Created
March 21, 2022 21:29
-
-
Save psujit775/748be290f304c7afb7a726781a237aa3 to your computer and use it in GitHub Desktop.
Setup MongoDB Replica with Password Authentication in Ubuntu 20.04 LTS. (1 Master and 2 Secondary)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Setup MongoDB Replica with Password Authentication in Ubuntu 20.04 LTS. | |
(1 Master and 2 Secondary) | |
Overview | |
1. Install MongoDB to all servers. | |
2. Run rs.status() to check Replica set status. | |
3. Generate Key file on any one server. | |
4. Copy keyfile to all servers. | |
5. Update conf file for keyfile, replicaset name and bind address on all servers. | |
6. Restart MongoDB on servers. | |
7. Run rs.initiate() on only one server. | |
8. Create admin user on Primary server. | |
9. Test Authentication in MongoDB. | |
10. Login to MongoDB with Password. | |
Steps | |
1. Install MongoDB (Refrence taken from MongoDB official Documentaion for version MongoDB 5.0 Community Edition). | |
sudo apt-get install gnupg | |
wget -qO - https://www.mongodb.org/static/pgp/server-5.0.asc | sudo apt-key add - | |
echo "deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu focal/mongodb-org/5.0 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-5.0.list | |
sudo apt-get update | |
sudo apt-get install -y mongodb-org | |
sudo systemctl start mongod | |
sudo systemctl enable mongod | |
2. On any one instance generate keyfile. | |
openssl rand -base64 756 > /var/lib/mongodb/keyfile | |
chmod 400 /var/lib/mongodb/keyfile | |
chown mongodb:mongodb /var/lib/mongodb/keyfile | |
3. Copy keyfile to all servers | |
rsync -av /var/lib/mongodb/keyfile root@ip-of-your-instance:/var/lib/mongodb | |
(for rsync to work make sure serverss able to connect with each other by adding ssh key in authorized_keys.) | |
4. Update conf file for keyfile, password Auth., replicaset name and bind address on all servers | |
file location: /etc/mongod.conf | |
a. update bind address | |
net: | |
bindIp: 0.0.0.0 | |
(I'm binding to all network interfaces for demo purpose. In production bind to only required interface) | |
b. update security | |
security: | |
keyFile: /var/lib/mongodb/keyfile | |
c. update replica set name | |
replication: | |
replSetName: "rs0" | |
5. Restart mongoDB | |
sudo systemctl restart mongod.service | |
6. Run rs.initiate() on only one server. | |
type mongo in terminal to get MongoDB shell | |
type below command to initialize cluster. | |
rs.initiate( | |
{ | |
_id : 'rs0', | |
members: [ | |
{ _id : 0, host : "ip-of-instance-1:27017" }, | |
{ _id : 1, host : "ip-of-instance-2:27017" }, | |
{ _id : 2, host : "ip-of-instance-3:27017" } | |
] | |
} | |
); | |
7. Run rs.status() to check Replica set status. | |
you will get list of members with their status like which members are Primary and secondary. | |
8. Create Admin user | |
db.createUser( | |
{ | |
user: "Admin",pwd: "myNewPassword", | |
roles: [ { role: 'root', db: 'admin' } ] | |
} | |
); | |
9. Test Authentication in MongoDB. | |
run rs.status() it will give you an errmsg with "ommand replSetGetStatus requires authentication" | |
10. Login to MongoDB with Password | |
sample url to login is: | |
mongo "mongodb://<username>:<password>@<host>:<port>/<dbName>?replicaSet=<replicaSetName>" | |
in our case url should be: | |
mongo "mongodb://Admin:myNewPassword@ip-of-instance-1:27017,ip-of-instance-2:27017,ip-of-instance-3:27017/admin/?replicaSet=rs0" | |
After login type rs.status() to check status of cluster. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment