Learn how to set up an OVHcloud-managed MongoDB service via Terraform within a vRack and access it from other parts of your infrastructure.
The vRack offered by OVHcloud is a private network solution that allows our customers to route their traffic between their OVHcloud services, eg. instances, physical dedicated servers, or, in this case, a managed database service.
However, if you want to know how to do the same with Terraform, but over a public network, read our Getting Started with Public Cloud Databases via Terraform guide.
Requirements
-
OVHcloud requirements
- a Public Cloud project in your OVHcloud account
- access to the OVHcloud Control Panel
- a private vRack network that can be accessed from your Public Cloud project (if you don’t have one, please refer to our guide Configuring vRack for Public Cloud)
- an OpenStack user account in your Public Cloud project (if you don’t have one, please refer to our Creating and Deleting OpenStack Users guide)
-
Terraform requirements
- you must have downloaded the
openrc.sh
file for interaction with the OpenStack platform (if not already downloaded, please refer to our Setting OpenStack Environment Variables guide) - you must have created a token to log in to the OVHcloud API (if it's not already created, please refer to our First Steps with the OVHcloud APIs guide)
- you must have downloaded the
Instructions
How to deploy the MongoDB database on a private network
Step 1 - Declaration of providers (Terraform, providers, authentication)
The first thing you need to do is tell Terraform which providers you will be using:
- OVHcloud, for database server resources
- OpenStack, for network resources
These are the latest versions. If you need to, you can update to the latest version available.
Then, declare a first block concerning authentication details with OVHcloud Terraform provider (these are the tokens created beforehand).
This information is stored separately, in a variables.tf
file of this type:
For OpenStack, use the openrc.sh
file, which has been previously downloaded.
Openstack variables are read (source openrc.sh)
, then Terraform accesses them directly during execution.
Step 2 - Creating a network resource, the Private Network
Inside the vRack, Terraform will deploy a new private network. Here, we have chosen to create a subnet (192.168.12.0/24
) within this private network for future use, in which we can enable DHCP in a range 192.168.12.100-192.168.12.200
.
This means that if you deploy instances later on, in the same subnet, they will benefit from DHCP and their address pool would already be declared.
Step 3 - Creating a MongoDB resource
You can now define the service for the MongoDB managed database.
The features selected for this service will be listed:
- size (flavor)
- Service level (plan)
- version.
You will also need to attach it to a service_name
, which, in this case, matches your project_id
.
An important distinction between private network and public network deployment is that at this stage, you need to tell Terraform that each node will be part of the private network by specifying the subnet_id
and network_id
variables as follows:
The MongoDB service should have been created and made available within the private network at this point, but connecting directly to it won’t be possible. For security reasons, you need to complete deployment by carrying out a final step.
Step 4 - Setting up access restriction
To access the MongoDB service, you will need to create connection permissions for IP addresses.
So, add the IP range 192.168.12.0/24
, which you picked and used when you declared the private network (Step 1). This way, all Public Cloud instances hosted on it can directly access the MongoDB service.
Of course, you can be more restrictive and provide several IP addresses separately in /32, to target only certain authorized sources.
Step 5 - User management
To access the MongoDB service, you need to be an authenticated user. By default, the cluster will be delivered with the user admin@admin
, whose password you can reset via the OVHcloud Control Panel to log in directly.
You can also add another user via Terraform, with full wide read/write permissions on all databases, as follows:
Step 6 - Useful information
At the end of the Terraform script, it is always useful to prepare some “outputs” that will provide relevant information to keep in mind at the end of the setup.
In our case:
- the MongoDB connection URI
- the login details of the user created by Terraform, including their password
Step 7 - Terraform Plan Command
Connection test using an instance of the same private network
Requirements: MongoDB CLI, or mongos
”, installed on the server from which you want to initiate connection.
This makes it easy to log in using the information obtained in the Terraform output.
Replace username
and password
in the URI, then use the following command:
You are now connected to your MongoDB managed database from a machine on your private network, fully deployed with Terraform.
Go further
For more information about Managed Databases for MongoDB, please visit our product page.
Visit the Terraform repository to find the latest documentation about OVHcloud provider.
For more information and tutorials, please see our other MongoDB and Cloud Databases support guides or explore the guides for other OVHcloud products and services.
If you need training or technical assistance to implement our solutions, contact your sales representative or click on this link to get a quote and ask our Professional Services experts for a custom analysis of your project.