MongoDB (OpenShift)

2. References

Deploy MongoDB on OpenShift using Helm

https://ksingh7.medium.com/deploy-mongodb-on-openshift-using-helm-9430f58ebb3

Bitnami index FAQ

Helm repo bitname vs bitnami-full-index

https://github.com/bitnami/charts/issues/10833

MongoDB 4.4 charts removed

https://github.com/bitnami/charts/issues/14038 

4. Deploy MongoDB on OKD 4.15 using Helm

This procedure follows the indications at the reference "Deploy MongoDB on OpenShift using Helm".


Help install (tested on Ubuntu 22.04.3 LTS)

sudo snap install helm --classic

Add helm repository bitnami (index.yaml contains only the last 6 months)

helm repo add bitnami https://charts.bitnami.com/bitnami

Add helm repository bitnami-full-index (needed for versions older than 6 months)

helm repo add bitnami-full-index https://raw.githubusercontent.com/bitnami/charts/archive-full-index/bitnami


Select the OKD /OpenShift project (or create a new one w/ oc new-project myproject)
oc project myproject


Set root user password and replica-set-key as environment variables

export MONGODB_ROOT_PASSWORD=myKey

export MONGODB_REPLICA_SET_KEY=myKey


Using helm install MongoDB on OKD/OpenShift. Make sure to set the required SecurityContext , so that helm can deploy MongoDB on OpenShift

Note 1: Flag --version is optional and specified the CHART VERSION (not the APP VERSION).

                  For finding out the CHART VERSION out of the APP VERSION run:

                   helm search repo mongo -l

                  Eg: bitnami/mongodb                                    12.1.27         5.0.9

                          bitnami-full-index/mongodb                15.6.1       7.0.11

helm install mongodb bitnami-full-index/mongodb --version="15.6.1" --set podSecurityContext.fsGroup="",containerSecurityContext.runAsUser="1001080001",podSecurityContext.enabled=false,architecture=replicaset,auth.replicaSetKey=$MONGODB_REPLICA_SET_KEY,auth.rootPassword=$MONGODB_ROOT_PASSWORD


Wait for the deployment to be ready:

oc get po


Get the root password (optional):

(the Kubect binary was placed in ~/local/bin/ during the OKD single-node installation)

export MONGODB_ROOT_PASSWORD=$(kubectl get secret --namespace myproject mongodb -o jsonpath="{.data.mongodb-root-password}" | base64 -d)


Create a MongoDB Client container and verify that connectivity and DB access

(the docker image tags can be found at https://hub.docker.com/r/bitnami/mongodb/tags)

(replace MYPROJECT by the openshift project name)

$ kubectl run --namespace MYPROJECT mongodb-client --rm --tty -i --restart='Never' --env="MONGODB_ROOT_PASSWORD=$MONGODB_ROOT_PASSWORD" --image docker.io/bitnami/mongodb:4.4.15-debian-10-r8 --command -- bash


Warning: would violate PodSecurity "restricted:v1.24": allowPrivilegeEscalation != false (container "mongodb-client" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "mongodb-client" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "mongodb-client" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "mongodb-client" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost")


From the client container shell, connect to the MongoDB cluster

(replace MYPROJECT by the openshift project name)

## Option-1 Using host address

1001@mongodb-client:/$ mongo admin --host "mongodb-0.mongodb-headless.MYPROJECT.svc.cluster.local:27017,mongodb-1.mongodb-headless.MYPROJECT.svc.cluster.local:27017" --authenticationDatabase admin -u root -p $MONGODB_ROOT_PASSWORD


## Option-2 Using MongoDB URI

1001@mongodb-client:/$ mongo "mongodb://mongodb-0.mongodb-headless.myproject.svc.cluster.local:27017,mongodb-1.mongodb-headless.ksinghmyproject.svc.cluster.local:27017" --authenticationDatabase admin  -u root -p $MONGODB_ROOT_PASSWORD


List the databases:

rs0:PRIMARY> show dbs


Create a database 'provadb' and create a document in collection post

use deletemedb

db.post.insert([

 {

   title: "Myproject to Kafka testing",

   description: "Debezium connector",

   by: "Karan",

   url: "http://redhat.com",

   tags: ["mongodb", "debezium", "ROSAK"],

   likes: 100

 }

])

Verify the document is created

rs0:PRIMARY> show dbs

rs0:PRIMARY> db.post.find()

[optional, for deleting the database> db.dropDatabase() ]


Exit the mongodb client container 

rs0:PRIMARY> exit

1001@mongodb-client:/$ exit



If you want to connect to MongoDB cluster from localhost, then forward to port 

Note: Untested

kubectl port-forward service/mongodb-external-0 27017 &


Connect using MongoDB CLI from localhost 

Note: Untested

mongo --host 127.0.0.1 --authenticationDatabase admin -u root -p $MONGODB_ROOT_PASSWORD


(optionally) Connect using MongoDB Compass or MongoDB Shell 

Note: Untested

# MongoDB Compass > New Connection

mongodb://root:JvckncuMto@127.0.0.1:27017


10. Helm

Tip: using the oc project as helm namespace

helm list --all-namespaces