stackoom
  简体   繁体   中英

How do I get the value of MONGODB_URI in a kubernetes deploy?

 原文  2022-05-29 16:03:03       mongodb/ kubernetes/ minikube/ database-backups

Question

I have a working mongoDB deployment on minikube and I have managed to create a database , collection as well as a user (same as the user referenced in yaml) to do backups on that database.

In the yaml file for my backup cron job I need to specify a MONGODB_URI parameter and quite frankly I am at a loss as to the exact convention for getting this (where exactly do you get the value).

As a check I have done a kubectl exec -it <pod_name> so that I can check if I am going to put the correct URI beforehand . After running kubectl exec -it <pod_name> at the prompt that follows I tried the following :

1. 

mongosh mongodb://aaa:abc123@mongodb-service.default.svc.cluster.local:27017/plaformdb/?directConnection=true

Not working I get error :

Current Mongosh Log ID: 62938b50880f139dad4b19c4
Connecting to:          mongodb://mongodb-service.default.svc.cluster.local:27017/platformdb/?directConnection=true&appName=mongosh+1.4.2
MongoServerSelectionError: Server selection timed out after 30000 ms

mongosh mongodb://aaa:abc123@mongodb-service.svc.cluster.local:27017/platformdb?directConnection=true

Not working also I get error:

MongoNetworkError: getaddrinfo ENOTFOUND mongodb-service.svc.cluster.local

mongosh mongodb://aaa:abc123@mongodb-deployment-757ffdfdr5-thuiy.mongodb-service.default.svc.cluster.local:27017/platformdb

Not working I get an error :

Current Mongosh Log ID: 62938c93829ft678h88990
Connecting to:          mongodb://mongodb-deployment-757ccdd6y8-thhhh.mongodb-service.default.svc.cluster.local:27017/platformdb?directConnection=true&appName=mongosh+1.4.2
MongoNetworkError: getaddrinfo ENOTFOUND mongodb-deployment-757ffdd5f5-tpzll.mongodb-service.default.svc.cluster.local

This however is the recommended way according to the : docs

Expected:

I should be able to log in to the database once I run that command.

This is how my deployment is defined :

apiVersion: apps/v1
kind: Deployment
metadata:
  name: mongodb-deployment
  labels:
    app: mongodb
spec:
  replicas: 1
  selector:
    matchLabels:
      app: mongodb
  template:
    metadata:
      labels:
        app: mongodb
    spec:
      containers:
      - name: mongodb
        image: mongo
        imagePullPolicy: "IfNotPresent"
        ports:
          - containerPort: 27017
        env:
            - name: MONGO_INITDB_ROOT_USERNAME
              valueFrom:
                secretKeyRef:
                  name: mongodb-secret-amended
                  key: mongo-root-username
            - name: MONGO_INITDB_ROOT_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: mongodb-secret-amended
                  key: mongo-root-password
        volumeMounts: 
            - mountPath: /data/db
              name: mongodb-vol
      volumes:
      - name: mongodb-vol
        persistentVolumeClaim:
          claimName: mongodb-claim
---
apiVersion: v1
kind: Service
metadata:
  name: mongodb-service
spec:
  selector:
    app: mongodb
  ports:
    - protocol: TCP
      port: 27017
      targetPort: 27017

And I need to specify MONGODB_URI in this cron job :

---
apiVersion: batch/v1beta1
kind: CronJob
metadata:
  name: mongodump-backup
spec:
  schedule: "0 */6 * * *" #Cron job every 6 hours
  startingDeadlineSeconds: 60
  concurrencyPolicy: Forbid
  successfulJobsHistoryLimit: 3
  failedJobsHistoryLimit: 2
  jobTemplate:
    spec:
      template:
        spec:
          containers:
            - name: mongodump-backup
              image: golide/backupsdemo
              imagePullPolicy: "IfNotPresent"
              env:
                - name: DB_NAME
                  value: "microfunctions"
                - name:  MONGODB_URI
                  value: mongodb://aaa:abc123@host-mongodb:27017/dbname
              volumeMounts:
                - mountPath: "/mongodump"
                  name: mongodump-volume
              command: ['sh', '-c',"./dump.sh"]
          restartPolicy: OnFailure
          volumes:
            - name: mongodump-volume
              persistentVolumeClaim:
                claimName: mongodb-backup

UPDATE I have tried the suggested solutions on my localhost minikube but I am still getting errors :

mongo mongodb://aaa:abc123@mongodb-service:27017/platformdb?

authSource=admi
n
MongoDB shell version v5.0.8
connecting to: mongodb://mongodb-service:27017/platformdb?authSource=admin&compressors=disabled&gssapiServiceName=mongodb
Error: couldn't connect to server mongodb-service:27017, connection attempt failed: SocketException: Error connecting to mongodb-service:27017 (10.102.216.34:27017) :: caused by :: Connection timed out :
connect@src/mongo/shell/mongo.js:372:17
@(connect):2:6
exception: connect failed
exiting with code 1

This is giving same error even when I remove the port and use mongodb://aaa:abc123@mongodb-service/platformdb?authSource=admin . I have also tried putting quotes "" around the URL but getting same error.

As a check I tried replicating the exact same scenario on another mongodb deployment with same structure (it also has a headless service). This deploy is on a remote k8s cluster however. This is what I found out :

  1. I cannot connect using a user other than the root user . I created a custom user to do the backups:

     db.createUser( {user: "aaa", pwd: "abc123", roles: ["userAdminAnyDatabase", "dbAdminAnyDatabase", "readWriteAnyDatabase","backup"], mechanisms:["SCRAM-SHA-1"]})

NB: I have the same user created also on minikube context . For this custom user I am getting an Authentication failed error everytime I try to connect :

mongo mongodb://aaa:abc123@mongodb-headless-service:27017/TestDb?

authSource=admin
MongoDB shell version v4.4.7
connecting to: mongodb://mongodb-headless-service:27017/TestDb?authSource=admin&compressors=disabled&gssapiServiceName=mongodb
Error: Authentication failed. :
connect@src/mongo/shell/mongo.js:374:17
@(connect):2:6
exception: connect failed
exiting with code 1
  1. I can connect using the root user but the connection attempt is intermittent. I have to exit out of the pod sometimes and re-run the command in order to connect. This seems to be a bug unless Im missing something else obvious.

The screen below shows a succesful connection then on the subsequent attempt the exact same connection is failing : 漏洞 On the 1st attempt I managed to login and run a show collections command but once I logout and try to connect I get Authentication Failed. The feature seems unstable at best.

1 answers

solution1
 3 ACCPTED  2022-05-29 16:53:19

Given the structure of your Service , you'll need to use the hostname mongodb-service (or mongodb-service.<namesapce>.svc.cluster.local , if you like fully qualified names). The connection URI -- as far as I can tell from the documentation -- would be:

mongodb://<username>:<password>@mongodb-service/dbname?authSource=admin

You can also connect successfully like this:L

mongodb://<username>:<password>@mongodb-service/

Because:

If [the username and password are] specified, the client will attempt to authenticate the user to the authSource. If authSource is unspecified, the client will attempt to authenticate the user to the defaultauthdb. And if the defaultauthdb is unspecified, to the admin database.

I tested this using a slightly modified version of your Deployment (mostly, I dropped the volumeMounts , because I don't need persistent storage for testing, and I used envFrom because I find that easier in general).

I deployed this using kustomize ( kubectl apply -k . ) with the following kustomization.yaml :

apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: mongo

commonLabels:
  app: mongodb

resources:
- deployment.yaml
- service.yaml

secretGenerator:
  - name: mongo-credentials
    envs:
      - mongo.env

This deployment.yaml :

apiVersion: apps/v1
kind: Deployment
metadata:
  name: mongodb-deployment
spec:
  replicas: 1
  template:
    spec:
      containers:
        - name: mongodb
          image: docker.io/mongo:latest
          imagePullPolicy: IfNotPresent
          ports:
            - containerPort: 27017
          envFrom:
            - secretRef:
                name: mongo-credentials

This service.yaml :

apiVersion: v1
kind: Service
metadata:
  name: mongodb-service
spec:
  ports:
    - protocol: TCP
      port: 27017
      targetPort: 27017

And this mongo.env :

MONGO_INITDB_ROOT_USERNAME=admin
MONGO_INITDB_ROOT_PASSWORD=secret

Once everything was up and running, I started a client pod:

kubectl run --image docker.io/mongo:latest mongoc -- sleep inf

And I was able to start a shell in that pod and connect to the database:

$ kubectl exec -it mongoc -- bash
Current Mongosh Log ID: 6293a4bc534ff40ec737c383
Connecting to:          mongodb://<credentials>@mongodb-service.mongo.svc.cluster.local/?directConnection=true&appName=mongosh+1.4.2
Using MongoDB:          5.0.8
Using Mongosh:          1.4.2
[...]
test>

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question MONGODB_URI is undefined How can I change my MONGODB_URI for my mlab provisioned DB on Heroku? how to deploy playframework with mongodb on kubernetes How to deploy MongoDB with persistent volume in Kubernetes? How do I deploy MongoDB app on Heroku and connect it to MongoDB Atlas? Deploy Mongodb and NodeJS with Kubernetes How do I set up mongodb to be accessed remotely via URI? How to deploy Microservices with MongoDB dependency on Kubernetes? How do I deploy a Flask app using a MongoDB database to Heroku? mongodb how to get the correct uri
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM