You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Please add the ability to connect to MongoDB via TLS when running as a docker service
Why is it needed? What is the value? For whom do we build it?
The ability to connect to MongoDB using TLS is is needed for someone who wants to run sorry-cypress as a docker service in a VM at Azure, using Azure's CosmosDB as the MongoDB server.
Azure's CosmosDB has a mongo front-end that I believe would work fine for sorry-cypress. However, CosmosDB requires that you connect to it with TLS. Note the --tls switch here in this successful connection using the mongosh CLI:
wayne@vm-qa-wayne:~$ mongosh --tls --host redacted.mongo.cosmos.azure.com --port 10255 --username redacted --password "redacted"
Current Mongosh Log ID: 61041cc2b0911cf9f4ebdf6e
Connecting to: mongodb://redacted.mongo.cosmos.azure.com:10255/?directConnection=true
Using MongoDB: 4.0.0
Using Mongosh: 1.0.3
For mongosh info see: https://docs.mongodb.com/mongodb-shell/
Warning: Found ~/.mongorc.js, but not ~/.mongoshrc.js. ~/.mongorc.js will not be loaded.
You may want to copy or rename ~/.mongorc.js to ~/.mongoshrc.js.
globaldb [direct: primary] test>
When the --tls switch is omitted, the connection fails after 30 seconds:
wayne@vm-qa-wayne:~$ mongosh --host redacted.mongo.cosmos.azure.com --port 10255 --username redacted --password "redacted"
Current Mongosh Log ID: 61041d6a87e5f02a1d20e3ba
Connecting to: mongodb://redacted.mongo.cosmos.azure.com:10255/?directConnection=true
MongoServerSelectionError: connection <monitor> to NNN.NNN.NNN.NNN:10255 closed
The docker-compose file allows four of the five MongoDB options that are needed:
but without the ability to connect via TLS, trying to bring sorry-cypress up results in a timeout error being logged 30 seconds after the service is started:
wayne@treebeard:~/lab/sorry-cypress$ docker-compose -f docker-compose.minio.yml up
...
api_1 | MongoServerSelectionError: connection <monitor> to NNN.NNN.NNN.NNN:10255 timed out
api_1 | at Timeout._onTimeout (/app/node_modules/mongodb/lib/core/sdam/topology.js:438:30)
api_1 | at listOnTimeout (internal/timers.js:557:17)
api_1 | at processTimers (internal/timers.js:500:7) {
api_1 | reason: TopologyDescription {
api_1 | type: 'Single',
api_1 | setName: null,
api_1 | maxSetVersion: null,
api_1 | maxElectionId: null,
api_1 | servers: Map(1) {
api_1 | 'redacted.mongo.cosmos.azure.com:10255' => [ServerDescription]
api_1 | },
api_1 | stale: false,
api_1 | compatible: true,
api_1 | compatibilityError: null,
api_1 | logicalSessionTimeoutMinutes: null,
api_1 | heartbeatFrequencyMS: 10000,
api_1 | localThresholdMS: 15,
api_1 | commonWireVersion: null
api_1 | }
api_1 | }
sorry-cypress_api_1 exited with code 1
director_1 | (node:1) UnhandledPromiseRejectionWarning: MongoServerSelectionError: connection <monitor> to 40.65.106.154:10255 timed out
director_1 | at Timeout._onTimeout (/app/node_modules/mongodb/lib/core/sdam/topology.js:438:30)
director_1 | at listOnTimeout (internal/timers.js:557:17)
director_1 | at processTimers (internal/timers.js:500:7)
director_1 | (Use `node --trace-warnings ...` to show where the warning was created)
director_1 | (node:1) UnhandledPromiseRejectionWarning: Unhandled promise rejection. This error originated either by throwing inside of an async function without a catch block, or by rejecting a promise which was not handled with .catch(). To terminate the node process on unhandled promise rejection, use the CLI flag `--unhandled-rejections=strict` (see https://nodejs.org/api/cli.html#cli_unhandled_rejections_mode). (rejection id: 1)
director_1 | (node:1) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handled will terminate the Node.js process with a non-zero exit code.
High-level feature overview
Perhaps the docker-compose file could have an environment variable such as:
MONGODB_TLS: 'true'
The text was updated successfully, but these errors were encountered:
Please add the ability to connect to MongoDB via TLS when running as a docker service
Why is it needed? What is the value? For whom do we build it?
The ability to connect to MongoDB using TLS is is needed for someone who wants to run sorry-cypress as a docker service in a VM at Azure, using Azure's CosmosDB as the MongoDB server.
Azure's CosmosDB has a mongo front-end that I believe would work fine for sorry-cypress. However, CosmosDB requires that you connect to it with TLS. Note the
--tls
switch here in this successful connection using the mongosh CLI:When the
--tls
switch is omitted, the connection fails after 30 seconds:The docker-compose file allows four of the five MongoDB options that are needed:
but without the ability to connect via TLS, trying to bring sorry-cypress up results in a timeout error being logged 30 seconds after the service is started:
High-level feature overview
Perhaps the docker-compose file could have an environment variable such as:
The text was updated successfully, but these errors were encountered: