This hands on tutorial blog primarily covers details around setting up Couchbase Kubernetes Operator on a laptop/desktop running minikube. It features setting up custom TLS certs and persistent volumes. Along with checking how to scale up and down the cluster. Also running backup/restore of the Couchbase cluster and running sample application using Python SDK.

Setup uses Couchbase Operator 1.2 on open source kubernetes using minikube, which can run on a laptop. The deployment would be using command line tools to deploy on macos.

Overview of the hands-on tutorial

Pre-requisities

CLI commands for macOS, update the package manager for mac using command below

Install hypervisor from link below

https://download.virtualbox.org/virtualbox/6.0.10/VirtualBox-6.0.10-132072-OSX.dmg

Install minikube

Install kubectl

https://kubernetes.io/docs/tasks/tools/install-kubectl/#install-kubectl-on-macos

Start minikube using command below

[HINT] Stop/exit all applications on the laptop if they are not required for this tutorial. minikube and couchbase cluster running on minukube needs good amount of resources.

Environment details for the minikube on my laptop look like below

Set the vCPUs and Memory to 4 and 4GiB so that Couchbase Operator would work on laptop

minikube cluster details

Deploying Couchbase Autonomous Operator

Deploying Admission Controller

cd into the files dir to access the required yaml files  The package needs to be downloaded onto laptop into your local directory

First we will create a namespace to localize the scope of our deployment

Deployment Admission Controller which is a mutating webhook for schema validation

Query the deployment for Admission Controller

Deploy Couchbase Autonomous Operator

Deploy the Custom Resource Definition

Scope of the CRD can be k8s cluster wide or localized to the namespace. Choice is upto devops/k8s administrator. In the example below its localized to the a particular namespace

Deploy Operator Role

Create service account

Bind the service account ‘couchbase-operator’ with operator-role

Deploy Couchbase Autonomous Operator Deployment

Query deployment

Deploying Couchbase Cluster

Deploy TLS certs in namespace cbdb
Using help file below in the link, make sure use appropriate namespace, here I have used ‘cbdb’. Link is provided here

Query the TLS secrets deployed via kubectl

Deploy secret to access Couchbase UI

Get StorageClass details for minikube k8s cluster

Deploy the Couchbase cluster

yaml file for the above deployment can be found here

If everything goes well then we should see the Couchbase cluster deployed with PVs, TLS certs

Access the Couchbase UI
Get the service details for Couchbase cluster

Expose the CB cluster via CB UI service

Accessing Couchbase UI

Login to http://localhost:8091 to access CB UI

Verify the root ca to check custom x509 cert is being used

Click Security->Root Certificate

Delete a pod at random, lets delete pod 001

Server would automatically failover, depending on the autoFailovertimeout

A lost Couchbase node is auto-recovered by Couchbase Operator as its constantly watching cluster definition

Scaling up/down

Its a single click change scale or scale down.

Scaling up

Change size to 4 from 3

Run the command below

Boom!

Cluster scales up.

Caution: K8s cluster needs to have enough resources to scale up.

Scaling down

Its exact opposite of scaling up, reduce the cluster to any number. But not less than 3.

Couchbase MVP is 3 nodes.

Backup and Restore Couchbase server

Backup CB cluster via cbbackupmgr

Create backup repo on given backup mount/volume

Backup

Restore

Run sample Python application from a different namespace

Create namespace for app tier

Deploy the app pod

Run the sample python program to upsert a document into couchbase cluster

Login to the pods shell/exec into app pod

Prep the pod for installing python SDK

prep-app-pod for python SDK

Edit the program with FQDN of the pod

Run below command after exec’ing into the couchbase pod

Get the FQDN for the app pod

Edit the program with correct connection string

Connection string for me looks like below:

Since both the namespaces in minikube share same kube-dns

Run the program

Upserted document should looks like this

Conclusion

We deployed Couchbase Autonomous Operator with version 1.2 on minikube version: v1.2.0. Couchbase cluster requires admission controller, RBACs with role limited to the namespace (more secure). CRD deployed has cluster wide scope, but that is by design. Couchbase cluster deployed had PV support and customer x509 certs.
We saw how how Couchbase cluster self-heals, and brings cluster up and healthy back without any user intervention.

Backup and restore are very critical for the Couchbase server. cbbackupmgr is our recommended utility for performing backups and restore. We also saw how to install Couchbase python sdk in a Application pod deployed in its namespace and we can have that application talk to Couchbase server and perform CRUD operations.

Cleanup (Optional)

Perform these steps below to un-config all the k8s assets created.

Posted by Ram Dhakne

Ram Dhakne is Solutions Consultant - US West at Couchbase. He currently helps Enterprise customers with their digital innovations journey and helping them adopt NoSQL technologies. His current interests are running persistent applications like Couchbase NoSQL server on Kubernetes clusters running on AKS, GKE, ACS and OpenShift, securing end-to-end on kubernetes. In his past life has worked on IaaS platforms (AWS, GCP, Azure & Private Clouds), Enterprise Backup Target Products & Backup Applications.

Leave a reply