本文详细介绍了如何在Kubernetes集群(CentOS7.9,v1.21.1)中部署MongoDB4.2.5,包括创建ConfigMap来配置MongoDB参数,使用nfs-storageStorageClass创建PersistentVolumeClaim(PVC)以绑定存储空间,然后创建Deployment和Service来运行MongoDB实例,并设置端口映射和探针。此外,还部署了mongo-exporter以实现监控功能。在部署过程中,注意到MongoDB的几个安全警告,如未启用访问控制和透明大页设置。
系统环境:
- MongoDB 版本:4.2.5
- Kubernetes 版本:1.21.1
- 操作系统版本:CentOS 7.9
- nfs:StorageClass
一、创建 ConfigMap 存储配置文件
vim mongo-config.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: mongo-config-produce
labels:
app: mongo-produce
data:
mongodb.conf: |-
dbpath=/data/middleware-data/mongodb
logpath=/data/middleware-data/mongodb/mongodb.log
pidfilepath=/data/middleware-data/mongodb/master.pid
directoryperdb=true
logappend=true
bind_ip=0.0.0.0
port=27017
注意:
- 修改 db 数据存储路径
- 注意不能加fork=true,否则 Pod 会变成 Completed
Kubectl 部署 ConfigMap
kubectl apply -f mongo-config.yaml
二、创建 PVC 绑定存储空间
1.创建storageclass
vim mongo-storage.yaml
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: mongo-produce
spec:
storageClassName: nfs-storage #---指定StorageClass
resources:
requests:
storage: 5Gi #设置 pvc 存储资源大小
accessModes:
- ReadWriteOnce
2.部署 PV、PVC
kubectl apply -f mongo-storage.yaml
3.查看pvc是否bound状态
kubectl get pvc
三、部署mongo
1.创建deployment
vim mongo-deploy.yaml
apiVersion: v1
kind: Service
metadata:
name: db-mongo-produce
labels:
app: mongo-produce
spec:
type: NodePort
ports:
- name: mongo
port: 27017
targetPort: 27017
nodePort: 30017
- name: prom
port: 9104
targetPort: 9104
selector:
app: mongo-produce
---
## Deployment
apiVersion: apps/v1
kind: Deployment
metadata:
name: db-mongo-produce
labels:
app: mongo-produce
spec:
replicas: 1
selector:
matchLabels:
app: mongo-produce
template:
metadata:
annotations:
prometheus.io/scrape: "true"
prometheus.io/port: "9104"
labels:
app: mongo-produce
spec:
containers:
- name: mongo-produce
image: mongo:4.2.5
command:
- sh
- -c
- "exec mongod -f /etc/mongod.conf"
ports:
- containerPort: 27017
resources:
limits:
cpu: 1000m
memory: 512Mi
requests:
cpu: 1000m
memory: 512Mi
livenessProbe:
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 3
tcpSocket:
port: 27017
readinessProbe:
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 3
tcpSocket:
port: 27017
volumeMounts:
- name: data
mountPath: /data/middleware-data/mongodb/
- name: config
mountPath: /etc/mongod.conf
subPath: mongodb.conf
- name: localtime
readOnly: true
mountPath: /etc/localtime
- name: mongo-exporter
image: noenv/mongo-exporter:latest
args:
[
"--web.listen-address=:9104",
"--mongodb.uri",
"mongodb://db-mongo-produce:27017",
]
resources:
requests:
cpu: 100m
memory: 100Mi
ports:
- containerPort: 9104
volumes:
- name: data
persistentVolumeClaim:
claimName: mongo-produce
- name: config
configMap:
name: mongo-config-produce
- name: localtime
hostPath:
type: File
path: /etc/localtime
2.kubectl 部署 MongoDB
kubectl apply -f mongo-deploy.yaml
3.查看mongo的pod和svc
kubectl get pod,svc
4.测试MongoDB是否能够正常使用
kubectl exec -it db-mongo-produce-85d4d7bd5-m5bfw /bin/bash
[root@k8s-master-1 mongdb]# kubectl exec -it db-mongo-produce-85d4d7bd5-m5bfw /bin/bash
kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl exec [POD] -- [COMMAND] instead.
Defaulted container "mongo-produce" out of: mongo-produce, mongo-exporter
root@db-mongo-produce-85d4d7bd5-m5bfw:/# mongo
MongoDB shell version v4.2.5
connecting to: mongodb://127.0.0.1:27017/?compressors=disabled&gssapiServiceName=mongodb
Implicit session: session { "id" : UUID("3e5bc49e-d7c3-4579-85ff-f1e7d04232a4") }
MongoDB server version: 4.2.5
Welcome to the MongoDB shell.
For interactive help, type "help".
For more comprehensive documentation, see
http://docs.mongodb.org/
Questions? Try the support group
http://groups.google.com/group/mongodb-user
Server has startup warnings:
2023-04-17T10:10:25.138+0800 I CONTROL [initandlisten]
2023-04-17T10:10:25.138+0800 I CONTROL [initandlisten] ** WARNING: Access control is not enabled for the database.
2023-04-17T10:10:25.138+0800 I CONTROL [initandlisten] ** Read and write access to data and configuration is unrestricted.
2023-04-17T10:10:25.138+0800 I CONTROL [initandlisten] ** WARNING: You are running this process as the root user, which is not recommended.
2023-04-17T10:10:25.138+0800 I CONTROL [initandlisten]
2023-04-17T10:10:25.139+0800 I CONTROL [initandlisten]
2023-04-17T10:10:25.139+0800 I CONTROL [initandlisten] ** WARNING: /sys/kernel/mm/transparent_hugepage/enabled is 'always'.
2023-04-17T10:10:25.139+0800 I CONTROL [initandlisten] ** We suggest setting it to 'never'
2023-04-17T10:10:25.139+0800 I CONTROL [initandlisten]
2023-04-17T10:10:25.139+0800 I CONTROL [initandlisten] ** WARNING: /sys/kernel/mm/transparent_hugepage/defrag is 'always'.
2023-04-17T10:10:25.139+0800 I CONTROL [initandlisten] ** We suggest setting it to 'never'
2023-04-17T10:10:25.139+0800 I CONTROL [initandlisten]
---
Enable MongoDB's free cloud-based monitoring service, which will then receive and display
metrics about your deployment (disk utilization, CPU, operation statistics, etc).
The monitoring data will be available on a MongoDB website with a unique URL accessible to you
and anyone you share the URL with. MongoDB may use this information to make product
improvements and to suggest MongoDB products and deployment options to you.
To enable free monitoring, run the following command: db.enableFreeMonitoring()
To permanently disable this reminder, run the following command: db.disableFreeMonitoring()
---
> db
test
>
可以看到,已经成功连接数据库,说明数据库能正常使用。
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
