alexellis/mongodb-function

mongodb not unauthorized

Closed this issue · 1 comments

phbai commented 
# export OPENFAAS_URL=127.0.0.1:31112
# curl http://$OPENFAAS_URL/function/insert-user \
>   --data-binary '{"first":"Alex", "last": "Ellis"}' \
>   -H "Content-Type: application/json"
MongoError: there are no users authenticated

Here is my stack.yml.

# cat stack.yml
provider:
  name: faas
  gateway: http://127.0.0.1:31112

functions:
  insert-user:
    lang: node8-express
    handler: ./insert-user
    image: alexellis2/insert-user
    environment:
      write_timeout: 10s
      read_timeout: 10s
      mongo: openfaas-db-mongodb

Steps to Reproduce.

# helm install stable/mongodb --name openfaas-db \
>   --namespace openfaas-fn \
>   --set persistence.enabled=false
NAME:   openfaas-db
LAST DEPLOYED: Wed Jun 13 23:39:58 2018
NAMESPACE: openfaas-fn
STATUS: DEPLOYED

RESOURCES:
==> v1beta1/Deployment
NAME                 DESIRED  CURRENT  UP-TO-DATE  AVAILABLE  AGE
openfaas-db-mongodb  1        1        1           0          1s

==> v1/Pod(related)
NAME                                  READY  STATUS             RESTARTS  AGE
openfaas-db-mongodb-547fd5b696-mpl6n  0/1    ContainerCreating  0         1s

==> v1/Secret
NAME                 TYPE    DATA  AGE
openfaas-db-mongodb  Opaque  1     1s

==> v1/Service
NAME                 TYPE       CLUSTER-IP      EXTERNAL-IP  PORT(S)    AGE
openfaas-db-mongodb  ClusterIP  10.102.106.157  <none>       27017/TCP  1s


NOTES:


** Please be patient while the chart is being deployed **

MongoDB can be accessed via port 27017 on the following DNS name from within your cluster:

    openfaas-db-mongodb.openfaas-fn.svc.cluster.local

To get the root password run:

    export MONGODB_ROOT_PASSWORD=$(kubectl get secret --namespace openfaas-fn openfaas-db-mongodb -o jsonpath="{.data.mongodb-root-password}" | base64 --decode)

To connect to your database run the following command:

    kubectl run openfaas-db-mongodb-client --rm --tty -i --image bitnami/mongodb --command -- mongo --host openfaas-db-mongodb -p $MONGODB_ROOT_PASSWORD

To connect to your database from outside the cluster execute the following commands:

    export POD_NAME=$(kubectl get pods --namespace openfaas-fn -l "app=mongodb" -o jsonpath="{.items[0].metadata.name}")
    kubectl port-forward --namespace openfaas-fn $POD_NAME 27017:27017 &
    mongo --host 127.0.0.1 -p $MONGODB_ROOT_PASSWORD

[root@xxx mongodb-function]# export MONGODB_ROOT_PASSWORD=$(kubectl get secret --namespace openfaas-fn openfaas-db-mongodb -o jsonpath="{.data.mongodb-root-password}" | base64 --decode)
[root@xxx mongodb-function]# kubectl run openfaas-db-mongodb-client-1 --rm --tty -i --image bitnami/mongodb --command -- mongo --host openfaas-db-mongodb.openfaas-fn -p $MONGODB_ROOT_PASSWORD
If you don't see a command prompt, try pressing enter.

> use clients
switched to db clients
> show collections
2018-06-14T03:55:58.061+0000 E QUERY    [thread1] Error: listCollections failed: {
	"ok" : 0,
	"errmsg" : "not authorized on clients to execute command { listCollections: 1.0, filter: {}, $db: \"clients\" }",
	"code" : 13,
	"codeName" : "Unauthorized"
} :
_getErrorWithCode@src/mongo/shell/utils.js:25:13
DB.prototype._getCollectionInfosCommand@src/mongo/shell/db.js:941:1
DB.prototype.getCollectionInfos@src/mongo/shell/db.js:953:19
DB.prototype.getCollectionNames@src/mongo/shell/db.js:964:16
shellHelper.show@src/mongo/shell/utils.js:842:9
shellHelper@src/mongo/shell/utils.js:739:15
@(shellhelp2):1:1
> db.users.find()
Error: error: {
	"ok" : 0,
	"errmsg" : "not authorized on clients to execute command { find: \"users\", filter: {}, $db: \"clients\" }",
	"code" : 13,
	"codeName" : "Unauthorized"
}
phbai commented

See https://github.com/Automattic/mongoose/issues/4587
It works after I try:

const prepareDB = () => {
    const url = `mongodb://root:vRSaCbv6ac@${process.env.mongo}:27017/clients?authSource=admin`
    ...
}

in insert-user/handler.js