How to deploy Mongodb replica set on Linux ?

 

In this article , we will see how we can deploy replica sets using Mongodb 5.0 Enterprise server on CentOS 7 . 

OS Platform       : REDHAT/CENTOS 7 Linux

Software             : Mongodb 5.0 Enterprise Server

NOTE:

• As part of this demo, we are assuming that you have already installed Mongodb 5.0 Enterprise server, if not kindly check How to install Mongodb on Redhat\Centos Linux using Tarball .tgz?  to get it installed.

• Be aware the steps which is articulated in theis article is intended to demonstrate how to build a mongodb replica set quickly and test it in a development or test environment . It's not intended to use it in Production environment.

Prerequisites:

    To complete this demo, we need 3 centos servers as we are going to configure 3 member replica sets 1 will be primary and other 2 servers will act as a secondary servers.

Server name	IP Address	Role
mongodb1	192.168.1.200	Primary
mongodb2	192.168.1.201	Secondary
mongodb3	192.168.1.202	Secondary

Step 1: Configure DNS Resolutions

• In order to communicate between 3 servers, we need to have a solution so that the members of the replica set talk to each other. Instead of communication via ip address which changes unexpectly due to network configuration changes and other events, mongodb recommends to use DNS hostnames.

• To attain this , we are going to edit the file /etc/hosts on all 3 servers  and add all our replica set members hostname and ip details.

   vi /etc/hosts

-------------------------------------------------------------------

127.0.0.1     localhost localhost.localdomain localhost4 localhost4.localdomain4

::1           localhost localhost.localdomain localhost6 localhost6.localdomain6

192.168.1.200 mongodb1  

192.168.1.201 mongodb2  

192.168.1.202 mongodb3

-----------------------------------------------------------------------------------

Step 2: Allow mongodb port in firewall

• Allow the port 27017 on all 3 servers from firewall which will block the connections by default

[root@mongodb1~]# firewall-cmd --zone=public --add-port=27017/tcp --permanent
[root@mongodb1~]# firewall-cmd --reload

[root@mongodb2~]# firewall-cmd --zone=public --add-port=27017/tcp --permanent
[root@mongodb2~]# firewall-cmd --reload

 

[root@mongodb3~]# firewall-cmd --zone=public --add-port=27017/tcp --permanent
[root@mongodb3~]# firewall-cmd --reload

Step 3 : Create mongodb data and log directories

• Create the mongodb data directories , log directories and give necessary permission set to the mongod user.

sudo mkdir -p /var/lib/mongo

sudo mkdir -p /var/log/mongodb

sudo chown -R mongod:mongodb /var/lib/mongo

sudo chown -R mongod:mongodb /var/log/mongodb

Step 4 : Create configuration file on all 3 servers

[mongod@mongodb1~]# vi /etc/mongod.conf

#replica set configuration for mongodb1 host

systemLog:
   destination: file
   path: "/var/log/mongodb/mongod.log"
   logAppend: true
storage:
   journal:
      enabled: true
storage:
   dbPath: /var/lib/mongo
processManagement:
   fork: true
net:
   bindIp: mongodb1,127.0.0.1
   port: 27017
replication:
  replSetName: "myreplica"

[mongod@mongodb2~]# vi /etc/mongod.conf

 #replica set configuration for mongodb2 host

systemLog:
   destination: file
   path: "/var/log/mongodb/mongod.log"
   logAppend: true
storage:
   journal:
      enabled: true
storage:
   dbPath: /var/lib/mongo
processManagement:
   fork: true
net:
   bindIp: mongodb2,127.0.0.1
   port: 27017
replication:
  replSetName: "myreplica"

[mongod@mongodb3~]# vi /etc/mongod.conf

#replica set configuration for mongodb3 host

systemLog:
   destination: file
   path: "/var/log/mongodb/mongod.log"
   logAppend: true
storage:
   journal:
      enabled: true
storage:
   dbPath: /var/lib/mongo
processManagement:
   fork: true
net:
   bindIp: mongodb3,127.0.0.1
   port: 27017
replication:
  replSetName: "myreplica"

Step 5 : Launch mongod daemon on all 3 servers

[mongod@mongodb1~]# mongod -f /etc/mongod.conf

 

[mongod@mongodb2~]# mongod -f /etc/mongod.conf

 

[mongod@mongodb3~]# mongod -f /etc/mongod.conf

 

Step 6 : Initiate Replication and add the replica members

• Now connect to the mongodb server of node 1 and initiate replication process.

[mongod@mongodb1~]# mongosh --host mongodb1 --port 27017

 > rs.initiate(

{

 _id: "myreplica",

members: [

{ _id: 0, host: "mongodb1:27017" },

{ _id: 1, host: "mongodb2:27017" },

{ _id: 2, host: "mongodb3:27017" }

 ]

})

• As per the above snapshot , its clear that we have initiated the replication from node 1 and added the nodes mongodb1,mongodb2,mongodb3 as part of replication. To dive deeper and look into the roles , member status issue the below command.

rs.status()

• If we look at the result we could see the meaningful information such as the replica set name, replica set formed time, heartbeat time of internode communication, node state, majority node count, oplogs applied time, election metrics and members role details.

• And in the members section we can see the current primary member is node 1 i.e mongodb1 and election timestamp of the node at which is elected as primary.

• If we want to add further nodes we can issue the below command from the primary node.

 >rs.add("hostname:port")

E.g: > rs.add("mongodb4:27017")

Step 7 : Test the replication 

• Now connect to the primary node , load some sample data and test whether its replicating  from primary to our 2 secondary nodes.
• Download the sample datasets using below

[mongod@mongodb1 ~]$ wget http://media.mongodb.org/zips.json

• Import the zips.json  to the primary mongodb server mongodb1

[mongod@mongodb1 ~]$ mongoimport --host mongodb1 --port 27017 --db location --collection zips --file zips.json

• Now connect to all 3 nodes and see the results
• Primary node mongodb1

                

• Secondary node mongodb2

• Secondary node mongodb3

• From the above results  we could see the database is replicating from the primary to secondary nodes.

Caution:

• If you have seen the output of mongo , could have noticed there is a warning stating below

Access control is not enabled for the database. Read and write access to data and configuration is unrestricted

• This message indicates that we haven’t yet enabled access control for the database . As per the mongodb recommendation its must to use Role-Based Access Control(RBAC) and enable security authorization.
•  If we are using replica sets , we also need to add a security layer between nodes to configure keyfile authentication (which is a bare- minimum form of security)
• In kind of production deployments, MongoDB recommends to use x.509 certificates for internal member authentication. In our coming series of article we will see how we can achieve the mongodb keyfile based internode authentication and x.509 based authentication.

Wrapping Up:

• As part of this demo we have seen how we can deploy a 3 member replica sets in linux environment.
• In our upcoming series we will see how we can deploy arbiter , failover, switchover, advanced security features in replica sets , sharding and other advanced datacenter specific deployments.

Hope you liked the content (:

Please provide your collaborative ideas , suggestion and valuable feedback’s.

Keep Learning ! Keep Sharing!

By Ubaidullah Jaffar Ali