- Deploy and Configure MongoDB Database Resources >
- Deploy a MongoDB Database Resource >
- Deploy a Resource to Use with Prometheus
Deploy a Resource to Use with Prometheus¶
On this page
You can use the mongodb-prometheus-sample.yaml file to deploy a MongoDB resource in your Kubernetes cluster, with a ServiceMonitor to indicate to Prometheus how to consume metrics data from it.
The sample specifies a simple MongoDB resource with one user,
and the spec.prometheus
attribute with basic HTTP
authentication and no TLS. The sample lets you test
the metrics that MongoDB sends to Prometheus.
Note
You can’t use Prometheus with a multi-Kubernetes-cluster deployment.
Quick Start¶
We tested this setup with version 0.54 of the Prometheus Operator.
Prerequisites¶
- Kubernetes 1.16+
- Helm 3+
Install the Prometheus Operator¶
You can install the Prometheus Operator using Helm. To learn more, see the installation instructions.
To install the Prometheus Operator using Helm, run the following commands:
Install the MongoDB Enterprise Kubernetes Operator¶
Run the following command to install the Kubernetes Operator and create a namespace to contain the Kubernetes Operator and resources:
To learn more, see Install the MongoDB Enterprise Kubernetes Operator.
Create a MongoDB Resource¶
You can use the mongodb-prometheus-sample.yaml file to deploy a MongoDB resource in your Kubernetes cluster, with a ServiceMonitor to indicate to Prometheus how to consume metrics data from it.
You can apply the sample directly with the following command:
Note
Specify the full path to the mongodb-prometheus-sample.yaml file. Ensure you specify
spec.credentials
and
spec.cloudManager.configMapRef.name
.
This command creates two secrets that contain authentication for a new MongoDB user and basic HTTP authentication for the Prometheus endpoint. The command creates both secrets in the mongodb namespace.
This command also creates a ServiceMonitor that
configures Prometheus to consume this resource’s metrics. This command
creates the ServiceMonitor
in the prometheus-system
namespace.
Optional: Enable TLS on the Prometheus Endpoint¶
Install Cert-Manager¶
- To install cert-manager using Helm, see the cert-manager installation documentation.
- To create a cert-manager
Issuer
, see the cert-manager configuration documentation - To create a certificate, see the cert-manager usage documentation.
Enable TLS on the MongoDB CRD¶
Important
Do NOT use this configuration in Production environments! A security expert should advise you about how to configure TLS.
To enable TLS, you must add a new entry to the
spec.prometheus
section of the MongoDB custom resource. Run
the following patch
operation to add the needed entry.
Note
tlsSecretKeyRef.name
points at a secret of type
kubernetes.io/tls
that holds a Server certificate.
The following response appears:
After a few minutes, the MongoDB resource should return to the Running phase. Now you must configure the Prometheus ServiceMonitor to point to the HTTPS endpoint.
Update ServiceMonitor¶
To update the ServiceMonitor, run the following command to patch the resource again:
The following reponse appears:
With these changes, the new ServiceMonitor
points to the HTTPS endpoint (defined in
/spec/endpoints/0/scheme
). You also set
spec/endpoints/0/tlsConfig/insecureSkipVerify
to true
,
so that Prometheus doesn’t verify the TLS certificates on
MongoDB’s end.
Prometheus should now be able to scrape the MongoDB target using HTTPS.
mongodb-prometheus-sample.yaml
¶
Create the following mongodb-prometheus-sample.yaml
file to deploy
a MongoDB resource in your Kubernetes cluster, with a
ServiceMonitor
to indicate to Prometheus how to consume metrics data from
it.
This sample file specifies a simple MongoDB resource with one user,
and the spec.prometheus
attribute with basic HTTP
authentication and no TLS. The sample lets you test
the metrics that MongoDB sends to Prometheus.
To learn more, see Prometheus Settings.
Examples¶
The following examples show the resource definitions required to use Prometheus with your MongoDB resource.
MongoDB Resource with Prometheus¶
To learn more, see Prometheus Settings.