percona-server-mongodb-operator
percona-server-mongodb-operator copied to clipboard
percona
K8SPSMDB-1032: Added possibility to specify nodeport for mongos expose
Added the possibility to specify nodeport for the mongos router. See #1381.
Problem: In some infrastructure we want to specify the nodeport to maintain consistency between environments and create routing rules. In the actual state it is not possible.
Cause: The configuration does not allow that
Solution: Read nodeport from the expose structure and bind this to the service nodeport if the service is not per pod and the exposeType is NodePort.
CHECKLIST
Jira
- [ ] Is the Jira ticket created and referenced properly?
- [ ] Does the Jira ticket have the proper statuses for documentation (
Needs Doc) and QA (Needs QA)? - [ ] Does the Jira ticket link to the proper milestone (Fix Version field)?
Tests
- [ ] Is an E2E test/test case added for the new feature/change?
- [ ] Are unit tests added where appropriate?
- [ ] Are OpenShift compare files changed for E2E tests (
compare/*-oc.yml)?
Config/Logging/Testability
- [ ] Are all needed new/changed options added to default YAML files?
- [ ] Are the manifests (crd/bundle) regenerated if needed?
- [ ] Did we add proper logging messages for operator actions?
- [ ] Did we ensure compatibility with the previous version or cluster upgrade process?
- [ ] Does the change support oldest and newest supported MongoDB version?
- [ ] Does the change support oldest and newest supported Kubernetes version?
@MikeDevresse please add this new field to deploy/cr.yaml as a commented example, we want to include this in next release
@MikeDevresse please update CRDs. As you can see test is not ok https://github.com/percona/percona-server-mongodb-operator/actions/runs/7737346105/job/21112653342?pr=1392
@MikeDevresse you can fix the manifests test using:
make generate manifests VERSION=main
and then commit the changes
Hi @MikeDevresse did you test it? I am trying to do it, but it does not work for me :( Maybe it is due to GKE.
mhh not working ... trying to find out why, I may update the PR soon then
Still not working, if anyone has an idea feel free to suggest, it seems that the configuration is not saved, is there a way to debug this maybe ?
Edit : I tried making a test and running it, but it seems complicated even with minikube to run a local image, and I dont have the permissions to publish to perconalab so it's hard to test because it means that each time I have to wait for the CI to be completed, if anyone has a workarround to that feel free to share, would love to test this locally before commiting
@MikeDevresse I tried on GKE and your code works. The example port number you put in deploy/cr.yaml causes the following error:
reconcile mongos: create or update mongos service: create or update mongos service: Service "cluster1-mongos" is invalid: spec.ports[0].nodePort: Invalid value: 37017: provided port is not in the valid range. The range of valid ports is 30000-32767
I changed the port number to 32017:
expose:
exposeType: NodePort
nodePort: 32017
and then allowed traffic to this port:
$ gcloud compute firewall-rules create test-node-port --allow tcp:32017
and was able to connect to the database:
$ mongo -u databaseAdmin -p <pass> <node-external-ip>:32017/admin
Percona Server for MongoDB shell version v5.0.22-19
connecting to: mongodb://<node-external-ip>:32017/admin?compressors=disabled&gssapiServiceName=mongodb
Implicit session: session { "id" : UUID("b7e35f2d-ab51-4b52-9e7e-95d325a13477") }
Percona Server for MongoDB server version: v6.0.13-10
WARNING: shell and server versions do not match
================
Warning: the "mongo" shell has been superseded by "mongosh",
which delivers improved usability and compatibility.The "mongo" shell has been deprecated and will be removed in
an upcoming release.
For installation instructions, see
https://docs.mongodb.com/mongodb-shell/install/
================
---
The server generated these startup warnings when booting:
2024-03-09T10:35:18.027+00:00: While invalid X509 certificates may be used to connect to this server, they will not be considered permissible for authentication
---
mongos>
@MikeDevresse tests are most likely failing because of a new version of PBM. We're fixing it in another PR. I'll ping you once it gets merged so you can rebase.
The PR which will fix PBM issues: https://github.com/percona/percona-server-mongodb-operator/pull/1485
| Test name | Status |
|---|---|
| arbiter | passed |
| balancer | passed |
| custom-replset-name | passed |
| cross-site-sharded | passed |
| data-at-rest-encryption | passed |
| data-sharded | passed |
| demand-backup | passed |
| demand-backup-eks-credentials | passed |
| demand-backup-physical | passed |
| demand-backup-physical-sharded | passed |
| demand-backup-sharded | passed |
| expose-sharded | passed |
| ignore-labels-annotations | passed |
| init-deploy | passed |
| finalizer | passed |
| ldap | passed |
| ldap-tls | passed |
| limits | passed |
| liveness | passed |
| mongod-major-upgrade | passed |
| mongod-major-upgrade-sharded | passed |
| monitoring-2-0 | passed |
| multi-cluster-service | passed |
| non-voting | passed |
| one-pod | passed |
| operator-self-healing-chaos | passed |
| pitr | passed |
| pitr-sharded | passed |
| pitr-physical | passed |
| recover-no-primary | passed |
| rs-shard-migration | passed |
| scaling | passed |
| scheduled-backup | passed |
| security-context | passed |
| self-healing-chaos | passed |
| service-per-pod | passed |
| serviceless-external-nodes | passed |
| smart-update | passed |
| split-horizon | passed |
| storage | passed |
| tls-issue-cert-manager | passed |
| upgrade | passed |
| upgrade-consistency | passed |
| upgrade-consistency-sharded-tls | passed |
| upgrade-sharded | passed |
| users | passed |
| version-service | passed |
| We run 47 out of 47 |
commit: https://github.com/percona/percona-server-mongodb-operator/pull/1392/commits/cf23e6e2f879c0471eb03aa6be91c066c3767063
image: perconalab/percona-server-mongodb-operator:PR-1392-cf23e6e2
