I have a MongoDB replica set of 3 servers (1 primary, 1 secondary, 1 arbiter; this is the default replica set created by Google Cloud 1-click install). The 2 config files (mongod.conf) of primary server and secondary server have been changed with security.authorization: enabled
added.
Root user is added with the following MongoDB shell command:
use admin
db.createUser({user:"root",pwd:"root",roles:["root"]})
After restarting MongoDB services on the primary and secondary servers with "sudo service mongod restart", connection to the replica set turns unstable.
rs.status() sometimes give the result as
How to setup basic password authentication (not using keyfile) for MongoDB replica set the correct way?
MongoDB keyfile is used to authenticate the database from unauthenticated access. We need to create keyfile using the encryption method. In the above example, we have created keyfile using the OpenSSL command. Keyfile is very important and useful in MongoDB to authenticate the database from unauthorized access.
To connect to a replica set deployment, specify the hostname and port numbers of each instance, separated by commas, and the replica set name as the value of the replicaSet parameter in the connection string. In the following example, the hostnames are host1 , host2 , and host3 , and the port numbers are all 27017 .
What is the difference between replication and sharding? Replication: The primary server node copies data onto secondary server nodes. This can help increase data availability and act as a backup, in case if the primary server fails. Sharding: Handles horizontal scaling across servers using a shard key.
I finally found the answer. MongoDB replica set needs both user account and keyfile. Keyfile seems for authentication between servers in the replica set, not for logging in.
Create mongodb key file on linux, copy to all db servers with mode 600
intact:
cd
openssl rand -base64 741 > mongodb.key
chmod 600 mongodb.key
mongod.conf file:
replication:
replSetName: rs0
security:
authorization: enabled
keyFile: /home/USERNAME/mongodb.key
Admin user:
(just like in question content)
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With