Cannot connect to Atlas from Kubernetes pod

Wilfred_Almeida · July 24, 2022, 7:48am

I’m a complete beginner to k8s, this is my first deployment. I have a NodeJS server that connects to MongoDB Atlas. I deployed it to k8s but it doesn’t connect to Atlas.

I’m getting the following error in pod logs

MongooseServerSelectionError: Could not connect to any servers in your MongoDB Atlas cluster. 
One common reason is that you're trying to access the database from an IP that isn't whitelisted. 
Make sure your current IP address is on your Atlas cluster's IP whitelist: https://docs.atlas.mongodb.com/security-whitelist/
    at NativeConnection.Connection.openUri (/myapp/node_modules/mongoose/lib/connection.js:819:32)
    at /myapp/node_modules/mongoose/lib/index.js:379:10
    at /myapp/node_modules/mongoose/lib/helpers/promiseOrCallback.js:32:5
    at new Promise (<anonymous>)
    at promiseOrCallback (/myapp/node_modules/mongoose/lib/helpers/promiseOrCallback.js:31:10)
    at Mongoose._promiseOrCallback (/myapp/node_modules/mongoose/lib/index.js:1224:10)
    at Mongoose.connect (/myapp/node_modules/mongoose/lib/index.js:378:20)
    at Object.module.exports.connect (/myapp/config/db.js:5:10)
    at Server.<anonymous> (/myapp/index.js:75:14)
    at Object.onceWrapper (node:events:513:28) {
  reason: TopologyDescription {
    at promiseOrCallback (/myapp/node_modules/mongoose/lib/helpers/promiseOrCallback.js:31:10)
    at Mongoose._promiseOrCallback (/myapp/node_modules/mongoose/lib/index.js:1224:10)
    at Mongoose.connect (/myapp/node_modules/mongoose/lib/index.js:378:20)
    at Object.module.exports.connect (/myapp/config/db.js:5:10)
    at Server.<anonymous> (/myapp/index.js:75:14)
    at Object.onceWrapper (node:events:513:28) {
  reason: TopologyDescription {
    type: 'ReplicaSetNoPrimary',
    servers: Map(3) {
      'ac-tszcvnh-shard-00-01.efxgtyi.mongodb.net:27017' => [ServerDescription],
      'ac-tszcvnh-shard-00-02.efxgtyi.mongodb.net:27017' => [ServerDescription],
      'ac-tszcvnh-shard-00-00.efxgtyi.mongodb.net:27017' => [ServerDescription]
    },
    stale: false,
    compatible: true,
    heartbeatFrequencyMS: 10000,
    localThresholdMS: 15,
    setName: 'atlas-ew9q6w-shard-0',
    logicalSessionTimeoutMinutes: undefined
  },
  code: undefined
}

I tried setting the dnsPolicy to default and ClusterFirstWithHostNet both didn’t work.

My Atlas Network access is as follows, I’ve added a lot of possible ip’s in hope of getting 1 running

The whitened out ip is my servers-public-ip/32

There are API calls to other public API’s like weathermap in the app and they work fine.

I’m using k3s binary on a Debian 10 machine.

The service type is LoadBalancer.

Following is my Deployment config

apiVersion: apps/v1
kind: Deployment
metadata:
  name: some-name
spec:
  selector:
    matchLabels:
      app: some-name
  template:
    metadata:
      labels:
        app: some-name
    spec:
      dnsPolicy: ClusterFirstWithHostNet
      containers:
      - name: some-name
        image: me/myimg
        resources:
          limits:
            memory: "128Mi"
            cpu: "500m"
        ports:
        - containerPort: 3000
        env:
          env-variables-here

Following is my Service config

apiVersion: v1
kind: Service
metadata:
  name: node-service
spec:
  selector:
    app: some-name
  type: LoadBalancer
  ports:
  - port: 3000
    targetPort: 3000
    nodePort: 30001

Jack_Woehr · July 24, 2022, 5:12pm

Does anything (especially towards the end) of this StackOverflow question help?

Wilfred_Almeida · July 25, 2022, 5:26am

No, the ports 27015-17 are open. When I run the code from IDE it runs fine and connects to Atlas.

Dan_Mckean · July 25, 2022, 12:47pm

Hi! Is k3s running on your local machine? If so then…

When I run the code from IDE it runs fine and connects to Atlas.

…would suggest it’s not the IP whitelisting.

Wilfred_Almeida · July 25, 2022, 3:26pm

By IDE I mean VSCode, I have a debian vm as a server so to test it I installed vs code on it. I’ve tried running from vs code and docker and in both cases it connects. Only when I do from k8s it doesn’t connect.

Dan_Mckean · July 27, 2022, 10:41am

Okay, good news is that it’s definitely not the whitelisting.

Are you using our the Atlas Kubernetes Operator? Or did you create the org/project etc in Atlas yourself and copy out the connection string?

Dan_Mckean · July 27, 2022, 10:52am

Have you got network policies set up?

Wilfred_Almeida · July 27, 2022, 10:54am

No, I’m not using the operator. I created the project in Atlas and copied the connection string from there.

Wilfred_Almeida · July 27, 2022, 10:56am

I don’t know, I’ve done just the basic stuff to get k8s running. It must all be on default.

Dan_Mckean · July 27, 2022, 1:15pm

Hmm. I’m not sure…sorry

I’d suggest raising a support ticket (top right in Atlas - “Get help”) and they can help you look into it in more detail.

Though I suspect the answer is more specific to Kubernetes than Atlas.