GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → morphy2k → k8s-mongo-sidecar

morphy2k / k8s-mongo-sidecar

Licence: MIT License
Kubernetes sidecar for MongoDB

Programming Languages

javascript
184084 projects - #8 most used programming language
Dockerfile
14818 projects

Labels

nodejskubernetesmongok8sreplicasidecar

Projects that are alternatives of or similar to k8s-mongo-sidecar

vault-sidecar-injector
Kubernetes admission webhook for secure, seamless and dynamic handling of secrets in your applications
Stars: ✭ 55 (+57.14%)
Mutual labels:  k8s, sidecar
nest-angular
Full-stack with nest js & angular 8
Stars: ✭ 32 (-8.57%)
Mutual labels:  mongo
vcluster
vcluster - Create fully functional virtual Kubernetes clusters - Each vcluster runs inside a namespace of the underlying k8s cluster. It's cheaper than creating separate full-blown clusters and it offers better multi-tenancy and isolation than regular namespaces.
Stars: ✭ 1,360 (+3785.71%)
Mutual labels:  k8s
kubernetes
Quobyte / Kubernetes integration (DEPRECATED - use Quobyte CSI)
Stars: ✭ 24 (-31.43%)
Mutual labels:  k8s
v2scar
sidecar for V2ray
Stars: ✭ 104 (+197.14%)
Mutual labels:  sidecar
erda-actions
No description or website provided.
Stars: ✭ 17 (-51.43%)
Mutual labels:  k8s
spring-cloud-sidecar-polygot
This project contains samples demonstrating the usage of side car polygot
Stars: ✭ 30 (-14.29%)
Mutual labels:  sidecar
terraform-aws-mongodb
Simplify MongoDB provisioning on AWS using Terraform
Stars: ✭ 20 (-42.86%)
Mutual labels:  mongo
nuxt-express
Creating isomorphic web applications with Nuxt and Express.
Stars: ✭ 20 (-42.86%)
Mutual labels:  mongo
resoto
Resoto - Find leaky resources, manage quota limits, detect drift, and clean up!
Stars: ✭ 562 (+1505.71%)
Mutual labels:  k8s
authentication boilerplate
A Node based Boilerplate for register, login, request password reset password. Using Sengrid to send emails
Stars: ✭ 19 (-45.71%)
Mutual labels:  mongo
atlassian-kubernetes
All things Atlassian and Kubernetes
Stars: ✭ 30 (-14.29%)
Mutual labels:  k8s
mongoose-auto-increment-reworked
An auto-incrementing field generator for Mongoose 4 & 5
Stars: ✭ 17 (-51.43%)
Mutual labels:  mongo
kube-debug
一鍵調試kubernetes和docker容器的Web視覺化工具箱。A toolbox for debugging docker container and kubernetes with web UI.
Stars: ✭ 46 (+31.43%)
Mutual labels:  k8s
hetzner-k3s
A Ruby gem (and Docker image) to install and manage Kubernetes clusters in Hetzner Cloud using the lightweight distribution k3s by Rancher.
Stars: ✭ 201 (+474.29%)
Mutual labels:  k8s
k8s home
Kubernetes
Stars: ✭ 45 (+28.57%)
Mutual labels:  k8s
php7-alpine
Docker container for PHP 7 in Alpine Linux, with almost all extensions that you may need
Stars: ✭ 20 (-42.86%)
Mutual labels:  mongo
ListBot
ListBot is a Discord Bot which let's you create community lists on each channel.
Stars: ✭ 22 (-37.14%)
Mutual labels:  mongo
flekszible
Kubernetes resource/manifest file preprocessor, generator and manager.
Stars: ✭ 34 (-2.86%)
Mutual labels:  k8s
tichi
TiChi ☯️ contains the tidb community collaboration automation basic framework and tool set.
Stars: ✭ 36 (+2.86%)
Mutual labels:  k8s
View All Similar Projects ➔

Lint

This repository only gets important security updates. I recommend to use the Kubernetes Operator in the future.

Mongo Kubernetes Replica Set Sidecar

This project is as a PoC to setup a MongoDB replica set using Kubernetes. It should handle resizing of any type and be resilient to the various conditions both MongoDB and Kubernetes can find themselves in.

It's a fork of cvallance/mongo-k8s-sidecar with (many) changes and improvements.

How to use it

The docker image is hosted on Docker Hub and can be found here: https://hub.docker.com/r/morphy/k8s-mongo-sidecar

An example Kubernetes replication controller can be found in the examples directory on GitHub: https://github.com/morphy2k/k8s-mongo-sidecar

Settings

Environment Variable Required Default Description
KUBERNETES_CLUSTER_DOMAIN NO cluster.local This allows the specification of a custom cluster domain name. Used for the creation of a stable network ID of the k8s Mongo pods. An example could be: "kube.local".
KUBERNETES_SERVICE_NAME YES mongo This should point to the MongoDB Kubernetes (headless) service that identifies all the pods.
KUBERNETES_NAMESPACE NO The namespace to look up pods in. Not setting it will search for pods in all namespaces.
KUBERNETES_POD_LABELS YES This should be a be a comma separated list of key values the same as the podTemplate labels. See above for example.
MONGO_PORT NO 27017 Configures the mongo port, allows the usage of non-standard ports.
MONGO_CONFIG_SVR NO false Configures the configsvr variable when initializing the replicaset.
MONGO_DATABASE NO local Configures the mongo authentication database
MONGO_USERNAME NO Configures the mongo username for authentication
MONGO_PASSWORD NO Configures the mongo password for authentication
MONGO_AUTH_SOURCE NO admin Configures the mongo database for authentication
MONGO_AUTH_MECHANISM NO SCRAM-SHA-1 Configures the mongo authentication mechanism
MONGO_TLS NO false Enable MongoDB TLS connection
MONGO_TLS_CA NO Path to TLS CA Certificate
MONGO_TLS_CERT NO Path to TLS Certificate
MONGO_TLS_KEY NO Path to TLS Key
MONGO_TLS_PASS NO TLS Certificate pass phrase
MONGO_TLS_CRL NO Path to TLS Certificate revocation list
MONGO_TLS_IDENTITY_CHECK NO true Server identity check during TLS. Checks server's hostname against the certificate
SIDECAR_SLEEP_SECONDS NO 5 This is how long to sleep between work cycles.
SIDECAR_UNHEALTHY_SECONDS NO 30 This is how many seconds a replica set member has to get healthy before automatically being removed from the replica set.

MongoDB TLS

The following is an example of how you would update the mongo command enabling TLS and using a certificate obtained from a secret and mounted at /data/tls/mongo/

Command

        - name: my-mongo
          image: mongo
          command:
            - mongod
          args:
            - "--replSet=rs0"
            - "--tlsMode=requireTLS"
            - "--tlsCAFile=/var/run/secrets/kubernetes.io/serviceaccount/ca.crt"
            - "--tlsCertificateKeyFile=/data/tls/mongo/full.pem"
            - "--bind_ip=0.0.0.0"

Environment variables, Volume & Volume Mounts

          volumeMounts:
            - name: mongo-persistent-storage
              mountPath: /data/db
            - name: mongo-tls
              mountPath: /data/tls/mongo
        - name: mongo-sidecar
          image: morphy/k8s-mongo-sidecar
          env:
            - name: KUBERNETES_POD_LABELS
              value: "role=mongo,environment=prod"
            - name: MONGO_TLS
              value: "true"
            - name: MONGO_TLS_CA
              value: "/var/run/secrets/kubernetes.io/serviceaccount/ca.crt"
            - name: "MONGO_TLS_CERT"
              value: "/data/tls/mongo/cert.pem"
            - name: MONGO_TLS_KEY
              value: "/data/tls/mongo/key.pem"
          volumeMounts:
            - name: mongo-tls
              mountPath: /data/tls/mongo
      volumes:
        - name: mongo-tls
          secret:
            secretName: mongo-tls
            defaultMode: 256 # file permission 0400

Creating Secret for TLS

  1. Generate a certificate with your Kubernetes cluster as CA that is explained here
  2. Merge your certificate and key named as cert.pem and key.pem into a single file
cat cert.pem key.pem > full.pem
  1. Push the secrets to your cluster
kubectl create secret generic mongo-tls \
--from-file=full.pem \
--from-file=key.pem \
--from-file=cert.pem
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].