• EN
Solved

MongoDB blueprint without authentication

  • 15 February 2022
  • 6 comments
  • 205 views
D
Userlevel 3
  • dk-do
  • Comes here often
  • 14 comments

Hello!

We are trying to set up the MongoDb blueprint in our test environment. The MongoDb replicaset there has no authentication activated.

Please advice how to customize the secret sections in https://raw.githubusercontent.com/kanisterio/kanister/0.73.0/examples/stable/mongodb/blueprint-v2/mongo-blueprint.yaml at the following places:

actions.backup.phases[0].objects.mongosecret.name: <mongo-secret-name> 

actions.restore.phases[0].objects.mongosecret.name: <mongo-secret-name>

icon

Best answer by jaiganeshjk 16 February 2022, 14:14

View original

6 comments

Hagag
Userlevel 5
Badge +2

Hello @dk-do  ,

no need to modify the blueprint since you mentioned that you are not using authentication ( already existig secret ).

you just need to  create a Blueprint resource, please review the commands below:

 

to deploy the blueprint in kasten-io:

 curl https://raw.githubusercontent.com/kanisterio/kanister/0.73.0/examples/stable/mongodb/blueprint-v2/mongo-blueprint.yaml > mongo-blueprint.yaml


 kubectl apply -f mongo-blueprint.yaml --namespace kasten-io

 

Once the Blueprint is created, we will have to annotate the StatefulSet with the correct annotation to instruct K10 to use the Blueprint while performing operations on this MongoDB instance.

 

kubectl annotate statefulset <mongodb_satatefulset_NAME> kanister.kasten.io/blueprint='mongodb-blueprint' --namespace=mongodb-logical

 

P.S i suppose your secret name = statefulset name 

 

 

Here is example from my test lab:

 

[ahmedhagag@ahmeds-MacBook-Pro ~]$ k get statefulsets -n mongodb-logical
NAME                            READY   AGE
mongo-logical-mongodb           2/2     23m
mongo-logical-mongodb-arbiter   1/1     23m
[ahmedhagag@ahmeds-MacBook-Pro ~]$ k get secrets -n mongodb-logical
NAME                                  TYPE                                  DATA   AGE
default-token-47tg5                   kubernetes.io/service-account-token   3      23m
mongo-logical-mongodb                 Opaque                                2      23m
mongo-logical-mongodb-token-rkqk7     kubernetes.io/service-account-token   3      23m
sh.helm.release.v1.mongo-logical.v1   helm.sh/release.v1                    1      23m
[ahmedhagag@ahmeds-MacBook-Pro ~]$

 

Thanks!

Ahmed Hagag

D
Userlevel 3

No! I do not have a MongoDb secret because MongoDb does not use authentication. It is just an internal test cluster!

D
Userlevel 3

In the meantime I created a workaround:

Apply a secret with dummy passwords and replace the username and password parameters in the dump_cmd in blueprint.yaml 

jaiganeshjk
Userlevel 6
Badge +2

@dk-do 
If you are just using it to test the blueprint backup, you can update the blueprint to remove the mongosecret object and modify the dump_cmd accordingly.
But it is not generally advisable to have an unauthenticated database.

Jaiganesh
D
Userlevel 3

@dk-do 
But it is not generally advisable to have an unauthenticated database.

That is absolutely right!

jaiganeshjk
Userlevel 6
Badge +2

@dk-do , Please feel free to select any of the response in the thread as a solution if you have an answer for your question

Jaiganesh

Comment


Terms & Conditions