Charmed Operator for MongoDB

Channel Revision Published Runs on
6/stable 61 15 Nov 2024
Ubuntu 22.04
6/candidate 61 15 Nov 2024
Ubuntu 22.04
6/beta 61 15 Nov 2024
Ubuntu 22.04
6/edge 61 15 Nov 2024
Ubuntu 22.04
5/edge 39 14 Dec 2023
Ubuntu 22.04
juju deploy mongodb-k8s --channel 6/candidate
Show information

Platform:

Charmed MongoDB K8s Tutorials > Deploy a replica set > 5. Manage passwords

Manage Passwords

When we connected to the mongo shell in 4. Access a replica set, we had to include a password in the URI to get authenticated. Passwords help secure our database and are essential for the overall security of our stored data. It is good practice to change the password frequently.

This part of the tutorial will guide you through the essential password operations in Charmed MongoDB K8s.

Summary


Retrieve the admin password

The admin password can be retrieved by running the get-password action on the Charmed MongoDB application:

juju run mongodb-k8s/leader get-password 

Running the command should output:

Running operation 9 with 1 task
  - task 10 on unit-mongodb-k8s-0

Waiting for task 10...
password: INIsjvJmDsuaPY2Rta0fPzas0zVKO5AJ

The admin password is under the result password.

Rotate the admin password

You can change the admin password to a new random password by entering:

juju run mongodb-k8s/leader set-password

Running the command should output:

Running operation 15 with 1 task
  - task 16 on unit-mongodb-k8s-0

Waiting for task 16...
password: 1q2w3e4r
secret-id: mongodb-k8s.a

The admin password is under the result: password. It should be different from your previous password.

Note that when you change the admin password you will also need to update the admin password the in MongoDB URI, as the old password will no longer be valid.

Update the DB password used in the URI and update the URI:

export DB_PASSWORD=$(juju run mongodb-k8s/leader get-password | grep password|  awk '{print $2}')
export URI=mongodb://$DB_USERNAME:$DB_PASSWORD@$HOST_IP:27017/$DB_NAME?replicaSet=$REPL_SET_NAME

Set the admin password

You can change the admin password to a specific password by entering:

juju run mongodb-k8s/leader set-password password=<password>

Running the command should output:

Running operation 15 with 1 task
  - task 16 on unit-mongodb-k8s-0

Waiting for task 16...
password: 1q2w3e4r5t
secret-id: secret://b6b7e2a1-dae3-414c-8ec1-f9d556356a86/cjkdmkadrh9c74c5u540

The admin password under the result: password should match whatever you passed in when you entered the command.

Note that when you change the admin password you will also need to update the admin password in the MongoDB URI, as the old password will no longer be valid.

To update the DB password used in the URI:

export DB_PASSWORD=$(juju run mongodb-k8s/leader get-password | grep password |  awk '{print $2}')
export URI=mongodb://$DB_USERNAME:$DB_PASSWORD@$HOST_IP:27017/$DB_NAME?replicaSet=$REPL_SET_NAME

Next step: 6. Integrate with other applications