部署mongodb三幅本集群

背景：原先使用的mongodb采用的是SSPL协议，此协议客户检测到有bug，故需要替换mongodb的版本，原先采用helm部署的mongodb但是无法找到4.1.4版本的chart包，故手写yaml部署

1、部署mongodb-arbiter服务

这个服务是用来选举mongodb副本集群那个节点为primary节点的

apiVersion: apps/v1
kind: StatefulSet
metadata:labels:app: mongodbrelease: mongodbname: mongodb-arbiternamespace: mongo
spec:replicas: 1selector:matchLabels:app: mongodbcomponent: arbiterrelease: mongodbserviceName: mongodb-headlesstemplate:metadata:labels:app: mongodbchart: mongodb-5.10.0component: arbiterrelease: mongodbspec:initContainers:- name: mongodb-initimage: registry.paas:38080/pcas/busybox-arm:latestimagePullPolicy: IfNotPresentcommand: ["sh", "-c", "chown -R 1001:1001 /data/db"]volumeMounts:- name: mongodb-datamountPath: /data/dbcontainers:- env:- name: MONGODB_SYSTEM_LOG_VERBOSITYvalue: "0"- name: MONGODB_DISABLE_SYSTEM_LOGvalue: "no"- name: MONGODB_POD_NAMEvalueFrom:fieldRef:apiVersion: v1fieldPath: metadata.name- name: MONGODB_REPLICA_SET_MODEvalue: arbiter- name: MONGODB_PRIMARY_HOSTvalue: mongodb- name: MONGODB_REPLICA_SET_NAMEvalue: rs0- name: MONGODB_ADVERTISED_HOSTNAMEvalue: $(MONGODB_POD_NAME).mongodb-headless.mongo.svc.cluster.local- name: MONGODB_PRIMARY_ROOT_PASSWORDvalueFrom:secretKeyRef:key: mongodb-root-passwordname: mongodb- name: MONGODB_REPLICA_SET_KEYvalueFrom:secretKeyRef:key: mongodb-replica-set-keyname: mongodb- name: MONGODB_ENABLE_IPV6value: "yes"- name: MONGODB_ENABLE_DIRECTORY_PER_DBvalue: "no"image: mongo:4.1.4imagePullPolicy: IfNotPresentlivenessProbe:failureThreshold: 6initialDelaySeconds: 30periodSeconds: 10successThreshold: 1tcpSocket:port: mongodbtimeoutSeconds: 5name: mongodb-arbiterports:- containerPort: 27017name: mongodbprotocol: TCPreadinessProbe:failureThreshold: 6initialDelaySeconds: 5periodSeconds: 10successThreshold: 1tcpSocket:port: mongodbtimeoutSeconds: 5securityContext:runAsNonRoot: truerunAsUser: 1001volumeMounts:- mountPath: /data/dbname: mongodb-datavolumeClaimTemplates:- apiVersion: v1kind: PersistentVolumeClaimmetadata:name: mongodb-dataspec:accessModes:- ReadWriteOnceresources:requests:storage: 10GistorageClassName: rbd-ssd

2、部署mongodb-primary

apiVersion: apps/v1
kind: StatefulSet
metadata:labels:app: mongodbapp.kubernetes.io/managed-by: Helmchart: mongodb-5.10.0heritage: Helmrelease: mongodbname: mongodb-primarynamespace: mongo
spec:replicas: 1selector:matchLabels:app: mongodbcomponent: primaryrelease: mongodbserviceName: mongodb-headlesstemplate:metadata:labels:app: mongodbchart: mongodb-5.10.0component: primaryrelease: mongodbspec:containers:- env:- name: MONGODB_SYSTEM_LOG_VERBOSITYvalue: "0"- name: MONGODB_DISABLE_SYSTEM_LOGvalue: "no"- name: MONGODB_POD_NAMEvalueFrom:fieldRef:apiVersion: v1fieldPath: metadata.name- name: MONGODB_REPLICA_SET_MODEvalue: primary- name: MONGODB_REPLICA_SET_NAMEvalue: rs0- name: MONGODB_ADVERTISED_HOSTNAMEvalue: $(MONGODB_POD_NAME).mongodb-headless.mongo.svc.cluster.local- name: MONGODB_ROOT_PASSWORDvalueFrom:secretKeyRef:key: mongodb-root-passwordname: mongodb- name: MONGODB_REPLICA_SET_KEYvalueFrom:secretKeyRef:key: mongodb-replica-set-keyname: mongodb- name: MONGODB_ENABLE_IPV6value: "yes"- name: MONGODB_ENABLE_DIRECTORY_PER_DBvalue: "no"image: mongo:4.1.4imagePullPolicy: IfNotPresentlivenessProbe:exec:command:- mongo- --eval- db.adminCommand('ping')failureThreshold: 6initialDelaySeconds: 30periodSeconds: 10successThreshold: 1timeoutSeconds: 5name: mongodb-primaryports:- containerPort: 27017name: mongodbprotocol: TCPreadinessProbe:exec:command:- mongo- --eval- db.adminCommand('ping')failureThreshold: 6initialDelaySeconds: 5periodSeconds: 10successThreshold: 1timeoutSeconds: 5securityContext:runAsNonRoot: truerunAsUser: 1001volumeMounts:- mountPath: /data/dbname: datadirsecurityContext:fsGroup: 1001volumeClaimTemplates:- apiVersion: v1kind: PersistentVolumeClaimmetadata:name: datadirspec:accessModes:- ReadWriteOnceresources:requests:storage: 100GistorageClassName: rbd-ssd

3、部署mongodb-secondary服务

apiVersion: apps/v1
kind: StatefulSet
metadata:labels:app: mongodbapp.kubernetes.io/managed-by: Helmchart: mongodb-5.10.0heritage: Helmrelease: mongodbname: mongodb-secondarynamespace: mongo
spec:replicas: 2selector:matchLabels:app: mongodbcomponent: secondaryrelease: mongodbserviceName: mongodb-headlesstemplate:metadata:creationTimestamp: nulllabels:app: mongodbchart: mongodb-5.10.0component: secondaryrelease: mongodbspec:containers:- env:- name: MONGODB_SYSTEM_LOG_VERBOSITYvalue: "0"- name: MONGODB_DISABLE_SYSTEM_LOGvalue: "no"- name: MONGODB_POD_NAMEvalueFrom:fieldRef:apiVersion: v1fieldPath: metadata.name- name: MONGODB_REPLICA_SET_MODEvalue: secondary- name: MONGODB_PRIMARY_HOSTvalue: mongodb- name: MONGODB_REPLICA_SET_NAMEvalue: rs0- name: MONGODB_ADVERTISED_HOSTNAMEvalue: $(MONGODB_POD_NAME).mongodb-headless.mongo.svc.cluster.local- name: MONGODB_PRIMARY_ROOT_PASSWORDvalueFrom:secretKeyRef:key: mongodb-root-passwordname: mongodb- name: MONGODB_REPLICA_SET_KEYvalueFrom:secretKeyRef:key: mongodb-replica-set-keyname: mongodb- name: MONGODB_ENABLE_IPV6value: "yes"- name: MONGODB_ENABLE_DIRECTORY_PER_DBvalue: "no"image: mongo:4.1.4imagePullPolicy: IfNotPresentlivenessProbe:exec:command:- mongo- --eval- db.adminCommand('ping')failureThreshold: 6initialDelaySeconds: 30periodSeconds: 10successThreshold: 1timeoutSeconds: 5name: mongodb-secondaryports:- containerPort: 27017name: mongodbprotocol: TCPreadinessProbe:exec:command:- mongo- --eval- db.adminCommand('ping')failureThreshold: 6initialDelaySeconds: 5periodSeconds: 10successThreshold: 1timeoutSeconds: 5securityContext:runAsNonRoot: truerunAsUser: 1001volumeMounts:- mountPath: /data/dbname: datadirsecurityContext:fsGroup: 1001volumeClaimTemplates:- apiVersion: v1kind: PersistentVolumeClaimmetadata:creationTimestamp: nullname: datadirspec:accessModes:- ReadWriteOnceresources:requests:storage: 100GistorageClassName: rbd-ssd

4、部署集群service

[root@EIS-01 mongodb]# cat mongodb-svc.yaml
apiVersion: v1
kind: Service
metadata:labels:app: mongodbapp.kubernetes.io/managed-by: Helmchart: mongodb-5.10.0heritage: Helmrelease: mongodbname: mongodbnamespace: mongo
spec:ports:- name: mongodbport: 27017protocol: TCPtargetPort: mongodbselector:app: mongodbcomponent: primaryrelease: mongodbtype: ClusterIP

[root@EIS-01 mongodb]# cat mongodb-headless-svc.yaml
apiVersion: v1
kind: Service
metadata:labels:app: mongodbapp.kubernetes.io/managed-by: Helmchart: mongodb-5.10.0heritage: Helmrelease: mongodbname: mongodb-headlessnamespace: mongo
spec:clusterIP: Noneports:- name: mongodbport: 27017protocol: TCPtargetPort: 27017selector:app: mongodbrelease: mongodb

为了方便研发使用使用工具连接数据库增删改查数据库的数据，故给primary节点单独写个svc

[root@EIS-01 mongodb]# cat mongodb-primary-svc.yaml
apiVersion: v1
kind: Service
metadata:labels:app: mongodbcomponent: primaryrelease: mongodbname: mongodb-primary-servicenamespace: mongo
spec:ports:- name: mongodbnodePort: 31767port: 27017protocol: TCPtargetPort: 27017selector:component: primarytype: NodePort

5、设置mongodb登录密码

apiVersion: v1
data:mongodb-replica-set-key: U3RsUWZxRUl4ag==mongodb-root-password: VHJhxxxx
kind: Secret
metadata:annotations:meta.helm.sh/release-name: mongodbmeta.helm.sh/release-namespace: mongodblabels:app: mongodbapp.kubernetes.io/managed-by: Helmchart: mongodb-5.10.0heritage: Helmrelease: mongodbname: mongodbnamespace: mongo

6、部署服务

[root@EIS-01 mongodb]# ll
total 28K
-rw-r--r-- 1 root root 2.8K Apr 25 17:15 mongodb-arbiter.yaml
-rw-r--r-- 1 root root  410 Apr 25 15:24 mongodb-headless-svc.yaml
-rw-r--r-- 1 root root  322 Apr 25 16:34 mongodb-primary-svc.yaml
-rw-r--r-- 1 root root 2.8K Apr 25 16:12 mongodb-primary.yaml
-rw-r--r-- 1 root root 3.0K Apr 25 16:13 mongodb-secondary.yaml
-rw-r--r-- 1 root root  415 Apr 25 17:18 mongodb-secret.yaml
-rw-r--r-- 1 root root  410 Apr 25 15:23 mongodb-svc.yaml
[root@EIS-01 mongodb]#kubectl apply -f .
[root@EIS-01 mongodb]# kubectl get pod -n mongo
NAME                  READY   STATUS    RESTARTS   AGE
mongodb-arbiter-0     1/1     Running   0          41h
mongodb-primary-0     1/1     Running   0          41h
mongodb-secondary-0   1/1     Running   0          41h
mongodb-secondary-1   1/1     Running   0          41h

至此mongodb三幅本部署完成