我在 Kubernetes 中拥有用于 MongoDB 的部署和服务 .yaml。
apiVersion: apps/v1
kind: Deployment
metadata:
name: mongo
labels:
app: mongo
spec:
selector:
matchLabels:
name: mongo
replicas: 1
template:
metadata:
labels:
name: mongo
spec:
hostNetwork: true
containers:
- name: mongo
image: mongo:4.4
volumeMounts:
- mountPath: /data/db
name: mongo-data
ports:
- containerPort: 27017
hostPort: 27017
args:
- --bind_ip
- 127.0.0.1
resources:
requests:
cpu: 100m
memory: 100Mi
env:
- name: MONGO_INITDB_ROOT_USERNAME
valueFrom:
secretKeyRef:
name: mongo-creds
key: username
- name: MONGO_INITDB_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: mongo-creds
key: password
securityContext:
fsGroup: 999
volumes:
- name: mongo-data
persistentVolumeClaim:
claimName: mongo-pvc-claim
---
apiVersion: v1
kind: Service
metadata:
labels:
app: mongo
name: mongo-nodeport-svc
spec:
type: ClusterIP
ports:
- port: 27017
protocol: TCP
targetPort: 27017
selector:
app: mongo
status:
loadBalancer: {}
还有这个 Kubernetes 秘密 MongoDB 文件:
apiVersion: v1
data:
password: Z1IwUmVyUWlKZ #gR0Rer
username: QXBp #AUser
kind: Secret
metadata:
creationTimestamp: null
name: mongo-creds
当我应用这些文件并尝试使用编码的用户和密码登录 MongoDB pod 时:
mongo --host localhost --port 27017 -u AUser -p gR0Rer
我无法登录并在 Pod 日志中,我发现了这条消息:
{"t":{"$date":"2023-02-27T12:34:23.630+00:00"},"s":"I", "c":"ACCESS", "id":20249, "ctx":"conn198","msg":"Authentication failed","attr":{"mechanism":"SCRAM-SHA-1","speculative":false,"principalName":"ApiUser","authenticationDatabase":"admin","remote":"127.0.0.1:54308","extraInfo":{},"error":"UserNotFound: Could not find user \"ApiUser\" for db \"admin\""}}
我做错了什么?
感谢您的帮助
我尝试使用您提供的 yaml 代码复制此内容,发现存在编码问题,并且您在创建机密时可能忽略了这一问题。我改变了价值观,这对我有用。我附上错误信息供您参考
如果您仍然遇到问题,请参阅 Bibin Wilson 和 Shishir Khandelwal 撰写的关于在 kubernetes 上部署 MongoDB 的文档,以获取更多信息以及在 kubernetes 上部署 MongoDB 的分步过程。
我认为这是一个编码问题,源于您如何使用
data
而不是 stringData
在 .yaml 文件中定义机密(参见文档)。尝试这个秘密 yaml 配置:
apiVersion: v1
kind: Secret
metadata:
name: mongo-creds
type: Opaque
stringData:
password: Z1IwUmVyUWlKZ
username: QXBp