Scribd
Upload
116 views13 pages

Mongo DB Replication POC PDF

Uploaded by

Arun m
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
116 views13 pages

Mongo DB Replication POC PDF

Uploaded by

Arun m
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 13

MongoDB

Replication Installation Guide - Version 1.0

This document is STRICTLY CONFIDENTIAL and PROPRIETARY. Any use or disclosure for purposes
other than intent of the original distribution of this document is prohibited. Copyright © 2020. All
rights reserved. It cannot be reproduced without the express permission of Xybion except for
internal distribution within Xybion.

Page 1 of 13
Contents
About MongoDB Replication ............................................................................................................. 3
MongoDB Installation and Replication setup ..................................................................................... 4
Creating service user: .................................................................................................................... 5
Creating the base directory structure ............................................................................................ 5
Download and installing MongoDB TarBall .................................................................................... 6
Creating config file for Mongodb ................................................................................................... 6
Config – 1 .................................................................................................................................. 6
Config – 2 .................................................................................................................................. 6
Creating systemd service file ......................................................................................................... 7
Create admin users ........................................................................................................................ 8
Starting the replication process ..................................................................................................... 8
Testing the replication ................................................................................................................. 11
Populating the data ..................................................................................................................... 12
Enable TLS Encryption over data motion ...................................................................................... 12
Reference ........................................................................................................................................ 13

Page 2 of 13
About MongoDB Replication
MongoDB achieves replication using replica set. A replica set is a group of mongo instances that host
the same data set. In a replica, one node is primary node that receives all write operations. All other
instances, such as secondaries, apply operations from the primary so that they have the same data
set. Replica set can have only one primary node.

1. Replica set is a group of two or more nodes (generally minimum 3 nodes are required).
2. In a replica set, one node is primary node and remaining nodes are secondary.
3. All data replicates from primary to secondary node.
4. At the time of automatic failover or maintenance, election establishes for primary and a new
primary node is elected.

After the recovery of failed node, it again joins the replica set and works as a secondary node.

Page 3 of 13
A typical diagram of MongoDB replication is shown in which client application always interact with
the primary node and the primary node then replicates the data to the secondary nodes.

MongoDB Installation and Replication setup


We are going setup 3 node mongo replica set.

Page 4 of 13
Prerequisite:

1. Three Linux machines.


2. MongoDB version 4.0
3. Separate user to run mongo service.
4. Xybion SSL certificates.
5. Firewall Opened between all the three nodes for port 27017/TCP.
6. Make sure the disks are encrypted using AWS KMS.
7. Hostname for all the 3 nodes. (mongo-rs001.xybion.com, mongo-rs002.xybion.com, mongo-
rs003.xybion.com)

Please note: Below operation should be done on all the cluster machine.

Creating service user:


We need a service user with a minimal system permission to run the mongodb service.
sudo adduser --disabled-password --gecos "" appuser

Once service user is created login as root and provide below sudo access.
visudo
appuser ALL=(ALL:ALL) NOPASSWD: /bin/systemctl restart mongod

Creating the base directory structure


Create the below directory structure using mkdir command and the directory should have user and
group ownership with appuser

│── xybion
│ │── apps
│ │─ certs
│ │── environments
│ │── scripts
│ │ │── backup
│ │ └── cronlogs
│ └── src
└── xybion-data
│── logs
│── mongodata

mkdir -p /opt/xybion/apps
mkdir -p /opt/xybion/certs
mkdir -p /opt/xybion/environments
mkdir -p /opt/xybion/scripts/backup/
mkdir -p /opt/xybion/scripts/cronlogs
mkdir -p /opt/xybion/src
mkdir -p /opt/xybion-data/logs
mkdir -p /opt/xybion-data/mongodata

Page 5 of 13
Now change the ownership of the directory.
chown -R appuser:appuser /opt/xybion*

Download and installing MongoDB TarBall


Download the Mongodb binary files using the below commands.
sudo su appuser
cd /opt/xybion/src/
wget http://downloads.mongodb.org/linux/mongodb-linux-x86_64-ubuntu1804-4.0.8.tgz
tar xzf mongodb-linux-x86_64-ubuntu1804-4.0.8.tgz
ln -s /opt/xybion/src//mongodb-linux-x86_64-ubuntu1804-4.0.8 /opt/xybion/apps/mongodb

Creating config file for Mongodb


Now MongoDB is installed, we need to setup the two configs files for mongo to use.

Config – 1
This config will have basic parameters to start the MongoDB and do basic operation before starting
the cluster.

Config file path: /opt/xybion/apps/mongodb/bin/mongod.conf

Config contents:
systemLog:
destination: file
path: "/opt/xybion-data/logs/mongo.log"
logAppend: true
logRotate: reopen
storage:
dbPath: /opt/xybion-data/mongodata
processManagement:
fork: true
pidFilePath: /var/run/mongodb/mongod.pid
net:
bindIp: 0.0.0.0
port: 27017
setParameter:
enableLocalhostAuthBypass: false
replication:
replSetName: "PROVIDE THE REPLICA SET NAME (EG: rs-xdp-poc)"

Config – 2
Config 2 has all the parameter to bootstrap the replica set cluster with SSL enabled to encrypt data
in motion.

Page 6 of 13
Config file path: /opt/xybion/apps/mongodb/bin/mongod.conf-001

Config contents:
systemLog:
destination: file
path: "/opt/xybion-data/logs/mongo.log"
logAppend: true
logRotate: reopen
storage:
dbPath: /opt/xybion-data/mongodata
processManagement:
fork: true
pidFilePath: /var/run/mongodb/mongod.pid
net:
bindIp: 0.0.0.0
port: 27017
ssl:
mode: requireSSL
PEMKeyFile: /opt/xybion/certs/mongo.pem
CAFile: /opt/xybion/certs/mongoca.pem
clusterFile: /opt/xybion/certs/mongo.pem
setParameter:
enableLocalhostAuthBypass: false
replication:
replSetName: "rs-xdp-poc"
security:
authorization: "enabled"
clusterAuthMode: x509

Creating systemd service file


Now we have the mongo config file, we need to create a system service file to manage the daemon.

Service file path: /etc/systemd/system/mongod.service

Config contents:
[Unit]
Description=MongoDB Database Server
Documentation=https://docs.mongodb.org/manual
After=network.target

[Service]
User=appuser
Group=appuser
ExecStart=/opt/xybion/apps/mongodb/bin/mongod --config /opt/xybion/apps/mongodb/bin/mongod.conf
ExecStartPre=/bin/mkdir -p /var/run/mongodb
ExecStartPre=/bin/chown appuser:appuser /var/run/mongodb
ExecStartPre=/bin/chmod 0755 /var/run/mongodb
PermissionsStartOnly=true

Page 7 of 13
PIDFile=/var/run/mongodb/mongod.pid
# Hacks and Tweaks - Begin #
LimitFSIZE=infinity
LimitCPU=infinity
LimitAS=infinity
LimitNOFILE=64000
LimitNPROC=64000
LimitMEMLOCK=infinity
TasksMax=infinity
# Hacks and Tweaks - End #
TasksAccounting=false
Type=forking
[Install]
WantedBy=multi-user.target

Make sure the files in the /opt/xybion directory is owned by appuser.

chown -R appuser:appuser /opt/xybion*

Now issue daemon reload command to reload the Systemd service files and followed by start the
service.

systemctl daemon-reload
systemctl start mongod
systemctl status mongod

Please note: Make sure the same steps have been followed in all the cluster machines.

Create admin users

Now the mongo will login without any password as the authentication is disabled. To enable
authentication, we need to create the admin users.

./opt/xybion/apps/mongodb/bin/mongo
use admin
db.createUser({user: 'admin', pwd: redacted', roles:['root']})

Starting the replication process


Now our mongo cluster setup is done. We need to start the replication process.

Make sure we do it in the primary node (i.e. mongo-rs001.xybion.com)


./opt/xybion/apps/mongodb/bin/mongo
rs.initiate(
{
_id: "rs-xdp-poc",

Page 8 of 13
members: [
{ id: 0, host: "mongo-rs001.xybion.com:27017","priority": 10 },
{ id: 1, host: "mongo-rs002.xybion.com:27017", "priority": 5 },
{ id: 2, host: "mongo-rs003.xybion.com:27017", "priority": 0.5 }
]
}
)

Once the replication is started, we can see the status of it using the below commands:
rs.status().members

Output should be similar:


{
"_id" : 0,
"name" : "replica001.xybion.com:27017",
"health" : 1,
"state" : 1,
"stateStr" : "PRIMARY",
"uptime" : 9186,
"optime" : {
"ts" : Timestamp(1585830991, 1),
"t" : NumberLong(17)
},
"optimeDate" : ISODate("2020-04-02T12:36:31Z"),
"syncingTo" : "",
"syncSourceHost" : "",
"syncSourceId" : -1,
"infoMessage" : "",
"electionTime" : Timestamp(1585823710, 1),
"electionDate" : ISODate("2020-04-02T10:35:10Z"),
"configVersion" : 2,
"self" : true,
"lastHeartbeatMessage" : ""
},
{
"_id" : 1,
"name" : "replica002.xybion.com:27017",
"health" : 1,
"state" : 2,
"stateStr" : "SECONDARY",
"uptime" : 9184,
"optime" : {
"ts" : Timestamp(1585830991, 1),
"t" : NumberLong(17)
},
"optimeDurable" : {
"ts" : Timestamp(1585830991, 1),
"t" : NumberLong(17)
},
"optimeDate" : ISODate("2020-04-02T12:36:31Z"),
"optimeDurableDate" : ISODate("2020-04-02T12:36:31Z"),
"lastHeartbeat" : ISODate("2020-04-02T12:36:34.540Z"),
"lastHeartbeatRecv" : ISODate("2020-04-02T12:36:33.281Z"),

Page 9 of 13
"pingMs" : NumberLong(0),
"lastHeartbeatMessage" : "",
"syncingTo" : "replica003.xybion.com:27017",
"syncSourceHost" : "replica003.xybion.com:27017",
"syncSourceId" : 2,
"infoMessage" : "",
"configVersion" : 2
},
{
"_id" : 2,
"name" : "replica003.xybion.com:27017",
"health" : 1,
"state" : 2,
"stateStr" : "SECONDARY",
"uptime" : 9184,
"optime" : {
"ts" : Timestamp(1585830991, 1),
"t" : NumberLong(17)
},
"optimeDurable" : {
"ts" : Timestamp(1585830991, 1),
"t" : NumberLong(17)
},
"optimeDate" : ISODate("2020-04-02T12:36:31Z"),
"optimeDurableDate" : ISODate("2020-04-02T12:36:31Z"),
"lastHeartbeat" : ISODate("2020-04-02T12:36:34.539Z"),
"lastHeartbeatRecv" : ISODate("2020-04-02T12:36:34.540Z"),
"pingMs" : NumberLong(0),
"lastHeartbeatMessage" : "",
"syncingTo" : "replica001.xybion.com:27017",
"syncSourceHost" : "replica001.xybion.com:27017",
"syncSourceId" : 0,
"infoMessage" : "",
"configVersion" : 2
}

Page 10 of 13
Testing the replication
Let insert a simple document in primary node.
./opt/xybion/apps/mongodb/bin/mongo
use testdb
db.createCollection("testcollection")
db.testcollection.insertOne(
{
DB_Name: "mongodb",
Operation_Name: "replication"
})

Now check whether the data reach the secondary nodes. Login to secondary node and access mongo
shell. Then use the below commands.
rs.slaveOk()
use testdb
db. testcollection.find().pretty()

Data should be displayed.

Page 11 of 13
Populating the data
Now we can populate the data to the cluster using the below commands.
./opt/xybion/apps/mongodb/bin/mongorestore --db DBNAME /path/to/db/directory/

Once DB population is done, the same data should be available in the replica nodes.

Enable TLS Encryption over data motion


Now to enable data encryption over motion we need to prepare xybion SSL certificates.

We need the below files:

1. Xybion SSL certificate.


2. Xybion RSA private key.
3. CA root certificates.

We need to create two files.

• mongo.pem – This will contain the private key and hostname certificate.
• mongoca.pem – This will contain the root certificates of GoDaddy.

Save the files in /opt/xybion/certs/ Directory.

Let’s replace the config – 1 with the config – 2.


cp -vf /opt/xybion/apps/mongodb/bin/mongod.conf-001 /opt/xybion/apps/mongodb/mongod.conf

Now start the mongo service with Encryption enabled.


sudo systemctl restart mongod

To login the mongodb shell, use the below command.


cd opt/xybion/apps/mongodb/bin/
./mongo --ssl --sslCAFile /opt/xybion/certs/mongoca.pem --sslPEMKeyFile /opt/xybion/certs/mongo.pem \
-u admin -p --host replica001.xybion.com –authenticationDatabase admin

To check the SSL status in mongo shell:


db.serverStatus().security

Page 12 of 13
Reference
• https://docs.mongodb.com/manual/tutorial/troubleshoot-replica-sets/#troubleshoot-
replica-sets
• https://docs.mongodb.com/manual/tutorial/adjust-replica-set-member-priority/
• https://docs.mongodb.com/manual/tutorial/configure-ssl/
• https://subscription.packtpub.com/book/big_data_and_business_intelligence/97817871264
80/4/ch04lvl1sec41/changing-priority-to-replica-set-nodes

Page 13 of 13

You might also like