TLS support for MongoDB 4.4

rajavignesh commented 3 years ago

What did you do to encounter the bug? When deploying cluster with MongoDB version 4.4.2 and TLS enabled, SSLHandshakeFailed error found in "mongod" container log and "mongodb-agent" pod goes down after few minutes.

The same TLS certificate works fine in 4.2.12, facing issues when deploying with MongoDB version 4.4. Deploying 4.4.2 without TLS works fine.

Steps to reproduce the behavior:

Enable TLS connection parameter in CR file with 3 replica set and version set to 4.4.2
Deploy CR file

What did you expect? No error to be logged in the container log and mongodb-agent should be up and running

What happened instead? SSLHandshakeFailed issue logged in mongod container log and mongodb-agent container goes down after few minutes.

Operator Information

Operator Version: 0.5.1
MongoDB Image used: 4.4.2

Additional context

mongodb-agent container status

containerID: docker://f57605f5650d6247be60c82151b4e861c0e69bd65bd4a75cecb7c84217c68e0f image: xx/dev/operators/mongodb/mongodb-agent:10.27.0.6772-1 imageID: docker-pullable://xx/dev/operators/mongodb/mongodb-agent@sha256:00bc0c60aa7eb11494d8ff170281983a0dfa3b4378459885b5eda3129b16d4b4 lastState: {} name: mongodb-agent ready: false restartCount: 0 started: true state: running: startedAt: "2021-02-24T08:25:20Z"

Deploying with MongoDB version 4.2.12, it was using mongo-go-driver v1.3.4 as in the container log below. Not sure mongo-go-driver 1.4 will be used for MongoDB version 4.4 as GO driver 1.3 is not compatible with MongoDB 4.4

https://docs.mongodb.com/drivers/go/

antonlisovenko commented 3 years ago

hi @rajavignesh

thanks for your report! have created an internal ticket to track the issue

antonlisovenko commented 3 years ago

hi @rajavignesh

We have a couple of e2e tests that check TLS with 4.4.0, one of them is: https://github.com/mongodb/mongodb-kubernetes-operator/blob/master/test/e2e/replica_set_tls/replica_set_tls_test.go

We tried 4.4.2 and that also worked... Can you please double-check your configuration - and maybe the test above will help you to verify the correctness of the configuration.

github-actions[bot] commented 3 years ago

This issue is being marked stale because it has been open for 60 days with no activity. Please comment if this issue is still affecting you. If there is no change, this issue will be closed in 30 days.

github-actions[bot] commented 3 years ago

This issue was closed because it became stale and did not receive further updates. If the issue is still affecting you, please re-open it, or file a fresh Issue with updated information.

mau21mau commented 1 year ago

Can anyone helpme with that? I'm trying to deploy on GKE and getting the same error:

{
code: 141
codeName: "SSLHandshakeFailed"
errmsg: "The server is configured to only allow SSL connections"
}

kavaka123 commented 1 year ago

Hi, even I get the same error on mongoDB version "6.0.5". Can someone please help me?

mongodb / mongodb-kubernetes-operator

TLS support for MongoDB 4.4 #359