(DOCSP-18180) multi-cluster beta (#757)

* (DOCSP-18180) multi-cluster beta

* Initial review, content restructuring

* Build warnings removal

* Edits, ready for a copy review

* Adjust the table of contents

* A few more edits

* Address copy review round1 from John W

* Address 2nd round of copy review

* Remove exta bullet where it is not needed

* A few more cleanup type edits

* A few more nits

* Address tech review from Ciprian

* Fixed code block indentation in step 2

* Add minor edits to code examples for clarity

* Add minor edits to code examples for clarity

* Add minor edits to code examples for clarity

* Add minor edits to code examples for clarity

* Add minor edits to code examples for clarity

Author: JuliaMongo

conf.py

@@ -115,7 +115,7 @@
     '.. |epoch-time| replace:: timestamp in the number of seconds that have elapsed since the `UNIX epoch <https://en.wikipedia.org/wiki/Unix_time?oldid=828172017>`__',
     '.. |fqdn| replace:: :abbr:`FQDN (fully qualified domain name)`',
     '.. |gcp| replace:: :abbr:`GCP (Google Cloud Platform)`',
-    '.. |gke| replace:: :abbr:`GKE (Google Kubernetes Engine)`',
+    '.. |gke| replace:: `GKE (Google Kubernetes Engine) <https://cloud.google.com/kubernetes-engine>`__',
     '.. |global-write-clusters| replace:: Global Clusters',
     '.. |global-write-cluster| replace:: Global Cluster',
     '.. |global-write| replace:: Global Writes',
@@ -130,7 +130,8 @@
     '.. |iso8601-duration| replace:: Duration in `ISO 8601 <https://en.wikipedia.org/wiki/ISO_8601?oldid=851138376#Durations>`__ notation',
     '.. |iso8601-time| replace:: Timestamp in `ISO 8601 <https://en.wikipedia.org/wiki/ISO_8601?oldid=793821205>`__ date and time format in |utc|',
     '.. |iso8601| replace:: `ISO 8601 <https://en.wikipedia.org/wiki/ISO_8601?oldid=793821205>`__',
-    '.. |jira| replace:: `Jira <https://jira.mongodb.org>`__"',
+    '.. |istio| replace:: `Istio <https://istio.io/>`__',
+    '.. |jira| replace:: `Jira <https://jira.mongodb.org>`__',
     '.. |json| replace:: :abbr:`JSON (Javascript Object Notation)`',
     '.. |jedec| replace:: :abbr:`JEDEC (Joint Electron Device Engineering Council Solid State Technology Association)`',
     '.. |jvm| replace:: :abbr:`JVM (Java Virtual Machine)`',
@@ -184,6 +185,8 @@
     '.. |mongod| replace:: :binary:`~bin.mongod`',
     '.. |mongos| replace:: :binary:`~bin.mongos`',
     '.. |mongo| replace:: :binary:`~bin.mongo`',
+    '.. |multi-cluster| replace:: Multi-Cluster Deployment',
+    '.. |multi-clusters| replace:: Multi-Cluster Deployments',
     '.. |oc| replace:: :xml:`<mono><link target="https://docs.openshift.com/container-platform/3.11/cli_reference/index.html">oc</link></mono>`',
     '.. |onprem| replace:: Ops Manager',
     '.. |onprem-link| replace:: :opsmgr:`Ops Manager </>`',

config/redirects

@@ -12,6 +12,13 @@ symlink: stable -> v1.12
 # Base URL
 raw: kubernetes-operator/ -> ${base}/stable/
 
+# Add redirects related to the addition of new topics for multi-cluster
+# beta in the Operator v1.13.
+
+[*-v1.12]: kubernetes-operator/${version}/multi-cluster -> ${base}/stable/multi-cluster
+[*-v1.12]: kubernetes-operator/${version}/multi-cluster-quick-start -> ${base}/stable/multi-cluster
+[*-v1.12]: kubernetes-operator/${version}/multi-cluster-arch -> ${base}/stable/multi-cluster
+
 # Add redirects related to the removal of
 # /tutorial/migrate-to-single-resource. This topic was added initially
 # for v1.3 that is now EOL.

source/images/multi-cluster-arch.svg

@@ -0,0 +1,237 @@
+---
+stepnum: 1
+level: 4
+ref: clone-k8s-repo-multi-cluster
+title: "Clone the :github:`MongoDB Enterprise Kubernetes Operator repository </mongodb/mongodb-enterprise-kubernetes>`."
+content: |
+
+  .. code-block:: sh
+
+     git clone https://github.com/mongodb/mongodb-enterprise-kubernetes.git
+
+---
+stepnum: 2
+level: 4
+ref: run-multi-cluster-tool
+title: "Run the ``multi-cluster kubeconfig creator`` tool."
+content: |
+
+  By default, the |k8s-op-short| uses the ``mongodb`` namespace.
+  To simplify your installation, the tool creates one central cluster,
+  three member clusters, and a namespace labeled ``mongodb`` in each of
+  the clusters.
+  
+  a. Change to the directory in which you cloned the repository.
+  #. Run the :github:`multi-cluster kubeconfig creator </mongodb/mongodb-enterprise-kubernetes/blob/master/tools/multicluster/main.go>`
+     tool:
+
+     .. code-block:: sh
+
+        go run tools/multicluster/main.go \
+          -central-cluster="${MDB_CENTRAL_CLUSTER_FULL_NAME}" \
+          -member-clusters="${MDB_CLUSTER_1_FULL_NAME},${MDB_CLUSTER_2_FULL_NAME},${MDB_CLUSTER_3_FULL_NAME}" \
+          -member-cluster-namespace="mongodb" \
+          -central-cluster-namespace="mongodb"
+
+---
+stepnum: 3
+level: 4
+ref: set-istio-webhook
+title: "Set the Istio injection webhook in each member cluster."
+content: |
+   
+   In each member cluster, label namespaces with the
+   ``istio-injection=enabled`` label to enable Istio's injection
+   webhook. This ensures that any Pods that you create in these
+   namespaces will have a sidecar added to them. To learn more, see
+   `Automatic sidecar injection <https://istio.io/latest/docs/setup/additional-setup/sidecar-injection/#automatic-sidecar-injection>`__
+   in the Istio documentation.
+
+   .. code-block:: sh
+      :emphasize-lines: 4
+
+      kubectl label \
+        --context=$MDB_CLUSTER_1_FULL_NAME \
+         --namespace mongodb \
+         istio-injection=enabled
+
+   .. code-block:: sh
+      :emphasize-lines: 4
+
+      kubectl label \
+        --context=$MDB_CLUSTER_2_FULL_NAME \
+        --namespace mongodb \
+        istio-injection=enabled
+
+   .. code-block:: sh
+      :emphasize-lines: 4
+
+      kubectl label \
+        --context=$MDB_CLUSTER_3_FULL_NAME \
+        --namespace mongodb \
+        istio-injection=enabled
+
+---
+stepnum: 4
+level: 4
+title: "Configure ``kubectl`` to use the central cluster's namespace."
+ref: configure-kubectl-mc
+content: |
+
+  If you have not done so already, run the following commands to execute
+  all ``kubectl`` commands on the central cluster in the default
+  namespace. In the following steps, you will install the |k8s-op-short|
+  into this namespace.
+
+  .. code-block:: sh
+
+     kubectl config use-context $MDB_CENTRAL_CLUSTER_FULL_NAME
+     kubectl config set-context $(kubectl config current-context) \
+     --namespace=mongodb
+
+---
+stepnum: 5
+level: 4
+title: "Install the |k8s-op-full| in the central cluster."
+ref: install-kubectl-mc
+content: |
+
+     Use Helm to install the |k8s-op-short| for managing your
+     |multi-cluster|:
+
+     .. code-block:: sh
+
+        helm upgrade \
+          --install \
+            mongodb-enterprise-operator-multi-cluster \
+            public/helm_chart \
+              --namespace mongodb \
+              --set namespace=mongodb \
+              --set operator.name=mongodb-enterprise-operator-multi-cluster \
+              --set operator.createOperatorServiceAccount=false \
+              --set "multiCluster.clusters={${MDB_CLUSTER_1_FULL_NAME},${MDB_CLUSTER_2_FULL_NAME},${MDB_CLUSTER_3_FULL_NAME}}"
+---
+stepnum: 6
+title: "Deploy the MongoDB resource."
+ref: deploy-mdbresource-mc
+content: |
+
+   a. Create a secret in each member cluster so that the |k8s-op-short|
+      can create and update objects in your |mms| project.
+      To learn more, see :ref:`create-k8s-credentials`.
+
+   #. Create a ConfigMap in each member cluster to link the
+      |k8s-op-short| to your |mms| project.
+      To learn more, see :ref:`create-k8s-project`.
+
+   #. Configure the required service accounts in each member cluster:
+
+      .. code-block:: sh
+
+         helm template --show-only \
+           templates/database-roles.yaml \
+           public/helm_chart \
+           --set namespace=mongodb | \
+         kubectl apply -f - \
+           --context=$MDB_CLUSTER_1_FULL_NAME \
+           --namespace mongodb
+
+      .. code-block:: sh
+
+         helm template --show-only \
+           templates/database-roles.yaml \
+           public/helm_chart \
+           --set namespace=mongodb | \
+         kubectl apply -f - \
+           --context=$MDB_CLUSTER_2_FULL_NAME \
+           --namespace mongodb
+
+      .. code-block:: sh
+
+         helm template --show-only \
+           templates/database-roles.yaml \
+           public/helm_chart \
+           --set namespace=mongodb | \
+         kubectl apply -f - \
+           --context=$MDB_CLUSTER_3_FULL_NAME \
+           --namespace mongodb
+
+   #. Set :setting:`spec.credentials` and :setting:`spec.opsManager.configMapRef.name`
+      and deploy the MongoDB resource.
+      In the following code sample, ``duplicateServiceObjects``
+      is set to ``true`` to enable
+      `DNS proxying <https://istio.io/latest/docs/ops/configuration/traffic-management/dns-proxy/>`__
+      in Istio.
+      
+      .. note::
+         To enable the cross-cluster DNS resolution by the Istio
+         service mesh, this tutorial creates service objects with a
+         single ClusterIP address per each |k8s| Pod.
+
+      .. code-block:: sh
+         :emphasize-lines: 10,11,16-18
+
+         kubectl apply -f - <<EOF
+         apiVersion: mongodb.com/v1
+         kind: MongoDBMulti
+         metadata:
+           name: multi-replica-set
+         spec:
+           version: 4.4.0-ent
+           type: ReplicaSet
+           persistent: false
+           duplicateServiceObjects: true
+           credentials: my-credentials
+           security:
+             authentication:
+               enabled: true
+               modes: ["SCRAM"]
+             opsManager:
+               configMapRef:
+                 name: my-project
+             clusterSpecList:
+               clusterSpecs:
+                - clusterName: ${MDB_CLUSTER_1_FULL_NAME}
+                  members: 3
+                - clusterName: ${MDB_CLUSTER_2_FULL_NAME}
+                  members: 2
+                - clusterName: ${MDB_CLUSTER_3_FULL_NAME}
+                  members: 3
+         EOF
+---
+stepnum: 7
+level: 4
+title: "Verify that the MDB resources are running."
+ref: verify-mdb-resources-mc
+content: |
+
+  a. For member clusters, run the following commands to verify that
+     the MongoDB Pods are in the running state:
+
+     .. code-block:: sh
+
+        kubectl get pods \
+         --context=$MDB_CLUSTER_1_FULL_NAME \
+         --namespace mongodb
+
+     .. code-block:: sh
+
+        kubectl get pods \
+         --context=$MDB_CLUSTER_2_FULL_NAME \
+         --namespace mongodb
+
+     .. code-block:: sh
+
+        kubectl get pods \
+         --context=$MDB_CLUSTER_3_FULL_NAME \
+         --namespace mongodb
+
+  #.  In the central cluster, run the following commands to verify that
+      the MongoDBMulti ``CustomResource`` is in the running state:
+
+      .. code-block:: sh
+
+         kubectl --context=$MDB_CENTRAL_CLUSTER_FULL_NAME \
+           --namespace mongodb \
+           get mdbm multi-replica-set -o yaml -w
+...

source/includes/steps-multi-cluster-beta-quick-start.yaml

@@ -54,6 +54,7 @@ optimal performance.
       Install the Operator </installation>
       Deploy Ops Manager Resources </om-resources>
       Deploy MongoDB Database Resources </mdb-resources>
+      Deploy Multiple Clusters (Beta) </multi-cluster>
       /tutorial/modify-resource-image
       /reference
       Release Notes </release-notes>

source/index.txt

@@ -0,0 +1,78 @@
+.. _multi-cluster-arch:
+
+===========================
+Multi-Cluster Architecture
+===========================
+
+.. default-domain:: mongodb
+
+.. contents:: On this page
+   :local:
+   :backlinks: none
+   :depth: 2
+   :class: singlecol
+
+.. _multi-cluster-beta-limitations:
+
+Features Not Available in the Beta Release
+------------------------------------------
+
+.. important::
+   Use the beta release of the |multi-clusters| only in development
+   environments.
+
+The following features of the |k8s-op-full| and the underlying |k8s|
+clusters are not available in the beta release of the |multi-clusters|:
+
+- Sharded cluster deployments
+- LDAP authentication
+- Backup and restore
+- X.509 user authentication
+- |onprem| version earlier than 5.0
+- Split Horizon
+- SRV record connection string
+
+.. _multi-cluster-diagram:
+
+Multi-Cluster Deployment Architecture
+-------------------------------------
+
+The |k8s-op-full| runs in a central |k8s| cluster. If you deploy
+|onprem| with the |k8s-op-short|, the central cluster may also host
+|onprem|.
+The central cluster holds the ``MongoDBMulti`` CustomResource spec for
+the MongoDB replica set.
+The member |k8s| clusters host the MongoDB replica sets.
+
+|istio| manages the discovery of MongoDB nodes deployed in different
+|k8s| member clusters.
+
+You can host your application on any of the member clusters inside the
+Istio service mesh, either on |k8s| clusters outside of the ones that you
+deploy with the |k8s-op-short|, or on the member clusters that you deploy
+as part of this tutorial.
+
+The |k8s-op-full| performs these actions:
+
+- Identifies the cluster on which to deploy the MongoDB replica set
+  using the corresponding ``MongoDBMulti`` CustomResource spec, and
+  deploys the MongoDB replica sets.
+
+- Watches for the ``MongoDBMulti`` CustomResource spec creation in the
+  central cluster.
+
+- Uses the mounted ``kubeconfig`` file to communicate with member clusters.
+
+- Watches for the ``CentralCluster`` and ``MemberCluster`` events to
+  confirm that the |multi-cluster| is in the desired state.
+
+- Reconciles resources. Creates the necessary resources, such as
+  Configmaps, Secrets, Service objects, and Statefulset objects in
+  each member cluster corresponding to the number of replica set members
+  in the MongoDB cluster.
+
+.. figure:: /images/multi-cluster-arch.svg
+   :alt: Diagram showing the high-level architecture of the multi-cluster
+         deployment across regions and availability zones using the
+         MongoDB Enterprise Kubernetes Operator
+   :figwidth: 600px