Having an external route for mongo #240
Comments
|
i don't know enough about mongo to advise you about enabling sni (but if you do, you should be able to create a passthrough route to it), but another option would be configuring either an external ip service, or a nodeport for your mongodb pod. |
|
Using SNI does not require using SSL/TLS on the server too? Currently it is not possible to enable SSL for mongodb container - I plan to add this after s2i support is added (#239) |
yes, it does. I figured that was implied when I said enabling SNI. |
Not sure we talk about same "server" :-) I thought a mongod server... I was asking because I am not familiar with "Edge Termination" of OpenShift routes. And if this can be somehow used. |
|
edge termination of a route means the router terminates the SSL connection and then uses a non-encrypted connection to the backend. |
|
@bparees So it is possible to connect to service port (different than 80/443) without encrypted connection? |
services can be on any port you want and any protocol you want. but routes cannot. |
|
Ok. So this issue is waiting for SSL support in mongodb-container. And that is blocked by s2i support - #239 |
|
any updates on this? |
|
mongodb container is not maintained any more in this org. closing. |
Using the openshift mongo template, has anyone found a way to expose an external route for mongo? We can set mongo to require authentication and bind to 0.0.0.0 so it accepts non-localhost connections, but I've not found a way to make it work with external routes.
openshift/origin#3415 (comment) suggests there might be a way if mongo support SNI, which if I understand it correctly, does: https://jira.mongodb.org/browse/DRIVERS-320
Any ideas?
The text was updated successfully, but these errors were encountered: