squareops/terraform-kubernetes-mongodb

MongoDB

SquareOps Technologies Your DevOps Partner for Accelerating cloud journey.

This module is for deploying a highly available MongoDB cluster on Kubernetes using Helm charts. This module provides flexible configuration options to customize the MongoDB deployment such as setting the volume size, architecture, replica count, and more. It also includes options to enable MongoDB backups and restores, and to deploy MongoDB exporters for getting metrics in Grafana. Additionally, this module provides options to create a new namespace, and to configure recovery windows for AWS Secrets Manager, Azure key vault & GCP secrets manager. With this module, users can easily deploy a highly available MongoDB cluster on AWS EKS, Azure AKS & GCP GKE Kubernetes clusters with the flexibility to customize their configurations according to their needs.

Supported Versions:

MongoDB Helm Chart Version	K8s supported version (EKS, AKS & GKE)
13.1.5	1.23,1.24,1.25,1.26,1.27

Usage Example

locals {
  name        = "mongo"
  region      = "us-east-2"
  environment = "prod"
  additional_tags = {
    Owner      = "organization_name"
    Expires    = "Never"
    Department = "Engineering"
  }
  create_namespace                   = true
  namespace                          = "mongodb"
  store_password_to_secret_manager   = true
  mongodb_custom_credentials_enabled = true
  mongodb_custom_credentials_config = {
    root_user                = "root"
    root_password            = "NCPFUKEMd7rrWuvMAa73"
    metric_exporter_user     = "mongodb_exporter"
    metric_exporter_password = "nvAHhm1uGQNYWVw6ZyAH"
  }
}
module "aws" {
  source                             = "squareops/mongodb/kubernetes//modules/resources/aws"
  environment                        = local.environment
  name                               = local.name
  namespace                          = local.namespace
  store_password_to_secret_manager   = local.store_password_to_secret_manager
  cluster_name                       = ""
  mongodb_custom_credentials_enabled = local.mongodb_custom_credentials_enabled
  mongodb_custom_credentials_config  = local.mongodb_custom_credentials_config
}

module "mongodb" {
  source           = "squareops/mongodb/kubernetes"
  namespace        = local.namespace
  create_namespace = local.create_namespace
  mongodb_config = {
    name                             = local.name
    namespace                        = local.namespace
    values_yaml                      = ""
    environment                      = local.environment
    volume_size                      = "10Gi"
    architecture                     = "replicaset"
    custom_databases                 = "['db1', 'db2']"
    custom_databases_usernames       = "['admin', 'admin']"
    custom_databases_passwords       = "['pass1', 'pass2']"
    replica_count                    = 2
    storage_class_name               = "gp2"
    store_password_to_secret_manager = local.store_password_to_secret_manager
  }
  mongodb_custom_credentials_enabled = local.mongodb_custom_credentials_enabled
  mongodb_custom_credentials_config  = local.mongodb_custom_credentials_config
  root_password                      = local.mongodb_custom_credentials_enabled ? "" : module.aws.root_password
  metric_exporter_password           = local.mongodb_custom_credentials_enabled ? "" : module.aws.metric_exporter_password
  bucket_provider_type               = "s3"
  mongodb_backup_enabled             = true
  iam_role_arn_backup                = module.aws.iam_role_arn_backup
  mongodb_backup_config = {
    bucket_uri           = "s3://mongo-demo-backup"
    s3_bucket_region     = "us-east-2"
    cron_for_full_backup = "* * * * *"
  }
  mongodb_restore_enabled = true
  iam_role_arn_restore    = module.aws.iam_role_arn_restore
  mongodb_restore_config = {
    bucket_uri       = "s3://mongo-demo-backup/mongodumpfull_20230523_092110.gz"
    s3_bucket_region = "us-east-2"
    file_name        = "mongodumpfull_20230523_092110.gz"
  }
  mongodb_exporter_enabled = true
  mongodb_exporter_values  = file("./helm/exporter.yaml")
}

Refer AWS examples for more details.
Refer Azure examples for more details.
Refer GCP examples for more details.

IAM Permissions

The required IAM permissions to create resources from this module can be found here

Mongo Backup and Restore

This module provides functionality to automate the backup and restore process for mongo databases using AWS S3 buckets. It allows users to easily schedule backups, restore databases from backups stored in S3, and manage access permissions using AWS IAM roles. Features

Backup

Users can schedule full backups.
Backups are stored in specified S3 buckets.
Restore
Users can restore Mongo databases from backups stored in S3 buckets.
Supports specifying the backup file to restore from and the target S3 bucket region.
IAM Role for Permissions
Users need to provide an IAM role for the module to access the specified S3 bucket and perform backup and restore operations.
Module Inputs

Backup Configuration
bucket_uri: The URI of the S3 bucket where backups will be stored.
s3_bucket_region: The region of the S3 bucket.
cron_for_full_backup: The cron expression for scheduling full backups.
Restore Configuration
mongodb_restore_config: Configuration for restoring databases.
bucket_uri: The URI of the S3 bucket containing the backup file.
file_name: The name of the backup file to restore.
s3_bucket_region: The region of the S3 bucket containing the backup file.
Important Notes
1. In order to enable the exporter, it is required to deploy Prometheus/Grafana first.
2. The exporter is a tool that extracts metrics data from an application or system and makes it available to be scraped by Prometheus.
3. Prometheus is a monitoring system that collects metrics data from various sources, including exporters, and stores it in a time-series database.
4. Grafana is a data visualization and dashboard tool that works with Prometheus and other data sources to display the collected metrics in a user-friendly way.
5. To deploy Prometheus/Grafana, please follow the installation instructions for each tool in their respective documentation.
6. Once Prometheus and Grafana are deployed, the exporter can be configured to scrape metrics data from your application or system and send it to Prometheus.
7. Finally, you can use Grafana to create custom dashboards and visualize the metrics data collected by Prometheus.
8. This module is compatible with EKS, AKS & GKE which is great news for users deploying the module on an AWS, Azure & GCP cloud. Review the module's documentation, meet specific configuration requirements, and test thoroughly after deployment to ensure everything works as expected.
  Requirements

No requirements.

Providers

Name	Version
helm	n/a
kubernetes	n/a
random	n/a

Modules

No modules.

Resources

Name	Type
helm_release.mongodb	resource
helm_release.mongodb_backup	resource
helm_release.mongodb_exporter	resource
helm_release.mongodb_restore	resource
kubernetes_namespace.mongodb	resource
random_password.mongodb_exporter_password	resource
random_password.mongodb_root_password	resource

Inputs

Name	Description	Type	Default	Required
app_version	Version of the Mongodb application that will be deployed.	`string`	`"5.0.8-debian-10-r9"`	no
az_account_backup	Azure user managed account backup identity	`string`	`""`	no
az_account_restore	Azure user managed account restore identity	`string`	`""`	no
azure_container_name	Azure container name	`string`	`""`	no
azure_storage_account_key	Azure storage account key	`string`	`""`	no
azure_storage_account_name	Azure storage account name	`string`	`""`	no
bucket_provider_type	Choose what type of provider you want (s3, gcs)	`string`	`"gcs"`	no
chart_version	Version of the Mongodb chart that will be used to deploy Mongodb application.	`string`	`"13.1.5"`	no
cluster_name	Specifies the name of the EKS cluster to deploy the Mongodb application on.	`string`	`""`	no
create_namespace	Specify whether or not to create the namespace if it does not already exist. Set it to true to create the namespace.	`string`	`false`	no
iam_role_arn_backup	IAM role ARN for backup (AWS)	`string`	`""`	no
iam_role_arn_restore	IAM role ARN for restore (AWS)	`string`	`""`	no
metric_exporter_password	Metric exporter password for MongoDB	`string`	`""`	no
mongodb_backup_config	Configuration options for Mongodb database backups. It includes properties such as the S3 bucket URI, the S3 bucket region, and the cron expression for full backups.	`any`	{ "bucket_uri": "", "cron_for_full_backup": "/5 *", "s3_bucket_region": "us-east-2" }	no
mongodb_backup_enabled	Specifies whether to enable backups for Mongodb database.	`bool`	`false`	no
mongodb_config	Specify the configuration settings for Mongodb, including the name, environment, storage options, replication settings, and custom YAML values.	`any`	{ "architecture": "", "custom_databases": "", "custom_databases_passwords": "", "custom_databases_usernames": "", "environment": "", "name": "", "replica_count": 2, "storage_class_name": "", "store_password_to_secret_manager": true, "values_yaml": "", "volume_size": "" }	no
mongodb_custom_credentials_config	Specify the configuration settings for Mongodb to pass custom credentials during creation.	`any`	{ "metric_exporter_password": "", "metric_exporter_user": "", "root_password": "", "root_user": "" }	no
mongodb_custom_credentials_enabled	Specifies whether to enable custom credentials for MongoDB database.	`bool`	`false`	no
mongodb_exporter_config	Specify whether or not to deploy Mongodb exporter to collect Mongodb metrics for monitoring in Grafana.	`any`	{ "version": "2.9.0" }	no
mongodb_exporter_enabled	Specify whether or not to deploy Mongodb exporter to collect Mongodb metrics for monitoring in Grafana.	`bool`	`false`	no
mongodb_exporter_values	Mongo DB prometheus exporter values file	`any`	`""`	no
mongodb_restore_config	Configuration options for restoring dump to the Mongodb database.	`any`	{ "bucket_uri": "s3://mymongo/mongodumpfull_20230424_112501.gz", "file_name": "", "s3_bucket_region": "us-east-2" }	no
mongodb_restore_enabled	Specifies whether to enable restoring dump to the Mongodb database.	`bool`	`false`	no
namespace	Name of the Kubernetes namespace where the Mongodb deployment will be deployed.	`string`	`"mongodb"`	no
project_id	Google Cloud project ID	`string`	`""`	no
recovery_window_aws_secret	Number of days that AWS Secrets Manager will wait before deleting a secret. This value can be set to 0 to force immediate deletion, or to a value between 7 and 30 days to allow for recovery.	`number`	`0`	no
resource_group_location	Azure region	`string`	`"East US"`	no
resource_group_name	Azure Resource Group name	`string`	`""`	no
root_password	Root password for MongoDB	`string`	`""`	no
service_account_backup	Service account for backup (GCP)	`string`	`""`	no
service_account_restore	Service account for restore (GCP)	`string`	`""`	no

Outputs

Name	Description
mongodb_credential	MongoDB credentials used for accessing the MongoDB database.
mongodb_endpoints	MongoDB endpoints in the Kubernetes cluster.

Contribution & Issue Reporting

To report an issue with a project:

Check the repository's issue tracker on GitHub
Search to see if the issue has already been reported
If you can't find an answer to your question in the documentation or issue tracker, you can ask a question by creating a new issue. Be sure to provide enough context and details so others can understand your problem.

License

Apache License, Version 2.0, January 2004 (http://www.apache.org/licenses/).

Support Us

To support a GitHub project by liking it, you can follow these steps:

Visit the repository: Navigate to the GitHub repository.
Click the "Star" button: On the repository page, you'll see a "Star" button in the upper right corner. Clicking on it will star the repository, indicating your support for the project.
Optionally, you can also leave a comment on the repository or open an issue to give feedback or suggest changes.

Starring a repository on GitHub is a simple way to show your support and appreciation for the project. It also helps to increase the visibility of the project and make it more discoverable to others.

Who we are

We believe that the key to success in the digital age is the ability to deliver value quickly and reliably. That’s why we offer a comprehensive range of DevOps & Cloud services designed to help your organization optimize its systems & Processes for speed and agility.

We are an AWS Advanced consulting partner which reflects our deep expertise in AWS Cloud and helping 100+ clients over the last 5 years.
Expertise in Kubernetes and overall container solution helps companies expedite their journey by 10X.
Infrastructure Automation is a key component to the success of our Clients and our Expertise helps deliver the same in the shortest time.
DevSecOps as a service to implement security within the overall DevOps process and helping companies deploy securely and at speed.
Platform engineering which supports scalable,Cost efficient infrastructure that supports rapid development, testing, and deployment.
24*7 SRE service to help you Monitor the state of your infrastructure and eradicate any issue within the SLA.

We provide support on all of our projects, no matter how small or large they may be.

To find more information about our company, visit squareops.com, follow us on Linkedin, or fill out a job application. If you have any questions or would like assistance with your cloud strategy and implementation, please don't hesitate to contact us.