3.6. Deploying the database application
Deploy a MongoDB database application to contain the information that your application requires. For this tutorial, you will deploy a database application called mongodb-nationalparks that holds the national park location information.
Prerequisites
-
You have deployed the
parksmapfront-end application. -
You have deployed the
nationalparksback-end application.
Procedure
Deploy the
mongodb-nationalparksdatabase application by running the following command:$ oc new-app registry.redhat.io/rhmap47/mongodb --name mongodb-nationalparks -e MONGODB_USER=mongodb -e MONGODB_PASSWORD=mongodb -e MONGODB_DATABASE=mongodb -e MONGODB_ADMIN_PASSWORD=mongodb -l 'app.kubernetes.io/part-of=national-parks-app,app.kubernetes.io/name=mongodb'Example output
--> Found container image 7a61087 (12 days old) from quay.io for "quay.io/mongodb/mongodb-enterprise-server" * An image stream tag will be created as "mongodb-nationalparks:latest" that will track this image --> Creating resources with label app.kubernetes.io/name=mongodb,app.kubernetes.io/part-of=national-parks-app ... imagestream.image.openshift.io "mongodb-nationalparks" created deployment.apps "mongodb-nationalparks" created service "mongodb-nationalparks" created --> Success Application is not exposed. You can expose services to the outside world by executing one or more of the commands below: 'oc expose service/mongodb-nationalparks' Run 'oc status' to view your app.
3.6.1. Providing access to the database by creating a secret 링크 복사링크가 클립보드에 복사되었습니다!
Create a Secret resource to securely provide the back-end application with the sensitive database connection credentials.
The nationalparks application needs information, such as the database name, username, and passwords, to access the MongoDB database. However, because this information is sensitive, you should not store it directly in the pod.
You can use a secret to store sensitive information, and share that secret with workloads.
Secret objects provide a mechanism to hold sensitive information such as passwords, OpenShift Container Platform client configuration files, and private source repository credentials. Secrets decouple sensitive content from the pods. You can mount secrets into containers by using a volume plugin or by passing the secret in as an environment variable. The system can then use secrets to provide the pod with the sensitive information.
The following procedure creates the nationalparks-mongodb-parameters secret and mounts it to the nationalparks workload.
Prerequisites
-
You have deployed the
nationalparksback-end application. -
You have deployed the
mongodb-nationalparksdatabase application.
Procedure
Create the secret with the required database access information by running the following command:
$ oc create secret generic nationalparks-mongodb-parameters --from-literal=DATABASE_SERVICE_NAME=mongodb-nationalparks --from-literal=MONGODB_USER=mongodb --from-literal=MONGODB_PASSWORD=mongodb --from-literal=MONGODB_DATABASE=mongodb --from-literal=MONGODB_ADMIN_PASSWORD=mongodbImport the environment from the secret to the
nationalparksworkload by running the following command:$ oc set env --from=secret/nationalparks-mongodb-parameters deploy/nationalparksWait for the
nationalparksdeployment to roll out a new revision with this environment information. Check the status of thenationalparksdeployment by running the following command:$ oc rollout status deployment nationalparksExample output
deployment "nationalparks" successfully rolled out