Service mesh with replicaset

Jesum_Yip · February 23, 2022, 5:40am

Does any one know how to connect to a replicaset with you have a servicemesh in your K8s cluster? I have MongoDB deployed in GKE using the MongoDB operator. I have a Ubuntu pod in the same cluster that works well connecting to the replicaset using mongsh.

I use Istio as my service mesh and I’m wondering how to configure the service mesh to recognize the replicaset. That obviously has a direct impact on the connection string that I will use in my applications.

I use the following connection string in mongosh for testing. From my understanding, this connects to the replicaSet’s admin database:

mongosh “mongodb://:@mongodb-0.mongodb-svc.mongodb.svc.cluster.local:27017,mongodb-1.mongodb-svc.mongodb.svc.cluster.local:27017,mongodb-2.mongodb-svc.mongodb.svc.cluster.local:27017/admin?ssl=false&replicaSet=mongodb”

So with a service mesh configured to expose this GKE cluster to the internet (I will use load balancer IP restrictions later), I am hazarding a guess that:

My external application will need to use all 3 publicly assigned server names to connect to the replicaset? This means I need to configure the service mesh to publish all 3 servers on TCP27017? The service mesh will then route the traffic to individual servers based on the server name it sees in the incoming traffic.
Or should I just use a single name but with different TCP ports? Then configure the service mesh to publish it accordingly?

I’m thinking option #2 may be better? Because then I only have to deal with a single public DNS name and a single SSL certificate name. Assuming I go with #2, how do I control which TCP port each member of the replicaset uses? I have seen https://docs.mongodb.com/manual/reference/configuration-options/#mongodb-setting-net.port.

In the YAML submitted to the MongoDB operator, I only see this:

spec:
  members: 3
  type: ReplicaSet
  version: "5.0.5"
  security:
    authentication:

which tells me how many replicasets I want. But how can I configure EACH INDIVIDUAL replicaset’s configuration? Do I use replicasetHorizons?

I found error when trying to use it. According to MongoDB Database Resource Specification — MongoDB Kubernetes Operator 1.15, it should be spec.connectivity.replicaSetHorizons, but in the samples of the git repository for the operator, I see it is instead spec.replicaSetHorizons. Can someone point me to the correct place for the documentation?

Jesum_Yip · February 23, 2022, 7:40am

I’ve managed to make some progress. I’ve created nodeports for all 3 members of the replicaset. I can now telnet to the public IP of the istio load balancer on those 3 nodeports. Great!

The problem I now face is when I run mongosh from an external computer to connect, I see the following error:

MongoNetworkError: getaddrinfo ENOTFOUND mongodb-0.mongodb-svc.mongodb.svc.cluster.local

which looks to me like mongosh is trying to connect to an internal GKE pod name? So something is being returned as part of the handshake that contains the internal DNS names. how do I fix this?

Jesum_Yip · February 24, 2022, 1:44am

Nobody has encountered this problem? Do I use replicaSetHorizons ?