Install Percona server for MongoDB on Kubernetes

  1. Clone the percona-server-mongodb-operator repository:

    git clone -b v1.5.0
    cd percona-server-mongodb-operator


    It is crucial to specify the right branch with -b option while cloning the code on this step. Please be careful.

  2. The Custom Resource Definition for PSMDB should be created from the deploy/crd.yaml file. The Custom Resource Definition extends the standard set of resources which Kubernetes “knows” about with the new items (in our case resources which are the core of the operator).

    $ kubectl apply -f deploy/crd.yaml

    This step should be done only once; the step does not need to be repeated with any other Operator deployments.

  3. Add the psmdb namespace to Kubernetes, and set the correspondent context for further steps:

    $ kubectl create namespace psmdb
    $ kubectl config set-context $(kubectl config current-context) --namespace=psmdb
  4. The role-based access control (RBAC) for PSMDB is configured with the deploy/rbac.yaml file. Role-based access is based on defined roles and the available actions which correspond to each role. The role and actions are defined for Kubernetes resources in the yaml file. Further details about users and roles can be found in Kubernetes documentation.

    $ kubectl apply -f deploy/rbac.yaml


    Setting RBAC requires your user to have cluster-admin role privileges. For example, those using Google Kubernetes Engine can grant user needed privileges with the following command:

    $ kubectl create clusterrolebinding cluster-admin-binding --clusterrole=cluster-admin --user=$(gcloud config get-value core/account)
  5. Start the operator within Kubernetes:

    $ kubectl apply -f deploy/operator.yaml
  6. Add the MongoDB Users secrets to Kubernetes. These secrets should be placed in the data section of the deploy/secrets.yaml file as login name and the base64-encoded passwords for the user accounts (see Kubernetes documentation for details).


    The following command can be used to get base64-encoded password from a plain text string:

    $ echo -n 'plain-text-password' | base64

    After editing the yaml file, MongoDB Users secrets should be created (or updated with the new passwords) using the following command:

    $ kubectl apply -f deploy/secrets.yaml

    More details about secrets can be found in Users.

  7. Now certificates should be generated. By default, the Operator generates certificates automatically, and no actions are required at this step. Still, you can generate and apply your own certificates as secrets according to the TLS instructions.

  8. After the operator is started, Percona Server for MongoDB cluster can be created with the following command:

    $ kubectl apply -f deploy/cr.yaml

    The creation process may take some time. The process is over when both operator and replica set pod have reached their Running status:

    $ kubectl get pods
    NAME                                               READY   STATUS    RESTARTS   AGE
    my-cluster-name-rs0-0                              1/1     Running   0          8m
    my-cluster-name-rs0-1                              1/1     Running   0          8m
    my-cluster-name-rs0-2                              1/1     Running   0          7m
    percona-server-mongodb-operator-754846f95d-sf6h6   1/1     Running   0          9m
  9. Check connectivity to newly created cluster

    $ kubectl run -i --rm --tty percona-client --image=percona/percona-server-mongodb:4.2.8-8 --restart=Never -- bash -il
    percona-client:/$ mongo "mongodb+srv://userAdmin:userAdmin123456@my-cluster-name-rs0.psmdb.svc.cluster.local/admin?replicaSet=rs0&ssl=false"

Previous topic

Install Percona server for MongoDB on Amazon Elastic Kubernetes Service (EKS)

Next topic

Install Percona server for MongoDB on OpenShift

Contact Us

For free technical help, visit the Percona Community Forum.
To report bugs or submit feature requests, open a JIRA ticket.
For paid support and managed or professional services, contact Percona Sales.