k8s创建mongodb复制集集群
创建ssl证书
openssl rand -base64 741 > key.txt
创建namespace
kubectl create namespace mongodb
创建secret
kubectl create secret generic shared-bootstrap-data -n mongodb --from-file=internal-auth-mongodb-keyfile=./key.txt
创建mongo.yaml文件
apiVersion: v1 kind: Service metadata: name: mongo labels: app: mongo spec: ports: - name: mongo port: 27017 targetPort: 27017 clusterIP: None selector: app: mongo --- apiVersion: apps/v1 kind: StatefulSet metadata: name: mongo spec: serviceName: "mongodb-service" replicas: 3 selector: matchLabels: role: mongo environment: prod replicaset: MainRepSet template: metadata: labels: role: mongo environment: prod replicaset: MainRepSet spec: containers: - name: mongo image: mongo:4.2.2 env: - name: MONGO_INITDB_ROOT_USERNAME value: admin - name: MONGO_INITDB_ROOT_PASSWORD value: dSJN52PuSqn command: - "numactl" - "--interleave=all" - "mongod" - "--bind_ip" - 0.0.0.0 - "--replSet" - "MainRepSet" - "--auth" - "--clusterAuthMode" - "keyFile" - "--keyFile" - "/etc/secrets-volume/internal-auth-mongodb-keyfile" - "--setParameter" - "authenticationMechanisms=SCRAM-SHA-1" resources: requests: cpu: 0.2 memory: 2Gi ports: - containerPort: 27017 volumeMounts: - name: secrets-volume readOnly: true mountPath: /etc/secrets-volume - name: mongodb-persistent-storage-claim mountPath: /data/db volumes: - name: secrets-volume secret: secretName: shared-bootstrap-data defaultMode: 256 volumeClaimTemplates: - metadata: name: mongo-persistent-storage-claim spec: accessModes: [ "ReadWriteOnce" ] resources: requests: storage: 2Gi storageClassName: data
#kubectl create namespace mongodb
#kubectl create -f mongo.yaml --namespace mongodb
等待所有pod创建成功后执行
#kubectl exec -it mongod-0 -n mongodb -c mongod-container bash
#mongo
#rs.initiate({_id: "MainRepSet", version: 1, members: [
{ _id: 0, host : "mongod-0:27017" },
{ _id: 1, host : "mongod-1:27017" },
{ _id: 2, host : "mongod-2:27017" }
]});