Was this page helpful?
Caution
You're viewing documentation for an unstable version of Scylla Operator. Switch to the latest stable version.
GitOps (kubectl)¶
Disclaimer¶
The following commands reference manifests that come from the same repository as the source code is being built from.
This means we can’t have a pinned reference to the latest release as that is a chicken-egg problem. Therefore, we use a rolling tag (e.g., {major}.{minor} or latest) for the particular branch in our manifests.
Caution
For production deployment, you should always replace the Scylla Operator image in all the manifests that contain it with a stable (full version) reference. We’d encourage you to use a sha reference, although using full-version tags is also fine.
Note
You can run your ScyllaDB cluster in the Kubernetes namespace of your choice (you can change the namespace used in this guide to your preference). It is a best practice (but not strictly required) to run your ScyllaDB cluster in a namespace separate from other applications.
However, the ScyllaDB Operator and ScyllaDB Manager must run in namespaces scylla-operator and scylla-manager, respectively. It is not currently possible to use different namespaces for these two components.
Installation¶
Prerequisites¶
Scylla Operator has a few dependencies that you need to install to your cluster first.
In case you already have a supported version of each of these dependencies installed in your cluster, you can skip this part.
Cert Manager¶
kubectl apply --server-side -f=https://raw.githubusercontent.com/scylladb/scylla-operator/master/examples/third-party/cert-manager.yaml
# Wait for CRDs to propagate to all apiservers.
kubectl wait --for condition=established --timeout=60s crd/certificates.cert-manager.io crd/issuers.cert-manager.io
# Wait for components that other steps depend on.
for deploy in cert-manager{,-cainjector,-webhook}; do
kubectl -n=cert-manager rollout status --timeout=10m deployment.apps/"${deploy}"
done
# Wait for webhook CA secret to be created.
for i in {1..30}; do
{ kubectl -n=cert-manager get secret/cert-manager-webhook-ca && break; } || sleep 1
done
Prometheus Operator¶
Note
Scylla Operator currently relies on the Prometheus Operator CRDs being present in the cluster even if you do not use the
monitoring stack (ScyllaDBMonitoring CRD).
If the CRDs are not installed, Scylla Operator may report errors about missing Prometheus types. These errors do not affect the core functionality of Scylla Operator.
Support for making Prometheus Operator installation fully optional is being tracked in issue #3075.
kubectl apply -n prometheus-operator --server-side -f=https://raw.githubusercontent.com/scylladb/scylla-operator/master/examples/third-party/prometheus-operator.yaml
# Wait for CRDs to propagate to all apiservers.
kubectl wait --for='condition=established' crd/prometheuses.monitoring.coreos.com crd/prometheusrules.monitoring.coreos.com crd/servicemonitors.monitoring.coreos.com
# Wait for prometheus operator deployment.
kubectl -n=prometheus-operator rollout status --timeout=10m deployment.apps/prometheus-operator
Scylla Operator¶
Once you have the dependencies installed and available in your cluster, it is the time to install Scylla Operator.
kubectl -n=scylla-operator apply --server-side -f=https://raw.githubusercontent.com/scylladb/scylla-operator/master/deploy/operator.yaml
Caution
Scylla Operator deployment references its own image that it later runs alongside each ScyllaDB instance. Therefore, you have to also replace the image in the environment variable called SCYLLA_OPERATOR_IMAGE:
1apiVersion: apps/v1
2kind: Deployment
3metadata:
4 name: scylla-operator
5 namespace: scylla-operator
6# ...
7spec:
8 # ...
9 template:
10 # ...
11 spec:
12 # ...
13 containers:
14 - name: scylla-operator
15 # ...
16 image: docker.io/scylladb/scylla-operator:1.18.0@sha256:ea1d287c2699efdfdb040b4a8c35be74a12d19b292541d8a4204f7a079731ca6
17 env:
18 # ...
19 - name: SCYLLA_OPERATOR_IMAGE
20 value: docker.io/scylladb/scylla-operator:1.18.0@sha256:ea1d287c2699efdfdb040b4a8c35be74a12d19b292541d8a4204f7a079731ca6
The Scylla Operator image value and the SCYLLA_OPERATOR_IMAGE shall always match.
Be careful not to use a rolling tag for any of them to avoid an accidental skew!
# Wait for CRDs to propagate to all apiservers.
kubectl wait --for='condition=established' crd/scyllaclusters.scylla.scylladb.com crd/nodeconfigs.scylla.scylladb.com crd/scyllaoperatorconfigs.scylla.scylladb.com crd/scylladbmonitorings.scylla.scylladb.com
# Wait for the components to deploy.
kubectl -n=scylla-operator rollout status --timeout=10m deployment.apps/{scylla-operator,webhook-server}
Setting up local storage on nodes and enabling tuning¶
Caution
The following step heavily depends on the platform that you use, the machine type, or the options chosen when creating a node pool.
Please review the NodeConfig and adjust it for your platform!
Caution
Beginning with GKE version 1.32.1-gke.1002000, the Ubuntu image used by GKE clusters no longer provides the xfsprogs package by default.
This package is required to format the local NVMe disks used by ScyllaDB. Please refer to the xfsprogs section of the Kubernetes prerequisites page for more details.
kubectl -n=scylla-operator apply --server-side -f=https://raw.githubusercontent.com/scylladb/scylla-operator/master/examples/gke/nodeconfig-alpha.yaml
kubectl -n=scylla-operator apply --server-side -f=https://raw.githubusercontent.com/scylladb/scylla-operator/master/examples/eks/nodeconfig-alpha.yaml
Caution
This NodeConfig sets up loop devices instead of NVMe disks and is only intended for development purposes when you don’t have the NVMe disks available. Do not expect meaningful performance with this setup.
kubectl -n=scylla-operator apply --server-side -f=https://raw.githubusercontent.com/scylladb/scylla-operator/master/examples/generic/nodeconfig-alpha.yaml
Note
Performance tuning is enabled for all nodes that are selected by NodeConfig by default, unless opted-out.
After applying the manifest, wait for the NodeConfig to apply changes to the Kubernetes nodes.
kubectl wait --timeout=10m --for='condition=Progressing=False' nodeconfigs.scylla.scylladb.com/scylladb-nodepool-1
kubectl wait --timeout=10m --for='condition=Degraded=False' nodeconfigs.scylla.scylladb.com/scylladb-nodepool-1
kubectl wait --timeout=10m --for='condition=Available=True' nodeconfigs.scylla.scylladb.com/scylladb-nodepool-1
Local CSI driver¶
kubectl -n=local-csi-driver apply --server-side -f=https://raw.githubusercontent.com/scylladb/scylla-operator/master/examples/common/local-volume-provisioner/local-csi-driver/{00_clusterrole_def,00_clusterrole_def_openshift,00_clusterrole,00_namespace,00_scylladb-local-xfs.storageclass,10_csidriver,10_serviceaccount,20_clusterrolebinding,50_daemonset}.yaml
# Wait for it to deploy.
kubectl -n=local-csi-driver rollout status --timeout=10m daemonset.apps/local-csi-driver
ScyllaDB Manager¶
Note
ScyllaDB Manager is available for ScyllaDB Enterprise customers and ScyllaDB Open Source users. With ScyllaDB Open Source, ScyllaDB Manager is limited to 5 nodes. See the ScyllaDB Manager Proprietary Software License Agreement for details.
kubectl -n=scylla-manager apply --server-side -f=https://raw.githubusercontent.com/scylladb/scylla-operator/master/deploy/manager-prod.yaml
kubectl -n=scylla-manager apply --server-side -f=https://raw.githubusercontent.com/scylladb/scylla-operator/master/deploy/manager-dev.yaml
# Wait for it to deploy.
kubectl -n=scylla-manager rollout status --timeout=10m deployment.apps/scylla-manager
Monitoring stack¶
Please refer to the ScyllaDB Monitoring setup guide to learn how to configure the monitoring stack.
Next steps¶
Now that you’ve successfully installed Scylla Operator, it’s time to look at how to run ScyllaDB.