Several MongoDB servers can be transparently combined into a high-availability cluster, re‑distributing and duplicating data. Read more in the official documentation: https://docs.mongodb.com/v3.6/replication/. You can find instructions on installing and configuring MongoDB on the official website: https://docs.mongodb.com/v3.6/tutorial/install-mongodb-on-ubuntu/.
Basic information
начало внимание
You need at least 3 servers to create a MongoDB cluster.
конец внимание
In this example, 3 nodes with the following hostnames and IP addresses are used:
- mongo-server-1, 192.168.1.11
- mongo-server-2, 192.168.1.12
- mongo-server-3, 192.168.1.13
Step 1: Install MongoDB
- Import the necessary keys:
sudo wget -qO - https://www.mongodb.org/static/pgp/server-3.6.asc | sudo apt-key add -
- Add the MongoDB repositories:
sudo echo "deb [ arch=amd64 ] https://repo.mongodb.org/apt/ubuntu bionic/mongodb-org/3.6 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-3.6.list
- Update the packages’ cache:
sudo apt-get update -y
- Install mongodb and its dependencies:
sudo apt-get install mongodb-org -y
- Run mongodb:
sudo systemctl enable --now mongod
Step 2: Configure MongoDB
Actions to be performed on the primary node
- Open the Mongo shell:
sudo mongo
- Create a separate database for the system:
use elma365
- Create a separate user to work with the database:
db.createUser({user:'elma365', pwd:'SecretPassword', roles:[{role:"readWrite", db:"elma365"},{"role":"root", "db":"admin"}]})
- Make sure thatthe user has been created:
show users
- To enable authentication, create a superuser:
use admin
db.createUser({user:'superuser', pwd:'SecretPassword', roles: ["root"]})
- Make sure that the user has been created:
show users
Edit the MongoDB configuration file /etc/mongod.conf on each node
sudo nano /etc/mongod.conf
- Set the variables’ values:
- bindIp. List of addresses that connections on port 27017 can be accepted from. In our case, this makes the MongoDB service available from all external addresses.
- replSetName. Name of the replica. It has to be the same for all nodes within a replica.
. . .
# network interfaces
net:
port: 27017
bindIp: 0.0.0.0
. . .
replication:
replSetName: "rs0"
enableMajorityReadConcern: true
. . .
- Restart mongodb:
sudo systemctl restart mongod
Actions to be performed on the primary node
- Open the Mongo shell on the node:
sudo mongo
- Initialize the replica:
rs.initiate(
{
_id: "rs0",
members: [
{ _id: 0, host: "mongo-server1.your_domain" },
{ _id: 1, host: "mongo-server2.your_domain" },
{ _id: 2, host: "mongo-server3.your_domain" }
]
})
- Check the configuration:
rs.conf()
Step 3: MongoDB security
- Enable access control and configure TLS connections for the MongoDB server if it is not placed on your intranet or in a DMZ.
- Create a file with the common authentication key and specify permissions for it. This key will be used by all members of the Replica Set to communicate with each other.
openssl rand -base64 756 > /var/lib/mongodb/keyfile
chmod 400 /var/lib/mongodb/keyfile
chown mongodb:mongodb /var/lib/mongodb/keyfile
- Copy the key file for each replica.
начало внимание
Note that the content of the key file and the permissions have to be the same on all nodes.
конец внимание
- Edit the /etc/mongod.conf file on each server. The lines have to be as follows:
. . .
setParameter:
enableLocalhostAuthBypass: false
security:
authorization: "enabled"
keyFile: /var/lib/mongodb/keyfile
. . .
- Restart mongodb:
sudo systemctl restart mongod
- Open the Mongo shell using the user for access to MongoDB:
mongo -u superuser
- Check the configuration:
rs.conf()
Step 4: Connect to ELMA365
To set up connection with the MongoDB cluster, run:
mongodb://elma365:SecretPassword@mongo-server1.your_domain:27017,mongo-server2.your_domain:27017,mongo-server3.your_domain:27017/elma365?replicaSet=rs0&readPreference=secondary&maxStalenessSeconds=120
Found a typo? Highlight the text, press ctrl + enter and notify us