§2023-07-29
We will start the replication setup using x.509 from hc4Jammy.yushei.net
- replicationSet : MuneTakaHome:27999
¶ Step 0, get x.509 Certificate from orgpi5Arch.yushei.net
alexlai@hc4Jammy:~$ mkdir ~/x.509 && cd $_
alexlai@hc4Jammy:~/x.509$ scp orgpi5Arch.yushei.net:/opt/xfs/home/alexlai/x.509/hc4Jammy* ./
100% 6000 1.5MB/s 00:00
alexlai@hc4Jammy:~/x.509$ scp orgpi5Arch.yushei.net:/opt/xfs/home/alexlai/x.509/mongoCA.crt ./
alexlai@hc4Jammy:~/x.509$ ls
hc4Jammy.yushei.net.pem mongoCA.crt
alexlai@hc4Jammy:~/x.509$ sudo mkdir -p /opt/mongodb/data
alexlai@hc4Jammy:~/x.509$ sudo mkdir -p /opt/mongodb/log
alexlai@hc4Jammy:~/x.509$ sudo mkdir -p /opt/mongodb/x.509
alexlai@hc4Jammy:~/x.509$ sudo chown -R mongodb:mongodb /opt/mongodb/
alexlai@hc4Jammy:~/x.509$ sudo cp -v * /opt/mongodb/x.509/
'hc4Jammy.yushei.net.pem' -> '/opt/mongodb/x.509/hc4Jammy.yushei.net.pem'
'mongoCA.crt' -> '/opt/mongodb/x.509/mongoCA.crt'
¶Step1: /etc/mongodb-27999.conf,
- 27999 is the port for MuneTakaHome ReplicationSet.
# mongodb-27999.conf
# MuneTakaHome replicationSet
# for documentation of all options, see:
# http://docs.mongodb.org/manual/reference/configuration-options/
# where to write logging data.
systemLog:
destination: file
logAppend: true
path: /opt/mongodb/log/mongod-27999.log
# Where and how to store data.
storage:
dbPath: /opt/mongodb/data/data-27999/
# how the process runs
processManagement:
timeZoneInfo: /usr/share/zoneinfo
# network interfaces
net:
port: 27999
bindIp: 0.0.0.0 # Enter 0.0.0.0,:: to bind to all IPv4 and IPv6 addresses or, alternatively, use the net.bindIpAll setting.
ssl:
mode: preferSSL
PEMKeyFile: /opt/mongodb/x.509/hc4Jammy.yushei.net.pem
CAFile: /opt/mongodb/x.509/mongoCA.crt
allowInvalidCertificates: false
allowInvalidHostnames: false
security:
authorization: enabled
clusterAuthMode: x509
#operationProfiling:
replication:
replSetName: "MuneTakaHome"
#sharding:
## Enterprise-Only Options
#auditLog:
#snmp:
¶Step 2: /etc/systemd/system/Mongodb-27999.service
[Unit]
Description=MongoDB Database Server, port 27999, MuneTakaHome
Documentation=https://docs.mongodb.org/manual
After=network-online.target
Wants=network-online.target
[Service]
TimeoutStartSec=infinity
User=mongodb
Group=mongodb
Environment="OPTIONS=-f /etc/mongodb-27999.conf"
Environment="MONGODB_CONFIG_OVERRIDE_NOFORK=1"
ExecStart=/usr/local/bin/mongod $OPTIONS
RuntimeDirectory=mongodb
# file size
LimitFSIZE=infinity
# cpu time
LimitCPU=infinity
# virtual memory size
LimitAS=infinity
# open files
LimitNOFILE=64000
# processes/threads
LimitNPROC=64000
# locked memory
LimitMEMLOCK=infinity
# total threads (user+kernel)
TasksMax=infinity
TasksAccounting=false
# Recommended limits for mongod as specified in
# https://docs.mongodb.com/manual/reference/ulimit/#recommended-ulimit-settings
[Install]
WantedBy=multi-user.target
¶Step3, start and check
Please
sudo mkdir /opt/mongodb/data/data02799&&sudo chown -R mongodb:mongodb /opt/mongodb/data/
$ sudo systemctl daemon-reload
$ sudo systemctl start Mongodb-27999.service
$ sudo systemctl status Mongodb-27999.service
$ ls /opt/mongodb/data/data-27999/
collection-0-219633754530593306.wt collection-4-219633754530593306.wt diagnostic.data index-3-3056977314457892047.wt index-7-219633754530593306.wt mongod.lock WiredTigerHS.wt
collection-0-3056977314457892047.wt collection-4-3056977314457892047.wt index-1-219633754530593306.wt index-5-219633754530593306.wt index-9-219633754530593306.wt sizeStorer.wt WiredTiger.lock
collection-2-219633754530593306.wt collection-6-219633754530593306.wt index-1-3056977314457892047.wt index-5-3056977314457892047.wt journal storage.bson WiredTiger.turtle
collection-2-3056977314457892047.wt collection-8-219633754530593306.wt index-3-219633754530593306.wt index-6-3056977314457892047.wt _mdb_catalog.wt WiredTiger WiredTiger.wt
$ sudo tail -f /opt/mongodb/log/mongod-27999.log
{"t":{"$date":"2023-07-29T18:26:25.003+08:00"},"s":"W", "c":"QUERY", "id":23799,
"ctx":"ftdc","msg":"Aggregate command executor error","attr":{"error":{"code":26,"codeName":"NamespaceNotFound","errmsg":"Unable to retrieve storageStats in $collStats stage :: caused by :: Collection [local.oplog.rs] not found."},"stats":{},
"cmd":{"aggregate":"oplog.rs","cursor":{},"pipeline":[{"$collStats":{"storageStats":{"waitForLock":false,"numericOnly":true}}}],"$db":"local"}}}
{"t":{"$date":"2023-07-29T18:26:26.003+08:00"},"s":"W", "c":"QUERY", "id":23799,
"ctx":"ftdc","msg":"Aggregate command executor error","attr":{"error":{"code":26,"codeName":"NamespaceNotFound","errmsg":"Unable to retrieve storageStats in $collStats stage :: caused by :: Collection [local.oplog.rs] not found."},"stats":{},tats in $collStats stage :: caus
¶s;Step 4, check with mongosh
If ~/.mongoshrc.js
// .mongoshrc
// Configuration for connecting to the MongoDB instance
// running on port 27999 locally.
db = connect("mongodb://localhost:27999/admin");
// db.auth();
console.log("Hi! from hc4Jammy.yushei.net:27999");
alexlai@orgpiJammy:~/x.509$ mongosh
Current Mongosh Log ID: 64c4c18210f855dc9bc8c149
Connecting to: mongodb://127.0.0.1:27017/?directConnection=true&serverSelectionTimeoutMS=2000&appName=mongosh+1.10.1
MongoNetworkError: connect ECONNREFUSED 127.0.0.1:27017
alexlai@orgpiJammy:~/x.509$ mongosh mongodb://localhost:27999
Current Mongosh Log ID: 64c4c1a6bbabb8974aa123b5
Connecting to: mongodb://localhost:27999/?directConnection=true&serverSelectionTimeoutMS=2000&appName=mongosh+1.10.1
Using MongoDB: 7.0.0-rc8
Using Mongosh: 1.10.1
For mongosh info see: https://docs.mongodb.com/mongodb-shell/
To help improve our products, anonymous usage data is collected and sent to MongoDB periodically (https://www.mongodb.com/legal/privacy-policy).
You can opt-out by running the disableTelemetry() command.
Hi! from orgpi5Jammy.yushei.net:27999
admin>