DOCSP-46323 -- Add reference architectures section (#2048)

* DOCSP-46323 -- Add reference architectures section

* DOCSP-46323 -- copy review

* DOCSP-46323 -- external review

* DOCSP-46323 -- external review

* DOCSP-46323 -- external review

* DOCSP-46323 -- move gke steps to top level

* DOCSP-46323 -- change step order

* DOCSP-46323 -- add env_variables.sh

* DOCSP-46323 -- add env_variables.sh

* DOCSP-46323 -- fix output rendering

* DOCSP-46323 -- add create gcp project step

* DOCSP-46323 -- add required tools section

* DOCSP-46323 -- add operator installation to central cluster

* DOCSP-46323 -- add operator installation to central cluster

* DOCSP-46323 -- add operator installation to central cluster

* DOCSP-46323 -- add operator installation to central cluster

* DOCSP-46323 -- add service mesh connectivity check procedure

* DOCSP-46323 -- fix link

* DOCSP-46323 -- add operator details

* DOCSP-46323 -- fix spacing

* DOCSP-46323 -- external review

* DOCSP-46323 -- external review

* DOCSP-46323 -- update includes

* DOCSP-46323 -- update code samples for MCOM

* DOCSP-46323 -- external review

* DOCSP-46323 -- fix language in examples

* DOCSP-46323 -- WIP

* DOCSP-46323 -- fix typo

* DOCSP-46323 -- add step descriptions

* DOCSP-46323 -- OM credentials update

* DOCSP-46323 -- add load balancer reference

* DOCSP-46323 -- add MCSC intro

* DOCSP-46323 -- add env vars for om deploymjent

* DOCSP-46323 -- external review

* DOCSP-46323 -- external review

* DOCSP-46323 -- external review

* DOCSP-46323 -- external review

* DOCSP-46323 -- external review

* DOCSP-46323 -- external review

* DOCSP-46323 -- external review

* DOCSP-46323 -- external review

* DOCSP-46323 -- external review

* DOCSP-46323 -- external review

* DOCSP-46323 -- WIP

* DOCSP-46323 -- external review

* DOCSP-46323 -- external review

* DOCSP-46323 -- external review

Author: jvincent-mongodb

snooty.toml

@@ -18,6 +18,7 @@ toc_landing_pages = [
     "/om-resources",
     "/reference",
     "/reference/operator-settings",
+    "/reference-architectures/multi-cluster",
     "/security",
     "/tutorial/om-arch",
     "/tutorial/om-arch-multi-cluster",
@@ -70,6 +71,8 @@ bic-full = ":bic:`MongoDB Connector for BI </>`"
 bic-short = ":bic:`BI Connector </>`"
 bic = "BI Connector for Atlas"
 bson = ":abbr:`BSON (Binary Javascript Object Notation)`"
+ca-cert = "CA Certificate"
+ca-certs = "CA Certificates"
 certauth = ":abbr:`CA (Certificate Authority)`"
 cidr = ":abbr:`CIDR (Classless Inter-Domain Routing)`"
 cifs = ":abbr:`CIFS (Common Internet File System)`"

source/index.txt

@@ -63,6 +63,7 @@ optimal performance.
    Deploy on Multiple Kubernetes Clusters </multi-cluster>
    Modify Containers </tutorial/modify-resource-image>
    Host on GDC </gdc-hosted>
+   Reference Architectures </reference-architectures>
    Reference </reference>
    FAQ </faq.txt>
    Release Notes </release-notes>

source/reference-architectures.txt

@@ -0,0 +1,24 @@
+.. _reference-architectures:
+
+=======================
+Reference Architectures
+=======================
+
+.. default-domain:: mongodb
+
+.. contents:: On this page
+   :local:
+   :backlinks: none
+   :depth: 1
+   :class: singlecol
+
+
+
+
+
+.. toctree::
+   :titlesonly:
+   :hidden:
+
+   How to Use a Reference Architecture </reference-architectures/how-to-use>
+   Multi-Cluster Architecture </reference-architectures/multi-cluster>

source/reference-architectures/ca-certs.txt

@@ -0,0 +1,83 @@
+.. _reference-architectures-ca-certs:
+
+================
+TLS Certificates
+================
+
+.. default-domain:: mongodb
+
+.. contents:: On this page
+   :local:
+   :backlinks: none
+   :depth: 1
+   :class: singlecol
+
+This section provides guidance on the creation of TLS certificates for each 
+component of MongoDB, and the creation of |k8s| Secrets in each of your |k8s| 
+clusters to mount the TLS certificates securely into the appropriate |k8s| Pods. 
+
+The process outlined below utilizes `Cert Manager <https://cert-manager.io/>`__ 
+for creating the TLS certificates. However, please note that this is an 
+opinionated guide, and CertManager is not supported by MongoDB. Moreover, CertManager 
+is only one of many ways in which you can add TLS certificates to your |k8s| clusters.
+Additionally, self-signed certificates may not be suitable for production deployments, 
+depending on the security requirements of your organization. If you require 
+publicly trusted certificates please configure your `Issuer <https://cert-manager.io/docs/configuration/issuers/>`__ accordingly 
+or provide the TLS certificate directly. To learn more, see :ref:`<cert-manager-integration>`.
+
+Prerequisites
+-------------
+
+Before you begin, perform the following tasks:
+
+- Install ``kubectl``.
+- Install `Helm <https://helm.sh/docs/intro/install/>`__.
+- Set the ``K8S_CLUSTER_*_CONTEXT_NAME`` environment variables as 
+  explained in the :ref:`GKE Clusters guide <reference-architectures-gke-clusters>`.
+
+Source Code
+-----------
+
+You can find all included source code in the `MongoDB Kubernetes Operator repository <https://github.com/mongodb/mongodb-enterprise-kubernetes/tree/${current_branch}/architectures/setup-multi-cluster/setup-gke/setup-cert-manager>`__.
+
+Procedure
+----------
+
+.. procedure::
+   :style: normal
+
+   .. step:: Add the Helm charts repo.
+
+      .. literalinclude:: /includes/code-examples/reference-architectures/setup-multi-cluster/setup-cert-manager/code_snippets/0215_helm_configure_repo.sh
+         :language: bash
+         :linenos:
+
+         .. output:: /includes/code-examples/reference-architectures/setup-multi-cluster/setup-cert-manager/output/0215_helm_configure_repo.out
+
+   .. step:: Use Helm to install cert-manager.
+
+      .. literalinclude:: /includes/code-examples/reference-architectures/setup-multi-cluster/setup-cert-manager/code_snippets/0216_helm_install_cert_manager.sh
+         :language: bash
+         :linenos:
+
+         .. output:: /includes/code-examples/reference-architectures/setup-multi-cluster/setup-cert-manager/output/0216_helm_install_cert_manager.out
+
+   .. step:: Create a certificate issuer.
+
+      .. literalinclude:: /includes/code-examples/reference-architectures/setup-multi-cluster/setup-cert-manager/code_snippets/0220_create_issuer.sh
+         :language: bash
+         :linenos:
+
+   .. step::  Verify creation of the issuer.
+
+      .. literalinclude:: /includes/code-examples/reference-architectures/setup-multi-cluster/setup-cert-manager/code_snippets/0221_verify_issuer.sh
+         :language: bash
+         :linenos:
+
+      .. output:: /includes/code-examples/reference-architectures/setup-multi-cluster/setup-cert-manager/output/0221_verify_issuer.out
+
+   .. step:: Create CA configMap.
+
+      .. literalinclude:: /includes/code-examples/reference-architectures/setup-multi-cluster/setup-cert-manager/code_snippets/0225_create_ca_configmap.sh
+         :language: bash
+         :linenos:

source/reference-architectures/deploy-operator.txt

@@ -0,0 +1,115 @@
+.. _reference-architectures-deploy-operator:
+
+=======================================
+Deploy the MongoDB Enterprise Operator
+=======================================
+
+.. default-domain:: mongodb
+
+.. contents:: On this page
+   :local:
+   :backlinks: none
+   :depth: 1
+   :class: singlecol
+
+
+In order to deploy multiple instances of MongoDB resources across multiple 
+|k8s| clusters, you first need to deploy the |k8s-op-short| to one of your 
+|k8s| clusters. Once the |k8s-op-short| is deployed to a central |k8s| cluster, 
+you can then create and manage all of your MongoDB resources across all of your 
+|k8s| clusters by applying updates to your central |k8s| cluster. 
+
+Prerequisites
+-------------
+
+Before you begin the following procedure, perform the following actions:
+
+- Install ``kubectl``. 
+- Install `Helm <https://helm.sh/docs/intro/install/>`__.
+- Complete the :ref:`GKE Clusters procedure <reference-architectures-gke-clusters>` or the equivalent.
+- Complete the :ref:`TLS Certificates procedure <reference-architectures-ca-certs>` or the equivalent.
+- Complete the :ref:`Istio Service mesh procedure <reference-architectures-istio-service-mesh>` or the equivalent.
+- Install the |kubectl-mongodb|.
+  To install the |kubectl-mongodb|:
+  
+  .. include:: /includes/steps/install-kubectl-mongodb-plugin.rst
+- Update as needed and set the environment variables defined in the following  ``env_variables.sh`` file.
+
+  .. literalinclude:: /includes/code-examples/reference-architectures/setup-multi-cluster/setup-operator/env_variables.sh
+    :language: bash
+    :linenos:
+
+Source Code
+-----------
+
+You can find all included source code in the `MongoDB Kubernetes Operator repository <https://github.com/mongodb/mongodb-enterprise-kubernetes/tree/${current_branch}/architectures/setup-multi-cluster/setup-gke/setup-operator>`__.
+
+Procedure
+---------
+
+.. procedure::
+   :style: normal
+
+   .. step:: Create namespaces for the |k8s-op-short|, MongoDB and Ops Manager in each of your |k8s| clusters.
+
+      .. literalinclude:: /includes/code-examples/reference-architectures/setup-multi-cluster/setup-operator/code_snippets/0045_create_namespaces.sh
+         :language: bash
+
+   .. step:: Create image pull secrets.
+
+      .. literalinclude:: /includes/code-examples/reference-architectures/setup-multi-cluster/setup-operator/code_snippets/0046_create_image_pull_secrets.sh
+         :language: bash
+   
+   .. step:: Configure your |k8s| clusters. 
+
+      Run the following command to configure your |k8s| clusters.
+
+      .. io-code-block:: 
+         :copyable: true
+     
+         .. input:: /includes/code-examples/reference-architectures/setup-multi-cluster/setup-operator/code_snippets/0200_kubectl_mongodb_configure_multi_cluster.sh
+            :language: bash
+            :linenos:
+
+         .. output:: /includes/code-examples/reference-architectures/setup-multi-cluster/setup-operator/output/0200_kubectl_mongodb_configure_multi_cluster.out
+            :visible: false
+
+   .. step:: Add the MongoDB Helm Charts for Kubernetes.
+
+      Add the `MongoDB Helm Charts for Kubernetes <https://mongodb.github.io/helm-charts>`__ repository to Helm.
+
+      .. io-code-block:: 
+         :copyable: true
+     
+         .. input:: /includes/code-examples/reference-architectures/setup-multi-cluster/setup-operator/code_snippets/0205_helm_configure_repo.sh
+            :language: bash
+            :linenos:
+
+         .. output:: /includes/code-examples/reference-architectures/setup-multi-cluster/setup-operator/output/0205_helm_configure_repo.out
+            :visible: false
+
+   .. step:: Deploy the |k8s-op-short|.
+
+      Use the `MongoDB Helm Charts for Kubernetes <https://mongodb.github.io/helm-charts>`__ to deploy the |k8s-op-short|.
+
+      .. io-code-block:: 
+         :copyable: true
+     
+         .. input:: /includes/code-examples/reference-architectures/setup-multi-cluster/setup-operator/code_snippets/0210_helm_install_operator.sh
+            :language: bash
+            :linenos:
+
+         .. output:: /includes/code-examples/reference-architectures/setup-multi-cluster/setup-operator/output/0210_helm_install_operator.out
+            :visible: false
+
+   .. step:: Check the status of your MongoDB Kubernetes Operator.
+
+      .. io-code-block:: 
+         :copyable: true
+     
+         .. input:: /includes/code-examples/reference-architectures/setup-multi-cluster/setup-operator/code_snippets/0211_check_operator_deployment.sh
+            :language: bash
+            :linenos:
+
+         .. output:: /includes/code-examples/reference-architectures/setup-multi-cluster/setup-operator/output/0211_check_operator_deployment.out
+            :visible: false

source/reference-architectures/gke-clusters.txt

@@ -0,0 +1,94 @@
+.. _reference-architectures-gke-clusters:
+
+============
+GKE Clusters
+============
+
+.. default-domain:: mongodb
+
+.. contents:: On this page
+   :local:
+   :backlinks: none
+   :depth: 1
+   :class: singlecol
+
+Kubernetes is not vendor specific; however, for the sake of providing explicit 
+and complete instructions for deploying all elements of a multi-cluster 
+|k8s-op-short| implementation, this section walks you through the process 
+of deploying multiple Kubernetes clusters on |gcp| specifically. 
+
+Prerequisites
+-------------
+
+Before you begin, perform the following actions:
+
+- Create a |gcp| account.
+- Prepare a |gcp| project so that you can use it to create |gke| clusters.
+- Install the |gcp| `CLI <https://cloud.google.com/sdk/docs/install>`__. 
+- `Authenticate <https://cloud.google.com/docs/authentication/gcloud>`__ with the ``gcloud auth login`` command. 
+- Update as needed and set the environment variables defined in the following  ``env_variables.sh`` file. 
+
+.. literalinclude:: /includes/code-examples/reference-architectures/setup-multi-cluster/setup-gke/env_variables.sh
+  :language: bash
+  :linenos:
+
+Source Code
+-----------
+
+You can find all included source code in the `MongoDB Kubernetes Operator repository <https://github.com/mongodb/mongodb-enterprise-kubernetes/tree/${current_branch}/architectures/setup-multi-cluster/setup-gke>`__.
+
+Procedure
+----------
+
+.. procedure::
+   :style: normal
+
+   .. step:: Set your default gcloud project:
+
+      .. literalinclude:: /includes/code-examples/reference-architectures/setup-multi-cluster/setup-gke/code_snippets/0005_gcloud_set_current_project.sh
+         :language: bash
+         :linenos:
+
+   .. step:: Create |k8s| clusters.
+
+      Create three |gke| clusters:
+     
+      .. literalinclude:: /includes/code-examples/reference-architectures/setup-multi-cluster/setup-gke/code_snippets/0010_create_gke_cluster_0.sh
+         :language: bash
+         :linenos:
+
+      .. literalinclude:: /includes/code-examples/reference-architectures/setup-multi-cluster/setup-gke/code_snippets/0010_create_gke_cluster_1.sh
+         :language: bash
+         :linenos:
+
+      .. literalinclude:: /includes/code-examples/reference-architectures/setup-multi-cluster/setup-gke/code_snippets/0010_create_gke_cluster_2.sh
+         :language: bash
+         :linenos:
+
+   .. step:: Store credentials in your kubeconfig.
+
+      Obtain credentials and save contexts to the current ``kubeconfig``
+      file. By default, this file is located in the ``~/.kube/config`` directory
+      and referenced by the ``$KUBECONFIG`` :ref:`environment variable <set-env-vars-om-mc>`.
+
+      .. literalinclude:: /includes/code-examples/reference-architectures/setup-multi-cluster/setup-gke/code_snippets/0020_get_gke_credentials.sh
+         :language: bash
+         :linenos:
+
+      All ``kubectl`` commands reference these contexts using the following variables:
+
+      - ``$K8S_CLUSTER_0_CONTEXT_NAME``
+      - ``$K8S_CLUSTER_1_CONTEXT_NAME``
+      - ``$K8S_CLUSTER_2_CONTEXT_NAME``
+
+   .. step:: Verify that ``kubectl`` has access to |k8s| clusters.
+
+      .. io-code-block:: 
+         :copyable: true 
+
+         .. input:: /includes/code-examples/reference-architectures/setup-multi-cluster/setup-gke/code_snippets/0030_verify_access_to_clusters.sh
+            :linenos:
+            :language: bash
+
+         .. output:: /includes/code-examples/reference-architectures/setup-multi-cluster/setup-gke/output/0030_verify_access_to_clusters.out
+            :linenos: