Andrey Belik

2. MongoDB OpsManager and Kubernetes
Andrey Belik, Senior Product Manager, MongoDB
Introduction to MongoDB in Kubernetes

3. Andrey Belik
Senior Product Manager, MongoDB
andrey.belik@mongodb.com
@theburione

4. Safe Harbor
This presentation contains “forward-looking statements” within the meaning of Section 27A of the Securities Act
of 1933, as amended, and Section 21E of the Securities Exchange Act of 1934, as amended. Such forward-
looking statements are subject to a number of risks, uncertainties, assumptions and other factors that could
cause actual results and the timing of certain events to differ materially from future results expressed or implied
by the forward-looking statements. Factors that could cause or contribute to such differences include, but are not
limited to, those identified our filings with the Securities and Exchange Commission. You should not rely upon
forward-looking statements as predictions of future events. Furthermore, such forward-looking statements speak
only as of the date of this presentation.
In particular, the development, release, and timing of any features or functionality described for MongoDB
products remains at MongoDB’s sole discretion. This information is merely intended to outline our general
product direction and it should not be relied on in making a purchasing decision nor is this a commitment,
promise or legal obligation to deliver any material, code, or functionality. Except as required by law, we undertake
no obligation to update any forward-looking statements to reflect events or circumstances after the date of such
statements.

5. 2018 jump from 22% - 38%
End of container wars
Kubernetes – fastest growing
orchestration platform
ADOPTION Standard Interface
Kubernetes why?
5k Scale
• 5,000 nodes
• 150,000 pods
• 300,000 containers
IT Survey (2018)newStack.io

6. Kubernetes Persistence
Stateful sets
• Stable, unique network identifiers.
mdb-{0..N-1}.myproject.mongodb.svc.cluster.local
• Stable, persistent storage.
• Ordered, graceful deployment and scaling.
• Ordered, automated rolling updates.
Persistent volumes
volumes with lifecycle independent of the Pods
A PersistentVolume (PV) is a piece of that has been
provisioned by an administrator.
A PersistentVolumeClaim (PVC) is a request for storage by
a user
PVC
PV
Storage
Driver
File Storage

7. Kubernetes Operators
Service specific controller
High level abstraction for Kubernetes resource
New API layer for Service specific endpoint*
Just a single Pod
Observe
Analyse
Act

8. MongoDB Operator overview
Kubernetes Cluster
Enterprise Operator Pod
Configuration Resources
Secrets configs
MongoDB Deployment
Statefull Set-1
Statefull Set-2
Statefull Set-3
Operator MongoDB Ops
Manager
App DB
Oplog DB
Summer 2019

9. MongoDB Operator configuration
Stage 1 – Kube Prep
1. Deploy CRD at cluster
level
2. Deploy operator
Stage 2 – Ops Manager
1. Get Ops Manager
URL, User, Key
2. Create Config Map
3. Create Secrets
Stage 3 – Deploy MongoDB
1. Deploy mongoDB’s

10. ConfigMap
---
apiVersion: v1
kind: ConfigMap
metadata:
name: <my-config-project>
namespace: mongodb
data:
projectName: <my_project_demo>
orgId: <ops manager orgid>
baseUrl: <ops-manager url>

11. ConfigMap
---
apiVersion: v1
kind: ConfigMap
metadata:
name: <my-config-project>
namespace: mongodb
data:
projectName: <my_project_demo>
orgId: <ops manager orgid>
baseUrl: <ops-manager url>

12. Secrets
kubectl -n <metadata.namespace>
create secret generic <myCredentials>
--from-literal="user=<first.last@example.com>"
--from-literal="publicApiKey=<my-public-api-key>"

13. Demo
Prepare Operator

14. What is in MongoDB Operator
1. Runs on any upstream distribution 1.11 +
2. Deploys any MongoDB cluster type or size.
3. Automatic failure detection and recovery
4. Manual Scaling of Clusters: Pod sizes, PVC Size, ReplicaSets, sharded clusters
5. Modifies Cluster configuration: modify TLS spec, add MongoD configuration parameters (ie oplogSizeMB, …)
6. Configures fully secure MongoDB cluster: TLS, x509, RBAC
7. Ongoing observation of cluster health and re-configuration
8. OpenShift 3.11 certified
9. RHEL7 and Ubuntu 16.04 base images
10. MongoD and OpsManager Log pipeline integration with K8S
11. OpsManager as an additional control plane
* Features and release order may change. Roadmap shown is only for discussion purposes.

15. Single CRD to rule them all
apiVersion: mongodb.com/v1
kind: MongoDB
spec:
version: 4.0.0
…
members: 3
project: <my-project>
credentials: <credentials>
type: ReplicaSet
apiVersion: mongodb.com/v1
kind: MongoDB
spec:
version: 4.0.0
…
shardCount: 2
mongodsPerShardCount: 3
mongosCount: 2
configServerCount: 3
type: ShardedCluster
apiVersion: mongodb.com/v1
kind: MongoDB
spec:
version: 4.0.0
project: <my-project>
credentials: <credentials>
type: Standalone

16. High Level SSL implementation points
security:
tls: “enabled”
clusterAuthMode: x509
Operator will perform:
1. Certificate request to get right certs
2. Place certificates into secretes
3. Add required configuration parameters to Ops
Manager
4. Set-up cluster configuration with TLS
Sharded Cluster- Orchestrate
sequence of steps to get cluster
configured with TLS

17. RBAC and x509 with Operator
New CRD to define MongoDB users
Only x509 users are supported in GA
Fully automated x509 generation and
distribution
X509 internal authentication included
kind: MongoDBUser
spec:
userName: < Full name>
authMechanism: x509
db: "$external"
roles:
- db: admin

18. Demo
Deploy MongoDB

19. How to connect to MongDB
Use Statefull Set unique names:
Mongodb+srv://my-replica-demo-svc.mongodb.svc.cluster.local

20. MongoDB Operator Roadmap 2019 *
GA
Summer 2019
Ready for Prime Time
production ready.
Multistage Builds
Docs and webinars
GA activities
Post GA – 2019
Pivotal PKS and OpenShift 4.0
certification
Atlas Open Service Broker for
Kubernetes
Split Horizon support
Ops Manager CRD
2020
Prometheus
Support for Federation v2 –
multi region clusters
Scaling – Automatic Custom
Vertical scaling
* Features and release order may change. Roadmap shown is only for discussion purposes.

21. Thank You!