Hang tight while we grab the latest from your chart repositories... 3 ...Successfully got an update from the "mongodb" chart repository 4 Update Complete. ⎈Happy Helming!⎈ 5 NAME CHART VERSION APP VERSION DESCRIPTION 6 mongodb/mongodb-kubernetes 1.5.0 MongoDB Controllers for Kubernetes translate th...
3
조건부. Kubernetes Operator용 MongoDB 컨트롤러를 설치합니다.
Kubernetes Operator는 MongoDB, MongoDBOpsManager 및 MongoDBSearch 사용자 지정 리소스를 감시하고 MongoDB deployment의 수명 주기를 관리합니다. Kubernetes Operator용 MongoDB 컨트롤러를 이미 설치한 경우 이 단계를 건너뛰세요. 그렇지 않으면 이전 단계에서 추가한 Helm 리포지토리 에서 Kubernetes Operator용 MongoDB 컨트롤러를 설치합니다.
mongodb 네임스페이스 에 Kubernetes Operator용 MongoDB 컨트롤러를 설치하려면 다음을 복사하여 붙여넣고 실행 .
1 helm upgrade --install --debug --kube-context "${K8S_CTX}" \ 2 --create-namespace \ 3 --namespace="${MDB_NS}" \ 4 mongodb-kubernetes \ 5 {OPERATOR_ADDITIONAL_HELM_VALUES:+--set ${OPERATOR_ADDITIONAL_HELM_VALUES}} \ 6 "${OPERATOR_HELM_CHART}"
1 Release "mongodb-kubernetes" does not exist. Installing it now. 2 NAME: mongodb-kubernetes 3 LAST DEPLOYED: Wed Oct 15 09:35:18 2025 4 NAMESPACE: mongodb 5 STATUS: deployed 6 REVISION: 1 7 TEST SUITE: None 8 USER-SUPPLIED VALUES: 9 {} 10 11 COMPUTED VALUES: 12 agent: 13 name: mongodb-agent 14 version: 108.0.12.8846-1 15 community: 16 agent: 17 name: mongodb-agent 18 version: 108.0.2.8729-1 19 mongodb: 20 imageType: ubi8 21 name: mongodb-community-server 22 repo: quay.io/mongodb 23 registry: 24 agent: quay.io/mongodb 25 resource: 26 members: 3 27 name: mongodb-replica-set 28 tls: 29 caCertificateSecretRef: tls-ca-key-pair 30 certManager: 31 certDuration: 8760h 32 renewCertBefore: 720h 33 certificateKeySecretRef: tls-certificate 34 enabled: false 35 sampleX509User: false 36 useCertManager: true 37 useX509: false 38 version: 4.4.0 39 database: 40 name: mongodb-kubernetes-database 41 version: 1.5.0 42 initAppDb: 43 name: mongodb-kubernetes-init-appdb 44 version: 1.5.0 45 initDatabase: 46 name: mongodb-kubernetes-init-database 47 version: 1.5.0 48 initOpsManager: 49 name: mongodb-kubernetes-init-ops-manager 50 version: 1.5.0 51 managedSecurityContext: false 52 mongodb: 53 appdbAssumeOldFormat: false 54 imageType: ubi8 55 name: mongodb-enterprise-server 56 repo: quay.io/mongodb 57 multiCluster: 58 clusterClientTimeout: 10 59 clusters: [] 60 kubeConfigSecretName: mongodb-enterprise-operator-multi-cluster-kubeconfig 61 performFailOver: true 62 operator: 63 additionalArguments: [] 64 affinity: {} 65 baseName: mongodb-kubernetes 66 createOperatorServiceAccount: true 67 createResourcesServiceAccountsAndRoles: true 68 deployment_name: mongodb-kubernetes-operator 69 enableClusterMongoDBRoles: true 70 enablePVCResize: true 71 env: prod 72 maxConcurrentReconciles: 1 73 mdbDefaultArchitecture: non-static 74 name: mongodb-kubernetes-operator 75 nodeSelector: {} 76 operator_image_name: mongodb-kubernetes 77 replicas: 1 78 resources: 79 limits: 80 cpu: 1100m 81 memory: 1Gi 82 requests: 83 cpu: 500m 84 memory: 200Mi 85 telemetry: 86 collection: 87 clusters: {} 88 deployments: {} 89 frequency: 1h 90 operators: {} 91 send: 92 frequency: 168h 93 tolerations: [] 94 vaultSecretBackend: 95 enabled: false 96 tlsSecretRef: "" 97 version: 1.5.0 98 watchedResources: 99 - mongodb 100 - opsmanagers 101 - mongodbusers 102 - mongodbcommunity 103 - mongodbsearch 104 webhook: 105 installClusterRole: true 106 registerConfiguration: true 107 opsManager: 108 name: mongodb-enterprise-ops-manager-ubi 109 readinessProbe: 110 name: mongodb-kubernetes-readinessprobe 111 version: 1.0.23 112 registry: 113 agent: quay.io/mongodb 114 database: quay.io/mongodb 115 imagePullSecrets: null 116 initAppDb: quay.io/mongodb 117 initDatabase: quay.io/mongodb 118 initOpsManager: quay.io/mongodb 119 operator: quay.io/mongodb 120 opsManager: quay.io/mongodb 121 pullPolicy: Always 122 readinessProbe: quay.io/mongodb 123 versionUpgradeHook: quay.io/mongodb 124 search: 125 name: mongodb-search 126 repo: quay.io/mongodb 127 version: 0.53.1 128 versionUpgradeHook: 129 name: mongodb-kubernetes-operator-version-upgrade-post-start-hook 130 version: 1.0.10 131 132 HOOKS: 133 MANIFEST: 134 --- 135 Source: mongodb-kubernetes/templates/database-roles.yaml 136 apiVersion: v1 137 kind: ServiceAccount 138 metadata: 139 name: mongodb-kubernetes-appdb 140 namespace: mongodb 141 --- 142 Source: mongodb-kubernetes/templates/database-roles.yaml 143 apiVersion: v1 144 kind: ServiceAccount 145 metadata: 146 name: mongodb-kubernetes-database-pods 147 namespace: mongodb 148 --- 149 Source: mongodb-kubernetes/templates/database-roles.yaml 150 apiVersion: v1 151 kind: ServiceAccount 152 metadata: 153 name: mongodb-kubernetes-ops-manager 154 namespace: mongodb 155 --- 156 Source: mongodb-kubernetes/templates/operator-sa.yaml 157 apiVersion: v1 158 kind: ServiceAccount 159 metadata: 160 name: mongodb-kubernetes-operator 161 namespace: mongodb 162 --- 163 Source: mongodb-kubernetes/templates/operator-roles-clustermongodbroles.yaml 164 kind: ClusterRole 165 apiVersion: rbac.authorization.k8s.io/v1 166 metadata: 167 name: mongodb-kubernetes-operator-mongodb-cluster-mongodb-role 168 rules: 169 - apiGroups: 170 - mongodb.com 171 verbs: 172 - '*' 173 resources: 174 - clustermongodbroles 175 --- 176 Source: mongodb-kubernetes/templates/operator-roles-telemetry.yaml 177 Additional ClusterRole for clusterVersionDetection 178 kind: ClusterRole 179 apiVersion: rbac.authorization.k8s.io/v1 180 metadata: 181 name: mongodb-kubernetes-operator-cluster-telemetry 182 rules: 183 Non-resource URL permissions 184 - nonResourceURLs: 185 - "/version" 186 verbs: 187 - get 188 Cluster-scoped resource permissions 189 - apiGroups: 190 - '' 191 resources: 192 - namespaces 193 resourceNames: 194 - kube-system 195 verbs: 196 - get 197 - apiGroups: 198 - '' 199 resources: 200 - nodes 201 verbs: 202 - list 203 --- 204 Source: mongodb-kubernetes/templates/operator-roles-webhook.yaml 205 kind: ClusterRole 206 apiVersion: rbac.authorization.k8s.io/v1 207 metadata: 208 name: mongodb-kubernetes-operator-mongodb-webhook-cr 209 rules: 210 - apiGroups: 211 - "admissionregistration.k8s.io" 212 resources: 213 - validatingwebhookconfigurations 214 verbs: 215 - get 216 - create 217 - update 218 - delete 219 - apiGroups: 220 - "" 221 resources: 222 - services 223 verbs: 224 - get 225 - list 226 - watch 227 - create 228 - update 229 - delete 230 --- 231 Source: mongodb-kubernetes/templates/operator-roles-clustermongodbroles.yaml 232 kind: ClusterRoleBinding 233 apiVersion: rbac.authorization.k8s.io/v1 234 metadata: 235 name: mongodb-kubernetes-operator-mongodb-cluster-mongodb-role-binding 236 roleRef: 237 apiGroup: rbac.authorization.k8s.io 238 kind: ClusterRole 239 name: mongodb-kubernetes-operator-mongodb-cluster-mongodb-role 240 subjects: 241 - kind: ServiceAccount 242 name: mongodb-kubernetes-operator 243 namespace: mongodb 244 --- 245 Source: mongodb-kubernetes/templates/operator-roles-telemetry.yaml 246 ClusterRoleBinding for clusterVersionDetection 247 kind: ClusterRoleBinding 248 apiVersion: rbac.authorization.k8s.io/v1 249 metadata: 250 name: mongodb-kubernetes-operator-mongodb-cluster-telemetry-binding 251 roleRef: 252 apiGroup: rbac.authorization.k8s.io 253 kind: ClusterRole 254 name: mongodb-kubernetes-operator-cluster-telemetry 255 subjects: 256 - kind: ServiceAccount 257 name: mongodb-kubernetes-operator 258 namespace: mongodb 259 --- 260 Source: mongodb-kubernetes/templates/operator-roles-webhook.yaml 261 kind: ClusterRoleBinding 262 apiVersion: rbac.authorization.k8s.io/v1 263 metadata: 264 name: mongodb-kubernetes-operator-mongodb-webhook-crb 265 roleRef: 266 apiGroup: rbac.authorization.k8s.io 267 kind: ClusterRole 268 name: mongodb-kubernetes-operator-mongodb-webhook-cr 269 subjects: 270 - kind: ServiceAccount 271 name: mongodb-kubernetes-operator 272 namespace: mongodb 273 --- 274 Source: mongodb-kubernetes/templates/database-roles.yaml 275 kind: Role 276 apiVersion: rbac.authorization.k8s.io/v1 277 metadata: 278 name: mongodb-kubernetes-appdb 279 namespace: mongodb 280 rules: 281 - apiGroups: 282 - '' 283 resources: 284 - secrets 285 verbs: 286 - get 287 - apiGroups: 288 - '' 289 resources: 290 - pods 291 verbs: 292 - patch 293 - delete 294 - get 295 --- 296 Source: mongodb-kubernetes/templates/operator-roles-base.yaml 297 kind: Role 298 apiVersion: rbac.authorization.k8s.io/v1 299 metadata: 300 name: mongodb-kubernetes-operator 301 namespace: mongodb 302 rules: 303 - apiGroups: 304 - '' 305 resources: 306 - services 307 verbs: 308 - get 309 - list 310 - watch 311 - create 312 - update 313 - delete 314 - apiGroups: 315 - '' 316 resources: 317 - secrets 318 - configmaps 319 verbs: 320 - get 321 - list 322 - create 323 - update 324 - delete 325 - watch 326 - apiGroups: 327 - apps 328 resources: 329 - statefulsets 330 verbs: 331 - create 332 - get 333 - list 334 - watch 335 - delete 336 - update 337 - apiGroups: 338 - '' 339 resources: 340 - pods 341 verbs: 342 - get 343 - list 344 - watch 345 - delete 346 - deletecollection 347 - apiGroups: 348 - mongodbcommunity.mongodb.com 349 resources: 350 - mongodbcommunity 351 - mongodbcommunity/status 352 - mongodbcommunity/spec 353 - mongodbcommunity/finalizers 354 verbs: 355 - '*' 356 - apiGroups: 357 - mongodb.com 358 verbs: 359 - '*' 360 resources: 361 - mongodb 362 - mongodb/finalizers 363 - mongodbusers 364 - mongodbusers/finalizers 365 - opsmanagers 366 - opsmanagers/finalizers 367 - mongodbmulticluster 368 - mongodbmulticluster/finalizers 369 - mongodbsearch 370 - mongodbsearch/finalizers 371 - mongodb/status 372 - mongodbusers/status 373 - opsmanagers/status 374 - mongodbmulticluster/status 375 - mongodbsearch/status 376 --- 377 Source: mongodb-kubernetes/templates/operator-roles-pvc-resize.yaml 378 kind: Role 379 apiVersion: rbac.authorization.k8s.io/v1 380 metadata: 381 name: mongodb-kubernetes-operator-pvc-resize 382 namespace: mongodb 383 rules: 384 - apiGroups: 385 - '' 386 resources: 387 - persistentvolumeclaims 388 verbs: 389 - get 390 - delete 391 - list 392 - watch 393 - patch 394 - update 395 --- 396 Source: mongodb-kubernetes/templates/database-roles.yaml 397 kind: RoleBinding 398 apiVersion: rbac.authorization.k8s.io/v1 399 metadata: 400 name: mongodb-kubernetes-appdb 401 namespace: mongodb 402 roleRef: 403 apiGroup: rbac.authorization.k8s.io 404 kind: Role 405 name: mongodb-kubernetes-appdb 406 subjects: 407 - kind: ServiceAccount 408 name: mongodb-kubernetes-appdb 409 namespace: mongodb 410 --- 411 Source: mongodb-kubernetes/templates/operator-roles-base.yaml 412 kind: RoleBinding 413 apiVersion: rbac.authorization.k8s.io/v1 414 metadata: 415 name: mongodb-kubernetes-operator 416 namespace: mongodb 417 roleRef: 418 apiGroup: rbac.authorization.k8s.io 419 kind: Role 420 name: mongodb-kubernetes-operator 421 subjects: 422 - kind: ServiceAccount 423 name: mongodb-kubernetes-operator 424 namespace: mongodb 425 --- 426 Source: mongodb-kubernetes/templates/operator-roles-pvc-resize.yaml 427 kind: RoleBinding 428 apiVersion: rbac.authorization.k8s.io/v1 429 metadata: 430 name: mongodb-kubernetes-operator-pvc-resize-binding 431 namespace: mongodb 432 roleRef: 433 apiGroup: rbac.authorization.k8s.io 434 kind: Role 435 name: mongodb-kubernetes-operator-pvc-resize 436 subjects: 437 - kind: ServiceAccount 438 name: mongodb-kubernetes-operator 439 namespace: mongodb 440 --- 441 Source: mongodb-kubernetes/templates/operator.yaml 442 apiVersion: apps/v1 443 kind: Deployment 444 metadata: 445 name: mongodb-kubernetes-operator 446 namespace: mongodb 447 spec: 448 replicas: 1 449 selector: 450 matchLabels: 451 app.kubernetes.io/component: controller 452 app.kubernetes.io/name: mongodb-kubernetes-operator 453 app.kubernetes.io/instance: mongodb-kubernetes-operator 454 template: 455 metadata: 456 labels: 457 app.kubernetes.io/component: controller 458 app.kubernetes.io/name: mongodb-kubernetes-operator 459 app.kubernetes.io/instance: mongodb-kubernetes-operator 460 spec: 461 serviceAccountName: mongodb-kubernetes-operator 462 securityContext: 463 runAsNonRoot: true 464 runAsUser: 2000 465 containers: 466 - name: mongodb-kubernetes-operator 467 image: "quay.io/mongodb/mongodb-kubernetes:1.5.0" 468 imagePullPolicy: Always 469 args: 470 - -watch-resource=mongodb 471 - -watch-resource=opsmanagers 472 - -watch-resource=mongodbusers 473 - -watch-resource=mongodbcommunity 474 - -watch-resource=mongodbsearch 475 - -watch-resource=clustermongodbroles 476 command: 477 - /usr/local/bin/mongodb-kubernetes-operator 478 resources: 479 limits: 480 cpu: 1100m 481 memory: 1Gi 482 requests: 483 cpu: 500m 484 memory: 200Mi 485 env: 486 - name: OPERATOR_ENV 487 value: prod 488 - name: MDB_DEFAULT_ARCHITECTURE 489 value: non-static 490 - name: NAMESPACE 491 valueFrom: 492 fieldRef: 493 fieldPath: metadata.namespace 494 - name: WATCH_NAMESPACE 495 valueFrom: 496 fieldRef: 497 fieldPath: metadata.namespace 498 - name: MDB_OPERATOR_TELEMETRY_COLLECTION_FREQUENCY 499 value: "1h" 500 - name: MDB_OPERATOR_TELEMETRY_SEND_FREQUENCY 501 value: "168h" 502 - name: CLUSTER_CLIENT_TIMEOUT 503 value: "10" 504 - name: IMAGE_PULL_POLICY 505 value: Always 506 # Database 507 - name: MONGODB_ENTERPRISE_DATABASE_IMAGE 508 value: quay.io/mongodb/mongodb-kubernetes-database 509 - name: INIT_DATABASE_IMAGE_REPOSITORY 510 value: quay.io/mongodb/mongodb-kubernetes-init-database 511 - name: INIT_DATABASE_VERSION 512 value: 1.5.0 513 - name: DATABASE_VERSION 514 value: 1.5.0 515 # Ops Manager 516 - name: OPS_MANAGER_IMAGE_REPOSITORY 517 value: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi 518 - name: INIT_OPS_MANAGER_IMAGE_REPOSITORY 519 value: quay.io/mongodb/mongodb-kubernetes-init-ops-manager 520 - name: INIT_OPS_MANAGER_VERSION 521 value: 1.5.0 522 # AppDB 523 - name: INIT_APPDB_IMAGE_REPOSITORY 524 value: quay.io/mongodb/mongodb-kubernetes-init-appdb 525 - name: INIT_APPDB_VERSION 526 value: 1.5.0 527 - name: OPS_MANAGER_IMAGE_PULL_POLICY 528 value: Always 529 - name: AGENT_IMAGE 530 value: "quay.io/mongodb/mongodb-agent:108.0.12.8846-1" 531 - name: MDB_AGENT_IMAGE_REPOSITORY 532 value: "quay.io/mongodb/mongodb-agent" 533 - name: MONGODB_IMAGE 534 value: mongodb-enterprise-server 535 - name: MONGODB_REPO_URL 536 value: quay.io/mongodb 537 - name: MDB_IMAGE_TYPE 538 value: ubi8 539 - name: PERFORM_FAILOVER 540 value: 'true' 541 - name: MDB_MAX_CONCURRENT_RECONCILES 542 value: "1" 543 - name: POD_NAME 544 valueFrom: 545 fieldRef: 546 fieldPath: metadata.name 547 - name: OPERATOR_NAME 548 value: mongodb-kubernetes-operator 549 # Community Env Vars Start 550 - name: MDB_COMMUNITY_AGENT_IMAGE 551 value: "quay.io/mongodb/mongodb-agent:108.0.2.8729-1" 552 - name: VERSION_UPGRADE_HOOK_IMAGE 553 value: "quay.io/mongodb/mongodb-kubernetes-operator-version-upgrade-post-start-hook:1.0.10" 554 - name: READINESS_PROBE_IMAGE 555 value: "quay.io/mongodb/mongodb-kubernetes-readinessprobe:1.0.23" 556 - name: MDB_COMMUNITY_IMAGE 557 value: "mongodb-community-server" 558 - name: MDB_COMMUNITY_REPO_URL 559 value: "quay.io/mongodb" 560 - name: MDB_COMMUNITY_IMAGE_TYPE 561 value: "ubi8" 562 # Community Env Vars End 563 - name: MDB_SEARCH_REPO_URL 564 value: "quay.io/mongodb" 565 - name: MDB_SEARCH_NAME 566 value: "mongodb-search" 567 - name: MDB_SEARCH_VERSION 568 value: "0.53.1"
4
조건부. MongoDB 엔터프라이즈 리소스 만들고 배포 .
이미 MongoDB 엔터프라이즈 배포한 경우 다음 단계로 건너뜁니다. 그렇지 않으면 MongoDB 엔터프라이즈 리소스 배포 .
MongoDB 엔터프라이즈 배포 하려면 다음 단계를 완료하세요.
MongoDB Ops Manager 사용하는 경우 MongoDB Ops Manager 프로젝트 에 대한 ConfigMap 및 시크릿을 생성합니다.
MongoDB Ops Manager 통합을 위한 구성 및 자격 증명 저장 하려면 다음 명령을 복사하여 붙여넣고 실행 .
1 kubectl --context "${K8S_CTX}" -n "${MDB_NS}" create configmap om-project \ 2 --from-literal=projectName="${OPS_MANAGER_PROJECT_NAME}" --from-literal=baseUrl="${OPS_MANAGER_API_URL}" \ 3 --from-literal=orgId="${OPS_MANAGER_ORG_ID:-}" 4 5 kubectl --context "${K8S_CTX}" -n "${MDB_NS}" create secret generic om-credentials \ 6 --from-literal=publicKey="${OPS_MANAGER_API_USER}" \ 7 --from-literal=privateKey="${OPS_MANAGER_API_KEY}" mdb-rs(이)라는MongoDB사용자 지정 리소스 만듭니다.리소스
mongod및mongodb-agent컨테이너의 CPU 및 메모리 리소스를 정의하고 Kubernetes Operator에게 3 멤버로 MongoDB 복제본 세트 구성하도록 지시합니다.MongoDB 엔터프라이즈 배포 하려면 네임스페이스 에서 다음을 복사하여 붙여넣고 실행 .
1 kubectl apply --context "${K8S_CTX}" -n "${MDB_NS}" -f - <<EOF 2 apiVersion: mongodb.com/v1 3 kind: MongoDB 4 metadata: 5 name: ${MDB_RESOURCE_NAME} 6 spec: 7 members: 3 8 version: ${MDB_VERSION} 9 type: ReplicaSet 10 opsManager: 11 configMapRef: 12 name: om-project 13 credentials: om-credentials 14 security: 15 authentication: 16 enabled: true 17 ignoreUnknownUsers: true 18 modes: 19 - SCRAM 20 agent: 21 logLevel: INFO 22 podSpec: 23 podTemplate: 24 spec: 25 containers: 26 - name: mongodb-enterprise-database 27 resources: 28 limits: 29 cpu: "2" 30 memory: 2Gi 31 requests: 32 cpu: "1" 33 memory: 1Gi 34 EOF MongoDB리소스 배포서버 완료될 때까지 기다립니다.MongoDB사용자 지정 리소스 적용 Kubernetes 연산자 MongoDB 노드(포드) 배포를 시작합니다. 이 단계에서는mdbc-rs리소스의 상태 단계가Running가 되어 MongoDB Community 복제본 세트 작동 가능함을 나타낼 때까지 실행을 일시 중지합니다.1 echo "Waiting for MongoDB resource to reach Running phase..." 2 kubectl --context "${K8S_CTX}" -n "${MDB_NS}" wait --for=jsonpath='{.status.phase}'=Running "mdb/${MDB_RESOURCE_NAME}" --timeout=400s 3 echo; echo "MongoDB resource" 4 kubectl --context "${K8S_CTX}" -n "${MDB_NS}" get "mdb/${MDB_RESOURCE_NAME}" 5 echo; echo "Pods running in cluster ${K8S_CTX}" 6 kubectl --context "${K8S_CTX}" -n "${MDB_NS}" get pods 1 Waiting for MongoDB resource to reach Running phase... 2 mongodb.mongodb.mongodb.com/mdbc-rs condition met 3 4 MongoDB resource 5 NAME PHASE VERSION 6 mdbc-rs Running 8.0.10 7 8 Pods running in cluster minikube 9 NAME READY STATUS RESTARTS AGE 10 mdbc-rs-0 2/2 Running 0 2m30s 11 mdbc-rs-1 2/2 Running 0 82s 12 mdbc-rs-2 2/2 Running 0 38s 13 mongodb-kubernetes-operator-5776c8b4df-cppnf 1/1 Running 0 7m37s
5
필수입니다. MongoDB 사용자 시크릿을 생성하고 로드합니다.
MongoDB 보안 액세스 위해 인증 필요합니다. 이 단계에서는 세 개의 Kubernetes 시크릿을 생성합니다.
mdb-admin-user-password: MongoDB 관리자의 자격 증명입니다.mdb-user-password: 검색 쿼리를 수행할 수 있는 권한이 있는 사용자의 자격 증명입니다.mdbc-rs-search-sync-source-password:mongot프로세스 에서 데이터를 동기화하고 인덱스를 관리 위해 내부적으로 사용하는 검색 전용 사용자에 대한 자격 증명입니다.
Kubernetes Operator는 이러한 시크릿을 MongoDB pod에 마운트합니다.
시크릿을 생성하려면 MongoDB Server 배포하고 MongoDB Search 및 Vector Search를 배포 하려는 네임스페이스 에 다음을 복사하여 붙여넣은 후 실행 .
1 admin user with root role 2 kubectl --context "${K8S_CTX}" --namespace "${MDB_NS}" \ 3 create secret generic mdb-admin-user-password \ 4 --from-literal=password="${MDB_ADMIN_USER_PASSWORD}" 5 6 kubectl apply --context "${K8S_CTX}" -n "${MDB_NS}" -f - <<EOF 7 apiVersion: mongodb.com/v1 8 kind: MongoDBUser 9 metadata: 10 name: mdb-admin 11 spec: 12 username: mdb-admin 13 db: admin 14 mongodbResourceRef: 15 name: ${MDB_RESOURCE_NAME} 16 passwordSecretKeyRef: 17 name: mdb-admin-user-password 18 key: password 19 roles: 20 - name: root 21 db: admin 22 EOF 23 24 user used by MongoDB Search to connect to MongoDB database to synchronize data from 25 For MongoDB <8.2, the operator will be creating the searchCoordinator custom role automatically 26 From MongoDB 8.2, searchCoordinator role will be a built-in role. 27 kubectl --context "${K8S_CTX}" --namespace "${MDB_NS}" \ 28 create secret generic "${MDB_RESOURCE_NAME}-search-sync-source-password" \ 29 --from-literal=password="${MDB_SEARCH_SYNC_USER_PASSWORD}" 30 kubectl apply --context "${K8S_CTX}" -n "${MDB_NS}" -f - <<EOF 31 apiVersion: mongodb.com/v1 32 kind: MongoDBUser 33 metadata: 34 name: search-sync-source-user 35 spec: 36 username: search-sync-source 37 db: admin 38 mongodbResourceRef: 39 name: ${MDB_RESOURCE_NAME} 40 passwordSecretKeyRef: 41 name: ${MDB_RESOURCE_NAME}-search-sync-source-password 42 key: password 43 roles: 44 - name: searchCoordinator 45 db: admin 46 EOF 47 48 user performing search queries 49 kubectl --context "${K8S_CTX}" --namespace "${MDB_NS}" \ 50 create secret generic mdb-user-password \ 51 --from-literal=password="${MDB_USER_PASSWORD}" 52 kubectl apply --context "${K8S_CTX}" -n "${MDB_NS}" -f - <<EOF 53 apiVersion: mongodb.com/v1 54 kind: MongoDBUser 55 metadata: 56 name: mdb-user 57 spec: 58 username: mdb-user 59 db: admin 60 mongodbResourceRef: 61 name: ${MDB_RESOURCE_NAME} 62 passwordSecretKeyRef: 63 name: mdb-user-password 64 key: password 65 roles: 66 - name: readWrite 67 db: sample_mflix 68 EOF
1 secret/mdb-admin-user-password created 2 secret/mdbc-rs-search-sync-source-password created 3 secret/mdb-user-password created
6
필수입니다. MongoDB Search 및 Vector Search를 위한 리소스 생성하고 배포 .
로드 밸런싱 없이 검색 노드 의 인스턴스 하나를 배포 할 수 있습니다. 배포 하려면 다음 단계를 완료하세요.
mdbc-rs(이)라는MongoDBSearch사용자 지정 리소스 만듭니다.이 리소스 검색 노드에 대한 CPU 및 메모리 리소스 요구 사항을 지정합니다. 이 사용자 지정 리소스의 설정에 대해 자세히 학습하려면 MongoDB 검색 및 벡터 검색 설정을 참조하세요.
1 kubectl apply --context "${K8S_CTX}" -n "${MDB_NS}" -f - <<EOF 2 apiVersion: mongodb.com/v1 3 kind: MongoDBSearch 4 metadata: 5 name: ${MDB_RESOURCE_NAME} 6 spec: 7 no need to specify source.mongodbResourceRef if MongoDBSearch CR has the same name as MongoDB CR 8 the operator infer it automatically 9 resourceRequirements: 10 limits: 11 cpu: "3" 12 memory: 5Gi 13 requests: 14 cpu: "2" 15 memory: 3Gi 16 EOF MongoDBSearch리소스 배포서버 완료될 때까지 기다립니다.MongoDBSearch사용자 지정 리소스 적용 Kubernetes 연산자 검색 노드(pod) 배포를 시작합니다. 이 단계에서는mdbc-rs리소스의 상태 단계가Running가 되어 MongoDB Community 복제본 세트 작동 가능함을 나타낼 때까지 실행을 일시 중지합니다.1 echo "Waiting for MongoDBSearch resource to reach Running phase..." 2 kubectl --context "${K8S_CTX}" -n "${MDB_NS}" wait --for=jsonpath='{.status.phase}'=Running "mdbs/${MDB_RESOURCE_NAME}" --timeout=300s
7
8
선택 사항. 네임스페이스 에서 실행 모든 파드를 확인합니다.
네임스페이스 파드에서 MongoDB 복제본 세트 멤버, Kubernetes Operator용 MongoDB 컨트롤러 및 검색 노드에 대해 실행 모든 파드를 확인합니다.
1 echo; echo "MongoDB resource" 2 kubectl --context "${K8S_CTX}" -n "${MDB_NS}" get "mdb/${MDB_RESOURCE_NAME}" 3 echo; echo "MongoDBSearch resource" 4 kubectl --context "${K8S_CTX}" -n "${MDB_NS}" get "mdbs/${MDB_RESOURCE_NAME}" 5 echo; echo "Pods running in cluster ${K8S_CTX}" 6 kubectl --context "${K8S_CTX}" -n "${MDB_NS}" get pods
1 MongoDB resource 2 NAME PHASE VERSION TYPE AGE 3 mdb-rs Running 8.2.0-ent ReplicaSet 5m7s 4 5 MongoDBSearch resource 6 NAME PHASE AGE 7 mdb-rs Running 3m9s 8 9 Pods running in cluster kind-kind 10 NAME READY STATUS RESTARTS AGE 11 mdb-rs-0 1/1 Running 0 5m4s 12 mdb-rs-1 1/1 Running 0 4m40s 13 mdb-rs-2 1/1 Running 0 4m15s 14 mdb-rs-search-0 1/1 Running 3 (112s ago) 2m29s 15 mongodb-kubernetes-operator-57c6f46b47-gdwbc 1/1 Running 0 5m9s
다음 단계
이제 MongoDB 엔터프라이즈 와 함께 사용할 MongoDB Search 및 Vector Search를 성공적으로 배포했으므로, MongoDB cluster 에 데이터를 추가하고, MongoDB Search 및 Vector Search 인덱스를 생성하고, 데이터에 대해 쿼리를 실행 . 자세한 학습은 MongoDB 검색 및 벡터 검색 설정을 참조하세요.