ItayZviCohen/mongodb-operator-replicaset-deploy

Folders and files

Name		Name	Last commit message	Last commit date
Latest commit History 52 Commits
awx		awx
group_vars/all		group_vars/all
roles		roles
samples		samples
LICENSE		LICENSE
README.md		README.md
deploy.yml		deploy.yml
ops_manager_user.yml		ops_manager_user.yml
requirements.txt		requirements.txt

Repository files navigation

mongodb-operator-replicaset-deploy

An Ansible playbook for deploying and patching a MongoDB replicaset via the MongoDB kubernetes operator.

Getting Started

git clone git@github.com:ItayZviCohen/mongodb-operator-replicaset-deploy.git
cd mongodb-operator-replicaset-deploy
pip install requirements.txt
ansible-playbook deploy.yml -e "k8s_source_ip_cidr='<cidr of the cluster source ip>' ops_manager_url='<Ops Manager/Cloud manager URL>' k8s_api_url='<kuberneets api server URL>' k8s_namespace='<kubernetes namespace>' mongodb_replicaset_name='<replcaset's name>' ops_manager_admin_public_key='<Ops manager/Cloud manager global public api key>' ops_manager_admin_private_key='<Ops manager/ Cloud Manager global private api key' k8s_api_key='<kubernetes api bearer token>' [mongodb_replicaset_members='3' mongodb_replicaset_version='4.2.2-ent']"

Prerequisites

Kubernetes:

A kubernetes cluster.
A MongoDB kubernetes operator installed with cluster-wide topology.
A MongoDB Ops Manager or a Cloud Manager instance.

On the Ansible Runner:

Packages:

ansible >= 2.9

Python: See requirements.txt for exact dependencies.

AWX Integration

Create a container group with this pod configuration:

apiVersion: v1
kind: Pod
metadata:
 namespace: default
spec:
 containers:
 - image: itayzvicohen/awx-container-group:latest
 tty: true
 stdin: true
 args:
 - sleep
 - infinity

Hashicorp Vault Integration

This playbook integrates Hashicorp Vault's kv2 secret engine. All the secret variables need to be stored in one secret like so:

<Kv2 secret engine>
└── <secret name>
 ├── k8s_api_key
 ├── ops_manager_admin_public_key
 └── ops_manager_admin_private_key

Note: All the keys inside your secret need to be identical to the ones in this diagram.

Now, when calling the playbook, do not pass the above variables as extra-vars. Instead, supply the following parameters:

Name	Type	Description
hashi_vault_secret_engine	string	The name of your secret engine
hashi_vault_secret_name	string	The name/path of your secret (Example: mongodb-vars or databases/mongodb)
hashi_vault_secret_token	string	A token for Vault authentication
hashi_vault_secret_url	string	The full url of your Vault (Example: https://vault.example.com:8200)

Built With

Ansible - Configuration management tool

Authors

Itay Zvi Cohen - Initial work - ItayZviCohen

License

This project is licensed under the MIT License - see the LICENSE.md file for details

About

Deploy and patch MongoDB through the MongoDB Kubernetes operator

Releases

No releases published

Packages

No packages published

Languages

Dockerfile 100.0%

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

License

Uh oh!

ItayZviCohen/mongodb-operator-replicaset-deploy

Folders and files

Latest commit

History

Repository files navigation

mongodb-operator-replicaset-deploy

Getting Started

Prerequisites

AWX Integration

Hashicorp Vault Integration

Built With

Authors

License

About

Topics

Resources

License

Uh oh!

Stars

Watchers

Forks

Releases

Packages

Uh oh!

Languages

License

ItayZviCohen/mongodb-operator-replicaset-deploy

Folders and files

Latest commit

History

Repository files navigation

mongodb-operator-replicaset-deploy

Getting Started

Prerequisites

AWX Integration

Hashicorp Vault Integration

Built With

Authors

License

About

Topics

Resources

License

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Uh oh!

Languages

Packages