AppsCode
  • KubeDB

    Run Production-Grade Databases on Kubernetes

    KubeStash New

    Backup and Recovery Solution for Kubernetes

    Stash

    Backup and Recovery Solution for Kubernetes

    KubeVault

    Run Production-Grade Vault on Kubernetes

    Voyager

    Secure Ingress Controller for Kubernetes

    ConfigSyncer

    Kubernetes Configuration Syncer

    Guard

    Kubernetes Authentication WebHook Server

    KubeDB

    KubeDB simplifies Provisioning, Upgrading, Scaling, Volume Expansion, Monitor, Backup, Restore for various Databases in Kubernetes on any Public & Private Cloud

    • check-boxLower administrative burden
    • check-boxNative Kubernetes Support
    • check-boxPerformance
    • check-boxAvailability and durability
    • check-boxManageability
    • check-boxCost-effectiveness
    • check-boxSecurity
    kubestash

    A complete Kubernetes native disaster recovery solution for backup and restore your volumes and databases in Kubernetes on any public and private clouds.

    • check-boxDeclarative API
    • check-boxBackup Kubernetes Volumes
    • check-boxBackup Database
    • check-boxMultiple Storage Support
    • check-boxDeduplication
    • check-boxData Encryption
    • check-boxVolume Snapshot
    • check-boxPolicy Based Backup
    Stash

    A complete Kubernetes native disaster recovery solution for backup and restore your volumes and databases in Kubernetes on any public and private clouds.

    • check-boxDeclarative API
    • check-boxBackup Kubernetes Volumes
    • check-boxBackup Database
    • check-boxMultiple Storage Support
    • check-boxDeduplication
    • check-boxData Encryption
    • check-boxVolume Snapshot
    • check-boxPolicy Based Backup
    KubeVault

    KubeVault is a Git-Ops ready, production-grade solution for deploying and configuring Hashicorp's Vault on Kubernetes.

    • check-boxVault Kubernetes Deployment
    • check-boxAuto Initialization & Unsealing
    • check-boxVault Backup & Restore
    • check-boxConsume KubeVault Secrets with CSI
    • check-boxManage DB Users Privileges
    • check-boxStorage Backend
    • check-boxAuthentication Method
    • check-boxDatabase Secret Engine
    Voyager

    Secure Ingress Controller for Kubernetes

    • check-boxHTTP & TCP
    • check-boxSSL
    • check-boxPlatform support
    • check-boxHAProxy
    • check-boxPrometheus
    • check-boxLet's Encrypt
    configsyncer

    Kubernetes Configuration Syncer

    • check-boxConfiguration Syncer
    Guard

    Kubernetes Authentication WebHook Server

    • check-boxIdentity Providers
    • check-boxCLI
    • check-boxRBAC
  • RESOURCES
  • Webinar New
CONTACT SALES
KubeDB
github-icon twitterx-icon
TRY NOW FREE
You are looking at the documentation of a prior release. To read the documentation of the latest release, please visit here.

New to KubeDB? Please start here.

Before You Begin

What is Schema Manager

Schema Manager is a Kubernetes operator developed by AppsCode that implements multi-tenancy inside KubeDB provisioned database servers like MySQL, MariaDB, PosgreSQL and MongoDB etc. With Schema Manager one can create database into specific database server. An user will also be created with KubeVault and assigned to that database. Using the newly created user credential one can access the database and run operations into it. One may pass the database server reference, configuration, user access policy through a single yaml and Schema Manager will do all the task above mentioned. Schema Manager also allows initializing the database and restore snapshot while bootstrap.

How MongoDB Schema Manager Process Works

The following diagram shows how MongoDB Schema Manager process worked. Open the image in a new tab to see the enlarged version.

MongoDB Schema Mananger Diagram
Fig: Process of MongoDB Schema Manager

The process consists of the following steps:

  1. At first the user will deploy a MongoDBDatabase object.

  2. Once a MongoDBDatabase object is deployed to the cluster, the Schema Manager operator first verifies if it has the required permission to be able to interact with the referred database-server by checking Double-OptIn. After the Double-OptIn verification Schema Manager operator checks in the MongoDB server if the target database is already present or not. If the database already present there, then the MongoDBDatabase object will be immediately denied.

  3. Once everything is ok in the MongoDB server side, then the target database will be created and an entry for that will be entered in the kubedb_system database.

  4. Then Schema Manager operator creates a MongoDB Role.

  5. Vault operator always watches for a Database Role.

  6. Once Vault operator finds a Database Role, it creates a Secret for that Role.

  7. After this process, the Vault operator creates a User in the MongoDB server. The user gets all the privileges on our target database and its credentials are served with the Secret. The user credentials secret reference is patched with the MongoDBDatabase object yaml in the .status.authSecret.name field.

  8. If there is any init script associated with the MongoDBDatabase object, it will be executed in this step with the Schema Manager operator.

  9. The user can also provide a snapshot reference for initialization. In that case Schema Manager operator fetches necessary appbinding, secrets, repository.

  10. Stash operator watches for a Restoresession.

  11. Once Stash operator finds a Restoresession, it Restores the targeted database with the Snapshot.

In the next doc, we are going to show a step by step guide of using MongoDB Schema Manager with KubeDB.

What's on this Page

Search
Improve This Page