Accessing the Couchbase Server User Interfaces

When you deploy Couchbase Server with the Couchbase Autonomous Operator, you will use the Kubernetes or OpenShift interfaces to verify that the pods are all deployed and running. However, you will need to access the traditional Couchbase Server user interfaces in order to develop, administer, and configure Couchbase itself.

The Couchbase Server cluster is managed by the Operator according to the CouchbaseCluster configuration. Certain administration tasks, such as adding or removing nodes and buckets, will be reverted by the Operator.

Accessing the Couchbase Server Web Console

To access the Couchbase Server Web Console, you must first enable it in the CouchbaseCluster configuration file. Do this by setting the exposeAdminConsole parameter to true:

...
kind: "CouchbaseCluster"
...
spec:
  ...
  exposeAdminConsole: true
...

When this parameter is set to true, the Operator creates a Kubernetes NodePort service that exposes the Web Console on each of the nodes. To get the port that the service is exposing to the nodes, use the following command:

On Kubernetes

kubectl describe cbc

On OpenShift

oc describe cbc

Output:

...
Status:
  Admin Console Port:		30239
  Admin Console Port SSL:	31628
...

In this example, the Web Console is now available across all of the nodes in the cluster at <node_ip>:30239, where <node_ip> is the IP address of a Kubernetes node.

The username and password for Couchbase Server on port 8091 are set in the secret.yaml file.

If at any time you want to remove access to the Web Console, set the exposeAdminConsole parameter to false in the CouchbaseCluster configuration file, or remove the parameter altogether.

Accessing Specific Couchbase Services

By default, the exposed port will forward to any of the pods in the cluster. To access the Web Console of a pod that is running a specific service, such as the search or query service, you need to specify which services to expose by using the adminConsoleServices parameter. For example, to expose only pods running the query service:

...
kind: "CouchbaseCluster"
spec:
  ...
  exposeAdminConsole: true
  adminConsoleServices:
    - query
...

Accessing Specific Couchbase Pods

To directly access the Web Console of a specific pod, run the following command on the pod that you want to expose:

On Kubernetes

kubectl port-forward cb-example-0000 8091:8091

On OpenShift

oc port-forward cb-example-0000 8091:8091

In this example, the Web Console that is running on the pod cb-example-0000 is now available at 127.0.0.1:8091. Note that you will not be able to access other nodes in the cluster as this command will only proxy through to the specified node.

The username and password for Couchbase Server on port 8091 are set in the secret.yaml file.

Accessing the Couchbase CLI

The Couchbase Server command-line tool, couchbase-cli, can be used to perform one-off administration tasks such as creating RBAC users and initiating cbcollect_info tasks.

If the Web Console is exposed, you can use the CLI tool from any computer that can access the IP address of the Kubernetes cluster. Alternatively, couchbase-cli can be run as a Kubernetes job within the Kubernetes cluster.

Using the Web Console Port

Prerequisites:

  • Expose the Web Console using the CouchbaseCluster configuration file.

  • Install Couchbase Server on your computer (so that you have couchbase-cli on your computer)

Use the following command to retrieve the Web Console port:

On Kubernetes

kubectl describe cbc cb-example |  grep "Admin Console Port:"

On OpenShift

oc describe cbc cb-example |  grep "Admin Console Port:"

Output:

Admin Console Port:  32486

If you have Couchbase Server installed on your computer, you can now use couchbase-cli to administer the cluster. For example, adding an RBAC user:

./couchbase-cli user-manage -c 192.168.99.100:32486 -u Administrator -p password --rbac-username default --rbac-password password --roles admin --auth-domain local --set

Using a Kubernetes Job

The most secure way to use couchbase-cli in Kubernetes is to run it as a Kubernetes job. This option allows you to hide the user name and password of the cluster by leveraging Kubernetes Secrets.

A Couchbase collect-logs-start job has been provided in the Operator package as an example. After pushing it to Kubernetes, it creates a job called collect-info that uses the same secret that is provided in the CouchbaseCluster configuration.

To create the collect-info job on Kubernetes:

kubectl create -f couchbase-cli-collect-logs.yaml

To check the status on Kubernetes:

kubectl get job collect-info

To create the collect-info job on OpenShift:

oc create -f couchbase-cli-collect-logs.yaml

To check the status on Kubernetes:

oc get job collect-info