(DOCSP-23970) (DOCSP-25503) Disaster recovery in multi-Kubernetes-cluster deployments (#1142)

* First batch, to be continued

* Minimal reorg to create space for disaster recovery updates

* Edits

* Edits

* copy

* Edits

* edits

* Edits

* Edits

* Edits

* Added a Disaster Recovery topic, have questions and need more info

* Edits

* Fixed build errors, ready for the initial tech review of the first half.To be continued.

* Adding the failover info, multi-cluster CLI options, and renaming the tool to CLI

* Fix build warnings and errors

* small edit

* edits

* Fix one build warning, ready for a review

* tech review, to be continued

* First round of tech review -- have qs for Mircea

* Tech review from Mircea, added setup and recover subcommands, added info about identifying failed clusters with healthz pings, other edits

* Build warnings

* fix one last build warning, ready for a review

* Edits from Corry, also added a link to Argo CD example

* Fixing links

* Trying to fix the tables

* trying to fix the table includes

* Adding includes for the common params in tables

* Fixing the tables with includes

* Almost there? tables

* Adjusting table column width

* Edits

* Fixing metadata tags syntax

* Fixing keywords

* Fixing keywords

* Fixing keywords

Author: JuliaMongo

conf.py

@@ -172,6 +172,7 @@
     '.. |k8s-statefulsets| replace:: `StatefulSets <https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/>`__',
     '.. |k8s-statefulset| replace:: `StatefulSet <https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/>`__',
     '.. |k8s-webhook| replace:: `Webhook <https://kubernetes.io/docs/reference/access-authn-authz/extensible-admission-controllers/#what-are-admission-webhooks>`__',
+    '.. |k8s-healthchecks| replace:: `Kubernetes API health endpoints <https://kubernetes.io/docs/reference/using-api/health-checks/>`__',
     '.. |k8s| replace:: Kubernetes',
     '.. |kdc| replace:: :abbr:`KDC (Key Distribution Center)`',
     '.. |kind| replace:: :abbr:`Kind (Kubernetes in Docker)`',
@@ -188,6 +189,9 @@
     '.. |multi-cluster| replace:: multi-Kubernetes-cluster deployment',
     '.. |Multi-cluster| replace:: Multi-Kubernetes-cluster deployment',
     '.. |multi-clusters| replace:: multi-Kubernetes-cluster deployments',
+    '.. |Multi-clusters| replace:: Multi-Kubernetes-cluster deployments',
+    '.. |mc-cli| replace:: multi-cluster CLI',
+    '.. |Mc-cli| replace:: Multi-cluster CLI',
     '.. |oc| replace:: :xml:`<mono><link target="https://docs.openshift.com/container-platform/3.11/cli_reference/index.html">oc</link></mono>`',
     '.. |onprem| replace:: Ops Manager',
     '.. |onprem-link| replace:: :opsmgr:`Ops Manager </>`',
@@ -256,6 +260,7 @@
     'tldrl' : ('https://www.tldrlegal.com/l/%s', ''),
     'aws': ('http://docs.aws.amazon.com%s', ''),
     'aws-blogs': ('http://aws.amazon.com%s', ''),
+    'argo-cd': ('https://argoproj.github.io/%s', ''),
     'gcp': ('https://cloud.google.com%s', ''),
     'q-mdb': ('https://quay.io/mongodb%s', ''),
     'gatekeeper': ('https://open-policy-agent.github.io/gatekeeper/website/docs%s', ''),

source/includes/facts/fact-multi-cluster-cli-actions-setup.rst

@@ -0,0 +1,6 @@
+- Creates a single ``mongodb`` namespace in the central cluster and
+  each member cluster.
+- Creates Service Accounts, Roles, and RoleBindings in the central
+  cluster and each member cluster.
+- Applies the correct permissions for service accounts.
+- Uses these settings to create your |multi-cluster|.

source/includes/list-tables/multi-cluster-cli-central-cluster-ns.rst

@@ -0,0 +1,3 @@
+Required. Namespace that the |k8s-op-short|
+will be deployed to, such as:
+``-central-cluster-namespace="mongodb"``.

source/includes/list-tables/multi-cluster-cli-central-cluster.rst

@@ -0,0 +1,4 @@
+Central cluster that the |k8s-op-short|
+will be deployed in, such as:
+``-central-cluster="MDB_CENTRAL_CLUSTER_FULL_NAME"``.
+

source/includes/list-tables/multi-cluster-cli-cleanup.rst

@@ -0,0 +1,4 @@
+Optional. Flag that indicates whether to
+delete all previously created resources
+except for namespaces.
+Default value is ``false``.

source/includes/list-tables/multi-cluster-cli-cluster-scoped.rst

@@ -0,0 +1,3 @@
+Optional. Flag that indicates whether to
+create ClusterRole and ClusterRoleBindings
+for member clusters. Default value is ``false``.

source/includes/steps-multi-cluster-source.yaml

@@ -24,24 +24,23 @@ content: |
 stepnum: 0
 level: 4
 ref: run-multi-cluster-tool
-title: "Run the ``multi-cluster kubeconfig creator`` tool."
+title: "Run the ``multi-cluster CLI``."
 content: |
 
   By default, the |k8s-op-short| is scoped to the ``mongodb`` namespace.
   The following command creates one central cluster, three member clusters,
   and a |k8s-ns| labeled ``mongodb`` in each of the clusters.
 
   a. Change to the directory to which you cloned the |k8s-op-short|
-     repository, and then to the directory that has the ``multi-cluster kubeconfig creator``
-     tool.
-  #. Run the :github:`multi-cluster kubeconfig creator </mongodb/mongodb-enterprise-kubernetes/blob/master/tools/multicluster/main.go>`
-     tool:
+     repository, and then to the directory that contains the
+     :ref:`Multi-cluster CLI <multi-cluster-cli-reference-ref>`.
+  #. Run the |mc-cli|:
 
      .. code-block:: sh
 
         cd tools/multicluster
         go run main.go \
-        setup
+        setup \
           -central-cluster="${MDB_CENTRAL_CLUSTER_FULL_NAME}" \
           -member-clusters="${MDB_CLUSTER_1_FULL_NAME},${MDB_CLUSTER_2_FULL_NAME},${MDB_CLUSTER_3_FULL_NAME}" \
           -member-cluster-namespace="mongodb" \
@@ -95,7 +94,7 @@ content: |
 
   If you have not done so already, run the following commands to run
   all ``kubectl`` commands on the central cluster in the default
-  namespace. In the following steps, you will install the |k8s-op-short|
+  namespace. In the following steps, you install the |k8s-op-short|
   into this namespace.
 
   .. code-block:: sh
@@ -126,7 +125,8 @@ content: |
               --version <mongodb-kubernetes-operator-version> \
               --set operator.name=mongodb-enterprise-operator-multi-cluster \
               --set operator.createOperatorServiceAccount=false \
-              --set "multiCluster.clusters=$MDB_CLUSTER_1_FULL_NAME,$MDB_CLUSTER_2_FULL_NAME,$MDB_CLUSTER_3_FULL_NAME"
+              --set "multiCluster.clusters=$MDB_CLUSTER_1_FULL_NAME,$MDB_CLUSTER_2_FULL_NAME,$MDB_CLUSTER_3_FULL_NAME" \
+              --set multiCluster.performFailover=false
 ---
 stepnum: 0
 title: "Deploy the MongoDB resource."

source/index.txt

@@ -54,7 +54,7 @@ optimal performance.
       Install the Operator </installation>
       Deploy Ops Manager Resources </om-resources>
       Deploy MongoDB Database Resources </mdb-resources>
-      Deploy MongoDB Resources across Multiple Kubernetes Clusters (Beta) </multi-cluster>
+      Deploy MongoDB Resources on Multiple Kubernetes Clusters (Beta) </multi-cluster>
       /tutorial/modify-resource-image
       /reference
       Release Notes </release-notes>

source/multi-cluster-arch.txt

@@ -1,8 +1,8 @@
 .. _multi-cluster-arch-ref:
 
-===========================
-Multi-Cluster Architecture
-===========================
+===========================================
+Architecture, Capabilities, and Limitations
+===========================================
 
 .. default-domain:: mongodb
 
@@ -23,23 +23,20 @@ Features Not Available in the Beta Release
 
 .. important::
 
-   This feature is a beta release. Use |multi-cluster| 
-   deployments only in development environments.
+   This feature is a beta release and has the following limiations:
 
-The following features of the |k8s-op-full| and the underlying |k8s|
-clusters are not available in the beta release of the |multi-clusters|:
-
-- Sharded cluster deployments
-- |onprem| version earlier than 5.0.7
+   - Deploy |multi-clusters| only in development environments.
+   - Deploy only replica sets. Sharded cluster deployments aren't supported.
+   -    - Use |onprem| versions later than 5.0.7.
 
 .. _multi-cluster-capabilities:
 
-Multi-Cluster Capabilities
---------------------------
+Multi-Kubernetes-Cluster Deployment Capabilities
+------------------------------------------------
 
-This section describes the multi-cluster capabilities that you can
+This section describes the |multi-cluster| capabilities that you can
 configure using the same procedures as for single clusters deployed with
-the |k8s-op-short|. Other multi-cluster capabilities have their own
+the |k8s-op-short|. Other |multi-cluster| capabilities have their own
 documentation in this guide.
 
 .. list-table::
@@ -68,8 +65,8 @@ documentation in this guide.
        These procedures are the same as for single clusters
        deployed with |k8s-op-short|, with the following exceptions:
 
-       - The procedures apply to replica sets only. Multi-cluster
-         deployments :ref:`do not support creating sharded clusters <multi-cluster-beta-limitations>`.
+       - The procedures apply to replica sets only. |Multi-clusters|
+         :ref:`do not support creating sharded clusters <multi-cluster-beta-limitations>`.
        - In the ``mongodbResourceRef``, specify the name of the multi-cluster
          replica set: ``name: "<my-multi-cluster-replica-set>"``.
 
@@ -81,16 +78,18 @@ documentation in this guide.
 
 .. _multi-cluster-diagram:
 
-Multi-Cluster Deployment Architecture
--------------------------------------
+Deployment Architecture and Diagram
+-----------------------------------
 
-The |k8s-op-full| runs in a central |k8s| cluster.
+The |k8s-op-full| runs in a central |k8s| cluster of your |multi-cluster|.
 
 The central cluster holds the ``MongoDBMulti`` CustomResource spec for
 the MongoDB replica set.
 The member |k8s| clusters host the MongoDB replica sets.
 
-If you deploy |onprem| with the |k8s-op-short|, the central cluster may also host |onprem|.
+If you deploy |onprem| with the |k8s-op-short|, the central cluster may
+also host |onprem|.
+
 |istio| manages the discovery of MongoDB nodes deployed in different
 |k8s| member clusters.
 
@@ -114,17 +113,17 @@ The |k8s-op-full| performs these actions:
   confirm that the |multi-cluster| is in the desired state.
 
 - Reconciles resources. Creates the necessary resources, such as
-  Configmaps, Secrets, Service objects, and Statefulset objects in
-  each member cluster corresponding to the number of replica set members
-  in the MongoDB cluster.
+  Configmaps, Secrets, Service objects, and Statefulset objects in each
+  member cluster corresponding to the number of replica set members in the
+  MongoDB cluster.
 
   .. include:: /includes/facts/fact-can-change-secret-storage-tool.rst
 
 The following diagram shows the high-level architecture of a |multi-cluster|
 across regions and availability zones:
 
 .. figure:: /images/multi-cluster-arch.svg
-   :alt: Diagram showing the high-level architecture of a multi-cluster
+   :alt: Diagram showing the high-level architecture of a multi-cluster-Kubernetes
          deployment across regions and availability zones using the
          MongoDB Enterprise Kubernetes Operator
    :figwidth: 600px

source/multi-cluster-central-member-clusters.txt

@@ -0,0 +1,36 @@
+.. _central-and-member-clusters:
+
+===================================
+Central Cluster and Member Clusters
+===================================
+
+.. default-domain:: mongodb
+
+.. meta::
+   :keywords: multicluster, central cluster, member clusters, multi-cluster
+
+.. contents:: On this page
+   :local:
+   :backlinks: none
+   :depth: 2
+   :class: singlecol
+
+MongoDB recommends that you identify one cluster to act as a **central cluster**.
+The central cluster hosts the |k8s-op-short| and acts as the control plane
+for the multi-cluster deployment. This central cluster can also host
+replica set members. This documentation refers to other |k8s| clusters
+that host replica set members as **member clusters**.
+
+Communication between replica set members occurs over a service mesh,
+which means that your database doesn't rely on the central cluster to function.
+Note that if the central cluster fails, you can't use the |k8s-op-short|
+to change your deployment until access to this cluster is restored or
+until you redeploy the |k8s-op-short| to an available |k8s| cluster.
+
+You can host your application on any |k8s| cluster in the service mesh.
+Your application can be co-located on a member cluster with one of the
+replica set nodes that you deployed using the |k8s-op-short|, or you can
+host your application on a cluster that doesn't host replica set nodes
+or the |k8s-op-short|.
+
+To learn more, see the :ref:`multi-cluster-diagram`.

source/multi-cluster-cli-reference.txt

@@ -0,0 +1,144 @@
+.. _multi-cluster-cli-reference-ref:
+
+===========================
+Multi-Cluster CLI Reference
+===========================
+
+.. default-domain:: mongodb
+
+.. meta::
+   :keywords: multicluster, multi-kubernetes-cluster MongoDB, mongoDBmulti resource, multi-cluster cli setup, multi-cluster cli recover, central cluster, member clusters
+   :description: Learn how to use the multi-cluster CLI to set up a multi-Kubernetes-cluster MongoDB deployment and automatically recover such a deployment from some cluster failures.
+
+.. contents:: On this page
+   :local:
+   :backlinks: none
+   :depth: 1
+   :class: singlecol
+
+Use the :github:`multi-cluster CLI
+</mongodb/mongodb-enterprise-kubernetes/blob/master/tools/multicluster/>`
+to set up |multi-clusters| and run automatic and manual
+:ref:`disaster recovery <disaster-recovery-ref>`.
+
+The |mc-cli| has the following subcommands:
+
+- :ref:`multi-cluster-cli-setup`
+- :ref:`multi-cluster-cli-recover`
+
+.. _multi-cluster-cli-setup:
+
+The setup Subcommand
+--------------------
+
+The ``go run main.go setup`` subcommand sets up the initial |multi-cluster|.
+It performs the following actions:
+
+.. include:: /includes/facts/fact-multi-cluster-cli-actions-setup.rst
+
+.. _multi-cluster-cli-setup-options:
+
+The setup Subcommand Options
+----------------------------
+
+The ``setup`` subcommand of the |mc-cli| has the following options:
+
+.. list-table::
+   :header-rows: 1
+   :widths: 40 20 40
+
+   * - Option
+     - Data Type
+     - Description
+
+   * - ``central-cluster``
+     - string
+     - .. include:: /includes/list-tables/multi-cluster-cli-central-cluster.rst
+
+   * - ``central-cluster-namespace``
+     - string
+     - .. include:: /includes/list-tables/multi-cluster-cli-central-cluster-ns.rst
+
+   * - ``cleanup``
+     - boolean
+     - .. include:: /includes/list-tables/multi-cluster-cli-cleanup.rst
+
+   * - ``cluster-scoped``
+     - boolean
+     - .. include:: /includes/list-tables/multi-cluster-cli-cluster-scoped.rst
+
+   * - ``install-database-roles``
+     - boolean
+     - Optional. Flag that indicates whether to install
+       the ServiceAccounts and Roles required for running
+       MongoDB workloads on the member clusters.
+       Default value is ``false``.
+
+   * - ``member-clusters``
+     - string
+     - Required. Comma-separated list that contains
+       member clusters, such as:
+       ``-member-clusters="${MDB_CLUSTER_2_FULL_NAME},
+       ${MDB_CLUSTER_3_FULL_NAME},
+       ${MDB_CLUSTER_4_FULL_NAME}"``.
+
+   * - ``member-cluster-namespace``
+     - string
+     - Required. Namespace that the member cluster resources
+       will be deployed to, such as:
+       ``-member-cluster-namespace="mongodb"``.
+
+   * - ``service-account``
+     - string
+     - Optional. Name of the service account for the
+       |k8s-op-short| to use to communicate with the
+       member clusters. Default value is
+       ``mongodb-enterprise-operator-multi-cluster``.
+
+For a full example of the |mc-cli| ``setup`` subcommand's usage,
+see the :ref:`multi-Kubernetes-cluster quick start procedure
+<multi-cluster-quick-start-procedure>`.
+
+.. _multi-cluster-cli-recover:
+
+The recover Subcommand
+----------------------
+
+The ``go run main.go recover`` subcommand can automatically recover a
+failed cluster topology in some cases. In other cases, you must
+:ref:`manually recover from a failure <disaster-recovery-manual>`. To
+learn more, see :ref:`disaster-recovery-ref`.
+
+.. _multi-cluster-cli-recover-options:
+
+The recover Subcommand Options
+------------------------------
+
+The ``recover`` subcommand of the |mc-cli| has the following options:
+
+.. list-table::
+   :header-rows: 1
+   :widths: 40 20 40
+
+   * - Option
+     - Data Type
+     - Description
+
+   * - ``central-cluster``
+     - string
+     - .. include:: /includes/list-tables/multi-cluster-cli-central-cluster.rst
+
+   * - ``central-cluster-namespace``
+     - string
+     - .. include:: /includes/list-tables/multi-cluster-cli-central-cluster-ns.rst
+
+   * - ``cleanup``
+     - boolean
+     - .. include:: /includes/list-tables/multi-cluster-cli-cleanup.rst
+
+   * - ``cluster-scoped``
+     - boolean
+     - .. include:: /includes/list-tables/multi-cluster-cli-cluster-scoped.rst
+
+For a full example of the |mc-cli| ``recover`` subcommand's usage,
+see the :ref:`manual disaster recovery procedure <disaster-recovery-manual>`.