MongoDB Kubernetes operator and MongoDB Open Service Broker are ready for production operations. Learn about how MongoDB can be used with the most popular container orchestration platform, Kubernetes, and bring self-service, persistent storage to your containerized applications. A demo will show you how easy it is to enable MongoDB clusters as an External Service using the Open Service Broker API for MongoDB

1. @
#MDBlocal
Using MongoDB Services in
Kubernetes:
any platform, development or production
johndohoney

2. Agenda
MongoDB Kubernetes Support

3. Kubernetes Overview and
Supporting Toolchain

4. #MDBLocal
Kubernetes Control Plane

5. #MDBLocal
Kubernetes Overview
eksctl create cluster
--name myKubeCluster
--version 1.14
--nodegroup-name standard-workers
--node-type t3.xlarge
--nodes 3
https://eksctl.io/
HA in one command !

6. #MDBLocal
Helm Architecture
Helm 2 - Package Manager for Kubernetes
(Helm 3 is in Beta – “No Tiller”)
● https://helm.sh/ Do not use Helm charts with MongoDB Kubernetes Operator as
upgrades are more complicated with the Helm client
Package Manager for Kubernetes - A useful tool

7. #MDBLocal
Kubernetes Service Catalog
It’s Really this easy….
1. Create resources that define
your application
2. Define the MongoDB Atlas
persistence service it relies
on
3. (Done by MongoDB and
contained in Github repo:
https://github.com/mongodb/
mongodb-atlas-service-
broker )
4. Seamlessly Connect the two
The elegance of simplicity

8. #MDBLocal
Open Service Broker API

9. #MDBLocal
The service catalog translates CRD into requests to the Atlas Service
Broker, Provisions resources on your behalf, and injects the
credentials for access back into your containers
Kubernetes Service catalog
Easy Mode

10. #MDBLocal
• Kubernetes Operator are nothing more than a set of application-
specific custom controllers. Controllers have direct access to
Kubernetes API, which means they can monitor the cluster,
change pods/services, scale up/down and call endpoints of the
running applications, all according to custom rules written inside
those controllers.
• MongoDB’s Operator was created as an effort to make databases
easy to manage without locking you to a specific cloud vendor.
The operator, supports automated cluster provisioning, elastic
scalability, auto recovery, logging, monitoring, shard operations,
backup and restore through Ops/Cloud Manager.
• MongoDB Cloud Manger and Kubernetes Operators provides a
cloud-agnostic application deployment and management. The
power of both tools allow us to treat cloud providers like a
commodity, allowing seamless migration between them.
Kubernetes Operators
ü OperatorHub.io – Online
resource to Kubernetes
Operators
ü https://operatorhub.io/operator/
mongodb-enterprise

11. #MDBLocal
• A custom resource is an object that
extends the Kubernetes API or
allows you to introduce your own API
into a project or a cluster.
• A custom resource definition (CRD)
file defines your own object kinds
and lets the API Server handle the
entire lifecycle. Deploying a CRD
into the cluster causes the
Kubernetes API server to begin
serving the specified custom
resource.
CRD’s – Kubernetes Custom Resources and Custom Resource Definitions
API Definition from CDR
• /apis/<spec:group>/<spec:version>/<scope>/*/<names-plural>/...
API Proxy Stub
• /apis/mongodb.com/v1/namespaces/mongodb/mongodb/studentcluster
Repo: https://github.com/mongodb/mongodb-enterprise-kubernetes
Reference: crds.yaml

12. MongoDB Kubernetes Options

13. #MDBLocal
MongoDB Kubernetes Architectural Alternatives
Hybrid Cloud or Cloud
● MongoDb Open
Service Broker
● Cloud Manager
Best Practice -- depends on requirements
On-Premise - Air gapped
● MongoDB Kubernetes
Operator

14. #MDBLocal
MongoDB Cloud Manager
Intelligent Agents are the Key
● MongoDB Agents using
Automation on each
MongoDB host can maintain
your MongoDB deployments.
Cloud Manager
● Automation Agents can
add hosts, deploy and
upgrade new and existing
clusters.
● Same look and feel as
On-Premise MongoDB
Ops Manager
Works Anywhere – Used with MongoDB Operator

15. #MDBLocal
MongoDB Ops Manager
• Deploy and upgrade your
system. Reliably perform the tasks
that you have performed manually
in the past.
• Scale your MongoDB
application. Dynamically resize
capacity by adding shards and
replica set members
• Deliver point-in-time recovery and
scheduled backups. Restore to
any point in time.
• Monitor and get performance
alerts. Track over 100 key metrics.
• Improve Query Performance for
slow queries, recommends new
indexing strategy
For your data center - Used with
MongoDB Operator

16. #MDBLocal
MongoDB Open
Service Broker
MongoDB
Operator
On-
Premise
Or
Cloud
Hybrid
Or
Public-
Cloud
MongoDB Ops
Manager and MDB
Kubernetes
Operator
Atlas Cloud
Manager and MDB
Kubernetes
Operator
Atlas and
Kubernetes Open
Server Broker
100% Self
Manage
Y
E
S
N
O
Y
E
S
C
L
O
U
D
O
N
P
R
E
M

17. #MDBLocal
MongoDB Open Service Broker or MongoDB Operator
Considerations
● Where is the database hosted? In Kubernetes Cluster or outside of Kubernetes cluster?
● Is there time/budget for maintenance tasks, like backups, patching and scaling (up and
down)
● Pods are transient, so the likelihood of database application restarts or failovers is higher
● Databases that are storing more transient and caching layers are better fits for
Kubernetes
● Enterprise Ops Manager – You do it all, set up Automation and Backup MongoDB
Clusters, Set all configuration options, Load Balance Ops Manager GUI
● Cloud Manager – We do it, point and click “Hosted Ops Manager” – Mongo Clusters in
Kubernetes
Containerization Data layer -- finally getting traction

18. #MDBLocal
But, I can set up MongoDB Myself
● Who should own the technical debt?
● The people that wrote the database, and know the internals …
● Or, My company that has an expertise in the area of <Fill in your application Domain>
● What is businesses biggest complaint of IT/Project Management/Development
● We want it now, we want it faster (Plus we want you to read our minds – right!!!!)
● We all like to be good stewards of our companies money, but are we?
● MongoDB handles all the system maintenance, both Atlas and Cloud Manager
● Help is a support ticket call away – seriously, these people are REALLY good!
● Free is not free, Yes, it is perfect for Dev Clusters, great for experiments, great for
learning, then there are those wonderful people that love us, that we are taking time
away from, perhaps unnecessarily.
Considerations

19. Installation Walkthrough

20. #MDBLocal
#! /usr/bin/env bash
eksctl create cluster
--name service-cluster
--version 1.13
--nodegroup-name standard-workers
--node-type t3.xlarge
--nodes 3
# Get External IP – Atlas and Cloud Manager are Secure by Default
kubectl get nodes -o jsonpath='{$.items[*].status.addresses[?(@.type=="ExternalIP")].address }'
echo "Be sure to add external IPs to API Whitelist..."

21. #MDBLocal
API Secrets
● Both Open Service
Broker and Operator
Uses API Public and
Private Key
● Both Use Organization
ID
● However, format and
locations of data are
different
But they are different …

22. #MDBLocal
Open Service Broker
Installation Specific

23. #MDBLocal
#! /usr/bin/env bash
#
echo
echo "Load Tiller and Initialize helm"
echo "Load Service Catalog Repos and then load"
echo "Service Catalog into the cluster"
echo
kubectl create serviceaccount --namespace kube-system tiller
kubectl create clusterrolebinding tiller-cluster-admin
--clusterrole=cluster-admin
--serviceaccount=kube-system:default
helm init
helm repo add svc-cat https://svc-catalog-charts.storage.googleapis.com
echo "Sleeping to wait for Tiller to start..."
sleep 20
helm install svc-cat/catalog
--name catalog --namespace catalog

24. #MDBLocal
#! /usr/bin/env bash
kubectl create namespace atlas
#
# Sanity check
kubectl get namespace
#
# Install the Atlas Open Service Broker
#
kubectl apply -f deployment-and-service.yaml -n atlas

25. #MDBLocal
#! /usr/bin/env bash
kubectl apply -f secret.yaml -n atlas
kubectl describe secrets/atlas-service-broker-auth -n atlas
apiVersion: v1
kind: Secret
metadata:
name: atlas-service-broker-auth
type: Opaque
stringData:
username: fdeadoen@5d656831c56c98173cf5dead
password: d7ef8f25-ac31-dead-9723-93463d39dead

26. #MDBLocal
#! /usr/bin/env bash
#
# Register the Atlas Open Service Broker with the Kubernetes Service Catalog
#
kubectl apply -f service-broker.yaml -n atlas
svcat get brokers -n atlas
##
# Check our Work
##
svcat describe broker atlas-service-broker -n atlas
# Deploy ReplicaSet
#
kubectl apply -f replica-set.yaml
# How is the deployment going
svcat describe instance my-atlas-cluster -n atlas

27. #MDBLocal
Service Options
ClusterServiceBroker
● An Atlas Open Service Broker instance that is registered as a ClusterServiceBroker is available to the
entire Kubernetes cluster. When you deploy a Atlas replica set or sharded cluster, you must use the
associated clusterServiceClass and clusterServicePlan resources.
ServiceBroker
● An Atlas Open Service Broker instance that is registered as a ServiceBroker is available to only a single
namespace within the Kubernetes cluster. When you deploy a Atlas replica set or sharded cluster, you
must use the serviceClass and servicePlan resources scoped to the same namespace.

28. #MDBLocal
apiVersion: servicecatalog.k8s.io/v1beta1
kind: ServiceInstance
metadata:
name: my-atlas-cluster
namespace: atlas
spec:
serviceClassExternalName: mongodb-atlas-aws
servicePlanExternalName: M30
parameters:
cluster:
providerSettings:
regionName: US_WEST_2
autoscaling:
diskGBEnabled: false
backupEnabled: true

29. #MDBLocal
#! /usr/bin/env bash
echo "Make sure your Mongo Atlas ReplicaSet has deployed"
kubectl apply -f atlas-user-test.yaml
svcat describe binding jdohoney -n atlas

30. #MDBLocal
#! /usr/bin/env bash
svcat describe instance my-atlas-cluster -n atlas
#
echo "Get User Name"
USERNAME=`kubectl get secret jdohoney -n atlas -o json | jq .data.username`
echo $USERNAME | sed 's/"//g' | base64 --decode
LUSERNAME=`echo $USERNAME | sed 's/"//g' | base64 --decode`
echo
echo "Get User Password"
PASSWORD=`kubectl get secret jdohoney -n atlas -o json | jq .data.password`
echo $PASSWORD | sed 's/"//g' | base64 --decode
echo
echo "Get mongo connection URI"
URI=`kubectl get secret jdohoney -n atlas -o json | jq .data.uri`
echo $URI | sed 's/"//g' | base64 --decode
LURI=`echo $URI | sed 's/"//g' | base64 --decode`
echo "mongo $LURI --username $LUSERNAME" | sed 's/"//g'
echo
echo "use the decoded password when prompted"
echo
echo "Connect to Compass"

31. #MDBLocal
#! /usr/bin/env bash
kubectl delete servicebindings jdohoney -n atlas
svcat describe instance jdohoney -n atlas

32. #MDBLocal
MongoDB Operator
Installation Specific

33. #MDBLocal
#! /bin/bash
# Create the namespace for your Kubernetes deployment.
kubectl create namespace mongodb
# Sanity check
kubectl get namespace
# Install the Custom Resource Definitions
kubectl apply -f ./mongodb-enterprise-kubernetes/crds.yaml
# Deploy the operator
kubectl apply -f ./mongodb-enterprise-kubernetes/mongodb-enterprise.yaml

34. #MDBLocal
#! /bin/bash
# Create Secret for OpsManager API
kubectl -n mongodb
create secret generic mongo-cloud-mgr
--from-literal="user=cdxrnetm"
--from-literal="publicApiKey=5b21f87d-5c19-4295-b87a-13569610ea06"
# Sanity Check
kubectl describe secrets/mongo-cloud-mgr -n mongodb

35. #MDBLocal
#! /bin/bash
# Tell Ops Manager your configuration
kubectl apply -f opsMgr.yaml
# Deploy the ReplicaSet Cluster
kubectl apply -f replicaset.yaml
# Track Status of ReplicaSet Deployment
kubectl get mdb studentcluster -n mongodb -o yaml -w
##
# (OPTIONAL) Create a AWS LB and a public IP to connect
kubectl expose svc studentcluster-svc --port=27017 --target-port=27017 --name=external-connect-mongo --type=LoadBalancer -n
mongodb
kubectl get svc -n mongodb

36. #MDBLocal
---
apiVersion: v1
kind: ConfigMap
metadata:
name: opsmanager-config
namespace: mongodb
data:
projectName: AWS-EKS
orgId: 5d656337f2a30db182dc3f0a
baseUrl: https://cloud.mongodb.com
---
apiVersion: mongodb.com/v1
kind: MongoDB
metadata:
name: studentcluster
namespace: mongodb
spec:
members: 3
version: 4.2.1
opsManager:
configMapRef:
name: opsmanager-config
credentials: mongo-cloud-mgr
type: ReplicaSet
persistent: true
Ops Manager ConfigMap ReplicaSet ConfigMap

37. #MDBLocal
# Connect to the Cluster
kubectl port-forward studentcluster-0 27017:27017 -n mongodb
#Import some data
mongoimport --host 127.0.0.1 --db clients --collection cases <
sampleData/client_cases.json

38. #MDBLocal
• Open Service Broker Configuration
• https://github.com/johndohoneyjr/MongoDB-DOT-Local-Open-Service-Broker
• MongoDB Operator Configuration
• https://github.com/johndohoneyjr/AWS-MongoDB-Kubernetes-Operator-Demo
• Atlas Service Broker - Documentation Pages
• https://docs.mongodb.com/atlas-open-service-broker/current/
• MongoDB Enterprise Kubernetes Operator
• https://docs.mongodb.com/kubernetes-operator/stable/
Resources

39. #MDBlocal
Every session you rate enters you into a drawing for a
$200 gift card and TWO passes to MongoDB World 2020!
Using MongoDB Services in
Kubernetes: Any Platform
https://www.surveymonkey.com/r/QRCJHVP

40. THANK YOU