Manage the MongoDB database
Manage the MongoDB database
Table of Contens
Create the first database
All commands are executed as mongodb user.
To create a database directory file structure and init file use a template from $DMK_HOME/templates/dbcreate/mcreate_sample_tpl.yaml
The template can be anywhere placed but it is a good practice to copy it to $DMK_HOME/etc before adapt it.
🟢 The naming convention for the database is defined in $DMK_HOME/etc/dmk.conf file. By default is set to REGEXP ^mdb(\D){0,4}(\d+)$
mongodb@dev-vm:/home/mongodb/ [DUMMY] cp $DMK_HOME/templates/dbcreate/mcreate_sample_tpl.yaml $DMK_HOME/etc/mcreate_mdb01.yaml
mongodb@dev-vm:/home/mongodb/ [DUMMY] cp $DMK_HOME/templates/dbcreate/mongo_ini_sample.yaml $DMK_HOME/etc/mongo_ini_sample.yaml
# edit the file mcreate_mdb01.yaml
mongodb@dev-vm:/home/mongodb/ [DUMMY] cat /u01/app/mongodb/local/dmk/etc/mcreate_mdb01.yaml
# mongod.conf
# Generated by MONGODB - DMK dbi services
mongodb_cfg:
db_name: mdb01
home_path: /u01/app/mongodb/product/8.0
data_path: /u02/mongodbdata
bindIp: 0.0.0.0
port: 25630
template: /u01/app/mongodb/local/dmk/etc/mongo_ini_sample.yamldb_name: is the database name. See naming convention note above.home_path: is the path where the mongodb binaries are installed.data_path: is the root path where the data files of the database will be stored.template: is the template for the init file for mongodb database. Severall ini files are proposed in thetemplates/dbcreatedirectory.
To create the database execute the command:
mongodb@dev-vm:/home/mongodb/ [DUMMY] dmk_dbcreate.sh -c /u01/app/mongodb/local/dmk/etc/mcreate_mdb01.yaml
2025-01-14_10-29-52::dmk_mongodb_create.p::Mainprogram ::INFO ==> Configuration File = /u01/app/mongodb/local/dmk/etc/mcreate_mdb01.yaml
2025-01-14_10-29-52::dmk_mongodb_create.p::check_conf_param ::WARNING ==> bindIp is set to 0.0.0.0. There might be issues if TLS is used.
2025-01-14_10-29-52::dmk_mongodb_create.p::MainProgram ::INFO ==> Create directory layout for mdb01
2025-01-14_10-29-52::dmk_mongodb_create.p::main::mkdir_if_not_e::INFO ==> Create directory: /u02/mongodblog/mdb01
2025-01-14_10-29-52::dmk_mongodb_create.p::main::mkdir_if_not_e::INFO ==> Create directory: /u02/mongodbdata/mdb01
2025-01-14_10-29-52::dmk_mongodb_create.p::main::mkdir_if_not_e::INFO ==> Create directory: /u01/app/mongodb/admin/mdb01
2025-01-14_10-29-52::dmk_mongodb_create.p::main::mkdir_if_not_e::INFO ==> Create directory: /u01/app/mongodb/admin/mdb01/pid
2025-01-14_10-29-52::dmk_mongodb_create.p::main::mkdir_if_not_e::INFO ==> Create directory: /u01/app/mongodb/admin/mdb01/etc
2025-01-14_10-29-52::dmk_mongodb_create.p::main::mkdir_if_not_e::INFO ==> Create directory: /u01/app/mongodb/admin/mdb01/backup
2025-01-14_10-29-52::dmk_mongodb_create.p::main::mkdir_if_not_e::INFO ==> Create directory: /u01/app/mongodb/admin/mdb01/dump
2025-01-14_10-29-52::dmk_mongodb_create.p::main::mkdir_if_not_e::INFO ==> Create directory: /u01/app/mongodb/admin/mdb01/secret
2025-01-14_10-29-52::dmk_mongodb_create.p::create_init_mongo_co::INFO ==> Create mongodb conf from template: /u01/app/mongodb/local/dmk/templates/dbcreate/mongo_ini_sample.yaml
2025-01-14_10-29-52::dmk_mongodb_create.p::create_init_mongo_co::INFO ==> Create mongodb init file: /u01/app/mongodb/admin/mdb01/etc/mdb01.conf
2025-01-14_10-29-52::dmk_mongodb_create.p::create_init_mongo_co::INFO ==> Create systemd file from template /u01/app/mongodb/local/dmk/templates/systemd/mongod.service
2025-01-14_10-29-52::dmk_mongodb_create.p::create_systemd_file ::INFO ==> Created service file for systemd /u01/app/mongodb/admin/mdb01/etc/mongod_mdb01.service
2025-01-14_10-29-52::dmk_mongodb_create.p::create_systemd_file ::INFO ==> copy it to /etc/systemd/system as root user
2025-01-14_10-29-52::dmk_mongodb_create.p::MainProgram ::INFO ==> Update /u01/app/mongodb/etc/mongodb.lst file with mdb01
2025-01-14_10-29-52::dmk_mongodb_create.p::MainProgram ::INFO ==> Source the dmk to get settings new instance mdb01
2025-01-14_10-29-52::dmk_mongodb_create.p::MainProgram ::INFO ==> by executting the command 'source /u01/app/mongodb/local/dmk/bin/dmk.sh'
2025-01-14_10-29-52::dmk_mongodb_create.p::MainProgram ::INFO ==> Database mdb01 created.At the end the structure directory for the database, a systemd mongodb_mdb01.service file to copy it to /etc/systemd/system, and the init mdb01.conf file where created, as root user:
root $ cp /u01/app/mongodb/admin/mdb01/etc/mongod_mdb01.service /etc/systemd/system
root $ systemctl daemon-reload
root $ systemctl start mongod_mdb01.service
root $ systemctl status mongod_mdb01.service
● mongodb_mdb01.service - Mongod Database Service
Loaded: loaded (/etc/systemd/system/mongod_mdb01.service; disabled; vendor preset: enabled)
Active: active (running) since Wed 2024-03-06 10:24:17 UTC; 7s ago
Docs: https://docs.mongodb.org/manual
Main PID: 9170 (mongod)
Tasks: 33 (limit: 6987)
Memory: 136.3M
CPU: 2.540s
CGroup: /system.slice/mongodb_mdb01.service
└─9170 /u01/app/mongodb/product/8.0/bin/mongod -f /u01/app/mongodb/admin/mdb01/etc/mdb01.conf
Mar 06 10:24:20 dmk-mongo-dev bash[9129]: connectionId: 5,
Mar 06 10:24:20 dmk-mongo-dev bash[9129]: minWireVersion: 0,
Mar 06 10:24:20 dmk-mongo-dev bash[9129]: maxWireVersion: 21,
Mar 06 10:24:20 dmk-mongo-dev bash[9129]: readOnly: false,
Mar 06 10:24:20 dmk-mongo-dev bash[9129]: ok: 1
Mar 06 10:24:20 dmk-mongo-dev bash[9129]: }
Mar 06 10:24:20 dmk-mongo-dev bash[9129]: 2024-03-06_10-24-20::MDB.pm ::MDB::get_db_state ::DEBUG ==> Database mdb01 state OPEN
Mar 06 10:24:20 dmk-mongo-dev bash[9129]: 2024-03-06_10-24-20::dmk_mongodb_ctl.pl ::control_database ::INFO ==> Database mdb01 is now OPEN. SUCCESS
Mar 06 10:24:20 dmk-mongo-dev bash[9129]: 2024-03-06_10-24-20::dmk_mongodb_ctl.pl ::control_database ::INFO ==> Database mdb01 is now OPEN. SUCCESS
Mar 06 10:24:20 dmk-mongo-dev bash[9229]: 2024-03-06_10-24-20::NONE ::EXIT ::DEBUG ==> Program exited with ExitCode : 0Start/Stop the database
All commands are executed as mongodb user.
The database can be started/stopped by the systemd service or using the tool `dmk_db_ctl.sh``
# start already started
mongodb@dev-vm:/home/mongodb/ [DUMMY] dmk_db_ctl.sh -a start -d mdb01
2025-01-14_14-17-51::dmk_mongodb_ctl.pl ::control_database ::INFO ==> Database mdb01 is already OPEN state. SUCCESS
# restart database
mongodb@dev-vm:/home/mongodb/ [DUMMY] dmk_db_ctl.sh -a restart -d mdb01
2025-01-14_14-18-14::dmk_mongodb_ctl.pl ::dmk_monogodb_ctl.pl ::INFO ==> RESTART database mdb01 ...
2025-01-14_14-18-15::dmk_mongodb_ctl.pl ::control_database ::INFO ==> Put database mdb01 in state CLOSED ...
2025-01-14_14-18-21::dmk_mongodb_ctl.pl ::control_database ::INFO ==> Database mdb01 is now CLOSED. SUCCESS
2025-01-14_14-18-21::dmk_mongodb_ctl.pl ::control_database ::INFO ==> Put database mdb01 in state OPEN ...
2025-01-14_14-18-27::dmk_mongodb_ctl.pl ::control_database ::INFO ==> Database mdb01 is now OPEN. SUCCESS
Connect to the database
All commands are executed as mongodb user.
mongodb@dmk-mongo-dev:/home/mongodb/ [DUMMY] u
MongoDB Instances OPEN and running on this host:
------------------------------------------------
mdb01 ==> OPEN
MongoDB Instances CLOSED and NOT running on this host:
------------------------------------------------
# set the mdb01 database environment
mongodb@dmk-mongo-dev:/home/mongodb/ [DUMMY] mdb01
********* dbi services Ltd. *********
STATUS : OPEN
BIND : 0.0.0.0
PORT : 25630
REPL : STANDALONE
CONF FILE : /u01/app/mongodb/admin/mdb01/etc/mdb01.conf
DATA PATH : /u02/mongodbdata/mdb01
LOG FILE : /u02/mongodblog/mdb01/mdb01.log
****************************
mongodb@dev-vm:/home/mongodb/ [DUMMY] ms
Current Mongosh Log ID: 65e84545d1f4e3ca944d1b9d
Connecting to: mongodb://128.0.0.1:25610/?directConnection=true&serverSelectionTimeoutMS=2000&appName=mongosh+2.1.1
Using MongoDB: 8.0.5
Using Mongosh: 2.1.1
mongosh 2.1.5 is available for download: https://www.mongodb.com/try/download/shell
For mongosh info see: https://docs.mongodb.com/mongodb-shell/
test>
Create the admin user
All commands are executed as mongodb user.
🔴 Keep credentials file safe.
🔴 To create the first user we need to use the "Localhost Exception". See (https://www.mongodb.com/docs/v4.4/core/security-users/#std-label-localhost-exception) documentation which describe this exception.
The database must bind on localhost (bindIp parameter in the init file: /u01/app/mongodb/admin/mdb01/etc/mdb01.conf)
To use credentials they have to be set into the file $MONGODB_BASE/admin/$MONGODB_SERVER/secret/cred.yml
The alias msp allow to connect using credentials reading them from $MONGODB_BASE/admin/$MONGODB_SERVER/secret/cred.yml file
An template is in $MONGODB_BASE/local/dmk/templates/secret/cred.yml.
mongodb@dmk-mongo-dev:/home/mongodb/ [mdb01] cp $MONGODB_BASE/local/dmk/templates/secret/cred.yml /u01/app/mongodb/admin/mdb01/secret/cred.yml
# add your username and password to the cred.yml file
mongodb@dmk-mongo-dev:/home/mongodb/ [mdb01] chmod 400 /u01/app/mongodb/admin/mdb01/secret/cred.yml
mongodb@dmk-mongo-dev:/home/mongodb/ [mdb01] cat $MONGODB_BASE/admin/$MONGODB_SERVER/secret/cred.yml
....
mdb_admin_user: "root"
mdb_admin_pwd: "root123"To create the user defined in the $MONGODB_BASE/local/dmk/templates/secret/cred.yml file use the following command:
# create the user. Note that the roles can be adapted regarding your needs.
mongodb@dmk-mongo-dev:/home/mongodb/ [mdb01] ms --eval 'db.getSiblingDB("admin").createUser( { user: "root", pwd: "root123" ,roles: [ "root" ]})'
{ ok: 1 }Now you can use the alias msp to connect to the database using th credentials file:
# connect using credentials. Note 'crdentials' in 'Connectong to:' part
mongodb@dmk-mongo-dev:/home/mongodb/ [mdb01] msp
Current Mongosh Log ID: 6638dd6b0485919ee2f2535f
Connecting to: mongodb://<credentials>@0.0.0.0:25119/?directConnection=true&appName=mongosh+2.1.1
Using MongoDB: 8.0.5
Using Mongosh: 2.1.1
mongosh 2.2.5 is available for download: https://www.mongodb.com/try/download/shell
For mongosh info see: https://docs.mongodb.com/mongodb-shell/
test>Using Replicaset
All commands are executed as mongodb user.
🔴 In this example the replicaset is create on the same node. This is just for example purpose.
Replicaset configuration
Database Name
Server IP
Port
mdbrs01
172.168.0.236
25101
mdbrs02
172.168.0.236
25102
mdbrs03
172.168.0.236
25103
Adapt template files
mongodb@dev-vm:/home/mongodb/ [DUMMY] cp $DMK_HOME/templates/dbcreate/mcreate_replicaset_tpl.yaml $DMK_HOME/etc/mcreate_mdb01rs.yaml
mongodb@dev-vm:/home/mongodb/ [DUMMY] cp $DMK_HOME/templates/dbcreate/mcreate_replicaset_tpl.yaml $DMK_HOME/etc/mcreate_mdb02rs.yaml
mongodb@dev-vm:/home/mongodb/ [DUMMY] cp $DMK_HOME/templates/dbcreate/mcreate_replicaset_tpl.yaml $DMK_HOME/etc/mcreate_mdb03rs.yaml
mongodb@dev-vm:/home/mongodb/ [DUMMY] cp $DMK_HOME/templates/dbcreate/mongo_ini_replicaset.yaml $DMK_HOME/etc/mongo_ini_replicaset.yaml
mongodb@dev-vm:/home/mongodb/ [DUMMY] cat $DMK_HOME/etc/mcreate_mdb01rs.yaml
# mongod.conf
# Generated by MONGODB - DMK dbi services
# for documentation of all options, see:
# http://docs.mongodb.org/manual/reference/configuration-options/
mongodb_cfg:
db_name: mdbrs01
home_path: /u01/app/mongodb/product/8.0
data_path: /u02/mongodbdata
bindIp: 172.168.0.236
port: 25101
template: /u01/app/mongodb/local/dmk/etc/mongo_ini_replicaset.yaml
replicaset_name: rs01
mongodb@dev-vm:/home/mongodb/ [DUMMY] cat $DMK_HOME/etc/mcreate_mdb02rs.yaml
# mongod.conf
# Generated by MONGODB - DMK dbi services
# for documentation of all options, see:
# http://docs.mongodb.org/manual/reference/configuration-options/
mongodb_cfg:
db_name: mdbrs02
home_path: /u01/app/mongodb/product/8.0
data_path: /u02/mongodbdata
bindIp: 172.168.0.236
port: 25102
template: /u01/app/mongodb/local/dmk/etc/mongo_ini_replicaset.yaml
replicaset_name: rs01
mongodb@dev-vm:/home/mongodb/ [DUMMY] cat $DMK_HOME/etc/mcreate_mdb03rs.yaml
# mongod.conf
# Generated by MONGODB - DMK dbi services
# for documentation of all options, see:
# http://docs.mongodb.org/manual/reference/configuration-options/
mongodb_cfg:
db_name: mdbrs03
home_path: /u01/app/mongodb/product/8.0
data_path: /u02/mongodbdata
bindIp: 172.168.0.236
port: 25103
template: /u01/app/mongodb/local/dmk/etc/mongo_ini_replicaset.yaml
replicaset_name: rs01
Create the databases
mongodb@dev-vm:/home/mongodb/ [DUMMY] dmk_dbcreate.sh -c $DMK_HOME/etc/mcreate_mdb01rs.yaml
2025-01-14_14-34-29::dmk_mongodb_create.p::Mainprogram ::INFO ==> Configuration File = /u01/app/mongodb/local/dmk/etc/mcreate_mdb01rs.yaml
2025-01-14_14-34-29::dmk_mongodb_create.p::MainProgram ::INFO ==> Create directory layout for mdbrs01
2025-01-14_14-34-29::dmk_mongodb_create.p::main::mkdir_if_not_e::INFO ==> Create directory: /u02/mongodblog/mdbrs01
2025-01-14_14-34-29::dmk_mongodb_create.p::main::mkdir_if_not_e::INFO ==> Create directory: /u02/mongodbdata/mdbrs01
2025-01-14_14-34-29::dmk_mongodb_create.p::main::mkdir_if_not_e::INFO ==> Create directory: /u01/app/mongodb/admin/mdbrs01
2025-01-14_14-34-29::dmk_mongodb_create.p::main::mkdir_if_not_e::INFO ==> Create directory: /u01/app/mongodb/admin/mdbrs01/pid
2025-01-14_14-34-29::dmk_mongodb_create.p::main::mkdir_if_not_e::INFO ==> Create directory: /u01/app/mongodb/admin/mdbrs01/etc
2025-01-14_14-34-29::dmk_mongodb_create.p::main::mkdir_if_not_e::INFO ==> Create directory: /u01/app/mongodb/admin/mdbrs01/backup
2025-01-14_14-34-29::dmk_mongodb_create.p::main::mkdir_if_not_e::INFO ==> Create directory: /u01/app/mongodb/admin/mdbrs01/dump
2025-01-14_14-34-29::dmk_mongodb_create.p::main::mkdir_if_not_e::INFO ==> Create directory: /u01/app/mongodb/admin/mdbrs01/secret
2025-01-14_14-34-29::dmk_mongodb_create.p::create_init_mongo_co::INFO ==> Create mongodb conf from template: /u01/app/mongodb/local/dmk/etc/mongo_ini_replicaset.yaml
2025-01-14_14-34-29::dmk_mongodb_create.p::create_init_mongo_co::INFO ==> Create mongodb init file: /u01/app/mongodb/admin/mdbrs01/etc/mdbrs01.conf
2025-01-14_14-34-29::dmk_mongodb_create.p::create_init_mongo_co::INFO ==> Create systemd file from template /u01/app/mongodb/local/dmk/templates/systemd/mongod.service
2025-01-14_14-34-29::dmk_mongodb_create.p::create_systemd_file ::INFO ==> Created service file for systemd /u01/app/mongodb/admin/mdbrs01/etc/mongod_mdbrs01.service
2025-01-14_14-34-29::dmk_mongodb_create.p::create_systemd_file ::INFO ==> copy it to /etc/systemd/system as root user
2025-01-14_14-34-29::dmk_mongodb_create.p::MainProgram ::INFO ==> Update /u01/app/mongodb/etc/mongodb.lst file with mdbrs01
2025-01-14_14-34-29::dmk_mongodb_create.p::MainProgram ::INFO ==> Source the dmk to get settings new instance mdbrs01
2025-01-14_14-34-29::dmk_mongodb_create.p::MainProgram ::INFO ==> by executting the command 'source /u01/app/mongodb/local/dmk/bin/dmk.sh'
2025-01-14_14-34-29::dmk_mongodb_create.p::MainProgram ::INFO ==> Database mdbrs01 created.
mongodb@dev-vm:/home/mongodb/ [DUMMY] dmk_dbcreate.sh -c $DMK_HOME/etc/mcreate_mdb02rs.yaml
2025-01-14_14-34-34::dmk_mongodb_create.p::Mainprogram ::INFO ==> Configuration File = /u01/app/mongodb/local/dmk/etc/mcreate_mdb02rs.yaml
2025-01-14_14-34-34::dmk_mongodb_create.p::MainProgram ::INFO ==> Create directory layout for mdbrs02
2025-01-14_14-34-34::dmk_mongodb_create.p::main::mkdir_if_not_e::INFO ==> Create directory: /u02/mongodblog/mdbrs02
2025-01-14_14-34-34::dmk_mongodb_create.p::main::mkdir_if_not_e::INFO ==> Create directory: /u02/mongodbdata/mdbrs02
2025-01-14_14-34-34::dmk_mongodb_create.p::main::mkdir_if_not_e::INFO ==> Create directory: /u01/app/mongodb/admin/mdbrs02
2025-01-14_14-34-34::dmk_mongodb_create.p::main::mkdir_if_not_e::INFO ==> Create directory: /u01/app/mongodb/admin/mdbrs02/pid
2025-01-14_14-34-34::dmk_mongodb_create.p::main::mkdir_if_not_e::INFO ==> Create directory: /u01/app/mongodb/admin/mdbrs02/etc
2025-01-14_14-34-34::dmk_mongodb_create.p::main::mkdir_if_not_e::INFO ==> Create directory: /u01/app/mongodb/admin/mdbrs02/backup
2025-01-14_14-34-34::dmk_mongodb_create.p::main::mkdir_if_not_e::INFO ==> Create directory: /u01/app/mongodb/admin/mdbrs02/dump
2025-01-14_14-34-34::dmk_mongodb_create.p::main::mkdir_if_not_e::INFO ==> Create directory: /u01/app/mongodb/admin/mdbrs02/secret
2025-01-14_14-34-34::dmk_mongodb_create.p::create_init_mongo_co::INFO ==> Create mongodb conf from template: /u01/app/mongodb/local/dmk/etc/mongo_ini_replicaset.yaml
2025-01-14_14-34-34::dmk_mongodb_create.p::create_init_mongo_co::INFO ==> Create mongodb init file: /u01/app/mongodb/admin/mdbrs02/etc/mdbrs02.conf
2025-01-14_14-34-34::dmk_mongodb_create.p::create_init_mongo_co::INFO ==> Create systemd file from template /u01/app/mongodb/local/dmk/templates/systemd/mongod.service
2025-01-14_14-34-34::dmk_mongodb_create.p::create_systemd_file ::INFO ==> Created service file for systemd /u01/app/mongodb/admin/mdbrs02/etc/mongod_mdbrs02.service
2025-01-14_14-34-34::dmk_mongodb_create.p::create_systemd_file ::INFO ==> copy it to /etc/systemd/system as root user
2025-01-14_14-34-34::dmk_mongodb_create.p::MainProgram ::INFO ==> Update /u01/app/mongodb/etc/mongodb.lst file with mdbrs02
2025-01-14_14-34-34::dmk_mongodb_create.p::MainProgram ::INFO ==> Source the dmk to get settings new instance mdbrs02
2025-01-14_14-34-34::dmk_mongodb_create.p::MainProgram ::INFO ==> by executting the command 'source /u01/app/mongodb/local/dmk/bin/dmk.sh'
2025-01-14_14-34-34::dmk_mongodb_create.p::MainProgram ::INFO ==> Database mdbrs02 created.
mongodb@dev-vm:/home/mongodb/ [DUMMY] dmk_dbcreate.sh -c $DMK_HOME/etc/mcreate_mdb03rs.yaml
2025-01-14_14-34-38::dmk_mongodb_create.p::Mainprogram ::INFO ==> Configuration File = /u01/app/mongodb/local/dmk/etc/mcreate_mdb03rs.yaml
2025-01-14_14-34-38::dmk_mongodb_create.p::MainProgram ::INFO ==> Create directory layout for mdbrs03
2025-01-14_14-34-38::dmk_mongodb_create.p::main::mkdir_if_not_e::INFO ==> Create directory: /u02/mongodblog/mdbrs03
2025-01-14_14-34-38::dmk_mongodb_create.p::main::mkdir_if_not_e::INFO ==> Create directory: /u02/mongodbdata/mdbrs03
2025-01-14_14-34-38::dmk_mongodb_create.p::main::mkdir_if_not_e::INFO ==> Create directory: /u01/app/mongodb/admin/mdbrs03
2025-01-14_14-34-38::dmk_mongodb_create.p::main::mkdir_if_not_e::INFO ==> Create directory: /u01/app/mongodb/admin/mdbrs03/pid
2025-01-14_14-34-38::dmk_mongodb_create.p::main::mkdir_if_not_e::INFO ==> Create directory: /u01/app/mongodb/admin/mdbrs03/etc
2025-01-14_14-34-38::dmk_mongodb_create.p::main::mkdir_if_not_e::INFO ==> Create directory: /u01/app/mongodb/admin/mdbrs03/backup
2025-01-14_14-34-38::dmk_mongodb_create.p::main::mkdir_if_not_e::INFO ==> Create directory: /u01/app/mongodb/admin/mdbrs03/dump
2025-01-14_14-34-38::dmk_mongodb_create.p::main::mkdir_if_not_e::INFO ==> Create directory: /u01/app/mongodb/admin/mdbrs03/secret
2025-01-14_14-34-38::dmk_mongodb_create.p::create_init_mongo_co::INFO ==> Create mongodb conf from template: /u01/app/mongodb/local/dmk/etc/mongo_ini_replicaset.yaml
2025-01-14_14-34-38::dmk_mongodb_create.p::create_init_mongo_co::INFO ==> Create mongodb init file: /u01/app/mongodb/admin/mdbrs03/etc/mdbrs03.conf
2025-01-14_14-34-38::dmk_mongodb_create.p::create_init_mongo_co::INFO ==> Create systemd file from template /u01/app/mongodb/local/dmk/templates/systemd/mongod.service
2025-01-14_14-34-38::dmk_mongodb_create.p::create_systemd_file ::INFO ==> Created service file for systemd /u01/app/mongodb/admin/mdbrs03/etc/mongod_mdbrs03.service
2025-01-14_14-34-38::dmk_mongodb_create.p::create_systemd_file ::INFO ==> copy it to /etc/systemd/system as root user
2025-01-14_14-34-38::dmk_mongodb_create.p::MainProgram ::INFO ==> Update /u01/app/mongodb/etc/mongodb.lst file with mdbrs03
2025-01-14_14-34-38::dmk_mongodb_create.p::MainProgram ::INFO ==> Source the dmk to get settings new instance mdbrs03
2025-01-14_14-34-38::dmk_mongodb_create.p::MainProgram ::INFO ==> by executting the command 'source /u01/app/mongodb/local/dmk/bin/dmk.sh'
2025-01-14_14-34-38::dmk_mongodb_create.p::MainProgram ::INFO ==> Database mdbrs03 created.
mongodb@dev-vm:/home/mongodb/ [DUMMY] u
MongoDB database quick status
-----------------------------------------------
mdbrs01 ==> CLOSED
mdbrs02 ==> CLOSED
mdbrs03 ==> CLOSED
mongodb@dev-vm:/home/mongodb/ [DUMMY] ls /u01/app/mongodb/admin/
mdbrs01 mdbrs02 mdbrs03
Generate the key file for replicaset
The replicaset nodes must have the same key.
mongodb@dev-vm:/home/mongodb/ [DUMMY] openssl rand -base64 756 > /u01/app/mongodb/admin/mdbrs01/secret/rs01.key
mongodb@dev-vm:/home/mongodb/ [DUMMY] chmod 400 /u01/app/mongodb/admin/mdbrs01/secret/rs01.key
mongodb@dev-vm:/home/mongodb/ [DUMMY] cp /u01/app/mongodb/admin/mdbrs01/secret/rs01.key /u01/app/mongodb/admin/mdbrs02/secret/rs01.key
mongodb@dev-vm:/home/mongodb/ [DUMMY] cp /u01/app/mongodb/admin/mdbrs01/secret/rs01.key /u01/app/mongodb/admin/mdbrs03/secret/rs01.keyCreate the credentials files
mongodb@dev-vm:/home/mongodb/ [DUMMY] cat /u01/app/mongodb/admin/mdbrs01/secret/cred.yml
##############################################################################
# $Id: cred.yml 73 2015-10-26 12:18:02Z jew $
##############################################################################
#
# FILE: cred.yml Define credentials for the mongodb database
#
# AUTHOR: dbi services Ltd
#
##############################################################################
mdb_admin_user: "root"
mdb_admin_pwd: "root123"
mongodb@dmk-mongo-dev:/home/mongodb/ [mdb01] chmod 400 /u01/app/mongodb/admin/mdbrs01/secret/cred.ymlThe same file cred.ymlmust exist in /u01/app/mongodb/admin/mdbrs02/secret/cred.yml and /u01/app/mongodb/admin/mdbrs03/secret/cred.yml
mongodb@dmk-mongo-dev:/home/mongodb/ [mdb01] cp /u01/app/mongodb/admin/mdbrs01/secret/cred.yml /u01/app/mongodb/admin/mdbrs02/secret/cred.yml
mongodb@dmk-mongo-dev:/home/mongodb/ [mdb01] cp /u01/app/mongodb/admin/mdbrs01/secret/cred.yml /u01/app/mongodb/admin/mdbrs03/secret/cred.ymlCreate the admin user
In order to create the first user we need to change the init file for the first node, to be able to use the localhost exception (https://www.mongodb.com/docs/v4.4/core/security-users/#std-label-localhost-exception)
# make a backup of config file
mongodb@dev-vm:/home/mongodb/ [mdbrs01] cp /u01/app/mongodb/admin/mdbrs01/etc/mdbrs01.conf /tmp
# remove replicaset parameters and add the bind to localhost
mongodb@dev-vm:/home/mongodb/ [mdbrs01] cat /u01/app/mongodb/admin/mdbrs01/etc/mdbrs01.conf
---
net:
bindIp: localhost
port: 25101
processManagement:
fork: true
pidFilePath: /u01/app/mongodb/admin/mdbrs01/pid/mongod.pid
security:
keyFile: /u01/app/mongodb/admin/mdbrs01/secret/rs01.key
storage:
dbPath: /u02/mongodbdata/mdbrs01
engine: wiredTiger
systemLog:
destination: file
logAppend: true
path: /u02/mongodblog/mdbrs01/mdbrs01.log
# start the database
mongodb@dev-vm:/home/mongodb/ [mdbrs01] dmk_db_ctl.sh -a start -d mdbrs01
2025-01-14_15-26-31::dmk_mongodb_ctl.pl ::control_database ::INFO ==> Put database mdbrs01 in state OPEN ...
2025-01-14_15-26-37::dmk_mongodb_ctl.pl ::control_database ::INFO ==> Database mdbrs01 is now OPEN. SUCCESS
# create the admin user
mongodb@dev-vm:/home/mongodb/ [mdbrs01] mongosh mongodb://localhost:25101
Current Mongosh Log ID: 6786825dd04b65c82e544ca6
Connecting to: mongodb://localhost:25101/?directConnection=true&serverSelectionTimeoutMS=2000&appName=mongosh+2.3.8
Using MongoDB: 8.0.4
Using Mongosh: 2.3.8
For mongosh info see: https://www.mongodb.com/docs/mongodb-shell/
test> use admin
switched to db admin
admin> db.createUser( { user: "root", pwd: "root123" ,roles: [ "root" ]});
{ ok: 1 }
admin> exit
# stop the database
mongodb@dev-vm:/home/mongodb/ [mdbrs01] dmk_db_ctl.sh -a stop -d mdbrs01
2025-01-14_15-32-41::dmk_mongodb_ctl.pl ::control_database ::INFO ==> Put database mdbrs01 in state CLOSED ...
2025-01-14_15-32-47::dmk_mongodb_ctl.pl ::control_database ::INFO ==> Database mdbrs01 is now CLOSED. SUCCESS
# restore the saved init file
mongodb@dev-vm:/home/mongodb/ [mdbrs01] cp /tmp/mdbrs01.conf /u01/app/mongodb/admin/mdbrs01/etc/mdbrs01.conf
# start the database
mongodb@dev-vm:/home/mongodb/ [mdbrs01] dmk_db_ctl.sh -a start -d mdbrs01
2025-01-14_15-33-49::dmk_mongodb_ctl.pl ::control_database ::INFO ==> Put database mdbrs01 in state OPEN ...
2025-01-14_15-33-55::dmk_mongodb_ctl.pl ::control_database ::INFO ==> Database mdbrs01 is now OPEN. SUCCESS
# connect using the authentication
mongodb@dev-vm:/home/mongodb/ [mdbrs01] msp
Current Mongosh Log ID: 67868402aecfa28667544ca6
Connecting to: mongodb://<credentials>@172.168.0.236:25101/?directConnection=true&appName=mongosh+2.3.8
Using MongoDB: 8.0.4
Using Mongosh: 2.3.8
For mongosh info see: https://www.mongodb.com/docs/mongodb-shell/
test>Init the replicaset on the fist node
mongodb@dev-vm:/home/mongodb/ [mdbrs01] msp
Current Mongosh Log ID: 67868402aecfa28667544ca6
Connecting to: mongodb://<credentials>@172.168.0.236:25101/?directConnection=true&appName=mongosh+2.3.8
Using MongoDB: 8.0.4
Using Mongosh: 2.3.8
For mongosh info see: https://www.mongodb.com/docs/mongodb-shell/
test> use admin
switched to db admin
admin> rs.initiate()
{
info2: 'no configuration specified. Using a default configuration for the set',
me: '172.168.0.236:25101',
ok: 1
}
rs01 [direct: secondary] admin> exitStart the other nodes
mongodb@dev-vm:/home/mongodb/ [mdbrs01] dmk_db_ctl.sh -a start -d mdbrs02
2025-01-14_15-01-04::dmk_mongodb_ctl.pl ::control_database ::INFO ==> Put database mdbrs02 in state OPEN ...
2025-01-14_15-01-10::dmk_mongodb_ctl.pl ::control_database ::INFO ==> Database mdbrs02 is now OPEN. SUCCESS
mongodb@dev-vm:/home/mongodb/ [mdbrs01] dmk_db_ctl.sh -a start -d mdbrs03
2025-01-14_15-01-13::dmk_mongodb_ctl.pl ::control_database ::INFO ==> Put database mdbrs03 in state OPEN ...
2025-01-14_15-01-19::dmk_mongodb_ctl.pl ::control_database ::INFO ==> Database mdbrs03 is now OPEN. SUCCESSAdd the other nodes
# commands executed from first node
mongodb@dev-vm:/home/mongodb/ [mdbrs01] msp
Current Mongosh Log ID: 678684ad4f8d05ea45544ca6
Connecting to: mongodb://<credentials>@172.168.0.236:25101/?directConnection=true&appName=mongosh+2.3.8
Using MongoDB: 8.0.4
Using Mongosh: 2.3.8
For mongosh info see: https://www.mongodb.com/docs/mongodb-shell/
rs01 [direct: primary] test>
rs01 [direct: primary] test> use admin
switched to db admin
rs01 [direct: primary] admin> rs.add( { host: "172.168.0.236:25102" } );
{
ok: 1,
'$clusterTime': {
clusterTime: Timestamp({ t: 1736869193, i: 1 }),
signature: {
hash: Binary.createFromBase64('SfjgUkJ1Ljt4rbcs2Fao5am1zZY=', 0),
keyId: Long('7459795475126812679')
}
},
operationTime: Timestamp({ t: 1736869193, i: 1 })
}
rs01 [direct: primary] admin> rs.add( { host: "172.168.0.236:25103" } );
{
ok: 1,
'$clusterTime': {
clusterTime: Timestamp({ t: 1736869197, i: 1 }),
signature: {
hash: Binary.createFromBase64('2mLkdP+reB8pSR1eMs7aYTecTUU=', 0),
keyId: Long('7459795475126812679')
}
},
operationTime: Timestamp({ t: 1736869197, i: 1 })
}
rs01 [direct: primary] admin> exit
mongodb@dev-vm:/home/mongodb/ [mdbrs01] msp $DMK_HOME/js/rs_status.js
Member ID: 0, Host: 172.168.0.236:25101, State: PRIMARY
Member ID: 1, Host: 172.168.0.236:25102, State: SECONDARY
Member ID: 2, Host: 172.168.0.236:25103, State: SECONDARYUsing TLS
All commands are executed as mongodb user.
This example use a self signed certificate.
In a production environment the CA root certificate should be installed directly on the server and th server certificate must be signed by the company authority.
🔴 DO NOT USE SELF SIGNED CERTIFICATE IN A PRODUCTION ENVIRONMENT
Create the open ssl configuration file
Set the environment for tha database that you want to configure. In this example is mdb01
# set the mdb01 database environment
mongodb@dmk-mongo-dev:/home/mongodb/ [DUMMY] mdb01
********* dbi services Ltd. *********
STATUS : OPEN
BIND : 0.0.0.0
PORT : 25630
REPL : STANDALONE
CONF FILE : /u01/app/mongodb/admin/mdb01/etc/mdb01.conf
DATA PATH : /u02/mongodbdata/mdb01
LOG FILE : /u02/mongodblog/mdb01/mdb01.log
****************************
mongodb@dev-vm:/home/mongodb/ [mdb01] cd /u01/app/mongodb/admin/mdb01/secret/
# Create a default openssl configuration file.
mongodb@dev-vm:/home/mongodb/ [mdb01] cat openssl.cnf
[ req ]
prompt = no
default_bits = 2048
distinguished_name = req_distinguished_name
req_extensions = req_ext
x509_extensions = v3_ca # The extensions to add to the self-signed cert
[ req_distinguished_name ]
countryName = CH
stateOrProvinceName = Vaud
localityName = Nyon
organizationName = DBIServices
commonName = your_fqdn_hostname
[ req_ext ]
subjectAltName = @alt_names
[ v3_ca ]
subjectAltName = @alt_names
extendedKeyUsage = serverAuth, clientAuth
[ alt_names ]
DNS.1 = your_fqdn_hostna
IP.1 = your_server_or_client_ip
🟡 NOTE:
Pay attention to the DNS name of the host who make the connection and the IP.
Also the
extendedKeyUsagemust allow connection from server and client.All parameters are described here: https://docs.openssl.org/3.1/man5/config/
Generate the certificates
mongodb@dmk-mongo-dev:/home/mongodb/ [DUMMY] cd /u01/app/mongodb/admin/mdb01/secret/
mongodb@dmk-mongo-dev:/u01/app/mongodb/admin/mdb01/secret/ [DUMMY] openssl req -x509 -config ./openssl.cnf -nodes -days 365 -newkey rsa:4096 -out ca-cert.crt -keyout key-cert.crt
.....+.................+.+............+.....+.....
....
....
mongodb@dmk-mongo-dev:/u01/app/mongodb/admin/mdb01/secret/ [DUMMY] cat ca-cert.crt key-cert.crt > ce.pem
# list the certificate
mongodb@dmk-mongo-dev:/u01/app/mongodb/admin/mdb01/secret/ [DUMMY] openssl x509 -in ce.pem -purpose -noout -text
Certificate purposes:
SSL client : Yes
SSL client CA : No
SSL server : Yes
SSL server CA : No
Netscape SSL server : Yes
Netscape SSL server CA : No
S/MIME signing : No
S/MIME signing CA : No
......Stop the database
mongodb@dev-vm:/home/mongodb/ [mdb01] dmk_db_ctl.sh -d mdb01 -a stop
2025-01-14_11-13-49::dmk_mongodb_ctl.pl ::control_database ::INFO ==> Put database mdb01 in state CLOSED ...
2025-01-14_11-13-55::dmk_mongodb_ctl.pl ::control_database ::INFO ==> Database mdb01 is now CLOSED. SUCCESS🟢 By default the database template file for TLS configuration is $DMK_HOME/templates/dbcreate/mcreate_sample_tpl_tls.yaml.
By default the certificateKeyFile parameter will be $DMK_MONGODB_ADMIN/secret/mongodb_srv.pem. This value can be adapted in template file $DMK_HOME/templates/dbcreate/mongo_ini_tls.yaml
Adapt the config file
mongodb@dev-vm:/home/mongodb/ [mdb01] cat /u01/app/mongodb/admin/mdb01/etc/mdb01.conf
---
net:
bindIp: 172.168.0.236
port: 25101
tls:
mode: requireTLS
certificateKeyFile: /u01/app/mongodb/admin/mdb01/secret/ce.pem
CAFile: /u01/app/mongodb/admin/mdb01/secret/ca-cert.crt
.....🔴 ATTENTION: The certificate is defined for one or a list of IP's. So parameter bindIP: 0.0.0.0 cannot be used anymore.
Restart the shell to recompute the aliases using the new certificate configuration.
mongodb@dev-vm:/home/mongodb/ [mdb01] mdb01
********* dbi services Ltd. *********
STATUS : CLOSED
BIND : 172.168.0.236
PORT : 25101
REPL : STANDALONE
CONF FILE : /u01/app/mongodb/admin/mdb01/etc/mdb01.conf
DATA PATH : /u02/mongodbdata/mdb01
LOG FILE : /u02/mongodblog/mdb01/mdb01.log
****************************Start the database
mongodb@dev-vm:/home/mongodb/ [mdb01] dmk_db_ctl.sh -d mdb01 -a start
2025-01-14_11-18-05::dmk_mongodb_ctl.pl ::control_database ::INFO ==> Put database mdb01 in state OPEN ...
2025-01-14_11-18-11::dmk_mongodb_ctl.pl ::control_database ::INFO ==> Database mdb01 is now OPEN. SUCCESSConnect to the database
# The 'Connecting to:' shows the certificates parameters used
mongodb@dev-vm:/home/mongodb/ [mdb01] msp
Current Mongosh Log ID: 6786481d1756924371544ca6
Connecting to: mongodb://<credentials>@172.168.0.236:25101/?tls=true&tlsCertificateKeyFile=%2Fu01%2Fapp%2Fmongodb%2Fadmin%2Fmdb01%2Fsecret%2Fce.pem&tlsCAFile=%2Fu01%2Fapp%2Fmongodb%2Fadmin%2Fmdb01%2Fsecret%2Fca-cert.crt&directConnection=true&appName=mongosh+2.3.8
Using MongoDB: 8.0.4
Using Mongosh: 2.3.8
For mongosh info see: https://www.mongodb.com/docs/mongodb-shell/Backup the database
All commands are executed as mongodb user.
The script used for the backup is dmk_dbbackup.sh. Thsi script can be added in crontab. A crontab template can be found in $DMK_HOME/templates/cron
The backup is made in MONGODB_BACKUP/backup/{database_name}/{DD_MM_YYYY} path. MONGODB_BACKUP parameter defined in $DMK_HOME/etc/dmk.conf
mongodb@dev-vm:/home/mongodb/ [mdb01] dmk_dbbackup.sh -d mdb01
2025-01-14_11-30-16::dmk_dbbackup.pl ::MainProgram ::INFO ==> Backup for database mdb01
2025-01-14_11-30-17::MDB.pm ::MDB::backup_database::INFO ==> Backup database mdb01 with options: ''
2025-01-14T11:30:17.626+0000 writing admin.system.users to /u90/backup/mdb01/14_01_20/admin/system.users.bson.gz
2025-01-14T11:30:17.629+0000 done dumping admin.system.users (1 document)
2025-01-14T11:30:17.629+0000 writing admin.system.version to /u90/backup/mdb01/14_01_20/admin/system.version.bson.gz
2025-01-14T11:30:17.630+0000 done dumping admin.system.version (2 documents)
2025-01-14_11-30-17::MDB.pm ::MDB::backup_database::INFO ==> Backup database mdb01. SUCCESS.
2025-01-14_11-30-17::MDB.pm ::MDB::backup_database::INFO ==> Backup dir: /u90/backup/mdb01/14_01_20
mongodb@dev-vm:/home/mongodb/ [mdb01]
mongodb@dev-vm:/home/mongodb/ [mdb01] ls /u90/backup/mdb01/14_01_20
adminUsing MongoDB DMK tools
All commands are executed as mongodb user.
DMK toolkit propose basic javascript scripts, in $DMK_HOME/js directory.
More tools can be added by the users.
The scrips can be used as follows:
# get the database size
mongodb@dev-vm:/home/mongodb/ [mdb01] msp $DMK_HOME/js/db_sz.js
Database : admin -> Size on Disk: 0.13 MB
Database : config -> Size on Disk: 0.06 MB
Database : local -> Size on Disk: 0.07 MB
Database : test -> Size on Disk: 0.02 MB
# get server information
mongodb@dev-vm:/home/mongodb/ [mdb01] msp $DMK_HOME/js/server_info.js
General
MongoDB version : 8.0.4
Environnement : ubuntu2204:x86_64
Config file : /u01/app/mongodb/admin/mdb01/etc/mdb01.conf
Replicaset
No replicaset defined
Active connections:
{
current: 4,
available: 815,
totalCreated: 69,
rejected: 0,
active: 1,
threaded: 4,
exhaustIsMaster: Long('0'),
exhaustHello: Long('0'),
awaitingTopologyChanges: Long('0'),
loadBalanced: Long('0')
}
# get server URI
mongodb@dev-vm:/home/mongodb/ [mdb01] msp $DMK_HOME/js/get_uri.js
172.168.0.236:38572
# get the init configuration
mongodb@dev-vm:/home/mongodb/ [mdb01] msp $DMK_HOME/js/get_cfg.js
{
argv: [
'/u01/app/mongodb/product/8.0/bin/mongod',
'-f',
'/u01/app/mongodb/admin/mdb01/etc/mdb01.conf'
],
parsed: {
config: '/u01/app/mongodb/admin/mdb01/etc/mdb01.conf',
net: {
bindIp: '172.168.0.236',
port: 25101,
tls: {
CAFile: '/u01/app/mongodb/admin/mdb01/secret/ca-cert.crt',
certificateKeyFile: '/u01/app/mongodb/admin/mdb01/secret/ce.pem',
mode: 'requireTLS'
}
},
processManagement: {
fork: true,
pidFilePath: '/u01/app/mongodb/admin/mdb01/pid/mongod.pid'
},
storage: {
dbPath: '/u02/mongodbdata/mdb01',
engine: 'wiredTiger'
},
systemLog: {
destination: 'file',
logAppend: true,
path: '/u02/mongodblog/mdb01/mdb01.log'
}
},
ok: 1
}Last updated