Configuring DC/OS access for Percona-Server-MongoDB

COMMUNITY

How to use Percona-Server-MongoDB with DC/OS

Prerequisites

Steps

  1. Generate and save 4 x random passwords for the system-level MongoDB users (backup, userAdmin, clusterAdmin and clusterMonitor), using the openssl tool:

    $ openssl rand -base64 8
    sLWGYC0yAIU=
    $ openssl rand -base64 8
    7Spl1m2bgo0=
    $ openssl rand -base64 8
    DH1UXPVrKyA=
    $ openssl rand -base64 8
    rtJx/fcJSIk=
    
  2. Generate and save a 1023-length key for MongoDB using the openssl tool:

    $ openssl rand -base64 756
    
  3. Install and configure percona-server-mongodb from the DC/OS web interface by adding the 4 x generated passwords and key to the required fields of the Mongodb Credentials section of the service config.

  4. The service will now deploy with a default configuration. You can monitor its deployment via the Services tab of the DC/OS web interface.

  5. Gather the dns names of the member nodes.

    $ dcos percona-server-mongodb endpoints mongo-port
        {
          "address": [
            "10.0.3.53:27017",
            "10.0.3.159:27017",
            "10.0.1.211:27017"
          ],
          "dns": [
            "mongo-rs-0-mongod.percona-server-mongodb.autoip.dcos.thisdcos.directory:27017",
            "mongo-rs-1-mongod.percona-server-mongodb.autoip.dcos.thisdcos.directory:27017",
            "mongo-rs-2-mongod.percona-server-mongodb.autoip.dcos.thisdcos.directory:27017"
          ]
        }
    
  6. Connect to MongoDB and add a non-admin user using the mongo shell tool and the userAdmin user (replace username/password for your situation).

    $ mongo mongodb://useradmin:useradminpassword@mongo-rs-0-mongod.percona-server-mongodb.autoip.dcos.thisdcos.directory,mongo-rs-1-mongod.percona-server-mongodb.autoip.dcos.thisdcos.directory,mongo-rs-2-mongod.percona-server-mongodb.autoip.dcos.thisdcos.directory:27017/admin?replicaSet=rs
    > use admin;
    > db.createUser({
          user: "myApp",
          pwd: "myAppPasswd123456",
          roles: [
              { db: "myApp", role: "readWrite" }
          ]
      });
    > quit()
    

    You can also add a MongoDB user using the DC/OS CLI and a .json file describing the MongoDB user:

    $ cat <<EOF >myApp.json
    {
       "user": "myApp",
       "pwd": "myAppPasswd123456",
       "roles": [
           { "db": "myApp", "role": "readWrite" }
       ]
    }
    EOF
    $ dcos percona-server-mongodb user add admin myApp.json
    
  7. Reconnect using your new application-level user myApp.

    $ mongo mongodb://myApp:myAppPasswd123456@mongo-rs-0-mongod.percona-server-mongodb.autoip.dcos.thisdcos.directory,mongo-rs-1-mongod.percona-server-mongodb.autoip.dcos.thisdcos.directory,mongo-rs-2-mongod.percona-server-mongodb.autoip.dcos.thisdcos.directory:27017/admin?replicaSet=rs
    
  8. Change to MongoDB database myApp and write a document to the collection test.

    > use myApp;
    > db.test.insert({ message: "This is a test!" });
    WriteResult({ "nInserted" : 1 })
    >
    
  9. Read all documents from collection test.

    > db.test.find()
    { "_id" : ObjectId("5ab8fa034af828c184b57616"), "message" : "this is a test!" }
    
  10. Get the number of documents for collection test.

    > db.test.count()
    1
    
  11. Drop/delete the collection test.

    NOTE: Drops/deletes cannot be undone. Always back up important data before dropping it.

    > db.test.drop()
    true
    

See Also