mongodb

Setup MongoDB 3.2 Geographical Replica Set in Ubuntu 15.10

Interestingly, i needed to setup a Replica Set on Ubuntu 15.10 for MongoDB 3.2 which is the latest Ubuntu and MongoDB version. This also serve as a tutorial for anyone who is interested in setting up a MongoDB Replica Set as well.

Import the public key used by the package management system.

Login to your server as root, we will need to import the public key use by the package manager for mongodb, just fire the following command,

sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 7F0CEB10

And we are good here.

Create a Source list file for MongoDB and Installation

Next, we need to add the source list for MongoDB. However, since MongoDB did not support 15.10 at this time, we will use debian ones

echo "deb http://repo.mongodb.org/apt/debian wheezy/mongodb-org/3.0 main" | sudo tee /etc/apt/sources.list.d/mongodb-org-3.0.list

Now, we will need to update the server and install mongodb

sudo apt-get update
sudo apt-get install -y mongodb-org

And after everything finished running, you should have your mongodb running.

sudo service mongod start

if no error is given, meaning your MongoDB has successfully installed.

Setup Replica Set

Now, assuming you did the above on 3 machines, you will need to setup each replica with the following steps,

head over to /etc/mongod.conf and replace your config with the one show below,

# mongod.conf

# for documentation of all options, see:
#   http://docs.mongodb.org/manual/reference/configuration-options/

storage:
    dbPath: "/data/mongo"
    directoryPerDB: false
    journal:
        enabled: true
    engine: "wiredTiger"
    wiredTiger:
        engineConfig:
            cacheSizeGB: 1
        collectionConfig:
            blockCompressor: snappy
systemLog:
    destination: file
    path: "/var/log/mongodb.log"
    logAppend: true
    logRotate: reopen
    timeStampFormat: iso8601-utc
net:
  port: 27017
  bindIp: 0.0.0.0

replication:
   oplogSizeMB: 500
   replSetName: dstTest

Next, create the folder for MongoDB data,

mkdir -p /data/mongo
chown -R mongodb:mongodb /data

Once you have done that, restart MongoDB and make sure there is no error.

sudo service mongod restart

Next we need to setup each replica in MongoDB.

Configure the servers to include in replica set

Assuming you have 3 machines, with the following hostname

sg.db.hungred.com
us.db.hungred.com
tw.db.hungred.com

Now, head over to the primary MongoDB server that you would like it to be primary (in my case, us.db.hungred.com) and enter to mongodb using the command below,

mongo

rs.initiate

then paste the following

rs.reconfig({ _id : "testDB", members : [ {_id : 0, host : "sg.db.hungred.com:27017", priority: 5}, {_id : 1, host : "us.db.hungred.com:27017", priority: 4}, {_id : 2, host : "tw.db.hungred.com:27017", priority: 3 } ] })

take note of the priority i have given it and make sure this is one liner (yeah its messy but that's how i copy and paste it in one piece), then check your conf

rs.conf()

and status at

rs.status()

and you got yourself a 3 location replica set of MongoDB!

***** UPDATE *****

Adding Security Authentication

If you want to add authentication into your setup, you will need to visit /etc/mongod.conf and add the following

security:
  keyFile: /data/mongodb-keyfile

on all of your primary and secondary Mongodb server. The file will need to generate this way,

openssl rand -base64 741 > /data/mongodb-keyfile
chmod 600 mongodb-keyfile

This is to ensure all replica set can communicate with each other. Once you have generated the file above on the primary MongoDB server, copy the same file to other secondary server and update the /etc/mongod.conf on each secondary server along with it.

Mongodb adding user access for authentication on remote server

By default if you install mongodb into your server, it doesn't automatically add a default user or enable authentication. However, you might wan to add in authentication on your Mongodb configuration once you have more than one database. Before you do anything, we first needs to add user into our collection.

Mongodb adding user access

In order to add a new user, we will just have to access our mongodb without password on the command line,

[root@data ~]# mongo
MongoDB shell version: 3.0.0
connecting to: test
Server has startup warnings:
2015-10-10T18:45:14.364+0800 I CONTROL  [initandlisten]
2015-10-10T18:45:14.364+0800 I CONTROL  [initandlisten] ** WARNING: You are running in OpenVZ which can cause issues on versions of RHEL older than RHEL6.
2015-10-10T18:45:14.364+0800 I CONTROL  [initandlisten]

Ok, for admin user, you might need to do the following

> use admin
switched to db admin

Now in order to manage everything you need to do the following

db.createUser( {
    user: "uptime",
    pwd: "Basketball10",
    roles: [ { role: "root", db: "admin" } ]
  });

As you can see i did not have any password enable. Next, we want to add this user to mongodb and the collection access i want to give my user to is call 'storage', so i'm going to switch to storage directly.

> use storage
switched to db storage

In order to add a new user with read and write permission. All i have to do is to fire the below command.

db.createUser(
    {
      user: "user",
      pwd: "password",
      roles: [
         { role: "readWrite", db: "storage" },
         { role: "read", db: "shopping" }
      ]
    }
);

take note that the 'role', the permission available are 'readWrite', 'read' and 'write'. And the 'db' is basically the database allowed for this particular added user. I have added read for shopping database and readWrite for storage for this particular 'user'.

Let's test this before we go to the next step

db.auth("user", "password")
>1

where 1 refer to valid and 0 refer to invalid. Now we will need to change our mongodb to an auth mode by going to /etc/mongod.conf

# for version below 3.0
# Turn on/off security.  Off is currently the default
#noauth=true
#auth=true

# for version above 3.0 - YAML based
#security:
#	authorization: enabled

look for this line and uncomment the it which will gives you the below configure file

# for version below 3.0
# Turn on/off security.  Off is currently the default
#noauth=true
#auth=true

# for version above 3.0 - YAML based
security:
	authorization: enabled

now all we need to do is to restart the service

[root@data ~]# service mongod restart
Stopping mongod:                                           [  OK  ]
Starting mongod:                                           [  OK  ]

and try it out by firing on your command line the following

mongo data.hungred.com:27017/storage -u user -p password

change your data.hungred.com:27017 to your own port and url as you will know, this will not work for you.