========================================================
Create Mongo 3 replicaset with security in a Single Box
=========================================================
stopmongo if any running
-------------------------
service mongod stop
killall -w mongo
Create directories
-------------------
cd /apps/data
rm -rdf c1 c2 c3 b1 b2 b3 a1 a2 a3 ar1
rm -f *.log
mkdir c1 c2 c3 b1 b2 b3 a1 a2 a3 ar1
Start Mongo 3 Processes
---------------------------------
mongod --logpath /apps/data/a1_mongod.log --logappend --fork --port 27017 --dbpath /apps/data/a1 --rest --replSet rs_a --oplogSize 64
mongod --logpath /apps/data/a2_mongod.log --logappend --fork --port 27018 --dbpath /apps/data/a2 --rest --replSet rs_a --oplogSize 64
mongod --logpath /apps/data/a3_mongod.log --logappend --fork --port 27019 --dbpath /apps/data/a3 --rest --replSet rs_a --oplogSize 64
Login to primary and Add others in config make a replica set
------------------------------------------------------------
mongo --port 27017
rs_a:PRIMARY> rs.initiate()
rs_a:PRIMARY> rs.add('node2:27018')
rs_a:PRIMARY> rs.add('node2:27019')
Create database & Add Data
--------------------------
> use mydb
switched to db mydb
rs_a:primary> for( var i=1; i <= 5001 ; i++) {db.myinfo.insert({x:i,y:"hello how are you today "})}
rs_a:PRIMARY> db.myinfo.stats()
{
"ns" : "mydb.myinfo",
"count" : 5001,
"size" : 360088,
"avgObjSize" : 72.00319936012798,
"storageSize" : 1396736,
"numExtents" : 5,
"nindexes" : 1,
"lastExtentSize" : 1048576,
"paddingFactor" : 1,
"systemFlags" : 1,
"userFlags" : 0,
"totalIndexSize" : 171696,
"indexSizes" : {
"_id_" : 171696
},
"ok" : 1
}
Create Users
------------
primary> db
> use admin
db.addUser( { user: "admin",pwd: "admin",roles:[ "userAdminAnyDatabase","clusterAdmin","dbAdminAnyDatabase","readWriteAnyDatabase"] } )
db.system.users.find()
db.system.users.remove({"user" : "admin"});
-- Craete User in the Local database
> use mydb
db.addUser( { user: "dba",pwd: "dba",roles:[ "dbAdmin"] } )
db.addUser( { user: "user1",pwd: "user1",roles:[ "readWrite"] } )
db.addUser( { user: "user2",pwd: "user2",roles:[ "read"] } )
-- Cleanup code if you need to remove
db.system.users.find()
db.system.users.remove({"user" : "dba"});
db.system.users.remove({"user" : "user1"});
db.system.users.remove({"user" : "user2"});
======================================================
-- stop
service mongod stop
killall -w mongo
show
mongod --logpath /apps/data/a1_mongod.log --logappend --fork --port 27017 --dbpath /apps/data/a1 --rest --replSet rs_a --oplogSize 64
mongod --logpath /apps/data/a2_mongod.log --logappend --fork --port 27018 --dbpath /apps/data/a2 --rest --replSet rs_a --oplogSize 64
mongod --logpath /apps/data/a3_mongod.log --logappend --fork --port 27019 --dbpath /apps/data/a3 --rest --replSet rs_a --oplogSize 64
---------------------
-- Add security Key
---------------------
mkdir /data/mongokey/
change user and permissions
mkdir /data/mongokey/
chmod -R 700 /data/mongokey/
chown -R mongod:mongod /data/mongokey/
Generate key
------------
login to one node
root> openssl rand -base64 753 > /data/mongokey/authkey
chown -R mongod:mongod /data/mongokey/
show
Stop all and Restart with security Credentials
-------------------------------------------------
service mongod stop
killall -w mongo
show
mongod --auth --keyFile /apps/data/mongokey --logpath /apps/data/a1_mongod.log --logappend --fork --port 27017 --dbpath /apps/data/a1 --rest --replSet rs_a --oplogSize 64
mongod --auth --keyFile /apps/data/mongokey --logpath /apps/data/a2_mongod.log --logappend --fork --port 27018 --dbpath /apps/data/a2 --rest --replSet rs_a --oplogSize 64
mongod --auth --keyFile /apps/data/mongokey --logpath /apps/data/a3_mongod.log --logappend --fork --port 27019 --dbpath /apps/data/a3 --rest --replSet rs_a --oplogSize 64
show
Test user login now
-------------------
mongo -u admin -p admin localhost/admin
mongo -u user1 -p user1 localhost/mydb
--- Port adding does not work
mongo localhost/admin:27017 -u admin -p admin
mongo localhost:27017/admin -u admin -p 'admin'
db.auth({"admin":"admin"})
