Introduction
MongoDB is an open-source NoSQL document database that provides high performance, high availability and easy scalability.Diagram 1. Replicaset across multiple servers |
I will implement a Role-Based Access Control to manage access to the MongoDB services. This will include an Admin for obvious administration purposes and a user which will be used for the Application only.
MongoDB gameplan
MongoDB instances run on different ports. For this setup we will use the following schema:
- Port 27017 (default port) - Primary instance in Data Center 1, Server A.
- Port 27020 - Secondary instance in Data Center 1, Server A.
- Port 27030 - Secondary instance in Data Center 2, Server B.
These ports must be allowed in the TCP Firewall rules. If you want to use the Webbased monitoring page, allow 28017, 28020 & 28030 (+1000) as well.
Think about a name for the Replica Set. In this tutorial I will use: "replicaset"
Our Database Admin User will be: "admin".
The Application User will be named: "appuser"
Download and install MongoDB
Download the MongoDB ZIP here: http://www.mongodb.org/downloads, I prefer the ZIP instead of the installer, because MongoDB is a standalone application and I want full control. Unpack the contents in for example: D:\mongodb\ so you will see D:\mongodb\bin\. This must be done on all MongoDB servers. While we are here, create:
- D:\mongodb\data\replicaset-PORT\ (where PORT is a placeholder for the used port)
- D:\mongodb\log\
MongoDB Configuration File
Configuration settings can be stored in a config file. The file extension can be random, but using .cfg would be a sane choice.
- On Server A create file: D:\mongodb\replicaset-27017.cfg, with the following lines:
- dbpath=D:\mongodb\data\replicaset-27017
- logpath=D:\mongodb\log\replicaset-27017.log
- logappend=true
- port = 27017
- replSet = replicaset
- # keyFile=D:\mongodb\replicaset.key
- bind_ip = 127.0.0.1,SERVERA,local
- On Server A create file: D:\mongodb\replicaset-27020.cfg, with the following lines:
- dbpath=D:\mongodb\data\replicaset-27020
- logpath=D:\mongodb\log\replicaset-27020.log
- logappend=true
- port = 27020
- replSet = replicaset
- # keyFile=D:\mongodb\replicaset.key
- bind_ip = 127.0.0.1,SERVERA,local
- On Server B create file: D:\mongodb\replicaset-27030.cfg, with the following lines:
- dbpath=D:\mongodb\data\replicaset-27030
- logpath=D:\mongodb\log\replicaset-27030.log
- logappend=true
- port = 27030
- replSet = replicaset
- # keyFile=D:\mongodb\replicaset.key
- bind_ip = 127.0.0.1,SERVERB,local
Explaining the configuration file:
- dbpath: this is the directory where MongoDB will store the data. Each member of the Replica Set will have its own folder. If this folder does not exist MongoDB will not start.
- logpath: this is the file where MongoDB will send all diagnostic logging information. If file not present, MongoDB will create the file as configured in the configuration file. MongoDB will overwrite the log file each time the process starts. To append these entries, simply add "logappend=true" to the file.
- port: this specifies the TCP port on which MongoDB listens for client connections. Default value is 27017.
- replSet: name of the Replica Set. All members in the Replica Set must share the same name.
- keyFile: this is the file where the secret key is stored. This is used by MongoDB instances to authenticate in a Replica Set (and Sharded Clusters). The secret key can be a random string between 6 and 1024 (base64) characters, I will use extension .key for this file. This property will be commented out until the Admin user is set.
- bind_ip: MongoDB will bind to this IP address. It is possible to bind to multiple IP addresses, by entering a list of comma separated values. Using hostnames is allowed.
Create MongoDB keyfile
The keyfile is the file containing the secret key needed by multiple MongoDB instances from the same set or cluster to authenticate with each other.
- Create file: D:\mongodb\replicaset.key
- Extension key is random, but makes sense.
- Open file and write a random string
- between 6 and 1024 (base64) characters
- Save the file
Install MongoDB services
Install the 3 MongoDB instances as a service. From D:\mongod\bin\
- Server A, Port 27017
- mongod --config "D:\mongodb\replicaset-27017.cfg" --install --serviceName "MongoDb-replicaset-27017" --serviceDisplayName "MongoDb-replicaset-27017"
- Server A, Port 27020
- mongod --config "D:\mongodb\replicaset-27020.cfg" --install --serviceName "MongoDb-replicaset-27020" --serviceDisplayName "MongoDb-replicaset-27020"
- Server B, Port 27030
- mongod --config "D:\mongodb\replicaset-27030.cfg" --install --serviceName "MongoDb-replicaset-27030" --serviceDisplayName "MongoDb-replicaset-27030"
The serviceName and the serviceDisplayName can be seen in the properties of this service:
- Check properties: Run > services.msc, Click on a Service > Properties
- On all 3 MongoDB services, click on Start to start the MongoDB instance.
- Or from command line:
- net start "MongoDb-replicaset-27017"
- net start "MongoDb-replicaset-27020"
- net start "MongoDb-replicaset-27030"
- Make sure the Startup type is Automatic and the Service status stays "Started". If not, something is wrong and you have to review your log and configuration.
Configure MongoDB Replica Set
- Connect to the primary Mongo instance on port 27017 using command prompt.
- From: D:\mongodb\bin\
- mongo --port 27017
- Initialize Replica Set:
- rs.initiate()
- Common error is "couldn't initiate : can't find self in the replset config my port: 27017". This means your configuration file is wrong in the bind_ip parameter. Make sure the IP or hostname value from the "me" parameter is included in the bind_ip. Don't forget to stop and start the service again.
- Add Secondary Replica Set members
- Connect to each Secondary Mongo instance in a separate command prompt
- On Server A. Secondary:
- rs.add("HOST:27020")
- HOST must be the IP or Hostname from the bind_ip parameter.
- When you get the following error: "Error: assert failed : no config object retrievable from local.system.replset", then rs.add the hosts on the Primary member (27017)
- On Server B. Secondary:
- rs.add("HOST:27030")
- Check current Replica Set configuration:
- rs.conf()
- Here you can view current members. Your prompt should be stating "replicaset:PRIMARY"
- Check status of Replica Set:
- rs.status()
- Here you can view the id, name, health, state, stateStr, etc of each member within the Replica Set.
Set Priority between MongoDB instances
When a MongoDB instance within a Replica Set becomes unavailable, elections will occur to assign new statuses. If the Primary is down, One of the Secondaries will become Primary. While there is no Primary, no writes can occur. A Primary is seen as down after a 10 second timeout.
By setting Priority, members will vote for a member with the highest priority first. Members with priority value of 0 can never be elected as primary. An Arbiter can only vote.
To set priority connect to the Primary instances and issue these commands:
- rs.conf()
- check the values from the "_id". Our Primary (on port 21017) has _id: 0. The Secondaries have _id: 1 and 2.
- cfg = rs.conf()
- cfg.members[0].priority = 2
- give member with _id 1 a priority of 2 (highest in this set).
- cfg.members[1].priority = 1
- cfg.members[2].priority = 1
- rs.reconfig(cfg)
- Save the new configuration
MongoDB basic User Management. Add users.
Before enabling authentication, I will add an Admin user and a user for the application. It's good design to split these. I will make another tutorial with more in-depth information about User Management. For now this will do in our current setup.
While connected to the Primary instance:
- Add Admin:
- use admin;
- db.createUser({user: "admin",pwd: "ourpassword",roles:[{ role: "dbOwner", db: "admin" },{ role: "readWrite", db:"admin" },{role: "root", db:"admin" },{role: "__system", db:"admin" }]})
- Instead of role: root, you can use role: userAdminAnyDatabase to limit some roles.
- Add User "appuser" to its own database.
- use application (make database "application" active)
- db.createUser({user: "appuser", "pwd": "anotherpassword", roles : [{role: "readWrite", db: "application"},{role: "dbAdmin", db: "application"}]})
- User appuser has two roles: dbAdmin & readWrite on database "application"
Enable Authentication
Now everything is in place, we can enable authentication between the MongoDB instances within this Replica Set.
- Stop all 3 MongoDB services. On all Servers and/or Instances
- On all instances:
- use admin
- db.shutdownServer({timeoutSecs: 60});
- exit
- Edit Configuration File in D:\mongodb\
- Uncomment the keyFile line by removing the # before keyFile.
- Start all 3 MongoDB services using the "net start" command or "run > services.msc".
- You can now connect as Admin user from D:\mongodb\bin\:
- mongo --port 27017 -u admin -p ourpassword --authenticationDatabase admin
- Or connect as the Application User "appuser"
- mongo --port 27017 -u appuser -p anotherpassword --authenticationDatabase application
Now we are set!
Thanks for the article.
ReplyDeleteI did set up replica set.
But, when I am testing this with Java Driver.
When I shuts off the primary server. It doesn't connect to secondary automatically, but gave me a Socket Read Exception error.
Can you help me solve this. I can provide other information too.
Hi Jessica. I only have experience with the .NET driver, but you should have all servers & ports listed in you database connection string. Secondly, the application must be allowed to connect to each MongoDB instance (i.e. firewall/connectivity). Don't forget to check the MongoDB method rs.status() . This gives you insight in the status of all the Replica Set instances. Good luck!
DeleteIn my code this error is comming
ReplyDelete"info2" : "no configuration explicitly specified -- making one",
"me" : "HYDLT-6R9YYR1:27017",
"ok" : 0,
"errmsg" : "No host described in new configuration 1 for replica set rep
licaset maps to this node",
"code" : 93
}
plz help
There is something wrong with your host configuration or that host is not able to recognize its own hostname. Check rs.status(), name and rs.conf(), host. Are those the same as in your cfg file? Is the used host available? Try telnetting? Or try adding the hostname to localhost IP in your hosts file. (don't forget the bind_ip in the cfg file.
ReplyDeleteThanks for the article.
ReplyDeleteI was stuck at enable authentication in MONGODB. With the help of this article i have configured the same.
Thanks again for such a good article.
Glad to hear! Thanks for the message.
DeleteThanks for the article.
ReplyDeleteI was stuck "Create MongoDB keyfile" in MONGODB. please make it clear that how to create keyfile.
Thanks in advance.
Just create an empty file, replicaset.key. Open the file and type some random string on the first line, like th1sIsaR4nd0mStr1nG, and save the file.
DeleteHi Igor, I have a shard cluster with authentication (keyfile), well all works fine when I connect directly to server, but when I try to connect remotely using a mongo client like mongochef I have error, can you help me?
ReplyDeleteregards
OK. Thanks for tut. In step: Configure MongoDB Replica Set, i use this command:
ReplyDeleters.initiate({_id:"replicaset", members: [{"_id":0, "host":"127.0.0.1:27017"},{_id : 1, host : "127.0.0.1:27020"},{_id : 2, host : "127.0.0.1:27030", arbiterOnly: true}]})
Thanks
Hi,
ReplyDeleteCan I add replica set to config svr like we add shard svr . For eg Mongos, then configsvr and after that 2 replica set instead of shard svr.
perfect...thank you for this article.
ReplyDeleteHello Igor,
ReplyDeleteHow much different is setting up replication on MongoDB V3.6.3? I seem to be missing something very basic and I was wondering if you could help.
Below is a link to what I posted in google groups.
https://groups.google.com/forum/#!topic/mongodb-user/ymdtuvt23k0
Thanks,
grajee
Nice blog and absolutely outstanding. You can do something much better but i still say this perfect.Keep trying for the best. Mongo Database Services
ReplyDeleteStep by step instructions to Solve MongoDB Installation Error on Windows 7 through MongoDB Technical Support
ReplyDeleteGet five stars MongoDB Online Support with Cognegic's MongoDB Technical Support or MongoDB Customer Support USA to tackle your establishment related issues a reasonable settled expense. Here we assist you with managing, convey, secure and enhance your whole MongoDB condition with our in-house IT group. We respond completely arranged and get back you on track in a matter of moments. Just contact to our specialists and get the most ideal arrangement on the spot.
For More Info: https://cognegicsystems.com/
Contact Number: 1-800-450-8670
Email Address- info@cognegicsystems.com
Company’s Address- 507 Copper Square Drive Bethel Connecticut (USA) 06801
Really Very Informative Blog.Just Simply cleared All my doubts through your post.Very happy For sharing,Coming to Ourself We Are the leading Providers for Food Service Parts In Us.Really Thanks For Sharing Such an Informartive Post.
ReplyDeleteReally Thanks For Posting Such an Informative Post.
Thank you for sharing beneficial information nice post Bala Guntipalli
ReplyDeleteBy what means will you examine if you fail to Connect to MongoDB? Contact to MongoDB Technical Support
ReplyDeleteIt sounds abnormal if you are not prepared to connect with MongoDB. Quickly check is your MongoDB is presented precisely or not, if it is acquainted adequately then you require with open another terminal tab and sort charge MongoDB before you start the program. You can in like manner explore this issue by taking advancement to reinforce through Cognegic's MongoDB Online Support or MongoDB Customer Support USA. Through physically you can in like manner deal with that issue anyway maybe it requires the long time to disentangle. Regardless, with our assistance, you can without a lot of a stretch and quickly handle this issue.
For More Info: https://cognegicsystems.com/
Contact Number: 1-800-450-8670
Email Address- info@cognegicsystems.com
Company’s Address- 507 Copper Square Drive Bethel Connecticut (USA) 06801
Unable to Install MongoDB on Windows? Contact to MongoDB Technical Support | Cognegic
ReplyDeleteIn the event that you are the amateur on MongoDB then doubtlessly you don't know how to introduce MongoDB on Windows. In any case, with our few of the means, you can without much of a stretch introduce MongoDB on Windows. To introduce, in the first place, you need to download the MongoDB from the official site. From that point onward, audit the MongoDB envelope. At that point, arrangement records and runs MongoDB server. Presently associate with MongoDB by mongo.exe. To wrap things up, you need to include MongoDB as an administration with the goal that MongoDB will begin naturally. For any question or issue, you can reach to our specialists through MongoDB Online Support and Support for MongoDB Database Software.
For More Info: https://cognegicsystems.com/
Contact Number: 1-800-450-8670
Email Address- info@cognegicsystems.com
Company’s Address- 507 Copper Square Drive Bethel Connecticut (USA) 06801
Thanks For Posting and Sharing Such an Useful Post...
ReplyDeleteVizag Real Estate
I am really happy with your blog because your article is very unique and powerful for new reader.
ReplyDeleteselenium training in chennai
great information.
ReplyDeletethanks for posting such an article.
keep sharing.
Best windows server training in Bengaluru
Thanks for sharing this valuable Information with us.
ReplyDeleteFull Stack online Training
Full Stack Training
Full Stack Developer Online Training
Nice article I was really impressed by seeing this blog, it was very interesting and it is very useful for me.Informative blog! it was very useful for me.Thanks for sharing
ReplyDeleteMongodb Development Company
Primary Server: Making standalone as primary server with no: 27017
ReplyDeleteSecondary Servers: Started two servers with port numbers: 27020 and 27021(I am configuring replication on single machine). If you are configuring replcation on 3 different hosts, then provide name of host and port no when required in coming steps.
Custom Cosmetic Boxes
wonderful article. Very interesting to read this article.I would like to thank you for the efforts you had made for writing this awesome article. This article resolved my all queries.
ReplyDeletepython Training in chennai
python Course in chennai
cami avizesi - no deposit bonus forex 2021 - takipçi satın al - takipçi satın al - takipçi satın al - takipcialdim.com/tiktok-takipci-satin-al/ - instagram beğeni satın al - instagram beğeni satın al - google haritalara yer ekleme - btcturk - tiktok izlenme satın al - sms onay - youtube izlenme satın al - google haritalara yer ekleme - no deposit bonus forex 2021 - tiktok jeton hilesi - tiktok beğeni satın al - binance - takipçi satın al - uc satın al - finanspedia.com - sms onay - sms onay - tiktok takipçi satın al - tiktok beğeni satın al - twitter takipçi satın al - trend topic satın al - youtube abone satın al - instagram beğeni satın al - tiktok beğeni satın al - twitter takipçi satın al - trend topic satın al - youtube abone satın al - instagram beğeni satın al - tiktok takipçi satın al - tiktok beğeni satın al - twitter takipçi satın al - trend topic satın al - youtube abone satın al - instagram beğeni satın al - perde modelleri - instagram takipçi satın al - takipçi satın al - instagram takipçi satın al - betboo
ReplyDeleteExcellent blog. Lots of useful information here, thanks for your effort!
ReplyDeleteReal Estate Plots in Vizag
Very Informative blog thank you for sharing. Keep sharing.
ReplyDeleteBest software training institute in Chennai. Make your career development the best by learning software courses.
power bi training course
blueprism training Chennai
rpa training in chennai
Smm panel
ReplyDeletesmm panel
İŞ İLANLARI BLOG
instagram takipçi satın al
hirdavatciburada.com
Https://www.beyazesyateknikservisi.com.tr
servis
jeton hilesi indir
tuzla vestel klima servisi
ReplyDeleteçekmeköy mitsubishi klima servisi
kadıköy bosch klima servisi
kadıköy arçelik klima servisi
kartal samsung klima servisi
kartal mitsubishi klima servisi
ümraniye mitsubishi klima servisi
beykoz vestel klima servisi
üsküdar vestel klima servisi