[UNLIKELY] DocumentDB Support

TechnoChimp · April 19, 2019, 4:48am

Can we get DocumentDB support for the backend? It seems that connecting to DocumentDB currently errors out since the MongoDB driver will not accept the DocumentDB TLS certificates. AWS provides these CA certs: https://docs.aws.amazon.com/documentdb/latest/developerguide/security.encryption.ssl.html.

Sebastian · April 20, 2019, 8:54am

Have you tested this: ?

Not sure if there is much I can do, it seems that you just have to import the certificate into your cert store.

TechnoChimp · April 20, 2019, 5:45pm

I haven’t. I’m not sure exactly how I would manage this with the Kubernetes deployment of Squidex.

Sebastian · April 20, 2019, 8:50pm

Might be worth to have a look at: https://kubernetes.io/docs/tasks/tls/managing-tls-in-a-cluster/

TechnoChimp · April 22, 2019, 5:32pm

I was able to get past that issue by adding a postStart lifecycle hook:
lifecycle:
postStart:
exec:
command: ["/bin/sh", “-c”, " wget https://s3.amazonaws.com/rds-downloads/rds-combined-ca-bundle.pem; cp rds-combined-ca-bundle.pem /usr/local/share/ca-certificates/; update-ca-certificates"]

I’m now however running into this issue:
“message”: “Command createIndexes failed: namespace name generated from index name is too long.”
Any idea?

Sebastian · April 23, 2019, 6:08am

The driver auto generates the names for indices based on the properties. Seems that DocumentDB does not like some of these names. So I guess I have to make a few adjustments to get it working with DocumentDB.

Sebastian · May 8, 2019, 5:10pm

Sebastian · May 22, 2019, 5:36am

Sebastian · May 22, 2019, 5:37am

Sorry, when I closed the topic I thought DocumentDB=CosmosDB

Sebastian · May 22, 2019, 3:07pm

Do you know how to open a connection to my DocumentDB instance from my local dev machine?

TechnoChimp · May 22, 2019, 4:11pm

You can’t directly assign a public IP to DocumentDB, but you do have a couple of options:

Create a dev machine in AWS
Put DocumentDB behind an ALB (In theory should work, haven’t tested)
Setup an SSH tunnel with a bastion host you have in AWS that does have internet access.

For option 3: https://docs.aws.amazon.com/documentdb/latest/developerguide/connect-from-outside-a-vpc.html

Sebastian · May 22, 2019, 4:23pm

I am trying Option #3 but it just cannot connect without further details.

Sebastian · May 22, 2019, 4:46pm

I installed mongo shell on my EC2 instance but even from there I cannot connect.

Sebastian · May 22, 2019, 6:35pm

I got it working and the first tests look good.

Please give it a try.

TechnoChimp · May 24, 2019, 9:17pm

I’ll be able to give this a try on Tuesday and let you know.

Hendrik · August 20, 2019, 9:43am

We currently experience the same issue with AWS DocumentDB and Squidex Version 3.1.0.
Is the fix you mentioned earlier included in the 3.1.0 Release?

{
"logLevel": "Fatal",
"message": "An error occurred starting the application",
"eventId": {
    "id": 9
},
"exception": {
    "type": "System.AggregateException",
    "message": "One or more errors occurred. (MongoDb connection failed to connect to database Squidex) (Command createIndexes failed: namespace name generated from index name is too long.)",
    "stackTrace": "   at Microsoft.AspNetCore.Hosting.Internal.HostedServiceExecutor.ExecuteAsync(Func`2 callback)\n   at Microsoft.AspNetCore.Hosting.Internal.HostedServiceExecutor.StartAsync(CancellationToken token)"
},
"app": {
    "name": "Squidex",
    "version": "3.1.0.0",
    "sessionId": "562f83d9-b8a1-410a-9222-d5d7ade909f7"
},
"timestamp": "2019-08-20T09:00:34Z",
"category": "Microsoft.AspNetCore.Hosting.Internal.HostedServiceExecutor2

}

Sebastian · August 20, 2019, 11:21am

Hi, I have dropped my official support for CosmosDB and DocumentDB. I am not able to provide the same support as for MongoDB as I am not using it in production and there are a lot of small differences that need to be handled.

Sebastian · June 24, 2020, 4:38pm

Sebastian · October 24, 2020, 8:27pm