{"id":17110472,"url":"https://github.com/morphy2k/k8s-mongo-sidecar","last_synced_at":"2025-04-13T02:32:28.128Z","repository":{"id":27692462,"uuid":"114937785","full_name":"morphy2k/k8s-mongo-sidecar","owner":"morphy2k","description":"Kubernetes sidecar for MongoDB","archived":false,"fork":false,"pushed_at":"2023-01-16T04:01:00.000Z","size":822,"stargazers_count":42,"open_issues_count":16,"forks_count":33,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-03-26T20:49:31.799Z","etag":null,"topics":["k8s","kubernetes","mongo","nodejs","replica","sidecar"],"latest_commit_sha":null,"homepage":null,"language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/morphy2k.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2017-12-20T22:41:28.000Z","updated_at":"2025-03-09T10:49:14.000Z","dependencies_parsed_at":"2023-02-10T00:50:40.887Z","dependency_job_id":null,"html_url":"https://github.com/morphy2k/k8s-mongo-sidecar","commit_stats":null,"previous_names":[],"tags_count":13,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/morphy2k%2Fk8s-mongo-sidecar","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/morphy2k%2Fk8s-mongo-sidecar/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/morphy2k%2Fk8s-mongo-sidecar/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/morphy2k%2Fk8s-mongo-sidecar/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/morphy2k","download_url":"https://codeload.github.com/morphy2k/k8s-mongo-sidecar/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248657819,"owners_count":21140842,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["k8s","kubernetes","mongo","nodejs","replica","sidecar"],"created_at":"2024-10-14T16:26:36.132Z","updated_at":"2025-04-13T02:32:27.901Z","avatar_url":"https://github.com/morphy2k.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"![Lint](https://github.com/morphy2k/k8s-mongo-sidecar/workflows/Lint/badge.svg)\n\n**This repository only gets important security updates. I recommend to use the [Kubernetes Operator](https://github.com/mongodb/mongodb-kubernetes-operator) in the future.**\n\n# Mongo Kubernetes Replica Set Sidecar\n\nThis project is as a PoC to setup a MongoDB replica set using Kubernetes. It should handle resizing of any type and be resilient to the various conditions both MongoDB and Kubernetes can find themselves in.\n\n*It's a fork of [cvallance/mongo-k8s-sidecar](https://github.com/cvallance/mongo-k8s-sidecar) with (many) changes and improvements.*\n\n## How to use it\n\nThe docker image is hosted on Docker Hub and can be found here:\n[https://hub.docker.com/r/morphy/k8s-mongo-sidecar](https://hub.docker.com/r/morphy/k8s-mongo-sidecar)\n\nAn example Kubernetes replication controller can be found in the examples directory on GitHub:\n[https://github.com/morphy2k/k8s-mongo-sidecar](https://github.com/morphy2k/k8s-mongo-sidecar/tree/master/example)\n\n\n### Settings\n\n| Environment Variable | Required | Default | Description |\n| --- | --- | --- | --- |\n| KUBERNETES_CLUSTER_DOMAIN | NO | cluster.local | This allows the specification of a custom cluster domain name. Used for the creation of a stable network ID of the k8s Mongo pods. An example could be: \"kube.local\". |\n| KUBERNETES_SERVICE_NAME | YES | mongo | This should point to the MongoDB Kubernetes (headless) service that identifies all the pods. |\n| KUBERNETES_NAMESPACE | NO | | The namespace to look up pods in. Not setting it will search for pods in all namespaces. |\n| KUBERNETES_POD_LABELS | YES | | This should be a be a comma separated list of key values the same as the podTemplate labels. See above for example. |\n| MONGO_PORT | NO | 27017 | Configures the mongo port, allows the usage of non-standard ports. |\n| MONGO_CONFIG_SVR | NO | false | Configures the [configsvr](https://docs.mongodb.com/manual/reference/replica-configuration/#rsconf.configsvr) variable when initializing the replicaset. |\n| MONGO_DATABASE | NO | local | Configures the mongo authentication database |\n| MONGO_USERNAME | NO | | Configures the mongo username for authentication |\n| MONGO_PASSWORD | NO | | Configures the mongo password for authentication |\n| MONGO_AUTH_SOURCE | NO | admin | Configures the mongo database for authentication |\n| MONGO_AUTH_MECHANISM | NO | SCRAM-SHA-1 | Configures the mongo authentication mechanism |\n| MONGO_TLS | NO | false | Enable MongoDB TLS connection |\n| MONGO_TLS_CA | NO | | Path to TLS CA Certificate |\n| MONGO_TLS_CERT | NO | | Path to TLS Certificate |\n| MONGO_TLS_KEY | NO | | Path to TLS Key |\n| MONGO_TLS_PASS | NO | | TLS Certificate pass phrase |\n| MONGO_TLS_CRL | NO | | Path to TLS Certificate revocation list |\n| MONGO_TLS_IDENTITY_CHECK | NO | true | Server identity check during TLS. Checks server's hostname against the certificate |\n| SIDECAR_SLEEP_SECONDS | NO | 5 | This is how long to sleep between work cycles. |\n| SIDECAR_UNHEALTHY_SECONDS | NO | 30 | This is how many seconds a replica set member has to get healthy before automatically being removed from the replica set. |\n\n#### MongoDB TLS\nThe following is an example of how you would update the mongo command enabling TLS and using a certificate obtained from a secret and mounted at `/data/tls/mongo/`\n\nCommand\n```yaml\n - name: my-mongo\n image: mongo\n command:\n - mongod\n args:\n - \"--replSet=rs0\"\n - \"--tlsMode=requireTLS\"\n - \"--tlsCAFile=/var/run/secrets/kubernetes.io/serviceaccount/ca.crt\"\n - \"--tlsCertificateKeyFile=/data/tls/mongo/full.pem\"\n - \"--bind_ip=0.0.0.0\"\n```\n\nEnvironment variables, Volume \u0026 Volume Mounts\n```yaml\n volumeMounts:\n - name: mongo-persistent-storage\n mountPath: /data/db\n - name: mongo-tls\n mountPath: /data/tls/mongo\n - name: mongo-sidecar\n image: morphy/k8s-mongo-sidecar\n env:\n - name: KUBERNETES_POD_LABELS\n value: \"role=mongo,environment=prod\"\n - name: MONGO_TLS\n value: \"true\"\n - name: MONGO_TLS_CA\n value: \"/var/run/secrets/kubernetes.io/serviceaccount/ca.crt\"\n - name: \"MONGO_TLS_CERT\"\n value: \"/data/tls/mongo/cert.pem\"\n - name: MONGO_TLS_KEY\n value: \"/data/tls/mongo/key.pem\"\n volumeMounts:\n - name: mongo-tls\n mountPath: /data/tls/mongo\n volumes:\n - name: mongo-tls\n secret:\n secretName: mongo-tls\n defaultMode: 256 # file permission 0400\n```\n\n#### Creating Secret for TLS\n\n1. Generate a certificate with your Kubernetes cluster as CA that is explained [here](https://kubernetes.io/docs/tasks/tls/managing-tls-in-a-cluster/)\n2. Merge your certificate and key named as `cert.pem` and `key.pem` into a single file\n```bash\ncat cert.pem key.pem \u003e full.pem\n```\n3. Push the secrets to your cluster\n```bash\nkubectl create secret generic mongo-tls \\\n--from-file=full.pem \\\n--from-file=key.pem \\\n--from-file=cert.pem\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmorphy2k%2Fk8s-mongo-sidecar","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmorphy2k%2Fk8s-mongo-sidecar","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmorphy2k%2Fk8s-mongo-sidecar/lists"}