Reputation: 351
Error when creating mongodb user in kubernetes environment
I am trying to create a mongodb user along with a stateful set. Here is my .yaml file:
apiVersion: v1
kind: Service
metadata:
name: mongo
labels:
name: mongo
spec:
type: NodePort
ports:
- port: 27017
targetPort: 27017
selector:
name: mongo
---
apiVersion: v1
kind: Secret
metadata:
name: admin-secret
# corresponds to user.spec.passwordSecretKeyRef.name
type: Opaque
stringData:
password: pass1
# corresponds to user.spec.passwordSecretKeyRef.key
---
apiVersion: mongodb.com/v1
kind: MongoDBUser
metadata:
name: admin
spec:
passwordSecretKeyRef:
name: admin-secret
# Match to metadata.name of the User Secret
key: password
username: admin
db: "admin" #
mongodbResourceRef:
name: mongo
# Match to MongoDB resource using authenticaiton
roles:
- db: "admin"
name: "clusterAdmin"
- db: "admin"
name: "userAdminAnyDatabase"
- db: "admin"
name: "readWrite"
- db: "admin"
name: "userAdminAnyDatabase"
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: mongo
spec:
serviceName: "mongo"
replicas: 2
selector:
matchLabels:
name: mongo
template:
metadata:
labels:
name: mongo
spec:
terminationGracePeriodSeconds: 10
containers:
# - envFrom:
# - secretRef:
# name: mongo-secret
- image: mongo
name: mongodb
command:
- mongod
- "--replSet"
- rs0
- "--bind_ip"
- 0.0.0.0
ports:
- containerPort: 27017
Earlier I used the secret to create a mongo user:
...
spec:
containers:
- envFrom:
- secretRef:
name: mongo-secret
...
but once I added spec.template.spec.containers.command to the StatefulSet this approach is no longer working. Then I added Secret and MongoDBUser but I started getting this error:
unable to recognize "mongo.yaml": no matches for kind "MongoDBUser" in version "mongodb.com/v1"
How to automatically create a mongodb user when creating StatefulSet with few replicas in kubernetes?
Upvotes: 1
Views: 1977
Answers (1)
Reputation: 2712
One of the resources in your yaml file refers to a kind that doesn't exist in your cluster.
You can check this by running the command kubectl api-resources | grep mongo -i
Specifically it's the resource of kind MongoDBUser. This API resource type is part of MongoDB Enterprise Kubernetes Operator.
You haven't indicated whether you are using this in your cluster, but the error you're getting implies the CRD's for the operator are not installed and so cannot be used.
MongoDB Kubernetes Operator is a paid enterprise package for Kubernetes. If you don't have access to this enterprise package from MongoDB you can also install the community edition yourself by either setting up all the resources yourself or using Helm to install it as a package. Using Helm makes managing the resources significantly easier, especially with regards to configuration, upgrades, re-installation or unistalling. The existing Helm charts are open source and also allow for running MongDB as a standalone instance, replica set or a sharded cluster.
For reference, Bitnami provides a MongoDB Standalone or replica set helm chart which seems to be on the latest MongoDB version and is maintained regularly. There is also this one, but it's on an older version of MongoDB and doesn't seem to be getting much attention.
Upvotes: 4
Related Questions
- Mongodb Authentication failed in Kubernetes (minikube)
- Getting U_STRINGPREP_PROHIBITED_ERROR when trying to deploy MongoDB on Kubernetes
- Authentication mongo deployed on kubernetes
- mongodb on kubernetes user and password Authentication failed
- Unable to authenticate Mongodb deployed in kubernetes
- How to create a user in a Kubernetes cluster?
- Deploying MongoDB in kubernetes does not create pods/services
- Postgres user not created Kubernetes
- Mongo Docker not creating user
- How to run mongo in kubernetes with authentication