Deploy NuoDB Control Plane
NuoDB Control Plane allows users to provision NuoDB databases on-demand remotely using REST services by exposing various predefined configuration options.
This page describes how to deploy the NuoDB Control Plane into your Kubernetes Cluster. The NuoDB Control Plane works with Kubernetes locally or in the cloud. Follow the steps in this guide regardless of the selected Kubernetes platform provider.
Prerequisites
- A running Kubernetes cluster
- kubectl installed and able to access the cluster.
- Helm 3.x installed.
Software Dependency Installation
Install Cert Manager
To enable admission webhooks in the NuoDB operator, install cert-manager to automatically generate certificates for the webhook server.
Add the official Helm repositories.
helm repo add jetstack https://charts.jetstack.io
helm repo update
Install Cert Manager Helm chart.
helm upgrade --install cert-manager jetstack/cert-manager \
--namespace cert-manager \
--create-namespace \
--wait \
--set installCRDs=true
Install Ingress Controller
NuoDB databases support external access from clients that are outside of Kubernetes cluster. The NuoDB Control Plane (CP) can be configured to allow external connections to the REST service to create domains and databases. It configures databases with external access also, providing connection details for each database.
NuoDB CP supports Ingress Nginx and HAProxy ingress controllers. The SSL-passthrough feature is used to expose and multiplex SQL database connectivity.
Add the official Ingress Nginx Helm repositories.
helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
helm repo update
Install Ingress Nginx Controller.
helm upgrade --install ingress-nginx ingress-nginx/ingress-nginx \
--namespace nginx \
--create-namespace \
--set controller.ingressClassResource.default=true \
--set controller.service.enablePorts.http=false \
--set controller.admissionWebhooks.certManager.enabled=true \
--set controller.extraArgs.default-ssl-certificate="nginx/ingress-nginx-default-cert" \
--set controller.extraArgs.enable-ssl-passthrough=true \
--set controller.service.type=NodePort # Enables connecting to databases with port-forwarding
Generate TLS certificates for Ingress Controller.
kubectl apply -f - <<EOF
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: ingress-nginx-default-cert
namespace: nginx
spec:
commonName: dbaas.localtest.me
duration: 8760h
issuerRef:
name: ingress-nginx-self-signed-issuer
secretName: ingress-nginx-default-cert
subject:
organizations:
- ingress-nginx
EOF
Caution
Self-signed certificates should be used for local testing purposes only. For more information on how to configure Nginx controller with TLS, see Ingress Nginx TLS User Guide.
Installing NuoDB Control Plane
The NuoDB Control Plane consists of Custom Resource Definitions and the following workloads:
- The NuoDB CP Operator, which enforces the desired state of the NuoDB custom resources.
- The NuoDB CP REST service, that exposes a REST API allowing users to manipulate and inspect DBaaS entities.
Databases are grouped into projects, which are themselves grouped into organizations.
Note
By default the NuoDB CP will operate in a single namespace only which will be used for NuoDB CP and all databases created by it.
Add the official Helm repositories.
helm repo add nuodb-cp https://nuodb.github.io/nuodb-cp-releases/charts
helm repo update
Install NuoDB CP Helm charts.
helm upgrade --install nuodb-cp-crd nuodb-cp/nuodb-cp-crd \
--namespace nuodb-cp-system \
--create-namespace
helm upgrade --install nuodb-cp-operator nuodb-cp/nuodb-cp-operator \
--namespace nuodb-cp-system \
--wait \
--set cpOperator.webhooks.enabled=true \
--set 'cpOperator.extraArgs[0]=--ingress-https-port=8443' # Enables connecting to databases with port-forwarding
helm upgrade --install nuodb-cp-rest nuodb-cp/nuodb-cp-rest \
--namespace nuodb-cp-system \
--wait \
--set cpRest.ingress.enabled=true \
--set "cpRest.baseDomainName=dbaas.localtest.me" # Enables connecting to databases with port-forwarding