Kubernetes is a portable, extensible, open source platform for managing containerized workloads and services. For a given workload, you provide Kubernetes with a configuration, and Kubernetes applies that configuration to all Kubernetes nodes that are running the application.
CockroachDB can be deployed and managed on Kubernetes using the following methods:
-
CockroachDB Kubernetes Operator
Note:The CockroachDB Kubernetes Operator is also available on platforms such as Red Hat OpenShift and IBM Cloud Pak for Data.
Manual StatefulSet configuration
Helm package manager for Kubernetes
CockroachDB on Kubernetes
This section describes how to:
- Deploy CockroachDB on a single Kubernetes cluster
- Deploy CockroachDB on Red Hat OpenShift
- Orchestrate CockroachDB across multiple Kubernetes clusters
Kubernetes terminology
Before starting, review some basic Kubernetes terminology. Note that CockroachDB nodes are distinct from Kubernetes "nodes" or "worker nodes".
Feature | Description |
---|---|
node | A physical or virtual machine. In the deployment tutorial, you'll create GCE or AWS instances and join them as worker nodes into a single Kubernetes cluster from your local workstation. |
pod | A pod is a group of one of more Docker containers. In the deployment tutorial, each pod will run on a separate Kubernetes worker node and include one Docker container running a single CockroachDB node, reflecting our topology recommendations. |
StatefulSet | A StatefulSet is a group of pods treated as stateful units, where each pod has distinguishable network identity and always binds back to the same persistent storage on restart. StatefulSets are considered stable as of Kubernetes version 1.9 after reaching beta in version 1.5. |
persistent volume | A persistent volume is a piece of networked storage (Persistent Disk on GCE, Elastic Block Store on AWS) mounted into a pod. The lifetime of a persistent volume is decoupled from the lifetime of the pod that's using it, ensuring that each CockroachDB node binds back to the same storage on restart. The deployment tutorial assumes that dynamic volume provisioning is available. When that is not the case, persistent volume claims need to be created manually. |
RBAC | RBAC, or Role-Based Access Control, is the system Kubernetes uses to manage permissions within the cluster. In order to take an action (e.g., get or create ) on an API resource (e.g., a pod ), the client must have a Role that allows it to do so. The deployment tutorial creates the RBAC resources necessary for CockroachDB to create and access certificates. |