Configure 3 member replica set with RBAC

Share us

To Configure 3 member replica set, I have configured 3 virtual box for demonstration purpose. These are below steps to configure it.

Step 1.

Make directories for data, log, config file, keyfile  in each members of replica set. Data directory will store the actual data files, log directory will store the log info of the mongodb , config directory will be used for storing the config file and keyfile directory will be used for storing the generated key file. The extracted file will be something like monogdb-linux-x86_64-3.2.18

In my system directory structure is like this:

Directory_Structure

Step 2.

Install MongoDB in each members of replica set using tarball. I have used mongodb 3.2 version.  Once installed, extract the file in each member of the replica set. I have below 3 members of replica set:

119

132

197

Make sure each member of replica set ping to others members of replica set. Also check all network configuration and if any issues fix it before starting the configuration.

Step 3.

Create a config file mongo.conf using vim command and place below parameters in it.

dbpath = /home/suraj/Documents/monogdb/data

logpath = /home/suraj/Documents/monogdb/log/mongodb.log

logappend = true

fork = true

replSet = test_repl

auth = false

keyFile = /home/suraj/Documents/mongodb/keyfile/key_file1

Step 4. 

For keyFile parameter, we need to generate the key file and copy the key file to all others members of replica set. Also change file permissions to provide read permissions for the file owner only:

To generate the key file, issue below command

openssl rand -base64 756 > <path-to-keyfile>

In my case,<path-to-keyfile> is:  /home/suraj/Documents/mongodb/keyfile/key_file1

Change file permissions to provide read permissions for the file owner only:

chmod 400 <path-to-keyfile>

Step 5.

Repeat step 3 in other 2 members of replica set and also copy the keyfile to two other replica servers.

Step 6.

Currently I am in virtual-box 192.168.225.197. Started the mongod process by issuing below commands:

start_mongod

Once started successfully, we will be connected to test database. Do the above same process in 2 other members of replica set.

Step 7.

Now we will initiate the replica set and add the other members of the replica set.

initiate_add_replica_set

So, now our members of replica set has been added successfully. Using rs.status() command we can see the status of replica set members and it will display which are secondary and primary member of the replica set.

Step 8.

To enable role based access control, create an admin user and provide proper role to it with auth disabled.

Creation_Admin_User

 

Step 9.

Restart each member of replica set with auth enabled in the config file i.e. auth = true and then authenticate it while connecting to mongo.

Hope, it will help.  Please Share your inputs and feedback.

 

One Commentto Configure 3 member replica set with RBAC

  1. I just updated my site with a new list. I’ve also come to a new conclusion about

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.