Create the MarkLogic Cluster

Save PDF

Last Updated: April 14, 2026
4 minute read

MarkLogic Server
Documentation

This section describes how to deploy MarkLogic Cluster using Operator. It includes the steps to create a three-node MarkLogic Cluster with resource allocation.

Note:

The cluster should be deployed in an exclusive namespace.

OpenShift Users:

Before deploying on Red Hat OpenShift, see OpenShift configuration requirements for platform-specific HAProxy port settings and Security Context Constraint configurations required for successful deployment.

Install Operator

See How to install Operator.

Deploy a single group cluster

To deploy a single group cluster:

To create a single group three-node MarkLogic Cluster with a resource allocation of 4 vCPUs, 32 GB RAM, and storage of 100 GB, update the settings in thesample.yamlfile as shown:

Note:

Use the latest MarkLogic Docker image for the new implementation as specified in the sample.yaml file below. Refer to dockerhub for the latest image available.

apiVersion: marklogic.progress.com/v1
kind: MarklogicCluster
metadata:
  name: single-group
  namespace: marklogic
spec:
  image: "progressofficial/marklogic-db:12.0.0-ubi9-rootless-2.2.2"
  imagePullSecrets: []
  auth:
   secretName: my-super-secret
  markLogicGroups:
  - replicas: 3
    name: node
    groupConfig:
      name: node
      enableXdqpSsl: true
    persistence:
      enabled: true
      size: 100Gi
    resources:
      requests:
        memory: "32Gi"
        cpu: "4"
      limits:
        memory: "32Gi"
        cpu: "4"
    isBootstrap: true

Note:

persistence.storageClassName is not defined by default. If required, specify storageClassName.

Create a Kubernetes Secret for the credentials of the private image repository. Use the kubectl create secret command with the credentials needed to access the repository. In this example, the username and password are set:
```
image-repo-secrets
```

Once the secret is created, set the value forimagePullSecrets.namein thesample.yamlfile:

# Configure the imagePullSecrets to pull the image from private repository that requires credential
imagePullSecrets: 
  - name: "regcred"

Next, deploy the cluster with the settings in the sample.yaml file by entering this command:
```
kubectl apply -f <path/to/sample/file> -n <namespace> 
```
Verify the deployment:
```
kubectl get po -n <namespace>
```

Deploy a multi-group cluster

To deploy a multi-group 5 node cluster with a resource allocation of 8 vCPUs, 64 GB RAM, and storage of 100 GB for dnodes and of 4 vCPUs, 32 GB RAM, and storage of 25 GB for enodes, update the settings in thesample.yamlfile:

Note:

In this example only the enode group will be exposed using the HAProxy and Ingress. For more details see MarkLogic HAProxy Load Balancer Configuration.

apiVersion: marklogic.progress.com/v1
kind: MarklogicCluster
metadata:
  name: multi-group
  namespace: marklogic
spec:
  image: "progressofficial/marklogic-db:12.0.0-ubi9-rootless-2.2.2"
  auth:
    secretName: my-super-secret
  markLogicGroups:
  - name: dnode
    replicas: 3
    groupConfig:
      name: dnode
      enableXdqpSsl: true
    isBootstrap: true
    persistence:
      enabled: true
      size: 100Gi
    resources:
      requests:
        memory: "64Gi"
        cpu: "8"
        hugepages-2Mi: "24Gi"
      limits:
        memory: "64Gi"
        cpu: "8"
        hugepages-2Mi: "24Gi"
    hugePages: 
      enabled: true
      mountPath: /dev/hugepages
    haproxy:
     enabled: false
    service:
      type: ClusterIP
      # additionalPorts: 
      # - name: app1
      #   port: 8010
      #   targetPort: 8010
      #   protocol: TCP
      # - name: app2
      #   port: 8011
      #   targetPort: 8011
      #   protocol: TCP
      # annotations: {}
  - name: enode
    replicas: 3
    groupConfig:
      name: enode
      enableXdqpSsl: true
    isBootstrap: false
    resources:
      requests:
        memory: "32Gi"
        cpu: "4"
        hugepages-2Mi: "10Gi"
      limits:
        memory: "32Gi"
        cpu: "4"
        hugepages-2Mi: "10Gi"
    hugePages: 
      enabled: true
      mountPath: /dev/hugepages
    haproxy:
     enabled: true
    service: 
      type: ClusterIP
      # additionalPorts: 
      # - name: app1
      #   port: 8012
      #   targetPort: 8012
      #   protocol: TCP
      # annotations: {}

  tls:
    enableOnDefaultAppServers: true 

## Configuration for the HAProxy load balancer
## An out of box load balancer configured to handle cookie based session affinity that's required by most MarkLogic applications.
  haproxy:
    enabled: true
    pathBasedRouting: true
    frontendPort: 443
    tcpPorts:
      enabled: false
      ports:
        - name: odbc
          type: TCP
          port: 5432
    appServers:
      - name: "app-service"
        port: 8000
        path: "/console"
      - name: "admin"
        port: 8001
        path: "/adminUI"
      - name: "manage"
        port: 8002
        path: "/manage"
    stats:
      enabled: true
      port: 1024
    resources:
      requests:
        memory: "4Gi"
        cpu: "1"
      limits:
        memory: "4Gi"
        cpu: "1"
  ## Configure Ingress
  ## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/
    ingress: 
      enabled: true
      ingressClassName: "alb"

      ## Ingress labels
      ## ref: https://kubernetes.io/docs/concepts/overvsiew/working-with-objects/labels/
      labels:
        app.kubernetes.io/name: marklogiccluster
        app.kubernetes.io/instance: marklogiccluster-sample

      ## Ingress annotations
      ## Update the annotations as per your requirements
      ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
      annotations: 
        alb.ingress.kubernetes.io/healthcheck-port: '443'
        alb.ingress.kubernetes.io/healthcheck-path: /adminUI
        alb.ingress.kubernetes.io/success-codes: '200-401'
        alb.ingress.kubernetes.io/load-balancer-name: mlingress
        alb.ingress.kubernetes.io/scheme: internet-facing
        alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":443}]'
        alb.ingress.kubernetes.io/target-group-attributes: load_balancing.algorithm.type=least_outstanding_requests
        alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:us-west-2:XXXXXXXXXXX:certificate/XxXXXXXX-xxxx-XXXX-XXXX-XXXXXXXxxxxXXX
        alb.ingress.kubernetes.io/target-type: ip
        alb.ingress.kubernetes.io/group.name: mlingress-group
        alb.ingress.kubernetes.io/load-balancer-attributes: idle_timeout.timeout_seconds=600,routing.http.xff_header_processing.mode=append

      # Ingress hosts
      # add default hosts and additional hosts
      # ref: https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-rules
      host: ""
      additionalHosts: []

      ## Ingress TLS
      ## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls
      tls: []
        # secretName: your-certificate-name
        # hosts:
        #   - marklogic.example.com

## Configure options for log collection
## Log collection will collect all logs for each file type enabled, parse them, 
## And export them to a logging backend specified in the outputs section below
  # logCollection:
  #   enabled: true
  #   image: fluent/fluent-bit:3.1.1
  #   files:
  #     errorLogs: true
  #     accessLogs: true
  #     requestLogs: true
  #     crashLogs: true
  #     auditLogs: true
  #   outputs: |-
  #       [OUTPUT]
  #         name loki
  #         match *
  #         host loki.loki.svc.cluster.local
  #         port 3100
  #         labels job=fluent-bit
  #         http_user admin
  #         http_passwd admin
  # additionalVolumes:
  # - name: "logsdir"
  #   emptyDir: {}

  ## specify additional list of volumeMounts
  # additionalVolumeMounts: 
  # - name: "logsdir"
  #   mountPath: "/var/opt/MarkLogic/Logs"

Note:

To update any configuration for the MarkLogic Cluster or Group, be sure to update the manifest and run kubectl apply -f <path/to/sample/file> -n <namespace>

MarkLogic® Server on Kubernetes