Skip to main content
New to Testkube? Unleash the power of cloud native testing in Kubernetes with Testkube. Get Started >

MongoDB administration

Using an external MongoDB instance

MongoDB is used for storage of Testkube Test results and various Testkube configurations as telemetry settings and cluster ID.

In order to use an external MongoDB instance, follow these steps:

  1. Make sure you have access to the MongoDB you want to connect to - note: newest versions of MongoDB might not work optimally with Testkube, for the best experience, use MongoDB v6.0.16.
  2. Install Testkube with --set mongo.enabled=false:
kubectl testkube install --set mongo.enabled=false
  1. Update MongoDB details for the api-server in the Helm values with valid connection string.

SSL Connections

Inspecting the Testkube API-server manifest shows the following MongoDB-related environment variables:

  • "API_MONGO_DSN" (default:"mongodb://localhost:27017") - connection string
  • "API_MONGO_DB" (default:"testkube") - database name
  • "API_MONGO_SSL_CERT" (no default value) - reference to Kubernetes secret for MongoDB instances with SSL enabled
  • "API_MONGO_SSL_CA_FILE_KEY" (default:"sslCertificateAuthorityFile") - the key in the secret that marks the CA file
  • "API_MONGO_SSL_CLIENT_FILE_KEY" (default:"sslClientCertificateKeyFile") - the key in the secret that marks the client certificate file
  • "API_MONGO_SSL_CLIENT_FILE_PASS_KEY" (default:"sslClientCertificateKeyFilePassword") - the key in the secret that marks the client certificate file password

API_MONGO_SSL_CERT expects the name of a Kubernetes secret containing all the necessary information to establish an SSL connection to the MongoDB instance. This secret has to be in the testkube namespace and should have the following structure:

apiVersion: v1
kind: Secret
metadata:
name: mongo-ssl-certs
namespace: testkube
type: Opaque
data:
sslCertificateAuthorityFile: <base64 encoded root-ca.pem>
sslClientCertificateKeyFile: <base64 encoded mongodb.pem>
sslClientCertificateKeyFilePassword: <base64 encoded password>

The keys of the fields can be modified. To set these variables on helm-charts level, set mongodb.sslCertSecret to the name of the secret. If needed, also set mongodb.sslCAFileKey, mongo.sslClientFileKey and mongodb.sslClientFilePassKey.

Amazon DocumentDB

warning

Amazon DocumentDB support ended with version 1.16.X of Testkube - the current version does NOT support DocumentDB.

Previous versions of Testkube supported using Amazon DocumentDB, the managed version on MongoDB on AWS, as its database. Configuring it without TLS enabled is straightforward: add the connection string, and make sure the features that are not supported by DocumentDB are disabled. The parameters in the helm-charts are:

mongodb:
dsn: "mongodb://docdbadmin:<insertYourPassword>@docdb.cluster.us-east-1.docdb.amazonaws.com:27017/?retryWrites=false"
allowDiskUse: false

With TLS Enabled

You will need to specify the dbType and allowTLS in addition to the previous fields:

mongodb:
dsn: "mongodb://docdbadmin:<insertYourPassword>@docdb.cluster.location.docdb.amazonaws.com:27017/?retryWrites=false"
allowDiskUse: false
dbType: docdb
allowTLS: true

Testkube will download and use the CA certificates provided by AWS from https://s3.amazonaws.com/rds-downloads/rds-combined-ca-bundle.pem.

Purging Indexes

In case of having large amounts of legacy data, which is no longer needed and can be purged, we recommend using MongoDB TTL Indexes. These are useful for cases such as deleting big logs, documents that only needs to be persisted in the database for a finite amount of time.