Skip to content

ItayZviCohen/mongodb-operator-replicaset-deploy

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

52 Commits
awx
awx
 
 
group_vars/all
group_vars/all
 
 
roles
roles
 
 
samples
samples
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
deploy.yml
deploy.yml
 
 
ops_manager_user.yml
ops_manager_user.yml
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

mongodb-operator-replicaset-deploy

An Ansible playbook for deploying and patching a MongoDB replicaset via the MongoDB kubernetes operator.

Getting Started

git clone git@github.com:ItayZviCohen/mongodb-operator-replicaset-deploy.git

cd mongodb-operator-replicaset-deploy

pip install requirements.txt

ansible-playbook deploy.yml -e "k8s_source_ip_cidr='<cidr of the cluster source ip>' ops_manager_url='<Ops Manager/Cloud manager URL>' k8s_api_url='<kuberneets api server URL>' k8s_namespace='<kubernetes namespace>' mongodb_replicaset_name='<replcaset's name>' ops_manager_admin_public_key='<Ops manager/Cloud manager global public api key>' ops_manager_admin_private_key='<Ops manager/ Cloud Manager global private api key' k8s_api_key='<kubernetes api bearer token>' [mongodb_replicaset_members='3' mongodb_replicaset_version='4.2.2-ent']"

Prerequisites

Kubernetes:

On the Ansible Runner:

Packages:

  • ansible >= 2.9

Python: See requirements.txt for exact dependencies.

AWX Integration

Create a container group with this pod configuration:

apiVersion: v1
kind: Pod
metadata:
  namespace: default
spec:
  containers:
    - image: itayzvicohen/awx-container-group:latest
      tty: true
      stdin: true
      args:
        - sleep
        - infinity

Hashicorp Vault Integration

This playbook integrates Hashicorp Vault's kv2 secret engine. All the secret variables need to be stored in one secret like so:

<Kv2 secret engine>
└── <secret name>
    ├── k8s_api_key
    ├── ops_manager_admin_public_key
    └── ops_manager_admin_private_key

Note: All the keys inside your secret need to be identical to the ones in this diagram.

Now, when calling the playbook, do not pass the above variables as extra-vars. Instead, supply the following parameters:

Name Type Description
hashi_vault_secret_engine string The name of your secret engine
hashi_vault_secret_name string The name/path of your secret (Example: mongodb-vars or databases/mongodb)
hashi_vault_secret_token string A token for Vault authentication
hashi_vault_secret_url string The full url of your Vault (Example: https://vault.example.com:8200)

Built With

  • Ansible - Configuration management tool

Authors

License

This project is licensed under the MIT License - see the LICENSE.md file for details

About

Deploy and patch MongoDB through the MongoDB Kubernetes operator

Topics

kubernetes ansible automation mongodb openshift kubernetes-operator openshift-ansible kubernetes-ansible mongodb-operator

Resources

Readme

License

MIT license
Activity

Stars

6 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages