k8s创建mongodb复制集集群

创建ssl证书
openssl rand -base64 741 > key.txt
创建namespace
kubectl create namespace mongodb
创建secret
kubectl create secret generic shared-bootstrap-data -n mongodb --from-file=internal-auth-mongodb-keyfile=./key.txt
创建mongo.yaml文件

apiVersion: v1
kind: Service
metadata:
  name: mongo
  labels:
    app: mongo
spec:
  ports:
  - name: mongo
    port: 27017
    targetPort: 27017
  clusterIP: None
  selector:
    app: mongo
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: mongo
spec:
  serviceName: "mongodb-service"
  replicas: 3
  selector:
    matchLabels:
      role: mongo
      environment: prod
      replicaset: MainRepSet
  template:
    metadata:
      labels:
        role: mongo
        environment: prod
        replicaset: MainRepSet
    spec:
      containers:
        - name: mongo
          image: mongo:4.2.2
          env:
          - name: MONGO_INITDB_ROOT_USERNAME
            value: admin
          - name: MONGO_INITDB_ROOT_PASSWORD
            value: dSJN52PuSqn
          command:
            - "numactl"
            - "--interleave=all"
            - "mongod"
            - "--bind_ip"
            - 0.0.0.0
            - "--replSet"
            - "MainRepSet"
            - "--auth"
            - "--clusterAuthMode"
            - "keyFile"
            - "--keyFile"
            - "/etc/secrets-volume/internal-auth-mongodb-keyfile"
            - "--setParameter"
            - "authenticationMechanisms=SCRAM-SHA-1"
          resources: 
            requests: 
              cpu: 0.2
              memory: 2Gi
          ports:
          - containerPort: 27017
          volumeMounts:
          - name: secrets-volume
            readOnly: true
            mountPath: /etc/secrets-volume
          - name: mongodb-persistent-storage-claim
            mountPath: /data/db
      volumes: 
      - name: secrets-volume
        secret: 
          secretName: shared-bootstrap-data
          defaultMode: 256     
  volumeClaimTemplates:
  - metadata:
      name: mongo-persistent-storage-claim
    spec:
      accessModes: [ "ReadWriteOnce" ]
      resources:
        requests:
          storage: 2Gi
      storageClassName: data    

#kubectl create namespace mongodb
#kubectl create -f mongo.yaml --namespace mongodb

等待所有pod创建成功后执行

#kubectl exec -it mongod-0 -n mongodb -c mongod-container bash
#mongo
#rs.initiate({_id: "MainRepSet", version: 1, members: [
{ _id: 0, host : "mongod-0:27017" },
{ _id: 1, host : "mongod-1:27017" },
{ _id: 2, host : "mongod-2:27017" }
]});