According to Mongodb's website, "A replica set in MongoDB is a group of mongod processes that maintain the same data set. Replica sets provide redundancy and high availability, and are the basis for all production deployments." Meaning if you are using MongoDB as your data source and you are ready to deploy in production, you need a replica set for some system reliability.
It is advised that each member of your replica set have their own standalone servers.
For this tutorial, I will be setting up a replica set with an arbiter. For more on replication and replica set architecture, see Replica Set Architecture.
Create 3 ec2 instance, they can be of any OS, just make sure you can install Mongodb on each of them.
I will be using Red Hat Enterprise Linux 8 for the 3 instance.
For MongoDB installation guide, checkout MongoDB Installation
Make sure the 3 instance created are in the same security group and the inbound rule allows them to talk with each other on port 27017.
With keyfile authentication, each mongod instances in the replica set uses the contents of the keyfile as the shared password for authenticating other members in the deployment. Only mongod instances with the correct keyfile can join the replica set.
Run the following commands to generate a keyfile openssl rand -base64 756 > /opt/mongo/mongod-keyfile
chmod 400 /opt/mongo/mongod-keyfile
sudo chown mongodb:mongodb /opt/mongo/mongod-keyfile
The above commands will generate a keyfile for you located in /opt/mongo/mongod-keyfile. It will give read permissions to the owner and allow mongodb to be able to read it.
This means copying the keyfile generated to the other EC2-instances where your member replica-set members are located. You might have to run the second and third command above in the replica-set instances after copying them to enable read permission.
To transfer files from one EC2 instance to another, you can follow this tutorial, File Transfer between 2 EC2 Instance
STEP 3: Create and connect your replicaset members
Create the user admin: This admin user must have privileges to create other users, such as a user with the userAdminAnyDatabase role.
run db.createUser({user: “admin”, pwd: “admin”,
roles: [{role: “userAdminAnyDatabase”, db: “admin"}]})
mongo -u 'your-username' -p --authenticationDatabase admin
It will prompt for your password, enter correct one.
run db.createUser({user: “adminCluster”, pwd: “adminCluster”,
roles: [{role: “clusterAdmin”, db: “admin"}]})
mongo -u 'your-cluster-admin-username' -p --authenticationDatabase admin
When it prompts for password, enter your cluster admin password.rs.add( { host: "ipaddress/hostname-of-the-instance-you-want-to-add-as-member:27017" } )
rs.addArb(‘ipaddress/hostname-of-the-instance-you-want-to-make-as-arbiter:27017’)
Sidenotes: You can create additional db users for your clients(backend applications, etc) to connect to. To do that, authenticate as admin and create a db user with the appropriate role you want.
In adding a new member to the cluster, copy the keyfile you generated to the new member’s server. uncomment security in the /etc/mongod.conf file and add keyFile: 'file location' uncomment replication and add replSetName with the replica set’s name you want to add it to. save file and start mongod instance. Go to the primary of the replica set and add this new member to the replica set using rs.add( { host: "ipaddress/hostname-of-the-instance-you-want-to-add-as-member:27017" } )