ELMA365 On-Premises > Other > ELMA365 high availability cluster / MongoDB cluster

MongoDB cluster

Several MongoDB servers can be transparently combined into a high-availability cluster, re‑distributing and duplicating data. Read more in the official documentation: https://docs.mongodb.com/v3.6/replication/. You can find instructions on installing and configuring MongoDB on the official website: https://docs.mongodb.com/v3.6/tutorial/install-mongodb-on-ubuntu/.

Basic information

начало внимание

You need at least 3 servers to create a MongoDB cluster.

конец внимание

In this example, 3 nodes with the following hostnames and IP addresses are used:

  • mongo-server-1, 192.168.1.11
  • mongo-server-2, 192.168.1.12
  • mongo-server-3, 192.168.1.13

Step 1: Install MongoDB

  1. Import the necessary keys:

sudo wget -qO - https://www.mongodb.org/static/pgp/server-3.6.asc | sudo apt-key add -

  1. Add the MongoDB repositories:

sudo echo "deb [ arch=amd64 ] https://repo.mongodb.org/apt/ubuntu bionic/mongodb-org/3.6 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-3.6.list

  1. Update the packages’ cache:

sudo apt-get update -y

  1. Install mongodb and its dependencies:

sudo apt-get install mongodb-org -y

  1. Run mongodb:

sudo systemctl enable --now mongod

Step 2: Configure MongoDB

Actions to be performed on the primary node

  1. Open the Mongo shell:

sudo mongo

  1. Create a separate database for the system:

use elma365

  1. Create a separate user to work with the database:

db.createUser({user:'elma365', pwd:'SecretPassword', roles:[{role:"readWrite", db:"elma365"},{"role":"root", "db":"admin"}]})

  1. Make sure thatthe user has been created:

show users

  1. To enable authentication, create a superuser:

use admin
db.createUser({user:'superuser', pwd:'SecretPassword', roles: ["root"]})

  1. Make sure that the user has been created:

show users

Edit the MongoDB configuration file /etc/mongod.conf on each node

sudo nano /etc/mongod.conf

  1. Set the variables’ values:
  • bindIp. List of addresses that connections on port 27017 can be accepted from. In our case, this makes the MongoDB service available from all external addresses.
  • replSetName. Name of the replica. It has to be the same for all nodes within a replica.

. . .
# network interfaces
net:
  port: 27017
  bindIp: 0.0.0.0
. . .
replication:
  replSetName: "rs0"
  enableMajorityReadConcern: true
. . .

  1. Restart mongodb:

sudo systemctl restart mongod

Actions to be performed on the primary node

  1. Open the Mongo shell on the node:

sudo mongo

  1. Initialize the replica:

rs.initiate(
  {
    _id: "rs0",
    members: [
      { _id: 0, host: "mongo-server1.your_domain" },
      { _id: 1, host: "mongo-server2.your_domain" },
      { _id: 2, host: "mongo-server3.your_domain" }
    ]
})

  1. Check the configuration:

rs.conf()

Step 3: MongoDB security

  1. Enable access control and configure TLS connections for the MongoDB server if it is not placed on your intranet or in a DMZ.
  2. Create a file with the common authentication key and specify permissions for it. This key will be used by all members of the Replica Set to communicate with each other.

openssl rand -base64 756 > /var/lib/mongodb/keyfile
chmod 400 /var/lib/mongodb/keyfile
chown mongodb:mongodb /var/lib/mongodb/keyfile

  1. Copy the key file for each replica.

начало внимание

Note that the content of the key file and the permissions have to be the same on all nodes.

конец внимание

  1. Edit the /etc/mongod.conf file on each server. The lines have to be as follows:

. . .
setParameter:
  enableLocalhostAuthBypass: false
security:
  authorization: "enabled"
  keyFile: /var/lib/mongodb/keyfile
. . .

  1. Restart mongodb:

sudo systemctl restart mongod

  1. Open the Mongo shell using the user for access to MongoDB:

mongo -u superuser

  1. Check the configuration:

rs.conf()

Step 4: Connect to ELMA365

To set up connection with the MongoDB cluster, run:

mongodb://elma365:SecretPassword@mongo-server1.your_domain:27017,mongo-server2.your_domain:27017,mongo-server3.your_domain:27017/elma365?replicaSet=rs0&readPreference=secondary&maxStalenessSeconds=120

Found a typo? Highlight the text, press ctrl + enter and notify us