Skip to content

Latest commit

 

History

History
323 lines (304 loc) · 80.4 KB

README.md

File metadata and controls

323 lines (304 loc) · 80.4 KB

Percona Server for MongoDB

This chart deploys Percona Server for MongoDB Cluster on Kubernetes controlled by Percona Operator for MongoDB.

Useful links:

Pre-requisites

  • Percona Operator for MongoDB running in your Kubernetes cluster. See installation details here or in the Operator Documentation.
  • Kubernetes 1.28+
  • Helm v3

Chart Details

This chart will deploy Percona Server for MongoDB Cluster in Kubernetes. It will create a Custom Resource, and the Operator will trigger the creation of corresponding Kubernetes primitives: StatefulSets, Pods, Secrets, etc.

Installing the Chart

To install the chart with the psmdb release name using a dedicated namespace (recommended):

helm repo add percona https://percona.github.io/percona-helm-charts/
helm install my-db percona/psmdb-db --version 1.18.0 --namespace my-namespace

The chart can be customized using the following configurable parameters:

Parameter Description Default
crVersion CR Cluster Manifest version 1.18.0
pause Stop PSMDB Database safely false
unmanaged Start cluster and don't manage it (cross cluster replication) false
enableVolumeExpansion Allows to resize PersistentVolumeClaims by changing .volumeSpec.persistentVolumeClaim.resources field false
unsafeFlags.tls Allows users from configuring a cluster without TLS/SSL certificates false
unsafeFlags.replsetSize Allows users from configuring a cluster with unsafe parameters: starting it with less than 3 replica set instances or with an even number of replica set instances without additional arbiter false
unsafeFlags.mongosSize Allows users from configuring a sharded cluster with less than 3 config server Pods or less than 2 mongos Pods false
unsafeFlags.terminationGracePeriod Allows users from configuring a sharded cluster without termination grace period for replica set false
unsafeFlags.backupIfUnhealthy Allows running backup on a cluster with failed health checks false
clusterServiceDNSSuffix The (non-standard) cluster domain to be used as a suffix of the Service name ""
clusterServiceDNSMode Mode for the cluster service dns (Internal/ServiceMesh) ""
annotations PSMDB custom resource annotations {}
ignoreAnnotations The list of annotations to be ignored by the Operator []
ignoreLabels The list of labels to be ignored by the Operator []
multiCluster.enabled Enable Multi Cluster Services (MCS) cluster mode false
multiCluster.DNSSuffix The cluster domain to be used as a suffix for multi-cluster Services used by Kubernetes ""
updateStrategy Regulates the way how PSMDB Cluster Pods will be updated after setting a new image SmartUpdate
upgradeOptions.versionServiceEndpoint Endpoint for actual PSMDB Versions provider https://check.percona.com/versions/
upgradeOptions.apply PSMDB image to apply from version service - recommended, latest, actual version like 4.4.2-4 disabled
upgradeOptions.schedule Cron formatted time to execute the update "0 2 * * *"
upgradeOptions.setFCV Set feature compatibility version on major upgrade false
finalizers:percona.com/delete-psmdb-pvc Set this if you want to delete database persistent volumes on cluster deletion []
finalizers:percona.com/delete-psmdb-pods-in-order Set this if you want to delete PSMDB pods in order (primary last) []
finalizers:percona.com/delete-pitr-chunks Set this if you want to delete all pitr chunks on cluster deletion []
image.repository PSMDB Container image repository percona/percona-server-mongodb
image.tag PSMDB Container image tag 7.0.14-8-multi
imagePullPolicy The policy used to update images Always
imagePullSecrets PSMDB Container pull secret []
initImage.repository Repository for custom init image ""
initImage.tag Tag for custom init image ""
initContainerSecurityContext A custom Kubernetes Security Context for a Container for the initImage {}
tls.mode Control usage of TLS (allowTLS, preferTLS, requireTLS, disabled) preferTLS
tls.certValidityDuration The validity duration of the external certificate for cert manager ""
tls.allowInvalidCertificates If enabled the mongo shell will not attempt to validate the server certificates true
tls.issuerConf.name A cert-manager issuer name ""
tls.issuerConf.kind A cert-manager issuer kind ""
tls.issuerConf.group A cert-manager issuer group ""
secrets.users The name of the Secrets object for the MongoDB users required to run the operator ""
secrets.encryptionKey Set secret for data at rest encryption key ""
secrets.keyFile Specifies a secret key file for authenticating MongoDB instances ""
secrets.vault Specifies a secret object to provide integration with HashiCorp Vault ""
secrets.ldapSecret Specifies a secret object for LDAP over TLS connection between MongoDB and OpenLDAP server ""
secrets.sse The name of the Secrets object for server side encryption credentials ""
secrets.ssl A secret with TLS certificate generated for external communications ""
secrets.sslInternal A secret with TLS certificate generated for internal communications ""
pmm.enabled Enable integration with Percona Monitoring and Management software false
pmm.image.repository PMM Container image repository percona/pmm-client
pmm.image.tag PMM Container image tag 2.43.2
pmm.serverHost PMM server related K8S service hostname monitoring-service
pmm.containerSecurityContext Set the security context for PMM container {}
pmm.resources Set resources for PMM container {}
pmm.mongodParams PMM mongod params ""
pmm.mongosParams PMM mongos params ""
replsets.rs0.name ReplicaSet name rs0
replsets.rs0.size ReplicaSet size (pod quantity) 3
replsets.rs0.terminationGracePeriodSeconds The amount of seconds Kubernetes will wait for a clean replica set Pods termination ""
replsets.rs0.externalNodes.host The URL or IP address of the external replset instance ""
replsets.rs0.externalNodes.port The port number of the external replset instance ""
replsets.rs0.externalNodes.votes The number of votes of the external replset instance ""
replsets.rs0.externalNodes.priority The priority of the external replset instance ""
replsets.rs0.configuration Custom config for mongod in replica set ""
replsets.rs0.topologySpreadConstraints Control how Pods are spread across your cluster among failure-domains such as regions, zones, nodes, and other user-defined topology domains {}
replsets.rs0.replsetOverrides Use if you need tooverride the replica set members FQDNs with custom hostnames. Each key under replsetOverrides should be name of a Pod. The Operator won’t perform any validation for hostnames, so it's the user’s responsibility to ensure connectivity {}
replsets.rs0.serviceAccountName Run replicaset Containers under specified K8S SA ""
replsets.rs0.affinity.antiAffinityTopologyKey ReplicaSet Pod affinity kubernetes.io/hostname
replsets.rs0.affinity.advanced ReplicaSet Pod advanced affinity {}
replsets.rs0.tolerations ReplicaSet Pod tolerations []
replsets.rs0.priorityClass ReplicaSet Pod priorityClassName ""
replsets.rs0.annotations ReplicaSet Pod annotations {}
replsets.rs0.labels ReplicaSet Pod labels {}
replsets.rs0.nodeSelector ReplicaSet Pod nodeSelector labels {}
replsets.rs0.livenessProbe ReplicaSet Pod livenessProbe structure {}
replsets.rs0.readinessProbe ReplicaSet Pod readinessProbe structure {}
replsets.rs0.storage Set cacheSizeRatio or other custom MongoDB storage options {}
replsets.rs0.podSecurityContext Set the security context for a Pod {}
replsets.rs0.containerSecurityContext Set the security context for a Container {}
replsets.rs0.runtimeClass ReplicaSet Pod runtimeClassName ""
replsets.rs0.sidecars ReplicaSet Pod sidecars {}
replsets.rs0.sidecarVolumes ReplicaSet Pod sidecar volumes []
replsets.rs0.sidecarPVCs ReplicaSet Pod sidecar PVCs []
replsets.rs0.podDisruptionBudget.maxUnavailable ReplicaSet failed Pods maximum quantity 1
replsets.rs0.splitHorizons External URI for Split-horizon for replica set Pods of the exposed cluster {}
replsets.rs0.expose.enabled Allow access to replicaSet from outside of Kubernetes false
replsets.rs0.expose.type Network service access point type ClusterIP
replsets.rs0.expose.loadBalancerIP Set client IP to Load Balancer ""
replsets.rs0.expose.loadBalancerSourceRanges Limit client IP's access to Load Balancer {}
replsets.rs0.expose.annotations ReplicaSet service annotations {}
replsets.rs0.expose.labels ReplicaSet service labels {}
replsets.rs0.expose.internalTrafficPolicy ReplicaSet service internal traffic policy Local
replsets.rs0.expose.externalTrafficPolicy ReplicaSet service external traffic policy Local
replsets.rs0.schedulerName ReplicaSet Pod schedulerName ""
replsets.rs0.resources ReplicaSet Pods resource requests and limits {}
replsets.rs0.volumeSpec ReplicaSet Pods storage resources {}
replsets.rs0.volumeSpec.emptyDir ReplicaSet Pods emptyDir K8S storage {}
replsets.rs0.volumeSpec.hostPath ReplicaSet Pods hostPath K8S storage
replsets.rs0.volumeSpec.hostPath.path ReplicaSet Pods hostPath K8S storage path ""
replsets.rs0.volumeSpec.hostPath.type Type for hostPath volume Directory
replsets.rs0.volumeSpec.pvc ReplicaSet Pods PVC request parameters
replsets.rs0.volumeSpec.pvc.annotations The Kubernetes annotations metadata for Persistent Volume Claim {}
replsets.rs0.volumeSpec.pvc.labels The Kubernetes labels metadata for Persistent Volume Claim {}
replsets.rs0.volumeSpec.pvc.storageClassName ReplicaSet Pods PVC target storageClass ""
replsets.rs0.volumeSpec.pvc.accessModes ReplicaSet Pods PVC access policy []
replsets.rs0.volumeSpec.pvc.resources.requests.storage ReplicaSet Pods PVC storage size 3Gi
replsets.rs0.hostAliases The IP address for Kubernetes host aliases []
replsets.rs0.nonvoting.enabled Add MongoDB nonvoting Pods false
replsets.rs0.nonvoting.podSecurityContext Set the security context for a Pod {}
replsets.rs0.nonvoting.containerSecurityContext Set the security context for a Container {}
replsets.rs0.nonvoting.size Number of nonvoting Pods 1
replsets.rs0.nonvoting.configuration Custom config for mongod nonvoting member ""
replsets.rs0.nonvoting.serviceAccountName Run replicaset nonvoting Container under specified K8S SA ""
replsets.rs0.nonvoting.affinity.antiAffinityTopologyKey Nonvoting Pods affinity kubernetes.io/hostname
replsets.rs0.nonvoting.affinity.advanced Nonvoting Pods advanced affinity {}
replsets.rs0.nonvoting.tolerations Nonvoting Pod tolerations []
replsets.rs0.nonvoting.priorityClass Nonvoting Pod priorityClassName ""
replsets.rs0.primaryPreferTagSelector.region Makes MongoDB instance to be selected as Primary based on specified region ""
replsets.rs0.primaryPreferTagSelector.zone Makes MongoDB instance to be selected as Primary based on specified zone ""
replsets.rs0.nonvoting.annotations Nonvoting Pod annotations {}
replsets.rs0.nonvoting.labels Nonvoting Pod labels {}
replsets.rs0.nonvoting.nodeSelector Nonvoting Pod nodeSelector labels {}
replsets.rs0.nonvoting.podDisruptionBudget.maxUnavailable Nonvoting failed Pods maximum quantity 1
replsets.rs0.nonvoting.resources Nonvoting Pods resource requests and limits {}
replsets.rs0.nonvoting.volumeSpec Nonvoting Pods storage resources {}
replsets.rs0.nonvoting.volumeSpec.emptyDir Nonvoting Pods emptyDir K8S storage {}
replsets.rs0.nonvoting.volumeSpec.hostPath Nonvoting Pods hostPath K8S storage
replsets.rs0.nonvoting.volumeSpec.hostPath.path Nonvoting Pods hostPath K8S storage path ""
replsets.rs0.nonvoting.volumeSpec.hostPath.type Type for hostPath volume Directory
replsets.rs0.nonvoting.volumeSpec.pvc Nonvoting Pods PVC request parameters
replsets.rs0.nonvoting.volumeSpec.pvc.annotations The Kubernetes annotations metadata for Persistent Volume Claim {}
replsets.rs0.nonvoting.volumeSpec.pvc.labels The Kubernetes labels metadata for Persistent Volume Claim {}
replsets.rs0.nonvoting.volumeSpec.pvc.storageClassName Nonvoting Pods PVC target storageClass ""
replsets.rs0.nonvoting.volumeSpec.pvc.accessModes Nonvoting Pods PVC access policy []
replsets.rs0.nonvoting.volumeSpec.pvc.resources.requests.storage Nonvoting Pods PVC storage size 3Gi
replsets.rs0.arbiter.enabled Create MongoDB arbiter service false
replsets.rs0.arbiter.size MongoDB arbiter Pod quantity 1
replsets.rs0.arbiter.serviceAccountName Run replicaset arbiter Container under specified K8S SA ""
replsets.rs0.arbiter.affinity.antiAffinityTopologyKey MongoDB arbiter Pod affinity kubernetes.io/hostname
replsets.rs0.arbiter.affinity.advanced MongoDB arbiter Pod advanced affinity {}
replsets.rs0.arbiter.tolerations MongoDB arbiter Pod tolerations []
replsets.rs0.arbiter.priorityClass MongoDB arbiter priorityClassName ""
replsets.rs0.arbiter.annotations MongoDB arbiter Pod annotations {}
replsets.rs0.arbiter.labels MongoDB arbiter Pod labels {}
replsets.rs0.arbiter.nodeSelector MongoDB arbiter Pod nodeSelector labels {}
sharding.enabled Enable sharding setup true
sharding.balancer.enabled Enable/disable balancer true
sharding.configrs.size Config ReplicaSet size (pod quantity) 3
sharding.configrs.terminationGracePeriodSeconds The amount of seconds Kubernetes will wait for a clean replica set Pods termination ""
sharding.configrs.externalNodes.host The URL or IP address of the external config server instance ""
sharding.configrs.externalNodes.port The port number of the external config server instance ""
sharding.configrs.externalNodes.votes The number of votes :octicons-link-external-16: of the external config server instance ""
sharding.configrs.externalNodes.priority The priority :octicons-link-external-16: of the external config server instance ""
sharding.configrs.configuration Custom config for mongod in config replica set ""
sharding.configrs.topologySpreadConstraints Control how Pods are spread across your cluster among failure-domains such as regions, zones, nodes, and other user-defined topology domains {}
sharding.configrs.serviceAccountName Run sharding configrs Containers under specified K8S SA ""
sharding.configrs.affinity.antiAffinityTopologyKey Config ReplicaSet Pod affinity kubernetes.io/hostname
sharding.configrs.affinity.advanced Config ReplicaSet Pod advanced affinity {}
sharding.configrs.tolerations Config ReplicaSet Pod tolerations []
sharding.configrs.priorityClass Config ReplicaSet Pod priorityClassName ""
sharding.configrs.annotations Config ReplicaSet Pod annotations {}
sharding.configrs.labels Config ReplicaSet Pod labels {}
sharding.configrs.nodeSelector Config ReplicaSet Pod nodeSelector labels {}
sharding.configrs.livenessProbe Config ReplicaSet Pod livenessProbe structure {}
sharding.configrs.readinessProbe Config ReplicaSet Pod readinessProbe structure {}
sharding.configrs.storage Set cacheSizeRatio or other custom MongoDB storage options {}
sharding.configrs.podSecurityContext Set the security context for a Pod {}
sharding.configrs.containerSecurityContext Set the security context for a Container {}
sharding.configrs.runtimeClass Config ReplicaSet Pod runtimeClassName ""
sharding.configrs.sidecars Config ReplicaSet Pod sidecars {}
sharding.configrs.sidecarVolumes Config ReplicaSet Pod sidecar volumes []
sharding.configrs.sidecarPVCs Config ReplicaSet Pod sidecar PVCs []
sharding.configrs.podDisruptionBudget.maxUnavailable Config ReplicaSet failed Pods maximum quantity 1
sharding.configrs.expose.enabled Allow access to cfg replica from outside of Kubernetes false
sharding.configrs.expose.type Network service access point type ClusterIP
sharding.configrs.expose.loadBalancerIP Set client IP to Load Balancer ""
sharding.configrs.expose.loadBalancerSourceRanges Limit client IP's access to Load Balancer {}
sharding.configrs.expose.annotations Config ReplicaSet service annotations {}
sharding.configrs.expose.labels Config ReplicaSet service labels {}
sharding.configrs.expose.internalTrafficPolicy Config ReplicaSet service internal traffic policy Local
sharding.configrs.expose.externalTrafficPolicy Config ReplicaSet service external traffic policy Local
sharding.configrs.resources.limits.cpu Config ReplicaSet resource limits CPU 300m
sharding.configrs.resources.limits.memory Config ReplicaSet resource limits memory 0.5G
sharding.configrs.resources.requests.cpu Config ReplicaSet resource requests CPU 300m
sharding.configrs.resources.requests.memory Config ReplicaSet resource requests memory 0.5G
sharding.configrs.volumeSpec.hostPath Config ReplicaSet hostPath K8S storage
sharding.configrs.volumeSpec.hostPath.path Config ReplicaSet hostPath K8S storage path ""
sharding.configrs.volumeSpec.hostPath.type Type for hostPath volum Directory
sharding.configrs.volumeSpec.emptyDir Config ReplicaSet Pods emptyDir K8S storage
sharding.configrs.volumeSpec.pvc Config ReplicaSet Pods PVC request parameters
sharding.configrs.volumeSpec.pvc.annotations The Kubernetes annotations metadata for Persistent Volume Claim {}
sharding.configrs.volumeSpec.pvc.labels The Kubernetes labels metadata for Persistent Volume Claim {}
sharding.configrs.volumeSpec.pvc.storageClassName Config ReplicaSet Pods PVC storageClass ""
sharding.configrs.volumeSpec.pvc.accessModes Config ReplicaSet Pods PVC access policy []
sharding.configrs.volumeSpec.pvc.resources.requests.storage Config ReplicaSet Pods PVC storage size 3Gi
sharding.configrs.hostAliases The IP address for Kubernetes host aliases []
sharding.mongos.size Mongos size (pod quantity) 3
sharding.mongos.terminationGracePeriodSeconds The amount of seconds Kubernetes will wait for a clean mongos Pods termination ""
sharding.mongos.configuration Custom config for mongos ""
sharding.mongos.topologySpreadConstraints Control how Pods are spread across your cluster among failure-domains such as regions, zones, nodes, and other user-defined topology domains {}
sharding.mongos.serviceAccountName Run sharding mongos Containers under specified K8S SA ""
sharding.mongos.affinity.antiAffinityTopologyKey Mongos Pods affinity kubernetes.io/hostname
sharding.mongos.affinity.advanced Mongos Pods advanced affinity {}
sharding.mongos.tolerations Mongos Pods tolerations []
sharding.mongos.priorityClass Mongos Pods priorityClassName ""
sharding.mongos.annotations Mongos Pods annotations {}
sharding.mongos.labels Mongos Pods labels {}
sharding.mongos.nodeSelector Mongos Pods nodeSelector labels {}
sharding.mongos.livenessProbe Mongos Pod livenessProbe structure {}
sharding.mongos.readinessProbe Mongos Pod readinessProbe structure {}
sharding.mongos.podSecurityContext Set the security context for a Pod {}
sharding.mongos.containerSecurityContext Set the security context for a Container {}
sharding.mongos.runtimeClass Mongos Pod runtimeClassName ""
sharding.mongos.sidecars Mongos Pod sidecars {}
sharding.mongos.sidecarVolumes Mongos Pod sidecar volumes []
sharding.mongos.sidecarPVCs Mongos Pod sidecar PVCs []
sharding.mongos.podDisruptionBudget.maxUnavailable Mongos failed Pods maximum quantity 1
sharding.mongos.resources.limits.cpu Mongos Pods resource limits CPU 300m
sharding.mongos.resources.limits.memory Mongos Pods resource limits memory 0.5G
sharding.mongos.resources.requests.cpu Mongos Pods resource requests CPU 300m
sharding.mongos.resources.requests.memory Mongos Pods resource requests memory 0.5G
sharding.mongos.expose.type Mongos service type ClusterIP
sharding.mongos.expose.loadBalancerIP Set client IP to Load Balancer ""
sharding.mongos.expose.servicePerPod Create a separate ClusterIP Service for each mongos instance false
sharding.mongos.expose.loadBalancerSourceRanges Limit client IP's access to Load Balancer {}
sharding.mongos.expose.annotations Mongos service annotations {}
sharding.mongos.expose.labels Mongos service labels {}
sharding.mongos.expose.internalTrafficPolicy Mongos service internal traffic policy Local
sharding.mongos.expose.externalTrafficPolicy Mongos service external traffic policy Local
sharding.mongos.expose.nodePort Custom port if exposing mongos via NodePort ""
sharding.mongos.hostAliases The IP address for Kubernetes host aliases []
users.name The username of the MongoDB application user ""
users.db Database that the user authenticates against ""
users.passwordSecretRef.name Name of the secret that contains the user's password ""
users.passwordSecretRef.key Key in the secret that corresponds to the value of the user's password ""
users.roles.role.name Name of the MongoDB role assigned to the user. As built-in roles, so custom roles are supported ""
users.roles.role.db Database that the MongoDB role applies to ""
roles.role Name of the custom role. ""
roles.db Database in which you want to store the user-defined role. admin
roles.authenticationRestrictions.clientSource Array of IP addresses or CIDR blocks from which users assigned this role can connect.MongoDB servers reject connection requests from users with this role if the requests come from a client that is not present in this array. ""
roles.authenticationRestrictions.serverAddress Array of IP addresses or CIDR blocks to which users assigned this role can connect.MongoDB servers reject connection requests from users with this role if the client requests to connect to a server that is not present in this array. ""
roles.privileges.actions Name of the role. Valid values are built-in roles. []
roles.privileges.resource.db Database for which the privilege security.roles.privileges.actions apply. An empty string ("") indicates that the privilege actions apply to all databases. ""
roles.privileges.resource.collection Collection for which the privilege security.roles.privileges.actions apply. An empty string ("") indicates that the privilege actions apply to all of the database's collections. ""
roles.privileges.resource.cluster Flag that indicates that the privilege security.roles.privileges.actions apply to all databases and collections in the MongoDB deployment. If omitted, defaults to false.If set to true, do not provide values for security.roles.privileges.resource.database and security.roles.privileges.resource.collection. ""
roles.roles.role Name of the role to inherit from. ""
roles.roles.db Name of database that contains the role to inherit from. ""
backup.enabled Enable backup PBM agent true
backup.annotations Backup job annotations {}
backup.podSecurityContext Set the security context for a Pod {}
backup.containerSecurityContext Set the security context for a Container {}
backup.restartOnFailure Backup Pods restart policy true
backup.image.repository PBM Container image repository percona/percona-backup-mongodb
backup.image.tag PBM Container image tag 2.7.0-multi
backup.storages Local/remote backup storages settings {}
backup.pitr.enabled Enable point in time recovery for backup false
backup.pitr.oplogOnly Start collecting oplogs even if full logical backup doesn't exist false
backup.pitr.oplogSpanMin Number of minutes between the uploads of oplogs 10
backup.pitr.compressionType The point-in-time-recovery chunks compression format ""
backup.pitr.compressionLevel The point-in-time-recovery chunks compression level ""
backup.configuration.backupOptions Custom configuration settings for backup {}
backup.configuration.restoreOptions Custom configuration settings for restore {}
backup.tasks Backup working schedule {}
systemUsers PSMDB operator system users {}

Specify parameters using --set key=value[,key=value] argument to helm install Notice that you can use multiple replica sets only with sharding enabled.

Examples

Deploy a replica set with disabled backups and no mongos pods

This is great for a dev PSMDB/MongoDB cluster as it doesn't bother with backups and sharding setup.

$ helm install dev  --namespace psmdb . \
    --set runUid=1001 --set "replsets.rs0.volumeSpec.pvc.resources.requests.storage=20Gi" \
    --set backup.enabled=false --set sharding.enabled=false

Need help?

Commercial Support Community Support

Enterprise-grade assistance for your mission-critical database deployments in containers and Kubernetes. Get expert guidance for complex tasks like multi-cloud replication, database migration and building platforms.


Connect with our engineers and fellow users for general questions, troubleshooting, and sharing feedback and ideas.

Get Percona Support Visit our Forum