Rancher 2: Mongo replicaset SSL

Here is how to deploy our Mongo, we will add other services to enlarge the toolbox of startups ...

Rancher 2: Mongo replicaset SSL

Rancher comes with a catalog containing a basic mongo. Unfortunately, it is not up to date on the latest versions and is complicated to use. Fortunately, Rancher allows you to create and add your catalogs based on helm charts. So we started to initialize a dedicated WeAreOpenSource catalog to facilitate the use of our stacks. Therefore, we will follow the Mongo updates as soon as possible and simplify SSL and persistent data. Here is an article on how to use our catalog and install Mongo.

We created our aligned Node Vue Swift stacks to go to a production of startups rapidly. But we also explored how delivered and scaled at low prices. After evaluating amazon, google cloud, CapRover, Rocku ... I still think that a homemade Kubernetes cluster, simple thanks to Rancher, and RKE is the right balance.

We have set up a WeAreOpensource Catalog Rancher, but I think it could be a good principle of centralization and management of tools for a startup. We will try to make it grow step by step while sharing it with the community.

Here is how to deploy our Mongo.


Everything we set up in the previous article :

  • Rancher 2.0 & Kubernetes Cluster
  • Our Node Stack installed as a Workload

Add WeAreOpenSource Catalog to rancher

  • Go in rancher > default > tools > catalog > add catalog
Name : weareopensource
Catalog Url : https://github.com/weareopensource/rancher-catalog
Branch: master
Scrope: project
Helm Version: helm v3

Init Volumes

  • Go in local > nodes
  • Edit the node where you want to store the data
  • Add a label : node = NODENAME
  • Save
  • Go in local > storage > persistents volumes
  • Create three persistent volumes for three mongo node : Add Volume
Name : NODENAME-mongo-replica1
Volume Plugin : Local
Capacity : XX go
Plugin Configuration : path to data folder for mongo
 Single Node Read-Write
 Many Nodes Read-Only
 Many Nodes Read-Write
Add Node Selector: node in list NODENAME

Install Mongo

  • Go in local > default > Apps > Launch > WeAreOpenSource > MongoDb

Normally everything must be configured, you just have to create the necessary keys for SSL via the commands available in the instruction under the two red squares. If all goes well mongo should be this up in 5 10 minutes, and automatically use the available volumes.

You can easily uninstall from the interface and free the volumes via with :

kubectl patch pv NODENAME-mongo-replicaA -p '{"spec":{"claimRef": null}}'

Connect to mongo from our Node Stack

  • Go in local > default > Ressources > Workloads > Mongodb-replicaset
  • Choose one Node and in options click on Execute Schell
  • Go in work-dir and save pem content
cd work-dir
cat mongo.pem
  • Go in local > ProjectNamespace > Ressources > Secrets > Add Secret
name: mongo
key 1: crt = past ca.crt content created during mongodb setup
key 2: pem = mongo.pem cat after installation
  • Go in local > ProjectNamespace > Ressources > Workloads > Node Stack > Edit
  • In Volume section we will Add Mongo Secret
  • In Environment Variables we will set our mongoose configuration :
NODE_ENV : production
WAOS_NODE_cors_origin : ['https://vue.weareopensource.me']
WAOS_NODE_db_options_checkServerIdentity : false
WAOS_NODE_db_options_ssl : true
WAOS_NODE_db_options_sslCA : mongo/crt
WAOS_NODE_db_options_sslCert : ongo/pem
WAOS_NODE_db_options_sslKey : mongo/pem
WAOS_NODE_db_options_sslValidate : false
WAOS_NODE_db_uri : mongodb://mongodb-replicaset.default.svc.cluster.local:27017/myDB?replicaSet=rs0
WAOS_NODE_host :

Save and everything should work :) Do not hesitate to contact me if necessary.