CSFLE: run mongocryptd process on application container

Hi,

This is reference to CSFLE and is an extention to the forum query Mongocryptd for client side encryption.
My setup is similar. The server is installed on a VM and the applications are running as containers. For csfle to work, the java driver needs to connect to the mongocryptd process . mongocryptd executable is present in the server/bin and is not present in the client container.
I understand that Only local interfaces (localhost or a local unix domain socket) are supported for mongocryptd as at MongoDB 4.4.

My question is - Is there a possibility that the mongocryptd process can be run on each application container and it can talk to the server remotely running on the separate VM? i.e. 5 applications - 5 containers and each container has mongocryptd process running. All these are talking to same mongodb server instance on a remote VM.
If yes, how and where to get and run the mongocryptd executable? Would that be same as the one kept in server/bin? Can that exe/sh be copied and run on each container independently?
Is there a way to make CSFLE work in this set up?

Thanks,
Anu

2 Likes