Running MongoDB Ops Manager in Kubernetes | MongoDB Blog


Recently we announced the ability to deploy Ops Manager in Kubernetes. Now we’re back to show you how, step by step. This tutorial is your guide to configuring Ops Manager in Kubernetes. We’ll take you from the installation and configuration of a MongoDBOpsManager resource to working directly with MongoDB clusters.

Install the MongoDB Enterprise Kubernetes Operator

The MongoDB Enterprise Kubernetes Operator, or simply the Operator, manages typical lifecycle events for a MongoDB Kubernetes resource: provisioning storage and stateful sets, configuring network connections, setting up users, and changing these settings as needed. It accomplishes this using the Kubernetes API and MongoDB Ops Manager. The Operator will use Ops Manager to manage MongoDB clusters.

Operator 1.4.0 or higher installs MongoDB Ops Manager in Kubernetes clusters. You’ll need cluster admin privileges to perform this installation. Ensure sufficient cluster capacity as both Ops Manager and the Backup Daemon require 5GB each. We recommend using an external cluster instead of a local one (Minikube/Kind). For more information, refer to the documentation.

  1. Create a namespace for your Kubernetes deployment. By default, the Kubernetes Operator uses the mongodb namespace.
kubectl create namespace mongodb
  1. Create Custom Resource Definitions for MongoDB, MongoDBUser and MongoDBOpsManager (cluster admin permissions required):
kubectl apply -f https://raw.githubusercontent.com/mongodb/mongodb-enterprise-kubernetes/master/crds.yaml
  1. Create MongoDB Enterprise Operator with necessary Kubernetes objects:
kubectl apply -f https://raw.githubusercontent.com/mongodb/mongodb-enterprise-kubernetes/master/mongodb-enterprise.yaml

Create a MongoDBOpsManager resource

After you install the Operator you can deploy an Ops Manager instance. This requires three steps:

  1. Create the secret which will contain the registration information for the admin user that will be created in Ops Manager by the Operator:
 kubectl create secret generic ops-manager-admin-secret --from-literal=Username="jane.doe@example.com" --from-literal=Password="Passw0rd." --from-literal=FirstName="Jane" --from-literal=LastName="Doe" -n mongodb
  1. Create the configuration file ops-manager.yaml for the MongoDBOpsManager resource:
apiVersion: mongodb.com/v1
kind: MongoDBOpsManager
metadata: name: ops-manager namespace: mongodb
spec: # the version of Ops Manager distro to use version: 4.2.4 # the name of the secret containing admin user credentials. adminCredentials: ops-manager-admin-secret externalConnectivity: type: LoadBalancer # the Replica Set backing Ops Manager. # appDB has the SCRAM-SHA authentication mode always enabled applicationDatabase: members: 3 version: 4.2.2
  1. Next, apply it to Kubernetes cluster:
kubectl apply -f ops-manager.yaml

The Operator will first create a Replica Set of specified size (3) which would serve as a backing database for Ops Manager. Then it will create a statefulset for Ops Manager consisting of a single pod running the Ops Manager web server. Finally, the Operator will start another statefulset of size 1 for Ops Manager Backup Daemon and will perform basic configuration for it (provisioning a persistent volume for a HeadDB which is used for backing up MongoDB versions less than 4.2). At this stage, the backup is not configured completely — this will be done in the next steps.

Make sure the Ops Manager resource gets to the “Running” phase. Wait ~5 minutes to start it the first time:

kubectl get om -n mongodb
NAME REPLICAS VERSION VERSION (DB) STATE STATE (DB) AGE
ops-manager 1 4.2.4 4.2.2 Running Running 13m
  1. Open your Ops Manager application in a browser to complete configuration. Locate the URL of the LoadBalancer service which was created by the Operator.

Note: LoadBalancer services must be supported by the cloud provider running the Kubernetes cluster. If you run the Kubernetes cluster locally, this type of service may not be supported so it’s possible to change the spec.externalConnectivity.type to NodePort

kubectl get svc ops-manager-svc-ext -o jsonpath='{.status.loadBalancer.ingress[0].hostname}' -n mongodb A5feeb81aere042bda0fc1bda0a77975-38586691.eu-west-1.elb.amazonaws.com

You may need to wait for some time until the DNS gets populated for the Load Balancer address.

  1. Open the link http://<elb-url>:8080 in your browser. Login to Ops Manager using the credentials you specified in the secret created and pass the wizard steps to finish Ops Manager configuration. You’ll reach the admin page.

  1. Remove the secret ‘ops-manager-admin-secret’. It won’t be used by the Operator anymore.
kubectl delete secret ops-manager-admin-secret -n mongodb

Create a MongoDB replica set

Now we’ll create a MongoDB Custom Resource in the Kubernetes cluster referencing the newly created Ops Manager.

Follow the standard steps to create a new user with the ProjectOwner role and generate a public API key. Visit the documentation for assistance. For the sake of simplicity, we’ll use the existing admin account to generate a public API key:

  1. Open the Ops Manager application. In the UI, generate a new API key by selecting: “UserName -> Account -> Public API Access”

"Account Settings"

  1. Use this key to create a Secret to store Ops Manager credentials:
kubectl create secret generic om-jane-doe-credentials --from-literal="user=jane.doe@example.com" --from-literal="publicApiKey=<publicKey>" -n mongodb
  1. Create a ConfigMap describing the connection to the Ops Manager application. You can use “status.opsmanager.url” to get the value for “baseUrl”:
kubectl get om ops-manager -o jsonpath='{.status.opsManager.url}' http://ops-manager-svc.mongodb.svc.cluster.local:8080 kubectl create configmap ops-manager-connection --from-literal="baseUrl=http://ops-manager-svc.mongodb.svc.cluster.local:8080" -n mongodb

If you don’t specify the “projectName” field in the ConfigMap, the name of the MongoDB resource will be used as the name of the project which will be created in Ops Manager.

  1. Create the file replica-set.yaml describing the MongoDB resource:
apiVersion: mongodb.com/v1
kind: MongoDB
metadata: name: my-replica-set namespace: mongodb
spec: members: 3 version: 4.2.2-ent type: ReplicaSet opsManager: configMapRef: name: ops-manager-connection credentials: om-jane-doe-credentials

Apply it to the Kubernetes cluster:

kubectl apply -f replica-set.yaml

Wait until the resource enters the Running state:

kubectl get mdb -n mongodb -w
NAME TYPE STATE VERSION AGE
my-replica-set ReplicaSet Running 4.2.2-ent 12m

Now the replica set is shown in the Ops Manager UI where it’s possible to monitor, configure alerts and backup. A backup requires additional Ops Manager configuration described later.

"Ops Manager UI"

Still interested? Get a deep dive on all things Ops Manager in our Part 2 post! Learn about how to backup Ops Manager, configure it for high availability, set up SCRAM and get an inside look at the architecture behind the MongoDB Enterprise Kubernetes Operator.