Mongodb installation and configure replica set

Use the provided distribution packages  based on the  OS distribution. These packages will automatically install all of MongoDB’s dependencies.

Please find  the below method to install  the mongodb on Amazon linux  as stand alone server without the HA.

1.Configure repository.

Create a /etc/yum.repos.d/mongodb-org-3.4.repo file so that you can install MongoDB directly, using yum.

Changed in version 3.0: MongoDB Linux packages are in a new repository beginning with 3.0.

For the latest stable release of MongoDB

Use the following repository file:

[mongodb-org-3.4]

name=MongoDB Repository baseurl=https://repo.mongodb.org/yum/amazon/2013.03/mongodb-org/3.4/x86_64/ gpgcheck=1 enabled=1 gpgkey=https://www.mongodb.org/static/pgp/server-3.4.asc

Note: Yum repo need to get based on the OS distribution.

2.Install the MongoDB community  packages and associated tools,to install the latest stable version of MongoDB , issue the following command:

sudo yum install -y mongodb-org 

3.Need to create the mongodb data directory under the allocated mount point for mongodb data.

ex: mkdir -p  /data/mongod and  chown  mongod:mongod /data/mongodb

Note: dbpath should have the ownership of mongodb/mongod user .

Update  the dbpath in the config file /etc/mongod.conf .

ex:

storage:
dbPath: /data/mongodb

3 After apply the changes in config file, you can run the  mongod process by issuing the following command:

sudo service mongod start 

Configure MongoDB Replica Set

A replica set provides MongoDB with redundancy and increased data availability by replicating the database to multiple servers. The primary member of the replica set can be used for read and write operations whereas the secondary members are available for read-only operations.

A replica set must consist of an odd number of MongoDB servers. If a single server fails, the replica set members must be able elect a new primary server. An election majority can also be achieved with two database servers by including a third MongoDB arbiter. 

Requirements

• Minimum of three server instances
• MongoDB installed and running on all machines 
• Each server instance must allow TCP traffic from each replica set member over port 27017
• Each server instance hostname must be resolvable from each replica set member

As mentioned in the above requirements, each replica set member must be able to communicate with the other replica set members by their hostname. The hostname will default to the fully qualified domain name of each server. The server hostnames can be added to DNS, but the recommended method is to add all replica set member hostnames to their /etc/hosts file. For example:

10.10.200.1    mongodb01.example.com mongodb01
10.10.200.2    mongodb02.example.com mongodb02
10.10.200.3    mongodb03.example.com mongodb03

Create Replica Set

MongoDB must successfully be running on the primary server instance. The standalone instance of MongoDB can become a replica set member by assigning a replica set name in the MongoDB configuration file. To create a replica set called "rs0", add the following line to /etc/mongod.conf.

replication:
replSetName: rs0

MongoDB will need to be restarted for the change to take affect.

sudo service mongod restart 

Use the mongo shell to connect once the service is running again.

mongo

Initiate the replica set from within the mongo shell.

rs.initiate()

The initial replica set configuration can be verified using rs.conf().

query : mongo> rs.conf()

output :

{

    "_id" : "rs0",
    "version" : 1,
    "members" : [
        {
            "_id" : 0,
            "host" : "mongodb01.example.com:27017"
        }
    ]
}

At this stage, the mongo shell prompt should also indicate the replica name and replica member role. For example:

rs0:PRIMARY>

The replica set is now created but more members must be added to achieve redundancy and increased data availability.

Add Secondary Members

The secondary MongoDB server instances must be successfully running MongoDB and accessible by the other members. The configuration file on the secondary members must reflect the same replica set name as the primary member. Add the following line to the /etc/mongod.conf on all secondary members.

replSet=rs0 

Restart the MongoDB service.

sudo service mongod restart

The secondary members can now be added from the mongo shell on the primary server using rs.add().

rs0:PRIMARY> rs.add("mongodb02.example.com")
rs0:PRIMARY> rs.add("mongodb03.example.com")

The rs.status() command can be used to verify the status of the replica set:

rs.status() 

Enabling the  Access Control

Create administrative users.

The following operations will create two users: a user administrator that will be able to create and modify users (myUserAdmin), and a root user (siteRootAdmin) that you will use to complete the remainder of the tutorial:

connect to mongo shell

mongo> use admin db.createUser( { user: "UserAdmin", pwd: "xxxxx", roles: [ { role:"userAdminAnyDatabase", db: "admin" } ] });

      db.createUser( { user: "siteRootAdmin", pwd: "xxxxxxx", roles: [ { role: "root", db: "admin" } ] });

3. Stop the mongod instance by executing the  command   service mongod stop .

4. Create the key file to be used by each member of the replica set.

Create the key file your deployment will use to authenticate servers to each other.

To generate pseudo-random data to use for a keyfile, issue the following openssl command.

mkdir -p /var/lib/.mongodb

openssl rand -base64 741 > /var/lib/.mongodb/mongodb-keyfile 

chmod 400 mongodb-keyfile 

chown mongodb:mongodb /var/lib/.mongodb/mongodb-keyfile 

5.Copy the key file to each member of the replica set.

Copy the mongodb-keyfile to all hosts where components of a MongoDB deployment run. Set the permissions of these files to 400 so that only the owner of the file can read or write this file to prevent other users on the system from accessing the shared secret.

6 Start each member of the replica set with the appropriate options.

For each member, start a mongod and specify the key file and the name of the replica set. Also specify other parameters as needed for your deployment. For replication-specific parameters, If 

The following example specifies parameters through the --keyFile 

security:
authorization: enabled
keyFile: /var/lib/.mongo/mongodb-keyfile

Please find the below  sample replica set config file.

[mongodb]# cat /etc/mongod.conf

# mongod.conf

# for documentation of all options, see:
# http://docs.mongodb.org/manual/reference/configuration-options/

# where to write logging data.
systemLog:
destination: file
# logAppend: true
logRotate: rename
## traceAllExceptions: true
path: /var/log/mongodb/mongod.log

# Where and how to store data.
storage:
dbPath: /data/mongodb
journal:
enabled: false
# engine:
mmapv1:
smallFiles: true
# wiredTiger:

# how the process runs
processManagement:
fork: true # fork and run in background
pidFilePath: /var/run/mongodb/mongod.pid # location of pidfile

# network interfaces
net:
port: 27017
# bindIp: 127.0.0.1 # Listen to local interface only, comment to listen on all interfaces.

security:
authorization: enabled
keyFile: /opt/.mongo/mongodb-keyfile

operationProfiling:
slowOpThresholdMs: 100
mode: slowOp

replication:
replSetName: crs1

setParameter:
diagnosticDataCollectionEnabled: false
#sharding:

## Enterprise-Only Options

#auditLog:

#snmp: