This article will guide you through setting up a highly available SurrealDB cluster backed by TiKV on a GKE Autopilot cluster.
What is GKE?
Google Kubernetes Engine is a managed Kubernetes service offered by Google Cloud Platform. In this guide we will create a GKE Autopilot cluster, which removes the need to manage the underlaying compute nodes.
What is TiKV?
TiKV is a cloud-native transactional key/value store built by PingCAP and that integrates well with Kubernetes thanks to their tidb-operator.
Prerequisites
In order for you to complete this tutorial you'll need:
Choose the target project and region. List them with these commands:
$ gcloud projects list
$ gcloud compute regions list --project PROJECT_ID
Run the following command to create a cluster replacing the REGION and PROJECT_ID for your desired values:
$ gcloud container clusters create-auto surrealdb-guide --region REGION --project PROJECT_ID
After the creation finishes, configure kubectl to connect to the new cluster:
$ gcloud container clusters get-credentials surrealdb-guide --region REGION --project PROJECT_ID
Deploy TiDB operator
Now that we have a Kubernetes cluster, we can deploy the TiDB operator . TiDB operator is a Kubernetes operator that manages the lifecycle of TiDB clusters deployed to Kubernetes.
Check the cluster status and wait until it’s ready:
$ kubectl get tidbcluster
NAME READY PD STORAGE READY DESIRE TIKV STORAGE READY DESIRE TIDB READY DESIRE AGE
sdb-datastore True pingcap/pd:v6.5.0 10Gi 33 pingcap/tikv:v6.5.0 10Gi 33 pingcap/tidb:v6.5.0 0 5m
Deploy SurrealDB
Now that we have a TiDB cluster running, we can deploy SurrealDB using the official Helm chart
The deploy will use the latest SurrealDB Docker image and make it accessible on internet
Get the TIKV PD service url:
$ kubectl get svc/sdb-datastore-pd
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
sdb-datastore-pd ClusterIP 10.96.208.25 <none>2379/TCP 10h
$ exportTIKV_URL=tikv://sdb-datastore-pd:2379
Install the SurrealDB Helm chart with the TIKV_URL defined above and with auth disabled so we can create the initial credentials:
Wait until the Ingress resource has an ADDRESS assigned:
$ kubectl get ingress surrealdb-tikv
NAME CLASS HOSTS ADDRESS PORTS AGE
surrealdb-tikv <none> * 34.160.82.177 80 5m
Connect to the cluster and define the initial credentials:
$ exportSURREALDB_URL=http://$(kubectl get ingress surrealdb-tikv -o json | jq -r .status.loadBalancer.ingress[0].ip)
$ surreal sql -e$SURREALDB_URL> DEFINE USER root ON ROOT PASSWORD 'StrongSecretPassword!' ROLES OWNER;
Verify you can connect to the database with the new credentials:
$ surreal sql -u root -p'StrongSecretPassword!'-e$SURREALDB_URL> INFO FOR ROOT
[{ namespaces: {}, users: { root: "DEFINE USER root ON ROOT PASSHASH '...' ROLES OWNER"}}]
Now that the initial credentials have been created, enable authentication: