Merge pull request #8 from Ad-squareops/gcp

added custom db and namespace enable/disable param

Author: ShibraAmin18

IAM.md

@@ -82,4 +82,4 @@ The Policy required to deploy this module:
     "resourcemanager.projects.getIamPolicy",
     "resourcemanager.projects.setIamPolicy"
   ]
-  ```
+  ```

README.md

@@ -18,56 +18,72 @@ This module is for deploying a highly available MongoDB cluster on Kubernetes us
 ## Usage Example
 
 ```hcl
-module "aws" {
-  source                             = "squareops/mongodb/kubernetes//modules/resources/aws"
-  environment                        = "prod"
-  name                               = "mongodb"
-  cluster_name                       = "prod-eks"
-  mongodb_custom_credentials_enabled = "true"
-  store_password_to_secret_manager   = "true"
-  mongodb_custom_credentials_config  = {
+locals {
+  name        = "mongo"
+  region      = "us-east-2"
+  environment = "prod"
+  additional_tags = {
+    Owner      = "organization_name"
+    Expires    = "Never"
+    Department = "Engineering"
+  }
+  create_namespace                   = true
+  namespace                          = "mongodb"
+  store_password_to_secret_manager   = true
+  mongodb_custom_credentials_enabled = true
+  mongodb_custom_credentials_config = {
     root_user                = "root"
     root_password            = "NCPFUKEMd7rrWuvMAa73"
     metric_exporter_user     = "mongodb_exporter"
     metric_exporter_password = "nvAHhm1uGQNYWVw6ZyAH"
   }
 }
+module "aws" {
+  source                             = "squareops/mongodb/kubernetes//modules/resources/aws"
+  environment                        = local.environment
+  name                               = local.name
+  store_password_to_secret_manager   = local.store_password_to_secret_manager
+  cluster_name                       = ""
+  mongodb_custom_credentials_enabled = local.mongodb_custom_credentials_enabled
+  mongodb_custom_credentials_config  = local.mongodb_custom_credentials_config
+}
 
 module "mongodb" {
-  source = "squareops/mongodb/kubernetes"
+  source           = "squareops/mongodb/kubernetes"
+  namespace        = local.namespace
+  create_namespace = local.create_namespace
   mongodb_config = {
-    name                             = "mongodb"
+    name                             = local.name
+    namespace                        = local.namespace
     values_yaml                      = ""
-    environment                      = "prod"
+    environment                      = local.environment
     volume_size                      = "10Gi"
     architecture                     = "replicaset"
+    custom_databases                 = "['db1', 'db2']"
+    custom_databases_usernames       = "['admin', 'admin']"
+    custom_databases_passwords       = "['pass1', 'pass2']"
     replica_count                    = 2
-    storage_class_name               = "gp3"
-    store_password_to_secret_manager = "true"
-  }
-  mongodb_custom_credentials_enabled = "true"
-  mongodb_custom_credentials_config  = {
-    root_user                = "root"
-    root_password            = "NCPFUKEMd7rrWuvMAa73"
-    metric_exporter_user     = "mongodb_exporter"
-    metric_exporter_password = "nvAHhm1uGQNYWVw6ZyAH"
+    storage_class_name               = "gp2"
+    store_password_to_secret_manager = local.store_password_to_secret_manager
   }
-  root_password                      = mongodb_custom_credentials_enabled ? "" : module.aws.root_password
-  metric_exporter_pasword            = mongodb_custom_credentials_enabled ? "" : module.aws.metric_exporter_pasword
+  mongodb_custom_credentials_enabled = local.mongodb_custom_credentials_enabled
+  mongodb_custom_credentials_config  = local.mongodb_custom_credentials_config
+  root_password                      = local.mongodb_custom_credentials_enabled ? "" : module.aws.root_password
+  metric_exporter_password           = local.mongodb_custom_credentials_enabled ? "" : module.aws.metric_exporter_password
   bucket_provider_type               = "s3"
   mongodb_backup_enabled             = true
   iam_role_arn_backup                = module.aws.iam_role_arn_backup
   mongodb_backup_config = {
-    bucket_uri           = "backup-bucket-uri"
-    s3_bucket_region     = "backup-bucket-region"
-    cron_for_full_backup = "* */12 * * *"
+    bucket_uri           = "s3://mongo-demo-backup"
+    s3_bucket_region     = "us-east-2"
+    cron_for_full_backup = "* * * * *"
   }
   mongodb_restore_enabled = true
   iam_role_arn_restore    = module.aws.iam_role_arn_restore
   mongodb_restore_config = {
-    bucket_uri       = "restore-bucket-uri/restore-file-name"
-    s3_bucket_region = "restore-bucket-region"
-    file_name        = "restore-file-name"
+    bucket_uri       = "s3://mongo-demo-backup/mongodumpfull_20230523_092110.gz"
+    s3_bucket_region = "us-east-2"
+    file_name        = "mongodumpfull_20230523_092110.gz"
   }
   mongodb_exporter_enabled = true
 }

examples/complete/aws/helm/values.yaml

@@ -3,7 +3,7 @@ affinity:
     requiredDuringSchedulingIgnoredDuringExecution:
         nodeSelectorTerms:
         - matchExpressions:
-          - key: "Data-Services"
+          - key: "Infra-Services"
             operator: In
             values:
             - "true"

examples/complete/aws/main.tf

@@ -7,6 +7,8 @@ locals {
     Expires    = "Never"
     Department = "Engineering"
   }
+  create_namespace                   = true
+  namespace                          = "mongodb"
   store_password_to_secret_manager   = true
   mongodb_custom_credentials_enabled = true
   mongodb_custom_credentials_config = {
@@ -21,27 +23,33 @@ module "aws" {
   environment                        = local.environment
   name                               = local.name
   store_password_to_secret_manager   = local.store_password_to_secret_manager
-  cluster_name                       = "ipv6-shib"
+  cluster_name                       = ""
   mongodb_custom_credentials_enabled = local.mongodb_custom_credentials_enabled
   mongodb_custom_credentials_config  = local.mongodb_custom_credentials_config
 }
 
 module "mongodb" {
-  source = "squareops/mongodb/kubernetes"
+  source           = "squareops/mongodb/kubernetes"
+  namespace        = local.namespace
+  create_namespace = local.create_namespace
   mongodb_config = {
     name                             = local.name
+    namespace                        = local.namespace
     values_yaml                      = file("./helm/values.yaml")
     environment                      = local.environment
     volume_size                      = "10Gi"
     architecture                     = "replicaset"
+    custom_databases                 = "['db1', 'db2']"
+    custom_databases_usernames       = "['admin', 'admin']"
+    custom_databases_passwords       = "['pass1', 'pass2']"
     replica_count                    = 2
-    storage_class_name               = "gp3"
+    storage_class_name               = "gp2"
     store_password_to_secret_manager = local.store_password_to_secret_manager
   }
   mongodb_custom_credentials_enabled = local.mongodb_custom_credentials_enabled
   mongodb_custom_credentials_config  = local.mongodb_custom_credentials_config
   root_password                      = local.mongodb_custom_credentials_enabled ? "" : module.aws.root_password
-  metric_exporter_pasword            = local.mongodb_custom_credentials_enabled ? "" : module.aws.metric_exporter_pasword
+  metric_exporter_password           = local.mongodb_custom_credentials_enabled ? "" : module.aws.metric_exporter_password
   bucket_provider_type               = "s3"
   mongodb_backup_enabled             = true
   iam_role_arn_backup                = module.aws.iam_role_arn_backup

examples/complete/azure/main.tf

@@ -7,6 +7,8 @@ locals {
     Expires    = "Never"
     Department = "Engineering"
   }
+  create_namespace                   = true
+  namespace                          = "mongodb"
   store_password_to_secret_manager   = true
   mongodb_custom_credentials_enabled = true
   mongodb_custom_credentials_config = {
@@ -35,22 +37,28 @@ module "azure" {
 module "mongodb" {
   source                  = "squareops/mongodb/kubernetes"
   cluster_name            = ""
+  namespace               = local.namespace
+  create_namespace        = local.create_namespace
   resource_group_name     = ""
   resource_group_location = ""
   mongodb_config = {
     name                             = local.name
+    namespace                        = local.namespace
     values_yaml                      = file("./helm/values.yaml")
     volume_size                      = "10Gi"
     architecture                     = "replicaset"
     replica_count                    = 1
     environment                      = local.environment
+    custom_databases                 = "['db1', 'db2']"
+    custom_databases_usernames       = "['admin', 'admin']"
+    custom_databases_passwords       = "['pass1', 'pass2']"
     storage_class_name               = "infra-service-sc"
     store_password_to_secret_manager = local.store_password_to_secret_manager
   }
   mongodb_custom_credentials_enabled = local.mongodb_custom_credentials_enabled
   mongodb_custom_credentials_config  = local.mongodb_custom_credentials_config
   root_password                      = local.mongodb_custom_credentials_enabled ? "" : module.azure.root_password
-  metric_exporter_pasword            = local.mongodb_custom_credentials_enabled ? "" : module.azure.metric_exporter_pasword
+  metric_exporter_password           = local.mongodb_custom_credentials_enabled ? "" : module.azure.metric_exporter_pasword
   bucket_provider_type               = "azure"
   mongodb_backup_enabled             = false
   mongodb_backup_config = {

examples/complete/azure/output.tf

@@ -6,4 +6,4 @@ output "mongodb_endpoints" {
 output "mongodb_credential" {
   value       = local.store_password_to_secret_manager ? null : module.mongodb.mongodb_credential
   description = "MongoDB credentials used for accessing the MongoDB database."
-}
+}

examples/complete/gcp/main.tf

@@ -7,6 +7,8 @@ locals {
     Expires    = "Never"
     Department = "Engineering"
   }
+  create_namespace                   = true
+  namespace                          = "mongodb"
   store_password_to_secret_manager   = true
   mongodb_custom_credentials_enabled = true
   mongodb_custom_credentials_config = {
@@ -29,22 +31,28 @@ module "gcp" {
 
 
 module "mongodb" {
-  source       = "squareops/mongodb/kubernetes"
-  cluster_name = "dev-gke-cluster"
+  source           = "squareops/mongodb/kubernetes"
+  namespace        = local.namespace
+  create_namespace = local.create_namespace
+  cluster_name     = "dev-gke-cluster"
   mongodb_config = {
     name                             = local.name
+    namespace                        = local.namespace
     values_yaml                      = file("./helm/values.yaml")
     environment                      = local.environment
     volume_size                      = "10Gi"
     architecture                     = "replicaset"
+    custom_databases                 = "['db1', 'db2']"
+    custom_databases_usernames       = "['admin', 'admin']"
+    custom_databases_passwords       = "['pass1', 'pass2']"
     replica_count                    = 2
     storage_class_name               = "standard"
     store_password_to_secret_manager = local.store_password_to_secret_manager
   }
   mongodb_custom_credentials_enabled = local.mongodb_custom_credentials_enabled
   mongodb_custom_credentials_config  = local.mongodb_custom_credentials_config
   root_password                      = local.mongodb_custom_credentials_enabled ? "" : module.gcp.root_password
-  metric_exporter_pasword            = local.mongodb_custom_credentials_enabled ? "" : module.gcp.metric_exporter_pasword
+  metric_exporter_password           = local.mongodb_custom_credentials_enabled ? "" : module.gcp.metric_exporter_pasword
   bucket_provider_type               = "gcs"
   service_account_backup             = module.gcp.service_account_backup
   service_account_restore            = module.gcp.service_account_restore

helm/values/backup/values.yaml

@@ -14,4 +14,4 @@ backup:
 annotations:
   ${annotations}
 
-bucket_provider_type: ${bucket_provider_type}
+bucket_provider_type: ${bucket_provider_type}

helm/values/exporter/values.yaml

@@ -24,7 +24,7 @@ livenessProbe:
 
 # [mongodb[+srv]://][user:pass@]host1[:port1][,host2[:port2],...][/database][?options]
 mongodb:
-  uri: "mongodb://mongodb_exporter:${mongodb_exporter_password}@mongodb-0.mongodb-headless.mongodb.svc.cluster.local:27017/admin?authSource=admin"
+  uri: "mongodb://mongodb_exporter:${mongodb_exporter_password}@mongodb-0.mongodb-headless.{namespace}.svc.cluster.local:27017/admin?authSource=admin"
 
 # Name of an externally managed secret (in the same namespace) containing the connection uri as key `mongodb-uri`.
 # If this is provided, the value mongodb.uri is ignored.

helm/values/mongodb/values.yaml

@@ -153,9 +153,9 @@ auth:
   ## @param auth.passwords List of passwords for the custom users set at `auth.usernames`
   ## @param auth.databases List of custom databases to be created during the initialization
   ##
-  usernames: []
-  passwords: []
-  databases: []
+  usernames: ${custom_databases_usernames}
+  passwords: ${custom_databases_passwords}
+  databases: ${custom_databases}
   ## @param auth.username DEPRECATED: use `auth.usernames` instead
   ## @param auth.password DEPRECATED: use `auth.passwords` instead
   ## @param auth.database DEPRECATED: use `auth.databases` instead