cdk8s-mongo-sts
v0.0.8
Published
Create a Replicated, Password protected MongoDB Statefulset on Kubernetes, powered by the [cdk8s project](https://cdk8s.io) ๐
Downloads
6
Readme
cdk8s-mongo-sts
Create a Replicated, Password protected MongoDB Statefulset on Kubernetes, powered by the cdk8s project ๐
Disclaimer
This construct is under heavy development, and breaking changes will be introduced very often. Please don't forget to version lock your code if you are using this construct.
Overview
cdk8s-mongo-sts is a cdk8s library, and also uses cvallance/mongo-k8s-sidecar to manage the MongoDB replicaset.
import { Construct } from 'constructs';
import { App, Chart, ChartProps } from 'cdk8s';
import { MyMongo } from 'cdk8s-mongo-sts';
export class MyChart extends Chart {
constructor(scope: Construct, id: string, props: ChartProps = { }) {
super(scope, id, props);
new MyMongo(this, 'dev', {
image: 'mongo',
namespace: 'databases',
defaultReplicas: 3,
volumeSize: '10Gi',
createStorageClass: true,
volumeProvisioner: 'kubernetes.io/aws-ebs',
storageClassName: "io1-slow",
storageClassParams: {
type: 'io1',
fsType: 'ext4',
iopsPerGB: "10",
},
nodeSelectorParams: {
database: "dev",
},
});
}
}
const app = new App();
new MyChart(app, 'asd');
app.synth();
Create a secret for your DB that starts with the same name as your Statefulset with the following keys :
username
password
See this for documentation on Kubernetes secrets.
Then the Kubernetes manifests created by cdk8s synth
command will have Kubernetes resources such as Statefulset
, Service
, ClusterRole
, ClusterRoleBinding
, ServiceAccount
, and StorageClass
as follows.
allowVolumeExpansion: true
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: io1-slow
parameters:
fsType: ext4
type: io1
iopsPerGB: "10"
provisioner: kubernetes.io/aws-ebs
reclaimPolicy: Retain
---
apiVersion: v1
kind: Service
metadata:
name: dev
namespace: databases
spec:
clusterIP: None
ports:
- port: 27017
targetPort: 27017
selector:
db: dev
type: ClusterIP
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: get-pods-role
namespace: databases
rules:
- apiGroups:
- "*"
resources:
- pods
verbs:
- list
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: dev
namespace: databases
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: dev
namespace: databases
roleRef:
apiGroup: ""
kind: ClusterRole
name: get-pods-role
subjects:
- kind: ServiceAccount
name: dev
namespace: databases
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: dev
namespace: databases
spec:
replicas: 3
selector:
matchLabels:
db: dev
serviceName: dev
template:
metadata:
labels:
db: dev
spec:
containers:
- env:
- name: MONGO_SIDECAR_POD_LABELS
value: db=dev
- name: KUBE_NAMESPACE
value: databases
- name: MONGODB_DATABASE
value: admin
- name: MONGODB_USERNAME
valueFrom:
secretKeyRef:
key: username
name: dev
- name: MONGODB_PASSWORD
valueFrom:
secretKeyRef:
key: password
name: dev
image: cvallance/mongo-k8s-sidecar
name: mongo-sidecar
- args:
- --replSet
- rs0
- --bind_ip
- 0.0.0.0
- --dbpath
- /data/db
- --oplogSize
- "128"
env:
- name: MONGO_INITDB_ROOT_USERNAME
valueFrom:
secretKeyRef:
key: username
name: dev
- name: MONGO_INITDB_ROOT_PASSWORD
valueFrom:
secretKeyRef:
key: password
name: dev
image: mongo
name: dev
ports:
- containerPort: 27017
resources:
limits:
cpu: 400m
memory: 512Mi
requests:
cpu: 200m
memory: 256Mi
volumeMounts:
- mountPath: /data/db
name: dev
nodeSelector:
database: dev
securityContext:
fsGroup: 999
runAsGroup: 999
runAsUser: 999
serviceAccountName: dev
terminationGracePeriodSeconds: 10
volumeClaimTemplates:
- metadata:
name: dev
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
storageClassName: io1-slow
Installation
TypeScript
Use npm
or yarn
to install.
$ npm install -s cdk8s-mongo-sts
or
$ yarn add cdk8s-mongo-sts
Python
$ pip install cdk8s-mongo-sts
Contribution
Fork (https://github.com/Hunter-Thompson/cdk8s-mongo-sts/fork)
Bootstrap the repo:
npx projen # generates package.json yarn install # installs dependencies
Development scripts: |Command|Description |-|- |
yarn compile
|Compiles typescript => javascript |yarn watch
|Watch & compile |yarn test
|Run unit test & linter through jest |yarn test -u
|Update jest snapshots |yarn run package
|Creates adist
with packages for all languages. |yarn build
|Compile + test + package |yarn bump
|Bump version (with changelog) based on [conventional commits] |yarn release
|Bump + push tomaster
Create a feature branch
Commit your changes
Rebase your local changes against the master branch
Create a new Pull Request (use conventional commits for the title please)