Merge branch 'operator-repo-initialpush' into 'development'

Mirror of repo available on open internet. See merge request !1

Merge branch 'operator-repo-initialpush' into 'development'
Mirror of repo available on open internet. See merge request !1
64d8d739 · Andy Maksymowicz · 8fb6dc63 · b3cbc173 · 64d8d739 · 64d8d739
Commit 64d8d739 authored Nov 04, 2020 by Andy Maksymowicz
20 changed files
--- a/samples/mongodb/authentication/scram/sharded-cluster/sharded-cluster-scram-user.yaml
+++ b/samples/mongodb/authentication/scram/sharded-cluster/sharded-cluster-scram-user.yaml
+---
+apiVersion: mongodb.com/v1
+kind: MongoDBUser
+metadata:
+  name: my-scram-user
+spec:
+  passwordSecretKeyRef:
+    name: my-scram-secret # the name of the secret that stores this user's password
+    key: password # the key in the secret that stores the password
+  username: my-scram-user
+  db: admin
+  mongodbResourceRef:
+    name: my-scram-enabled-sharded-cluster # The name of the MongoDB resource this user will be added to
+  roles:
+    - db: admin
+      name: clusterAdmin
+    - db: admin
+      name: userAdminAnyDatabase
--- a/samples/mongodb/authentication/scram/standalone/standalone-scram-password.yaml
+++ b/samples/mongodb/authentication/scram/standalone/standalone-scram-password.yaml
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: my-scram-secret
+type: Opaque
+stringData:
+  password: my-standalone-password
--- a/samples/mongodb/authentication/scram/standalone/standalone-scram-sha.yaml
+++ b/samples/mongodb/authentication/scram/standalone/standalone-scram-sha.yaml
+---
+apiVersion: mongodb.com/v1
+kind: MongoDB
+metadata:
+  name: my-scram-enabled-standalone
+spec:
+  type: Standalone
+  # Using a version >= 4.0 will enable SCRAM-SHA-256 authentication
+  # setting a version < 4.0 will enable SCRAM-SHA-1/MONGODB-CR authentication
+  version: 3.6.0-ent
+  opsManager:
+    configMapRef:
+      name: my-project
+  credentials: my-credentials
+  security:
+    authentication:
+      enabled: true
+      modes: ["SCRAM"] # Valid authentication modes are "SCRAM' and "X509"
+      # Optional field - ignoreUnknownUsers
+      # A value of true means that any users not configured via the Operator or the Ops Manager or Cloud Manager UI
+      # will not be altered in any way
+      # If you need to manage MongoDB users directly via the mongods, set this value to true
+      ignoreUnknownUsers: true # default value false
--- a/samples/mongodb/authentication/scram/standalone/standalone-scram-user.yaml
+++ b/samples/mongodb/authentication/scram/standalone/standalone-scram-user.yaml
+---
+apiVersion: mongodb.com/v1
+kind: MongoDBUser
+metadata:
+  name: my-scram-user
+spec:
+  passwordSecretKeyRef:
+    name: my-scram-secret # the name of the secret that stores this user's password
+    key: password # the key in the secret that stores the password
+  username: my-scram-user
+  db: admin
+  mongodbResourceRef:
+    name: my-scram-enabled-standalone # The name of the MongoDB resource this user will be added to
+  roles:
+    - db: admin
+      name: readWrite
+    - db: admin
+      name: userAdminAnyDatabase
--- a/samples/mongodb/authentication/x509/replica-set/replica-set-x509.yaml
+++ b/samples/mongodb/authentication/x509/replica-set/replica-set-x509.yaml
+---
+apiVersion: mongodb.com/v1
+kind: MongoDB
+metadata:
+  name: my-replica-set
+spec:
+  type: ReplicaSet
+  members: 3
+  version: 4.0.4-ent
+  opsManager:
+    configMapRef:
+      name: my-project
+  credentials: my-credentials
+  # look into `replica-set-persistent-volumes.yaml` for an example on how to use
+  # Kubernetes Persistent Volumes in your MDB deployment.
+  persistent: false
+  # This will create a TLS & x509 enabled Replica Set, which means that all the traffic
+  # between members of the Replica Set and clients, will be encrypted using TLS
+  # certificates. These certificates will be generated on the fly by the operator
+  # using the Kubernetes CA.
+  #
+  # More information about setting up x509 client authentication in Ops Manager:
+  #
+  # https://docs.opsmanager.mongodb.com/current/tutorial/enable-x509-authentication-for-group
+  #
+  # Please refer to Kubernetes TLS Documentation on how to approve these certs:
+  #
+  # https://kubernetes.io/docs/tasks/tls/managing-tls-in-a-cluster/
+  #
+  security:
+    tls:
+      enabled: true
+    authentication:
+      enabled: true
+      modes: ["X509"]
--- a/samples/mongodb/authentication/x509/replica-set/user.yaml
+++ b/samples/mongodb/authentication/x509/replica-set/user.yaml
+---
+apiVersion: mongodb.com/v1
+kind: MongoDBUser
+metadata:
+  name: my-replica-set-x509-user
+spec:
+  username: CN=my-replica-set-x509-user,OU=cloud,O=MongoDB,L=New York,ST=New York,C=US
+  db: $external
+  mongodbResourceRef:
+    name: my-replica-set
+  roles:
+    - db: admin
+      name: dbOwner
--- a/samples/mongodb/authentication/x509/sharded-cluster/sharded-cluster-x509.yaml
+++ b/samples/mongodb/authentication/x509/sharded-cluster/sharded-cluster-x509.yaml
+---
+apiVersion: mongodb.com/v1
+kind: MongoDB
+metadata:
+  name: my-x509-enabled-sc
+spec:
+  type: ShardedCluster
+  shardCount: 2
+  mongodsPerShardCount: 3
+  mongosCount: 2
+  configServerCount: 3
+  version: 4.0.6-ent
+  opsManager:
+    configMapRef:
+      name: my-project
+  credentials: my-credentials
+  persistent: false
+  # This will create a TLS & x509 enabled Sharded Cluster, which means that all the traffic
+  # between members of the Shards and clients, will be encrypted using TLS
+  # certificates. These certificates will be generated on the fly by the operator
+  # using the Kubernetes CA.
+  #
+  # More information about setting up x509 client authentication in Ops Manager:
+  #
+  # https://docs.opsmanager.mongodb.com/current/tutorial/enable-x509-authentication-for-group
+  #
+  # Please refer to Kubernetes TLS Documentation on how to approve these certs:
+  #
+  # https://kubernetes.io/docs/tasks/tls/managing-tls-in-a-cluster/
+  #
+  security:
+    authentication:
+      enabled: true
+      modes: ["X509"]
+      internalCluster: "X509"
+    tls:
+      enabled: true
--- a/samples/mongodb/authentication/x509/sharded-cluster/user.yaml
+++ b/samples/mongodb/authentication/x509/sharded-cluster/user.yaml
+---
+apiVersion: mongodb.com/v1
+kind: MongoDBUser
+metadata:
+  name: my-sharded-cluster-x509-user
+spec:
+  username: CN=my-sharded-cluster-x509-user,OU=cloud,O=MongoDB,L=New York,ST=New York,C=US
+  db: $external
+  mongodbResourceRef:
+    name: my-replica-set
+  roles:
+    - db: admin
+      name: dbOwner
--- a/samples/mongodb/external-connectivity/replica-set-external.yaml
+++ b/samples/mongodb/external-connectivity/replica-set-external.yaml
+---
+apiVersion: mongodb.com/v1
+kind: MongoDB
+metadata:
+  name: my-externally-connectible-rs
+spec:
+  type: ReplicaSet
+  members: 3
+  version: 4.2.0-ent
+  opsManager:
+    configMapRef:
+      name: my-project
+  credentials: my-credentials
+  security:
+    tls:
+      # TLS must be enabled to allow external connectivity
+      enabled: true
+  connectivity:
+    # replicaSetHorizons consists of a list of maps where each map represents a node within
+    # the replica set and maps names of DNS horizons to externally connectable DNS names.
+    # In the following example, this would allow a client to make a replica set connection
+    # from outside the replica set using a connection string like
+    # mongodb://mdb0-test-website.com:1337,mdb1-test-website.com:1338,mdb2-test-website.com:1339.
+    # The length of the replicaSetHorizons list must be equal to the number of the members in the
+    # replica set and each member should have all of the same DNS horizon names specified.
+    replicaSetHorizons:
+      - "test-horizon-1": "mdb0-test-website.com:1337"
+        "test-horizon-2": "mdb0-test-internal-website.com:2337"
+      - "test-horizon-1": "mdb1-test-website.com:1338"
+        "test-horizon-2": "mdb1-test-internal-website.com:2338"
+      - "test-horizon-1": "mdb2-test-website.com:1339"
+        "test-horizon-2": "mdb2-test-internal-website.com:2339"
--- a/samples/mongodb/minimal/replica-set.yaml
+++ b/samples/mongodb/minimal/replica-set.yaml
+#
+# This is a minimal config. To see all the options available, refer to the
+# "extended" directory
+#
+---
+apiVersion: mongodb.com/v1
+kind: MongoDB
+metadata:
+  name: my-replica-set
+spec:
+  members: 3
+  version: 4.4.0-ent
+  type: ReplicaSet
+  opsManager:
+    configMapRef:
+      name: my-project
+  credentials: my-credentials
+  persistent: false
+  podSpec:
+    # 'podTemplate' allows to set custom fields in PodTemplateSpec (https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.17/#podtemplatespec-v1-core)
+    # for the Database StatefulSet.
+    podTemplate:
+      spec:        
+        containers:
+          - name: mongodb-enterprise-database
+            resources:
+              limits:
+                cpu: "2"
+                memory: 700m
+              requests:
+                cpu: "1"
+                memory: 500m
--- a/samples/mongodb/minimal/sharded-cluster.yaml
+++ b/samples/mongodb/minimal/sharded-cluster.yaml
+#
+# This is a minimal config. To see all the options available, refer to the
+# "extended" directory
+#
+---
+apiVersion: mongodb.com/v1
+kind: MongoDB
+metadata:
+  name: my-sharded-cluster
+spec:
+  shardCount: 2
+  mongodsPerShardCount: 3
+  mongosCount: 2
+  configServerCount: 3
+  version: 4.4.0-ent
+  type: ShardedCluster
+  # Before you create this object, you'll need to create a project ConfigMap and a
+  # credentials Secret. For instructions on how to do this, please refer to our
+  # documentation, here:
+  # https://docs.opsmanager.mongodb.com/current/tutorial/install-k8s-operator
+  opsManager:
+    configMapRef:
+      name: my-project
+  credentials: my-credentials
+  # This flag allows the creation of pods without persistent volumes. This is for
+  # testing only, and must not be used in production. 'false' will disable
+  # Persistent Volume Claims. The default is 'true'
+  persistent: false
+  configSrvPodSpec:
+    podTemplate:
+      spec:        
+        containers:
+          - name: mongodb-enterprise-database
+            resources:
+              limits:
+                cpu: "2"
+                memory: 700m
+              requests:
+                cpu: "1"
+                memory: 500m
+  shardPodSpec:
+    podTemplate:
+      spec:        
+        containers:
+          - name: mongodb-enterprise-database
+            resources:
+              limits:
+                cpu: "2"
+                memory: 700m
+              requests:
+                cpu: "1"
+                memory: 500m
+  mongosPodSpec:
+    podTemplate:
+      spec:        
+        containers:
+          - name: mongodb-enterprise-database
+            resources:
+              limits:
+                cpu: "1"
+                memory: 200m
+              requests:
+                cpu: "0.5"
+                memory: 100m
\ No newline at end of file
--- a/samples/mongodb/minimal/standalone.yaml
+++ b/samples/mongodb/minimal/standalone.yaml
+#
+# This is a minimal config. To see all the options available, refer to the
+# "extended" directory
+#
+---
+apiVersion: mongodb.com/v1
+kind: MongoDB
+metadata:
+  name: my-standalone
+spec:
+  version: 4.4.0-ent
+  type: Standalone
+  # Before you create this object, you'll need to create a project ConfigMap and a
+  # credentials Secret. For instructions on how to do this, please refer to our
+  # documentation, here:
+  # https://docs.opsmanager.mongodb.com/current/tutorial/install-k8s-operator
+  opsManager:
+    configMapRef:
+      name: my-project
+  credentials: my-credentials
+  # This flag allows the creation of pods without persistent volumes. This is for
+  # testing only, and must not be used in production. 'false' will disable
+  # Persistent Volume Claims. The default is 'true'
+  persistent: false
+  podSpec:
+    # 'podTemplate' allows to set custom fields in PodTemplateSpec (https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.17/#podtemplatespec-v1-core)
+    # for the Database StatefulSet.
+    podTemplate:
+      spec:        
+        containers:
+          - name: mongodb-enterprise-database
+            resources:
+              limits:
+                cpu: "2"
+                memory: 700m
+              requests:
+                cpu: "1"
+                memory: 500m
\ No newline at end of file
--- a/samples/mongodb/mongodb-options/replica-set-mongod-options.yaml
+++ b/samples/mongodb/mongodb-options/replica-set-mongod-options.yaml
+apiVersion: mongodb.com/v1
+kind: MongoDB
+metadata:
+  name: my-replica-set-options
+spec:
+  members: 3
+  version: 4.2.8-ent
+  type: ReplicaSet
+  opsManager:
+    configMapRef:
+      name: my-project
+  credentials: my-credentials
+  persistent: true
+  # optional. Allows to pass custom MongoDB process configuration
+  additionalMongodConfig:
+    systemLog:
+      logAppend: true
+      verbosity: 4
+    operationProfiling:
+      mode: slowOp
--- a/samples/mongodb/mongodb-options/sharded-cluster-mongod-options.yaml
+++ b/samples/mongodb/mongodb-options/sharded-cluster-mongod-options.yaml
+apiVersion: mongodb.com/v1
+kind: MongoDB
+metadata:
+  name: my-sharded-cluster-options
+spec:
+  version: 4.2.8-ent
+  type: ShardedCluster
+  opsManager:
+    configMapRef:
+      name: my-project
+  credentials: my-credentials
+  persistent: true
+  shardCount: 2
+  mongodsPerShardCount: 3
+  mongosCount: 2
+  configServerCount: 1
+  mongos:
+    # optional. Allows to pass custom configuration for mongos processes
+    additionalMongodConfig:
+      systemLog:
+        logAppend: true
+        verbosity: 4
+  configSrv:
+    # optional. Allows to pass custom configuration for Config Server mongod processes
+    additionalMongodConfig:
+      operationProfiling:
+        mode: slowOp
+  shard:
+    additionalMongodConfig:
+    # optional. Allows to pass custom configuration for Shards mongod processes
+      storage:
+        journal:
+          commitIntervalMs: 50
--- a/samples/mongodb/persistent-volumes/replica-set-persistent-volumes.yaml
+++ b/samples/mongodb/persistent-volumes/replica-set-persistent-volumes.yaml
+---
+apiVersion: mongodb.com/v1
+kind: MongoDB
+metadata:
+  name: my-replica-set
+spec:
+  members: 3
+  version: 4.2.1-ent
+  service: my-service
+  # Indicates featureCompatibilityVersion. This attribute will make the data
+  # format to persist in a particular version, maybe older, allowing for
+  # future downgrades if necessary.
+  featureCompatibilityVersion: "3.6"
+  # Please Note: The default Kubernetes cluster domain is `cluster.local`.
+  # If your cluster has been configured with another domain, you can specify it
+  # with the `clusterDomain` attribute.
+  # clusterDomain: mycompany.net
+  opsManager:
+    configMapRef:
+      name: my-project
+  credentials: my-credentials
+  type: ReplicaSet
+  # log level affects the level of logging for the agent. Use DEBUG cautiously as log file size may grow very quickly
+  logLevel: WARN
+  persistent: true
+  podSpec:
+    cpu: '0.25'
+    # note: it's important to always specify memory otherwise wired tiger cache will be calculated incorrectly and
+    # monitoring tools will report the size of Kubernetes node instead of the real size of the container
+    memory: 512M
+    # "multiple" persistence allows to mount different directories to different Persistent Volumes
+    persistence:
+      multiple:
+        data:
+          storage: 10Gi
+        journal:
+          storage: 1Gi
+          labelSelector:
+            matchLabels:
+              app: "my-app"
+        logs:
+          storage: 500M
+          storageClass: standard
--- a/samples/mongodb/persistent-volumes/sharded-cluster-persistent-volumes.yaml
+++ b/samples/mongodb/persistent-volumes/sharded-cluster-persistent-volumes.yaml
+---
+apiVersion: mongodb.com/v1
+kind: MongoDB
+metadata:
+  name: my-sharded-cluster
+spec:
+  shardCount: 2
+  mongodsPerShardCount: 3
+  mongosCount: 2
+  configServerCount: 3
+  version: 4.2.1-ent
+  service: my-service
+  # Indicates featureCompatibilityVersion. This attribute will make the data
+  # format to persist in a particular version, maybe older, allowing for
+  # future downgrades if necessary.
+  featureCompatibilityVersion: "3.6"
+  # Please Note: The default Kubernetes cluster domain is `cluster.local`.
+  # If your cluster has been configured with another domain, you can specify it
+  # with the `clusterDomain` attribute.
+  # clusterDomain: mycompany.net
+  opsManager:
+    configMapRef:
+      name: my-project
+  credentials: my-credentials
+  type: ShardedCluster
+  persistent: true
+  configSrvPodSpec:
+    cpu: '0.5'
+    # note: it's important to always specify memory otherwise wired tiger cache will be calculated incorrectly and
+    # monitoring tools will report the size of Kubernetes node instead of the real size of the container
+    memory: 512M
+    # if "persistence" element is omitted then Operator uses the default size (5G) for mounting single Persistent Volume
+    # for config server
+  mongosPodSpec:
+    cpu: '0.8'
+    memory: 1G
+  shardPodSpec:
+    memory: 3G
+    persistence:
+      multiple:
+        # if the child of "multiple" is omitted then the default size will be used.
+        # 16G for "data", 1G for "journal", 3Gb for "logs"
+        data:
+          storage: 20G
+        logs:
+          storage: 4G
+          storageClass: standard
--- a/samples/mongodb/persistent-volumes/standalone-persistent-volumes.yaml
+++ b/samples/mongodb/persistent-volumes/standalone-persistent-volumes.yaml
+---
+apiVersion: mongodb.com/v1
+kind: MongoDB
+metadata:
+  name: my-standalone
+spec:
+  version: 4.2.1-ent
+  service: my-service
+  # Indicates featureCompatibilityVersion. This attribute will make the data
+  # format to persist in a particular version, maybe older, allowing for
+  # future downgrades if necessary.
+  featureCompatibilityVersion: "4.0"
+  # Please Note: The default Kubernetes cluster domain is `cluster.local`.
+  # If your cluster has been configured with another domain, you can specify it
+  # with the `clusterDomain` attribute.
+  # clusterDomain: mycompany.net
+  opsManager:
+    configMapRef:
+      name: my-project
+  credentials: my-credentials
+  type: Standalone
+  persistent: true
+  podSpec:
+    cpu: '0.25'
+    # note: it's important to always specify memory otherwise wired tiger cache will be calculated incorrectly and
+    # monitoring tools will report the size of Kubernetes node instead of the real size of the container
+    memory: 512M
+    # "single" persistence allows to mount different directories to single Persistent Volume
+    persistence:
+      single:
+        storage: 12G
+        storageClass: standard
+        labelSelector:
+          matchExpressions:
+            - {key: environment, operator: In, values: [dev]}
--- a/samples/mongodb/pod-template/initcontainer-sysctl_config.yaml
+++ b/samples/mongodb/pod-template/initcontainer-sysctl_config.yaml
+apiVersion: mongodb.com/v1
+kind: MongoDB
+metadata:
+  name: my-replica-set
+  namespace: mongodb
+spec:
+  members: 3
+  version: 4.2.2
+  type: ReplicaSet
+  cloudManager:
+    configMapRef:
+      name: my-project
+  credentials: my-credentials
+  persistent: false
+  podSpec:
+    podTemplate:
+      spec:
+        initContainers:
+        - name: "apply-sysctl-test"
+          image: "busybox:latest"
+          securityContext:
+            privileged: true
+          command: ["sysctl", "-w", "net.ipv4.tcp_keepalive_time=120"]
--- a/samples/mongodb/pod-template/replica-set-pod-template.yaml
+++ b/samples/mongodb/pod-template/replica-set-pod-template.yaml
+apiVersion: mongodb.com/v1
+kind: MongoDB
+metadata:
+  name: my-replica-set-pod-template
+spec:
+  members: 3
+  version: 4.2.2-ent
+  type: ReplicaSet
+  opsManager:
+    configMapRef:
+      name: my-project
+  credentials: my-credentials
+  podSpec:
+    memory: 512M
+    # 'podTemplate' allows to set custom fields in PodTemplateSpec (https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.17/#podtemplatespec-v1-core)
+    # for the Database StatefulSet.
+    podTemplate:
+      spec:
+        # This container will be added to each pod as a sidecar
+        containers:
+          - name: standalone-sidecar
+            image: busybox
+            command: ["sleep"]
+            args: [ "infinity" ]
+            resources:
+              limits:
+                cpu: "1"
+              requests:
+                cpu: 500m
--- a/samples/mongodb/pod-template/sharded-cluster-pod-template.yaml
+++ b/samples/mongodb/pod-template/sharded-cluster-pod-template.yaml
+apiVersion: mongodb.com/v1
+kind: MongoDB
+metadata:
+  name: my-sharded-cluster-pod-template
+spec:
+  shardCount: 1
+  mongodsPerShardCount: 1
+  mongosCount: 1
+  configServerCount: 1
+  version: 4.0.14-ent
+  type: ShardedCluster
+  opsManager:
+    configMapRef:
+      name: my-project
+  credentials: my-credentials
+  configSrvPodSpec:
+    podAntiAffinityTopologyKey: nodeId
+    podTemplate:
+      spec:
+        terminationGracePeriodSeconds: 120
+        affinity:
+          podAntiAffinity:
+            preferredDuringSchedulingIgnoredDuringExecution:
+              - podAffinityTerm:
+                  # Note, that this topology key will overwrite the antiAffinity topologyKey set by the Operator
+                  # from 'spec.configSrvPodSpec.podAntiAffinityTopologyKey'
+                  topologyKey: "failure-domain.beta.kubernetes.io/zone"
+                weight: 30
+  mongosPodSpec:
+    podTemplate:
+      spec:
+        restartPolicy: Never
+        serviceAccountName: the-custom-user
+  shardPodSpec:
+    cpu: '0.8'
+    memory: 1G
+    podTemplate:
+      metadata:
+        annotations:
+          key1: value1
+      spec:
+        tolerations:
+          - key: "key"
+            operator: "Exists"
+            effect: "NoSchedule"