This chart deploys Percona Server for MongoDB Cluster on Kubernetes controlled by Percona Operator for MongoDB.
Useful links:
- Percona Operator for MongoDB running in your Kubernetes cluster. See installation details here or in the Operator Documentation.
- Kubernetes 1.27+
- Helm v3
This chart will deploy Percona Server for MongoDB Cluster in Kubernetes. It will create a Custom Resource, and the Operator will trigger the creation of corresponding Kubernetes primitives: StatefulSets, Pods, Secrets, etc.
To install the chart with the psmdb release name using a dedicated namespace (recommended):
helm repo add percona https://percona.github.io/percona-helm-charts/
helm install my-db percona/psmdb-db --version 1.17.0 --namespace my-namespaceThe chart can be customized using the following configurable parameters:
| Parameter | Description | Default |
|---|---|---|
crVersion |
CR Cluster Manifest version | 1.17.0 |
pause |
Stop PSMDB Database safely | false |
unmanaged |
Start cluster and don't manage it (cross cluster replication) | false |
unsafeFlags.tls |
Allows users from configuring a cluster without TLS/SSL certificates | false |
unsafeFlags.replsetSize |
Allows users from configuring a cluster with unsafe parameters: starting it with less than 3 replica set instances or with an even number of replica set instances without additional arbiter | false |
unsafeFlags.mongosSize |
Allows users from configuring a sharded cluster with less than 3 config server Pods or less than 2 mongos Pods | false |
unsafeFlags.terminationGracePeriod |
Allows users from configuring a sharded cluster without termination grace period for replica set | false |
unsafeFlags.backupIfUnhealthy |
Allows running backup on a cluster with failed health checks | false |
clusterServiceDNSSuffix |
The (non-standard) cluster domain to be used as a suffix of the Service name | "" |
clusterServiceDNSMode |
Mode for the cluster service dns (Internal/ServiceMesh) | "" |
annotations |
PSMDB custom resource annotations | {} |
ignoreAnnotations |
The list of annotations to be ignored by the Operator | [] |
ignoreLabels |
The list of labels to be ignored by the Operator | [] |
multiCluster.enabled |
Enable Multi Cluster Services (MCS) cluster mode | false |
multiCluster.DNSSuffix |
The cluster domain to be used as a suffix for multi-cluster Services used by Kubernetes | "" |
updateStrategy |
Regulates the way how PSMDB Cluster Pods will be updated after setting a new image | SmartUpdate |
upgradeOptions.versionServiceEndpoint |
Endpoint for actual PSMDB Versions provider | https://check.percona.com/versions/ |
upgradeOptions.apply |
PSMDB image to apply from version service - recommended, latest, actual version like 4.4.2-4 | disabled |
upgradeOptions.schedule |
Cron formatted time to execute the update | "0 2 * * *" |
upgradeOptions.setFCV |
Set feature compatibility version on major upgrade | false |
finalizers:percona.com/delete-psmdb-pvc |
Set this if you want to delete database persistent volumes on cluster deletion | [] |
finalizers:percona.com/delete-psmdb-pods-in-order |
Set this if you want to delete PSMDB pods in order (primary last) | [] |
image.repository |
PSMDB Container image repository | percona/percona-server-mongodb |
image.tag |
PSMDB Container image tag | 7.0.12-7 |
imagePullPolicy |
The policy used to update images | Always |
imagePullSecrets |
PSMDB Container pull secret | [] |
initImage.repository |
Repository for custom init image | "" |
initImage.tag |
Tag for custom init image | "" |
initContainerSecurityContext |
A custom Kubernetes Security Context for a Container for the initImage | {} |
tls.mode |
Control usage of TLS (allowTLS, preferTLS, requireTLS, disabled) | preferTLS |
tls.certValidityDuration |
The validity duration of the external certificate for cert manager | "" |
tls.allowInvalidCertificates |
If enabled the mongo shell will not attempt to validate the server certificates | true |
tls.issuerConf.name |
A cert-manager issuer name | "" |
tls.issuerConf.kind |
A cert-manager issuer kind | "" |
tls.issuerConf.group |
A cert-manager issuer group | "" |
secrets.users |
The name of the Secrets object for the MongoDB users required to run the operator | "" |
secrets.encryptionKey |
Set secret for data at rest encryption key | "" |
secrets.vault |
Specifies a secret object to provide integration with HashiCorp Vault | "" |
secrets.ldapSecret |
Specifies a secret object for LDAP over TLS connection between MongoDB and OpenLDAP server | "" |
secrets.sse |
The name of the Secrets object for server side encryption credentials | "" |
secrets.ssl |
A secret with TLS certificate generated for external communications | "" |
secrets.sslInternal |
A secret with TLS certificate generated for internal communications | "" |
pmm.enabled |
Enable integration with Percona Monitoring and Management software | false |
pmm.image.repository |
PMM Container image repository | percona/pmm-client |
pmm.image.tag |
PMM Container image tag | 2.42.0 |
pmm.serverHost |
PMM server related K8S service hostname | monitoring-service |
pmm.containerSecurityContext |
Set the security context for PMM container | {} |
replsets.rs0.name |
ReplicaSet name | rs0 |
replsets.rs0.size |
ReplicaSet size (pod quantity) | 3 |
replsets.rs0.terminationGracePeriodSeconds |
The amount of seconds Kubernetes will wait for a clean replica set Pods termination | "" |
replsets.rs0.externalNodes |
ReplicaSet external nodes (cross cluster replication) | [] |
replsets.rs0.configuration |
Custom config for mongod in replica set | "" |
replsets.rs0.topologySpreadConstraints |
Control how Pods are spread across your cluster among failure-domains such as regions, zones, nodes, and other user-defined topology domains | {} |
replsets.rs0.serviceAccountName |
Run replicaset Containers under specified K8S SA | "" |
replsets.rs0.affinity.antiAffinityTopologyKey |
ReplicaSet Pod affinity | kubernetes.io/hostname |
replsets.rs0.affinity.advanced |
ReplicaSet Pod advanced affinity | {} |
replsets.rs0.tolerations |
ReplicaSet Pod tolerations | [] |
replsets.rs0.priorityClass |
ReplicaSet Pod priorityClassName | "" |
replsets.rs0.annotations |
ReplicaSet Pod annotations | {} |
replsets.rs0.labels |
ReplicaSet Pod labels | {} |
replsets.rs0.nodeSelector |
ReplicaSet Pod nodeSelector labels | {} |
replsets.rs0.livenessProbe |
ReplicaSet Pod livenessProbe structure | {} |
replsets.rs0.readinessProbe |
ReplicaSet Pod readinessProbe structure | {} |
replsets.rs0.storage |
Set cacheSizeRatio or other custom MongoDB storage options | {} |
replsets.rs0.podSecurityContext |
Set the security context for a Pod | {} |
replsets.rs0.containerSecurityContext |
Set the security context for a Container | {} |
replsets.rs0.runtimeClass |
ReplicaSet Pod runtimeClassName | "" |
replsets.rs0.sidecars |
ReplicaSet Pod sidecars | {} |
replsets.rs0.sidecarVolumes |
ReplicaSet Pod sidecar volumes | [] |
replsets.rs0.sidecarPVCs |
ReplicaSet Pod sidecar PVCs | [] |
replsets.rs0.podDisruptionBudget.maxUnavailable |
ReplicaSet failed Pods maximum quantity | 1 |
replsets.rs0.splitHorizons |
External URI for Split-horizon for replica set Pods of the exposed cluster | {} |
replsets.rs0.expose.enabled |
Allow access to replicaSet from outside of Kubernetes | false |
replsets.rs0.expose.exposeType |
Network service access point type | ClusterIP |
replsets.rs0.expose.loadBalancerSourceRanges |
Limit client IP's access to Load Balancer | {} |
replsets.rs0.expose.serviceAnnotations |
ReplicaSet service annotations | {} |
replsets.rs0.expose.serviceLabels |
ReplicaSet service labels | {} |
replsets.rs0.schedulerName |
ReplicaSet Pod schedulerName | "" |
replsets.rs0.resources |
ReplicaSet Pods resource requests and limits | {} |
replsets.rs0.volumeSpec |
ReplicaSet Pods storage resources | {} |
replsets.rs0.volumeSpec.emptyDir |
ReplicaSet Pods emptyDir K8S storage | {} |
replsets.rs0.volumeSpec.hostPath |
ReplicaSet Pods hostPath K8S storage | |
replsets.rs0.volumeSpec.hostPath.path |
ReplicaSet Pods hostPath K8S storage path | "" |
replsets.rs0.volumeSpec.hostPath.type |
Type for hostPath volume | Directory |
replsets.rs0.volumeSpec.pvc |
ReplicaSet Pods PVC request parameters | |
replsets.rs0.volumeSpec.pvc.annotations |
The Kubernetes annotations metadata for Persistent Volume Claim | {} |
replsets.rs0.volumeSpec.pvc.labels |
The Kubernetes labels metadata for Persistent Volume Claim | {} |
replsets.rs0.volumeSpec.pvc.storageClassName |
ReplicaSet Pods PVC target storageClass | "" |
replsets.rs0.volumeSpec.pvc.accessModes |
ReplicaSet Pods PVC access policy | [] |
replsets.rs0.volumeSpec.pvc.resources.requests.storage |
ReplicaSet Pods PVC storage size | 3Gi |
replsets.rs0.hostAliases |
The IP address for Kubernetes host aliases | [] |
replsets.rs0.nonvoting.enabled |
Add MongoDB nonvoting Pods | false |
replsets.rs0.nonvoting.podSecurityContext |
Set the security context for a Pod | {} |
replsets.rs0.nonvoting.containerSecurityContext |
Set the security context for a Container | {} |
replsets.rs0.nonvoting.size |
Number of nonvoting Pods | 1 |
replsets.rs0.nonvoting.configuration |
Custom config for mongod nonvoting member | "" |
replsets.rs0.nonvoting.serviceAccountName |
Run replicaset nonvoting Container under specified K8S SA | "" |
replsets.rs0.nonvoting.affinity.antiAffinityTopologyKey |
Nonvoting Pods affinity | kubernetes.io/hostname |
replsets.rs0.nonvoting.affinity.advanced |
Nonvoting Pods advanced affinity | {} |
replsets.rs0.nonvoting.tolerations |
Nonvoting Pod tolerations | [] |
replsets.rs0.nonvoting.priorityClass |
Nonvoting Pod priorityClassName | "" |
replsets.rs0.nonvoting.annotations |
Nonvoting Pod annotations | {} |
replsets.rs0.nonvoting.labels |
Nonvoting Pod labels | {} |
replsets.rs0.nonvoting.nodeSelector |
Nonvoting Pod nodeSelector labels | {} |
replsets.rs0.nonvoting.podDisruptionBudget.maxUnavailable |
Nonvoting failed Pods maximum quantity | 1 |
replsets.rs0.nonvoting.resources |
Nonvoting Pods resource requests and limits | {} |
replsets.rs0.nonvoting.volumeSpec |
Nonvoting Pods storage resources | {} |
replsets.rs0.nonvoting.volumeSpec.emptyDir |
Nonvoting Pods emptyDir K8S storage | {} |
replsets.rs0.nonvoting.volumeSpec.hostPath |
Nonvoting Pods hostPath K8S storage | |
replsets.rs0.nonvoting.volumeSpec.hostPath.path |
Nonvoting Pods hostPath K8S storage path | "" |
replsets.rs0.nonvoting.volumeSpec.hostPath.type |
Type for hostPath volume | Directory |
replsets.rs0.nonvoting.volumeSpec.pvc |
Nonvoting Pods PVC request parameters | |
replsets.rs0.nonvoting.volumeSpec.pvc.annotations |
The Kubernetes annotations metadata for Persistent Volume Claim | {} |
replsets.rs0.nonvoting.volumeSpec.pvc.labels |
The Kubernetes labels metadata for Persistent Volume Claim | {} |
replsets.rs0.nonvoting.volumeSpec.pvc.storageClassName |
Nonvoting Pods PVC target storageClass | "" |
replsets.rs0.nonvoting.volumeSpec.pvc.accessModes |
Nonvoting Pods PVC access policy | [] |
replsets.rs0.nonvoting.volumeSpec.pvc.resources.requests.storage |
Nonvoting Pods PVC storage size | 3Gi |
replsets.rs0.arbiter.enabled |
Create MongoDB arbiter service | false |
replsets.rs0.arbiter.size |
MongoDB arbiter Pod quantity | 1 |
replsets.rs0.arbiter.serviceAccountName |
Run replicaset arbiter Container under specified K8S SA | "" |
replsets.rs0.arbiter.affinity.antiAffinityTopologyKey |
MongoDB arbiter Pod affinity | kubernetes.io/hostname |
replsets.rs0.arbiter.affinity.advanced |
MongoDB arbiter Pod advanced affinity | {} |
replsets.rs0.arbiter.tolerations |
MongoDB arbiter Pod tolerations | [] |
replsets.rs0.arbiter.priorityClass |
MongoDB arbiter priorityClassName | "" |
replsets.rs0.arbiter.annotations |
MongoDB arbiter Pod annotations | {} |
replsets.rs0.arbiter.labels |
MongoDB arbiter Pod labels | {} |
replsets.rs0.arbiter.nodeSelector |
MongoDB arbiter Pod nodeSelector labels | {} |
sharding.enabled |
Enable sharding setup | true |
sharding.balancer.enabled |
Enable/disable balancer | true |
sharding.configrs.size |
Config ReplicaSet size (pod quantity) | 3 |
sharding.configrs.terminationGracePeriodSeconds |
The amount of seconds Kubernetes will wait for a clean replica set Pods termination | "" |
sharding.configrs.externalNodes |
Config ReplicaSet external nodes (cross cluster replication) | [] |
sharding.configrs.configuration |
Custom config for mongod in config replica set | "" |
sharding.configrs.topologySpreadConstraints |
Control how Pods are spread across your cluster among failure-domains such as regions, zones, nodes, and other user-defined topology domains | {} |
sharding.configrs.serviceAccountName |
Run sharding configrs Containers under specified K8S SA | "" |
sharding.configrs.affinity.antiAffinityTopologyKey |
Config ReplicaSet Pod affinity | kubernetes.io/hostname |
sharding.configrs.affinity.advanced |
Config ReplicaSet Pod advanced affinity | {} |
sharding.configrs.tolerations |
Config ReplicaSet Pod tolerations | [] |
sharding.configrs.priorityClass |
Config ReplicaSet Pod priorityClassName | "" |
sharding.configrs.annotations |
Config ReplicaSet Pod annotations | {} |
sharding.configrs.labels |
Config ReplicaSet Pod labels | {} |
sharding.configrs.nodeSelector |
Config ReplicaSet Pod nodeSelector labels | {} |
sharding.configrs.livenessProbe |
Config ReplicaSet Pod livenessProbe structure | {} |
sharding.configrs.readinessProbe |
Config ReplicaSet Pod readinessProbe structure | {} |
sharding.configrs.storage |
Set cacheSizeRatio or other custom MongoDB storage options | {} |
sharding.configrs.podSecurityContext |
Set the security context for a Pod | {} |
sharding.configrs.containerSecurityContext |
Set the security context for a Container | {} |
sharding.configrs.runtimeClass |
Config ReplicaSet Pod runtimeClassName | "" |
sharding.configrs.sidecars |
Config ReplicaSet Pod sidecars | {} |
sharding.configrs.sidecarVolumes |
Config ReplicaSet Pod sidecar volumes | [] |
sharding.configrs.sidecarPVCs |
Config ReplicaSet Pod sidecar PVCs | [] |
sharding.configrs.podDisruptionBudget.maxUnavailable |
Config ReplicaSet failed Pods maximum quantity | 1 |
sharding.configrs.expose.enabled |
Allow access to cfg replica from outside of Kubernetes | false |
sharding.configrs.expose.exposeType |
Network service access point type | ClusterIP |
sharding.configrs.expose.loadBalancerSourceRanges |
Limit client IP's access to Load Balancer | {} |
sharding.configrs.expose.serviceAnnotations |
Config ReplicaSet service annotations | {} |
sharding.configrs.expose.serviceLabels |
Config ReplicaSet service labels | {} |
sharding.configrs.resources.limits.cpu |
Config ReplicaSet resource limits CPU | 300m |
sharding.configrs.resources.limits.memory |
Config ReplicaSet resource limits memory | 0.5G |
sharding.configrs.resources.requests.cpu |
Config ReplicaSet resource requests CPU | 300m |
sharding.configrs.resources.requests.memory |
Config ReplicaSet resource requests memory | 0.5G |
sharding.configrs.volumeSpec.hostPath |
Config ReplicaSet hostPath K8S storage | |
sharding.configrs.volumeSpec.hostPath.path |
Config ReplicaSet hostPath K8S storage path | "" |
sharding.configrs.volumeSpec.hostPath.type |
Type for hostPath volum | Directory |
sharding.configrs.volumeSpec.emptyDir |
Config ReplicaSet Pods emptyDir K8S storage | |
sharding.configrs.volumeSpec.pvc |
Config ReplicaSet Pods PVC request parameters | |
sharding.configrs.volumeSpec.pvc.annotations |
The Kubernetes annotations metadata for Persistent Volume Claim | {} |
sharding.configrs.volumeSpec.pvc.labels |
The Kubernetes labels metadata for Persistent Volume Claim | {} |
sharding.configrs.volumeSpec.pvc.storageClassName |
Config ReplicaSet Pods PVC storageClass | "" |
sharding.configrs.volumeSpec.pvc.accessModes |
Config ReplicaSet Pods PVC access policy | [] |
sharding.configrs.volumeSpec.pvc.resources.requests.storage |
Config ReplicaSet Pods PVC storage size | 3Gi |
sharding.configrs.hostAliases |
The IP address for Kubernetes host aliases | [] |
sharding.mongos.size |
Mongos size (pod quantity) | 3 |
sharding.mongos.terminationGracePeriodSeconds |
The amount of seconds Kubernetes will wait for a clean mongos Pods termination | "" |
sharding.mongos.configuration |
Custom config for mongos | "" |
sharding.mongos.topologySpreadConstraints |
Control how Pods are spread across your cluster among failure-domains such as regions, zones, nodes, and other user-defined topology domains | {} |
sharding.mongos.serviceAccountName |
Run sharding mongos Containers under specified K8S SA | "" |
sharding.mongos.affinity.antiAffinityTopologyKey |
Mongos Pods affinity | kubernetes.io/hostname |
sharding.mongos.affinity.advanced |
Mongos Pods advanced affinity | {} |
sharding.mongos.tolerations |
Mongos Pods tolerations | [] |
sharding.mongos.priorityClass |
Mongos Pods priorityClassName | "" |
sharding.mongos.annotations |
Mongos Pods annotations | {} |
sharding.mongos.labels |
Mongos Pods labels | {} |
sharding.mongos.nodeSelector |
Mongos Pods nodeSelector labels | {} |
sharding.mongos.livenessProbe |
Mongos Pod livenessProbe structure | {} |
sharding.mongos.readinessProbe |
Mongos Pod readinessProbe structure | {} |
sharding.mongos.podSecurityContext |
Set the security context for a Pod | {} |
sharding.mongos.containerSecurityContext |
Set the security context for a Container | {} |
sharding.mongos.runtimeClass |
Mongos Pod runtimeClassName | "" |
sharding.mongos.sidecars |
Mongos Pod sidecars | {} |
sharding.mongos.sidecarVolumes |
Mongos Pod sidecar volumes | [] |
sharding.mongos.sidecarPVCs |
Mongos Pod sidecar PVCs | [] |
sharding.mongos.podDisruptionBudget.maxUnavailable |
Mongos failed Pods maximum quantity | 1 |
sharding.mongos.resources.limits.cpu |
Mongos Pods resource limits CPU | 300m |
sharding.mongos.resources.limits.memory |
Mongos Pods resource limits memory | 0.5G |
sharding.mongos.resources.requests.cpu |
Mongos Pods resource requests CPU | 300m |
sharding.mongos.resources.requests.memory |
Mongos Pods resource requests memory | 0.5G |
sharding.mongos.expose.exposeType |
Mongos service exposeType | ClusterIP |
sharding.mongos.expose.servicePerPod |
Create a separate ClusterIP Service for each mongos instance | false |
sharding.mongos.expose.loadBalancerSourceRanges |
Limit client IP's access to Load Balancer | {} |
sharding.mongos.expose.serviceAnnotations |
Mongos service annotations | {} |
sharding.mongos.expose.serviceLabels |
Mongos service labels | {} |
sharding.mongos.expose.nodePort |
Custom port if exposing mongos via NodePort | "" |
sharding.mongos.hostAliases |
The IP address for Kubernetes host aliases | [] |
users.name |
The username of the MongoDB application user | "" |
users.db |
Database that the user authenticates against | "" |
users.passwordSecretRef.name |
Name of the secret that contains the user's password | "" |
users.passwordSecretRef.key |
Key in the secret that corresponds to the value of the user's password | "" |
users.roles.role.name |
Name of the MongoDB role assigned to the user. As built-in roles, so custom roles are supported | "" |
users.roles.role.db |
Database that the MongoDB role applies to | "" |
backup.enabled |
Enable backup PBM agent | true |
backup.annotations |
Backup job annotations | {} |
backup.podSecurityContext |
Set the security context for a Pod | {} |
backup.containerSecurityContext |
Set the security context for a Container | {} |
backup.restartOnFailure |
Backup Pods restart policy | true |
backup.image.repository |
PBM Container image repository | percona/percona-backup-mongodb |
backup.image.tag |
PBM Container image tag | 2.5.0 |
backup.storages |
Local/remote backup storages settings | {} |
backup.pitr.enabled |
Enable point in time recovery for backup | false |
backup.pitr.oplogOnly |
Start collecting oplogs even if full logical backup doesn't exist | false |
backup.pitr.oplogSpanMin |
Number of minutes between the uploads of oplogs | 10 |
backup.pitr.compressionType |
The point-in-time-recovery chunks compression format | "" |
backup.pitr.compressionLevel |
The point-in-time-recovery chunks compression level | "" |
backup.configuration.backupOptions |
Custom configuration settings for backup | {} |
backup.configuration.restoreOptions |
Custom configuration settings for restore | {} |
backup.tasks |
Backup working schedule | {} |
systemUsers |
PSMDB operator system users | {} |
Specify parameters using --set key=value[,key=value] argument to helm install
Notice that you can use multiple replica sets only with sharding enabled.
This is great for a dev PSMDB/MongoDB cluster as it doesn't bother with backups and sharding setup.
$ helm install dev --namespace psmdb . \
--set runUid=1001 --set "replsets.rs0.volumeSpec.pvc.resources.requests.storage=20Gi" \
--set backup.enabled=false --set sharding.enabled=false