Percona Server MongoDB - External Kubernetes Login Fails

MongoDB Percona Operator for MongoDB
1

Hello,

I would be grateful if someone could help on this issue.
I have a kubernetes cluster deployed with Percona Operator for MongoDB (cr.yaml):

  • Replica set rs0
  • 2 Kubernetes nodes
  • Port 27017 is exposed externally through an istio API Gateway.

I can successfully login to the MongoDB by following the instructions at 2. Connect to Percona Server for MongoDB - Percona Operator for MongoDB

1- Run a container with a MongoDB client and connect its console output to your terminal. The following command does this, naming the new Pod percona-client:
kubectl -n run -i --rm --tty percona-client --image=percona/percona-server-mongodb:8.0.19-7 --restart=Never – bash -il
2- Connect to Percona Server for MongoDB. The format of the MongoDB connection URI string is the following (sharding is off):
mongosh “mongodb://:@-rs0..svc.cluster.local/admin?replicaSet=rs0&ssl=false”

Login externally (outside the Kube cluster) it fails. I am following the instructions given at

mongodb://databaseAdmin:databaseAdminPassword@:,:,:/admin?replicaSet=rs0&ssl=false

Note: the external connection works when I telnet from outside the Kube cluster to a POD running a telnet server.

What can I trace please?

Thank you in advance.

Wane

2

Hi @nitu

What hostnames are you using to connect the MongoDB externally? And what error are you receiving? Have you created Istio gateway and the virtual service to reach the replicaset members?

You can refer this blog post for more information on this setup - https://www.percona.com/blog/beyond-the-horizon-mastering-percona-server-for-mongodb-exposure-in-kubernetes-part-two-istio/

Regards,

Vinodh Guruji

3

Hello Vinodh,
I made some changes on the way I configured the deploy/cr.yaml file by sttig expose to true and type to LoadBalancer. That was not set before.

After that the connection fails (getaddrinfo EAI_AGAIN ) if I use :
mongosh “mongodb://:x.y.z.t:27017,x.y.z.u:27017/admin?replicaSet=rs0&ssl=false"aSet=rs0&ssl=false”
Current Mongosh Log ID: 6a15d76b05ab523b499df8a2
Connecting to: mongodb://@10.0.0.2:27017,10.0.0.3:27017/admin?replicaSet=rs0&ssl=false&appName=mongosh+2.8.3
MongoServerSelectionError: getaddrinfo EAI_AGAIN -rs0-0.-rs0.psmdb.svc.cluster.local

However if I use directConnection and one IP address the login to mongodb works!

What do I need to do to use both IP addresses of Node 1 and Node 2?
Should I use directConnection?

mongosh “mongodb://:@x.y.z.t:27017/admin?directConnection=true&replicaSet=rs0&ssl=false”
Current Mongosh Log ID: 6a15d8bfe1d74bdee19df8a2
Connecting to: mongodb://@x.y.z.t:27017/admin?directConnection=true&replicaSet=rs0&ssl=false&appName=mongosh+2.8.3
Using MongoDB: 8.0.23-10
Using Mongosh: 2.8.3

For mongosh info see: Welcome to MongoDB Shell (mongosh) - mongosh - MongoDB Docs

The server generated these startup warnings when booting
2026-05-26T16:50:14.830+00:00: Using the XFS filesystem is strongly recommended with the WiredTiger storage engine. See http://dochub.mongodb.org/core/prodnotes-filesystem
2026-05-26T16:50:15.141+00:00: While invalid X509 certificates may be used to connect to this server, they will not be considered permissible for authentication
2026-05-26T16:50:15.141+00:00: For customers running the current memory allocator, we suggest changing the contents of the following sysfsFile
2026-05-26T16:50:15.141+00:00: For customers running the current memory allocator, we suggest changing the contents of the following sysfsFile
2026-05-26T16:50:15.141+00:00: We suggest setting the contents of sysfsFile to 0.

rs0 [direct: primary] admin>