Ops Manager de vários clusters

O Ops Manager é responsável por facilitar volumes de trabalho, como backup de dados, monitorar o desempenho do banco de dados e muito mais. Para tornar o Ops Manager de vários clusters e o sistema de banco de dados de aplicativos resilientes a falhas de data center ou de zona inteiras, implemente o aplicativo Ops Manager e o sistema de banco de dados de aplicativos em vários clusters do Kubernetes.

Pré-requisitos

Antes de iniciar o procedimento a seguir, execute as seguintes ações:

Instale o kubectl.
Conclua o procedimento GKE Clusters ou equivalente.
Conclua o procedimento Certificados TLS ou equivalente.
Conclua o procedimento Istion Service Mesh ou equivalente.
Conclua o procedimento Implementar o operador MongoDB.
Configure as variáveis de ambiente necessárias da seguinte maneira:

# This script builds on top of the environment configured in the setup guides.
# It depends (uses) the following env variables defined there to work correctly.
# If you don't use the setup guide to bootstrap the environment, then define them here.
#  ${K8S_CLUSTER_0_CONTEXT_NAME}
#  ${K8S_CLUSTER_1_CONTEXT_NAME}
#  ${K8S_CLUSTER_2_CONTEXT_NAME}
#  ${OM_NAMESPACE}
export S3_OPLOG_BUCKET_NAME=s3-oplog-store
export S3_SNAPSHOT_BUCKET_NAME=s3-snapshot-store
# If you use your own S3 storage - set the values accordingly.
# By default we install Minio to handle S3 storage and here are set the default credentials.
export S3_ENDPOINT="minio.tenant-tiny.svc.cluster.local"
export S3_ACCESS_KEY="console"
export S3_SECRET_KEY="console123"
export OPS_MANAGER_VERSION="8.0.5"
export APPDB_VERSION="8.0.5-ent"

código fonte

Você pode encontrar todo o código-fonte incluído no repositório do MongoDB Kubernetes Operator.

Procedimento

Gerar certificados TLS.

kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" -n "${OM_NAMESPACE}" apply -f - <<EOF
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
  name: om-cert
spec:
  dnsNames:
  - om-svc.${OM_NAMESPACE}.svc.cluster.local
  duration: 240h0m0s
  issuerRef:
    name: my-ca-issuer
    kind: ClusterIssuer
  renewBefore: 120h0m0s
  secretName: cert-prefix-om-cert
  usages:
  - server auth
  - client auth
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
  name: om-db-cert
spec:
  dnsNames:
  - "*.${OM_NAMESPACE}.svc.cluster.local"
  duration: 240h0m0s
  issuerRef:
    name: my-ca-issuer
    kind: ClusterIssuer
  renewBefore: 120h0m0s
  secretName: cert-prefix-om-db-cert
  usages:
  - server auth
  - client auth
EOF

Instale o Ops Manager.

Neste ponto, você preparou o ambiente e o Operador Kubernetes para implantar o recurso MongoDB Ops Manager .

Crie as credenciais necessárias para o usuário administrador do MongoDB Ops Manager que o operador Kubernetes criará após implantar a instância do aplicativo MongoDB Ops Manager :

1 kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" --namespace "${OM_NAMESPACE}" create secret generic om-admin-user-credentials \
2   --from-literal=Username="admin" \
3   --from-literal=Password="Passw0rd@" \
4   --from-literal=FirstName="Jane" \
5   --from-literal=LastName="Doe"

Implemente o MongoDBOpsManager recurso personalizado do mais simples possível (com o TLS do habilitado) em um cluster de único membro, que também é conhecido como o cluster do operador.

Essa implantação é quase igual à implantação do modo de cluster único, mas com spec.topology e spec.applicationDatabase.topology definidos como MultiCluster.

A implantação dessa forma mostra que um único sistema de cluster Kubernetes é um caso especial de um sistema de cluster multi-Kubernetes em um único cluster de membro do Kubernetes. Você pode começar a implantar o Aplicativo MongoDB Ops Manager e o Banco de Dados de Aplicativos em quantos clusters Kubernetes necessários desde o início e não precisa começar com a implantação com apenas um cluster Kubernetes de nó único.

Neste ponto, você preparou a implantação do MongoDB Ops Manager para abranger mais de um cluster Kubernetes , o que você fará mais tarde neste procedimento.

1 kubectl apply --context "${K8S_CLUSTER_0_CONTEXT_NAME}" -n "${OM_NAMESPACE}" -f - <<EOF
2 apiVersion: mongodb.com/v1
3 kind: MongoDBOpsManager
4 metadata:
5   name: om
6 spec:
7   topology: MultiCluster
8   version: "${OPS_MANAGER_VERSION}"
9   adminCredentials: om-admin-user-credentials
10   externalConnectivity:
11     type: LoadBalancer
12   security:
13     certsSecretPrefix: cert-prefix
14     tls:
15       ca: ca-issuer
16   clusterSpecList:
17     - clusterName: "${K8S_CLUSTER_0_CONTEXT_NAME}"
18       members: 1
19   applicationDatabase:
20     version: "${APPDB_VERSION}"
21     topology: MultiCluster
22     security:
23       certsSecretPrefix: cert-prefix
24       tls:
25         ca: ca-issuer
26     clusterSpecList:
27       - clusterName: "${K8S_CLUSTER_0_CONTEXT_NAME}"
28         members: 3
29   backup:
30     enabled: false
31 EOF

Aguarde o operador Kubernetes pegar o trabalho e alcançar o estado status.applicationDatabase.phase=Pending . Aguarde a conclusão das implantações do banco de dados de aplicativos e do MongoDB Ops Manager .

1 echo "Waiting for Application Database to reach Pending phase..."
2 kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" -n "${OM_NAMESPACE}" wait --for=jsonpath='{.status.applicationDatabase.phase}'=Pending opsmanager/om --timeout=30s

1 Waiting for Application Database to reach Pending phase...
2 mongodbopsmanager.mongodb.com/om condition met

Implemente MongoDB Ops Manager. O Operador Kubernetes implementa o MongoDB Ops Manager executando as etapas a seguir. Ele:

Distribui os nós do conjunto de réplicas do banco de dados de aplicativos e aguarda que os processos do MongoDB no conjunto de réplicas comecem a ser executados.
Implementa a instância do Aplicativo MongoDB Ops Manager com a connection string do Banco de Dados do Aplicativo e aguarda que ela fique pronta.
Adiciona os containers do MongoDB Agent de monitoramento ao Pod de cada banco de dados de aplicativos.
Aguarde que o aplicativo MongoDB Ops Manager e os pods do banco de dados de aplicativos comecem a ser executados.

1 echo "Waiting for Application Database to reach Running phase..."
2 kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" -n "${OM_NAMESPACE}" wait --for=jsonpath='{.status.applicationDatabase.phase}'=Running opsmanager/om --timeout=900s
3 echo; echo "Waiting for Ops Manager to reach Running phase..."
4 kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" -n "${OM_NAMESPACE}" wait --for=jsonpath='{.status.opsManager.phase}'=Running opsmanager/om --timeout=900s
5 echo; echo "MongoDBOpsManager resource"
6 kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" -n "${OM_NAMESPACE}" get opsmanager/om
7 echo; echo "Pods running in cluster ${K8S_CLUSTER_0_CONTEXT_NAME}"
8 kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" -n "${OM_NAMESPACE}" get pods
9 echo; echo "Pods running in cluster ${K8S_CLUSTER_1_CONTEXT_NAME}"
10 kubectl --context "${K8S_CLUSTER_1_CONTEXT_NAME}" -n "${OM_NAMESPACE}" get pods

1 Waiting for Application Database to reach Running phase...
2 mongodbopsmanager.mongodb.com/om condition met
3 
4 Waiting for Ops Manager to reach Running phase...
5 mongodbopsmanager.mongodb.com/om condition met
6 
7 MongoDBOpsManager resource
8 NAME   REPLICAS   VERSION   STATE (OPSMANAGER)   STATE (APPDB)   STATE (BACKUP)   AGE   WARNINGS
9 om                8.0.5     Running              Running         Disabled         12m   
10 
11 Pods running in cluster gke_scratch-kubernetes-team_europe-central2-a_k8s-mdb-0-682f2df6e1745e000788a1d5-24552
12 NAME        READY   STATUS    RESTARTS   AGE
13 om-0-0      2/2     Running   0          9m41s
14 om-db-0-0   4/4     Running   0          51s
15 om-db-0-1   4/4     Running   0          2m25s
16 om-db-0-2   4/4     Running   0          4m16s
17 
18 Pods running in cluster gke_scratch-kubernetes-team_europe-central2-b_k8s-mdb-1-682f2df6e1745e000788a1d5-24552

Agora que você distribuiu um cluster de um único membro em um modo de vários clusters, é possível reconfigurar o sistema para abranger mais de um cluster do Kubernetes.

No segundo cluster de membros, implemente dois membros adicionais do conjunto de réplicas do Banco de Dados de Aplicativo e uma instância adicional do Aplicativo MongoDB Ops Manager :

1 kubectl apply --context "${K8S_CLUSTER_0_CONTEXT_NAME}" -n "${OM_NAMESPACE}" -f - <<EOF
2 apiVersion: mongodb.com/v1
3 kind: MongoDBOpsManager
4 metadata:
5   name: om
6 spec:
7   topology: MultiCluster
8   version: "${OPS_MANAGER_VERSION}"
9   adminCredentials: om-admin-user-credentials
10   externalConnectivity:
11     type: LoadBalancer
12   security:
13     certsSecretPrefix: cert-prefix
14     tls:
15       ca: ca-issuer
16   clusterSpecList:
17     - clusterName: "${K8S_CLUSTER_0_CONTEXT_NAME}"
18       members: 1
19     - clusterName: "${K8S_CLUSTER_1_CONTEXT_NAME}"
20       members: 1
21   applicationDatabase:
22     version: "${APPDB_VERSION}"
23     topology: MultiCluster
24     security:
25       certsSecretPrefix: cert-prefix
26       tls:
27         ca: ca-issuer
28     clusterSpecList:
29       - clusterName: "${K8S_CLUSTER_0_CONTEXT_NAME}"
30         members: 3
31       - clusterName: "${K8S_CLUSTER_1_CONTEXT_NAME}"
32         members: 2
33   backup:
34     enabled: false
35 EOF

Aguarde o Operador Kubernetes pegar o trabalho (fase pendente):

1 echo "Waiting for Application Database to reach Pending phase..."
2 kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" -n "${OM_NAMESPACE}" wait --for=jsonpath='{.status.applicationDatabase.phase}'=Pending opsmanager/om --timeout=30s
3 
4 echo "Waiting for Ops Manager to reach Pending phase..."
5 kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" -n "${OM_NAMESPACE}" wait --for=jsonpath='{.status.opsManager.phase}'=Pending opsmanager/om --timeout=600s

1 Waiting for Application Database to reach Pending phase...
2 mongodbopsmanager.mongodb.com/om condition met
3 Waiting for Ops Manager to reach Pending phase...
4 mongodbopsmanager.mongodb.com/om condition met

Aguarde o operador Kubernetes terminar de implantar todos os componentes:

1 echo "Waiting for Application Database to reach Running phase..."
2 kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" -n "${OM_NAMESPACE}" wait --for=jsonpath='{.status.applicationDatabase.phase}'=Running opsmanager/om --timeout=600s
3 echo; echo "Waiting for Ops Manager to reach Running phase..."
4 kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" -n "${OM_NAMESPACE}" wait --for=jsonpath='{.status.opsManager.phase}'=Running opsmanager/om --timeout=600s
5 echo; echo "MongoDBOpsManager resource"
6 kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" -n "${OM_NAMESPACE}" get opsmanager/om
7 echo; echo "Pods running in cluster ${K8S_CLUSTER_0_CONTEXT_NAME}"
8 kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" -n "${OM_NAMESPACE}" get pods
9 echo; echo "Pods running in cluster ${K8S_CLUSTER_1_CONTEXT_NAME}"
10 kubectl --context "${K8S_CLUSTER_1_CONTEXT_NAME}" -n "${OM_NAMESPACE}" get pods

1 Waiting for Application Database to reach Running phase...
2 mongodbopsmanager.mongodb.com/om condition met
3 
4 Waiting for Ops Manager to reach Running phase...
5 mongodbopsmanager.mongodb.com/om condition met
6 
7 MongoDBOpsManager resource
8 NAME   REPLICAS   VERSION   STATE (OPSMANAGER)   STATE (APPDB)   STATE (BACKUP)   AGE   WARNINGS
9 om                8.0.5     Running              Running         Disabled         20m   
10 
11 Pods running in cluster gke_scratch-kubernetes-team_europe-central2-a_k8s-mdb-0-682f2df6e1745e000788a1d5-24552
12 NAME        READY   STATUS    RESTARTS   AGE
13 om-0-0      2/2     Running   0          2m53s
14 om-db-0-0   4/4     Running   0          8m42s
15 om-db-0-1   4/4     Running   0          10m
16 om-db-0-2   4/4     Running   0          12m
17 
18 Pods running in cluster gke_scratch-kubernetes-team_europe-central2-b_k8s-mdb-1-682f2df6e1745e000788a1d5-24552
19 NAME        READY   STATUS    RESTARTS   AGE
20 om-1-0      2/2     Running   0          3m24s
21 om-db-1-0   4/4     Running   0          7m43s
22 om-db-1-1   4/4     Running   0          5m31s

Habilitar backup.

Em um sistema de cluster multi-Kubernetes do Aplicativo de Ops Manager, você pode configurar somente o armazenamento de backup baseado em S3. Este procedimento refere-se ao S3_* definido em env_variables.sh.

Opcional. Instalar o operador MinIO.

Este procedimento implementa armazenamento compatível com S3para seus backups usando o Operador MinIO. Você pode pular esta etapa se tiver o Amazon Web Services S3 ou outros blocos compatíveis com S3disponíveis. Ajuste as variáveis S3_* adequadamente em env_variables.sh neste caso.

1 kubectl kustomize "github.com/minio/operator/resources/?timeout=120&ref=v5.0.12" | \
2   kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" apply -f -
3 
4 kubectl kustomize "github.com/minio/operator/examples/kustomization/tenant-tiny?timeout=120&ref=v5.0.12" | \
5   kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" apply -f -
6 
7 # add two buckets to the tenant config
8 kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" -n "tenant-tiny" patch tenant/myminio \
9   --type='json' \
10   -p="[{\"op\": \"add\", \"path\": \"/spec/buckets\", \"value\": [{\"name\": \"${S3_OPLOG_BUCKET_NAME}\"}, {\"name\": \"${S3_SNAPSHOT_BUCKET_NAME}\"}]}]"
11 
12 kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" label namespace "tenant-tiny" istio-injection=enabled --overwrite

Antes de configurar e ativar o backup, crie segredos:

s3-access-secret - contém credenciais S3 .
s3-ca-cert - contém um certificado CA que emitiu o certificado do servidor do bucket. No caso da implantação do MinIO de amostra usada neste procedimento, o certificado padrão da Kubernetes Root CA é usado para assinar o certificado. Como não é um certificado de CA confiável publicamente, você deve fornecê-lo para que o MongoDB Ops Manager possa confiar na conexão.

Se você utilizar certificados publicamente confiáveis, você poderá pular esta etapa e remover os valores das configurações do spec.backup.s3Stores.customCertificateSecretRefs e spec.backup.s3OpLogStores.customCertificateSecretRefs .

1 kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" -n "${OM_NAMESPACE}" create secret generic s3-access-secret \
2   --from-literal=accessKey="${S3_ACCESS_KEY}" \
3   --from-literal=secretKey="${S3_SECRET_KEY}"
4 
5 # minio TLS secrets are signed with the default k8s root CA
6 kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" -n "${OM_NAMESPACE}" create secret generic s3-ca-cert \
7   --from-literal=ca.crt="$(kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" -n kube-system get configmap kube-root-ca.crt -o jsonpath="{.data.ca\.crt}")"

Redistribua o MongoDB Ops Manager com o backup ativado.

O Kubernetes Operator pode configurar e distribuir todos os componentes, o aplicativo MongoDB Ops Manager , as instâncias do Backup Daemon e os nós do conjunto de réplicas do aplicativo de banco de dados em qualquer combinação em qualquer cluster de membros para os quais você configure o Kubernetes Operator.

Para ilustrar a flexibilidade da configuração de implantação de cluster multi-Kubernetes, implemente apenas uma instância do Backup Daemon no cluster do terceiro membro e especifique zero membros do Backup Daemon para o primeiro e o segundo cluster.

1 kubectl apply --context "${K8S_CLUSTER_0_CONTEXT_NAME}" -n "${OM_NAMESPACE}" -f - <<EOF
2 apiVersion: mongodb.com/v1
3 kind: MongoDBOpsManager
4 metadata:
5   name: om
6 spec:
7   topology: MultiCluster
8   version: "${OPS_MANAGER_VERSION}"
9   adminCredentials: om-admin-user-credentials
10   externalConnectivity:
11     type: LoadBalancer
12   security:
13     certsSecretPrefix: cert-prefix
14     tls:
15       ca: ca-issuer
16   clusterSpecList:
17     - clusterName: "${K8S_CLUSTER_0_CONTEXT_NAME}"
18       members: 1
19       backup:
20         members: 0
21     - clusterName: "${K8S_CLUSTER_1_CONTEXT_NAME}"
22       members: 1
23       backup:
24         members: 0
25     - clusterName: "${K8S_CLUSTER_2_CONTEXT_NAME}"
26       members: 0
27       backup:
28         members: 1
29   applicationDatabase:
30     version: "${APPDB_VERSION}"
31     topology: MultiCluster
32     security:
33       certsSecretPrefix: cert-prefix
34       tls:
35         ca: ca-issuer
36     clusterSpecList:
37       - clusterName: "${K8S_CLUSTER_0_CONTEXT_NAME}"
38         members: 3
39       - clusterName: "${K8S_CLUSTER_1_CONTEXT_NAME}"
40         members: 2
41   backup:
42     enabled: true
43     s3Stores:
44       - name: my-s3-block-store
45         s3SecretRef:
46           name: "s3-access-secret"
47         pathStyleAccessEnabled: true
48         s3BucketEndpoint: "${S3_ENDPOINT}"
49         s3BucketName: "${S3_SNAPSHOT_BUCKET_NAME}"
50         customCertificateSecretRefs:
51           - name: s3-ca-cert
52             key: ca.crt
53     s3OpLogStores:
54       - name: my-s3-oplog-store
55         s3SecretRef:
56           name: "s3-access-secret"
57         s3BucketEndpoint: "${S3_ENDPOINT}"
58         s3BucketName: "${S3_OPLOG_BUCKET_NAME}"
59         pathStyleAccessEnabled: true
60         customCertificateSecretRefs:
61           - name: s3-ca-cert
62             key: ca.crt
63 EOF

Aguarde até que o operador Kubernetes termine sua configuração:

1 echo; echo "Waiting for Backup to reach Running phase..."
2 kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" -n "${OM_NAMESPACE}" wait --for=jsonpath='{.status.backup.phase}'=Running opsmanager/om --timeout=1200s
3 echo "Waiting for Application Database to reach Running phase..."
4 kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" -n "${OM_NAMESPACE}" wait --for=jsonpath='{.status.applicationDatabase.phase}'=Running opsmanager/om --timeout=600s
5 echo; echo "Waiting for Ops Manager to reach Running phase..."
6 kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" -n "${OM_NAMESPACE}" wait --for=jsonpath='{.status.opsManager.phase}'=Running opsmanager/om --timeout=600s
7 echo; echo "MongoDBOpsManager resource"
8 kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" -n "${OM_NAMESPACE}" get opsmanager/om
9 echo; echo "Pods running in cluster ${K8S_CLUSTER_0_CONTEXT_NAME}"
10 kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" -n "${OM_NAMESPACE}" get pods
11 echo; echo "Pods running in cluster ${K8S_CLUSTER_1_CONTEXT_NAME}"
12 kubectl --context "${K8S_CLUSTER_1_CONTEXT_NAME}" -n "${OM_NAMESPACE}" get pods
13 echo; echo "Pods running in cluster ${K8S_CLUSTER_2_CONTEXT_NAME}"
14 kubectl --context "${K8S_CLUSTER_2_CONTEXT_NAME}" -n "${OM_NAMESPACE}" get pods

1 Waiting for Backup to reach Running phase...
2 mongodbopsmanager.mongodb.com/om condition met
3 Waiting for Application Database to reach Running phase...
4 mongodbopsmanager.mongodb.com/om condition met
5 
6 Waiting for Ops Manager to reach Running phase...
7 mongodbopsmanager.mongodb.com/om condition met
8 
9 MongoDBOpsManager resource
10 NAME   REPLICAS   VERSION   STATE (OPSMANAGER)   STATE (APPDB)   STATE (BACKUP)   AGE   WARNINGS
11 om                8.0.5     Running              Running         Running          23m   
12 
13 Pods running in cluster gke_scratch-kubernetes-team_europe-central2-a_k8s-mdb-0-682f2df6e1745e000788a1d5-24552
14 NAME        READY   STATUS    RESTARTS   AGE
15 om-0-0      2/2     Running   0          5m46s
16 om-db-0-0   4/4     Running   0          11m
17 om-db-0-1   4/4     Running   0          13m
18 om-db-0-2   4/4     Running   0          15m
19 
20 Pods running in cluster gke_scratch-kubernetes-team_europe-central2-b_k8s-mdb-1-682f2df6e1745e000788a1d5-24552
21 NAME        READY   STATUS    RESTARTS   AGE
22 om-1-0      2/2     Running   0          6m17s
23 om-db-1-0   4/4     Running   0          10m
24 om-db-1-1   4/4     Running   0          8m24s
25 
26 Pods running in cluster gke_scratch-kubernetes-team_europe-central2-c_k8s-mdb-2-682f2df6e1745e000788a1d5-24552
27 NAME                   READY   STATUS    RESTARTS   AGE
28 om-2-backup-daemon-0   2/2     Running   0          2m31s

Criar credenciais para o Operador Kubernetes.

Para configurar as credenciais, você deve criar uma organização do Ops Manager, gerar chaves de API programáticas na interface do usuário do Ops Manager e criar um segredo com o IP do Load Balancer. Consulte Criar Credenciais para o Operador Kubernetes para saber mais.

Voltar

Implemente o operador

Conjuntos de réplicas em vários clusters

1	kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" --namespace "${OM_NAMESPACE}" create secret generic om-admin-user-credentials \
2	--from-literal=Username="admin" \
3	--from-literal=Password="Passw0rd@" \
4	--from-literal=FirstName="Jane" \
5	--from-literal=LastName="Doe"

1	kubectl apply --context "${K8S_CLUSTER_0_CONTEXT_NAME}" -n "${OM_NAMESPACE}" -f - <<EOF
2	apiVersion: mongodb.com/v1
3	kind: MongoDBOpsManager
4	metadata:
5	name: om
6	spec:
7	topology: MultiCluster
8	version: "${OPS_MANAGER_VERSION}"
9	adminCredentials: om-admin-user-credentials
10	externalConnectivity:
11	type: LoadBalancer
12	security:
13	certsSecretPrefix: cert-prefix
14	tls:
15	ca: ca-issuer
16	clusterSpecList:
17	- clusterName: "${K8S_CLUSTER_0_CONTEXT_NAME}"
18	members: 1
19	applicationDatabase:
20	version: "${APPDB_VERSION}"
21	topology: MultiCluster
22	security:
23	certsSecretPrefix: cert-prefix
24	tls:
25	ca: ca-issuer
26	clusterSpecList:
27	- clusterName: "${K8S_CLUSTER_0_CONTEXT_NAME}"
28	members: 3
29	backup:
30	enabled: false
31	EOF

1	echo "Waiting for Application Database to reach Pending phase..."
2	kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" -n "${OM_NAMESPACE}" wait --for=jsonpath='{.status.applicationDatabase.phase}'=Pending opsmanager/om --timeout=30s

1	Waiting for Application Database to reach Pending phase...
2	mongodbopsmanager.mongodb.com/om condition met

1	echo "Waiting for Application Database to reach Running phase..."
2	kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" -n "${OM_NAMESPACE}" wait --for=jsonpath='{.status.applicationDatabase.phase}'=Running opsmanager/om --timeout=900s
3	echo; echo "Waiting for Ops Manager to reach Running phase..."
4	kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" -n "${OM_NAMESPACE}" wait --for=jsonpath='{.status.opsManager.phase}'=Running opsmanager/om --timeout=900s
5	echo; echo "MongoDBOpsManager resource"
6	kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" -n "${OM_NAMESPACE}" get opsmanager/om
7	echo; echo "Pods running in cluster ${K8S_CLUSTER_0_CONTEXT_NAME}"
8	kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" -n "${OM_NAMESPACE}" get pods
9	echo; echo "Pods running in cluster ${K8S_CLUSTER_1_CONTEXT_NAME}"
10	kubectl --context "${K8S_CLUSTER_1_CONTEXT_NAME}" -n "${OM_NAMESPACE}" get pods

1	Waiting for Application Database to reach Running phase...
2	mongodbopsmanager.mongodb.com/om condition met
3
4	Waiting for Ops Manager to reach Running phase...
5	mongodbopsmanager.mongodb.com/om condition met
6
7	MongoDBOpsManager resource
8	NAME REPLICAS VERSION STATE (OPSMANAGER) STATE (APPDB) STATE (BACKUP) AGE WARNINGS
9	om 8.0.5 Running Running Disabled 12m
10
11	Pods running in cluster gke_scratch-kubernetes-team_europe-central2-a_k8s-mdb-0-682f2df6e1745e000788a1d5-24552
12	NAME READY STATUS RESTARTS AGE
13	om-0-0 2/2 Running 0 9m41s
14	om-db-0-0 4/4 Running 0 51s
15	om-db-0-1 4/4 Running 0 2m25s
16	om-db-0-2 4/4 Running 0 4m16s
17
18	Pods running in cluster gke_scratch-kubernetes-team_europe-central2-b_k8s-mdb-1-682f2df6e1745e000788a1d5-24552

1	echo "Waiting for Application Database to reach Pending phase..."
2	kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" -n "${OM_NAMESPACE}" wait --for=jsonpath='{.status.applicationDatabase.phase}'=Pending opsmanager/om --timeout=30s
3
4	echo "Waiting for Ops Manager to reach Pending phase..."
5	kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" -n "${OM_NAMESPACE}" wait --for=jsonpath='{.status.opsManager.phase}'=Pending opsmanager/om --timeout=600s

1	Waiting for Application Database to reach Pending phase...
2	mongodbopsmanager.mongodb.com/om condition met
3	Waiting for Ops Manager to reach Pending phase...
4	mongodbopsmanager.mongodb.com/om condition met

1	kubectl kustomize "github.com/minio/operator/resources/?timeout=120&ref=v5.0.12" \| \
2	kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" apply -f -
3
4	kubectl kustomize "github.com/minio/operator/examples/kustomization/tenant-tiny?timeout=120&ref=v5.0.12" \| \
5	kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" apply -f -
6
7	# add two buckets to the tenant config
8	kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" -n "tenant-tiny" patch tenant/myminio \
9	--type='json' \
10	-p="[{\"op\": \"add\", \"path\": \"/spec/buckets\", \"value\": [{\"name\": \"${S3_OPLOG_BUCKET_NAME}\"}, {\"name\": \"${S3_SNAPSHOT_BUCKET_NAME}\"}]}]"
11
12	kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" label namespace "tenant-tiny" istio-injection=enabled --overwrite

1	kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" -n "${OM_NAMESPACE}" create secret generic s3-access-secret \
2	--from-literal=accessKey="${S3_ACCESS_KEY}" \
3	--from-literal=secretKey="${S3_SECRET_KEY}"
4
5	# minio TLS secrets are signed with the default k8s root CA
6	kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" -n "${OM_NAMESPACE}" create secret generic s3-ca-cert \
7	--from-literal=ca.crt="$(kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" -n kube-system get configmap kube-root-ca.crt -o jsonpath="{.data.ca\.crt}")"

1	echo; echo "Waiting for Backup to reach Running phase..."
2	kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" -n "${OM_NAMESPACE}" wait --for=jsonpath='{.status.backup.phase}'=Running opsmanager/om --timeout=1200s
3	echo "Waiting for Application Database to reach Running phase..."
4	kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" -n "${OM_NAMESPACE}" wait --for=jsonpath='{.status.applicationDatabase.phase}'=Running opsmanager/om --timeout=600s
5	echo; echo "Waiting for Ops Manager to reach Running phase..."
6	kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" -n "${OM_NAMESPACE}" wait --for=jsonpath='{.status.opsManager.phase}'=Running opsmanager/om --timeout=600s
7	echo; echo "MongoDBOpsManager resource"
8	kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" -n "${OM_NAMESPACE}" get opsmanager/om
9	echo; echo "Pods running in cluster ${K8S_CLUSTER_0_CONTEXT_NAME}"
10	kubectl --context "${K8S_CLUSTER_0_CONTEXT_NAME}" -n "${OM_NAMESPACE}" get pods
11	echo; echo "Pods running in cluster ${K8S_CLUSTER_1_CONTEXT_NAME}"
12	kubectl --context "${K8S_CLUSTER_1_CONTEXT_NAME}" -n "${OM_NAMESPACE}" get pods
13	echo; echo "Pods running in cluster ${K8S_CLUSTER_2_CONTEXT_NAME}"
14	kubectl --context "${K8S_CLUSTER_2_CONTEXT_NAME}" -n "${OM_NAMESPACE}" get pods

1	Waiting for Backup to reach Running phase...
2	mongodbopsmanager.mongodb.com/om condition met
3	Waiting for Application Database to reach Running phase...
4	mongodbopsmanager.mongodb.com/om condition met
5
6	Waiting for Ops Manager to reach Running phase...
7	mongodbopsmanager.mongodb.com/om condition met
8
9	MongoDBOpsManager resource
10	NAME REPLICAS VERSION STATE (OPSMANAGER) STATE (APPDB) STATE (BACKUP) AGE WARNINGS
11	om 8.0.5 Running Running Running 23m
12
13	Pods running in cluster gke_scratch-kubernetes-team_europe-central2-a_k8s-mdb-0-682f2df6e1745e000788a1d5-24552
14	NAME READY STATUS RESTARTS AGE
15	om-0-0 2/2 Running 0 5m46s
16	om-db-0-0 4/4 Running 0 11m
17	om-db-0-1 4/4 Running 0 13m
18	om-db-0-2 4/4 Running 0 15m
19
20	Pods running in cluster gke_scratch-kubernetes-team_europe-central2-b_k8s-mdb-1-682f2df6e1745e000788a1d5-24552
21	NAME READY STATUS RESTARTS AGE
22	om-1-0 2/2 Running 0 6m17s
23	om-db-1-0 4/4 Running 0 10m
24	om-db-1-1 4/4 Running 0 8m24s
25
26	Pods running in cluster gke_scratch-kubernetes-team_europe-central2-c_k8s-mdb-2-682f2df6e1745e000788a1d5-24552
27	NAME READY STATUS RESTARTS AGE
28	om-2-backup-daemon-0 2/2 Running 0 2m31s