Provisioning MongoDB replicaset using Virtual Machine

This document provides instructions for provisioning a MongoDB replicaset using KakaoCloud VM. A MongoDB replicaset maintains the same data set across MongoDB processes within the same replicaset group, offering redundancy and high availability to ensure stable and continuous

Basic information

Estimated time: 60 minutes
Recommended OS: MacOS, Ubuntu
Region: kr-central-1, kr-central-2

Resource planning

Please refer to the list of various resources to be used in the scenario.

Virtual Machines

Instance Name	Instance type	Volume Size(GB)	Public IP	Image
handson-bastion	m2a.large	30	Y	Ubuntu 20.04
handson-node-1	m2a.large	30	N	Ubuntu 20.04
handson-node-2	m2a.large	30	N	Ubuntu 20.04
handson-node-3	m2a.large	30	N	Ubuntu 20.04

Volumes

Volume Name	Instance to attach	Size(GB)
mongo-data-volume-1	handson-node-1	`500`
mongo-data-volume-2	handson-node-2	`500`
mongo-data-volume-3	handson-node-3	`500`

Security Groups

Security group name	Instance to attach	Description
sg-mongodb	handson-node-1 handson-node-2 handson-node-3	Security group to be applied to MongoDB instances
sg-bastion	handson-bastion	Security group to be applied to Bastion host

Inbound rules per security group

Check my public IP

Click the button below to check your current public IP.

Security group name	CIDR	Protocol	Port	Role
sg-mongodb	SUBNET_CIDR	ICMP	ALL	ping-mongo
sg-mongodb	BASTION_PRIVATE_IP/32	TCP	22	ssh-mongo
sg-mongodb	SUBNET_CIDR	TCP	27017	conn-mongo
sg-bastion	`{User's Public IP}/32`	ICMP	ALL	ping-bastion
sg-bastion	`{User's Public IP}/32`	TCP	22	ssh-bastion
sg-bastion	`{User's Public IP}/32`	TCP	81	manage-bastion
sg-bastion	`{User's Public IP}/32`	TCP	10000-10010	fowd-bastion

Step 1. Create Bastion host

In this document, we will implement the Bastion host using NGINX PROXY MANAGER to forward SSH requests to the designated host. Follow the steps below to create a Bastion host.

Go to KakaoCloud Console > Virtual Machine and create a virtual machine to be used as a Bastion host.

Bastion host information

Type	Value
Name	handson-bastion
Flavor	m2a.large
Image	Ubuntu 20.04
Volume	30GB
Security Group	sg-bastion
Floating IP	Yes

Inbound rules for sg-bastion

Set the inbound rules for the security group of sg-bastion for the Bastion host.

Security group name	CIDR	Protocol	Port	Role
sg-bastion	`{User's Public IP}/32`	Icmp	All	ping
sg-bastion	`{User's Public IP}/32`	TCP	22	ssh
sg-bastion	`{User's Public IP}/32`	TCP	81	manage
sg-bastion	`{User's Public IP}/32`	TCP	10000-10010	bastion

Open the terminal and execute the following command to access the Bastion host via SSH.
```
ssh -i ${KEYPAIR_NAME}.pem ubuntu@${BASTION_PUBLIC_IP}
```

Run the following commands in the terminal to install Docker and Docker Compose, and to start NGINX Proxy Manager.

curl -o install-bastion.sh https://raw.githubusercontent.com/kakaoenterprise/kc-handson-config/bastion-host/install-bastion.sh
bash install-bastion.sh

Open your browser and navigate to http://${BASTION_HOST_PUBLIC_IP}:81 to access the NGINX Proxy Manager management page. The initial login credentials are as follows:

Field Value
Email address admin@example.com
Password changeme

Field	Value
Email address	admin@example.com
Password	changeme

Step 2. Create MongoDB instances

Go to KakaoCloud Console > Virtual Machine and create virtual machines to be used as MongoDB instances.

MongoDB host information

Type	Value
Name	handson-node
Count	3
Flavor	m2a.large
Image	Ubuntu 20.04
Volume	30GB
Security Group	sg-mongodb
Floating IP	No

Inbound rules for security group of sg-mongodb

Set the inbound rules for the MongoDB instances.

Security Group	CIDR	Protocol	Port
sg-mongodb	SUBNET_CIDR	ICMP	ALL
sg-mongodb	BASTION_PRIVATE_IP/32	TCP	22
sg-mongodb	SUBNET_CIDR	TCP	27017

Step 3. Create volumes for MongoDB data storage

It is recommended to use separate volumes for storing MongoDB data. Follow these steps to create volumes for MongoDB data.

Go to KakaoCloud Console > Virtual Machine and create the volumes.

MongoDB volume information

Volume Name Volume Type Volume Size
mongodb-data-volume-1 SSD 500
mongodb-data-volume-2 SSD 500
mongodb-data-volume-3 SSD 500
Refer to the following to select the volume to attach to the MongoDB instance from the Volume tab on the instance details page. (Add the volume created for the MongoDB instance.)

Instance Volume Attachment Details
handson-node-1 mongodb-data-volume-1
handson-node-2 mongodb-data-volume-2
handson-node-3 mongodb-data-volume-3

Volume Name	Volume Type	Volume Size
mongodb-data-volume-1	SSD	`500`
mongodb-data-volume-2	SSD	`500`
mongodb-data-volume-3	SSD	`500`

Instance	Volume Attachment Details
handson-node-1	mongodb-data-volume-1
handson-node-2	mongodb-data-volume-2
handson-node-3	mongodb-data-volume-3

Step 4. Update forwarding information

You can connect to the MongoDB instances via SSH by accessing a specific port on the Bastion host. Configure the Bastion host to forward SSH connections on a specific port to the corresponding internal MongoDB host. Follow these steps to update the forwarding information on the Bastion host.

Open your browser and navigate to http://${BASTION_HOST_PUBLIC_IP}:81 to access the NGINX Proxy Manager management page.
Go to NGINX Proxy Manager (Management Page) > Streams tab, and click the [Add Stream] button to add Streams.
- By adding internal hosts, you can access them through the Bastion host.
Incoming port Forward host Forward port Protocol
10000 handson-node-1_PRIVATE_IP 22 TCP
10001 handson-node-2_PRIVATE_IP 22 TCP
10002 handson-node-3_PRIVATE_IP 22 TCP
Verify that you can access the internal MongoDB instances through the configured ports on the Bastion host.
```
ssh -i ${KEY_FILE} ubuntu@${BASTION_PUBLIC_IP} -p ${PORT}
```
예시: Bastion 호스트의 10000번 포트로 ssh 접속 시도 시 mongodb-node-1 인스턴스에 ssh 접속합니다.
```
ssh -i ~/hands-on.pem ubuntu@aaa.bbb.ccc.ddd -p 10000
```

Incoming port	Forward host	Forward port	Protocol
10000	handson-node-1_PRIVATE_IP	22	TCP
10001	handson-node-2_PRIVATE_IP	22	TCP
10002	handson-node-3_PRIVATE_IP	22	TCP

Step 5. Set up the MongoDB environment

Install and set up MongoDB by connecting to the MongoDB instances created in the previous steps via SSH.

Configure DNS

Define domain names using DNS hostnames instead of IP addresses to manage the replicaset. Modify the /etc/hosts file to define the domain names.

cat << EOF | sudo tee -a /etc/hosts

${HANDSON-NODE-1_PRIVATE_IP} node1.rs.in
${HANDSON-NODE-2_PRIVATE_IP} node2.rs.in
${HANDSON-NODE-3_PRIVATE_IP} node3.rs.in
EOF

Run the ping command to verify that the defined domain names match the correct hosts.

ping node2.rs.in
# PING node2.rs.in (172.16.0.221) 56(84) bytes of data.
# 64 bytes from node2.rs.in (172.16.0.221): icmp_seq=1 ttl=64 time=2.18 ms
# 64 bytes from node2.rs.in (172.16.0.221): icmp_seq=2 ttl=64 time=0.752 ms
# ...

Mount the volume

Mount the volume created for storing data and logs to the data directory.

Mount the /dev/vdb volume to the /data directory using the XFS file system.

cat <<EOF | sudo fdisk /dev/vdb
n
p
1


w
EOF
sudo mkfs -t xfs /dev/vdb1
sudo mkdir -p /data
sudo mount /dev/vdb1 /data

Verify that the volume is mounted to the directory where the database data will be stored.

df -h
# Filesystem      Size  Used Avail Use% Mounted on
# ...
# /dev/vdb1       500G  3.6G  497G   1% /data
# ...

Install MongoDB

Install MongoDB on the instance.

sudo apt-get install gnupg
wget -qO - `HTTPS`://www.mongodb.org/static/pgp/server-6.0.asc | sudo apt-key add -

echo "deb [ arch=amd64,arm64 ] http://repo.mongodb.com/apt/ubuntu focal/mongodb-enterprise/6.0 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-enterprise.list

sudo apt-get update
sudo apt-get install -y mongodb-enterprise=6.0.3
sudo service mongod stop

Store MongoDB's data and logs on the separate volume created earlier. Create directories for data and log storage.
```
sudo mkdir -p /data/mongodb
sudo mkdir -p /data/log/mongodb
```
Set permissions to allow operations within the created directories.
```
sudo chown -R mongodb:mongodb /data/*
```

Modify the configuration to store data in /data/mongodb and logs in the /data/log/mongodb/mongod.log file.

cat <<EOF | sudo tee /etc/mongod.conf
storage:
    dbPath: /data/mongodb

systemLog:
    destination: file
    logAppend: true
    path: /data/log/mongodb/mongod.log

net:
    port: 27017
    bindIp: 0.0.0.0

processManagement:
    timeZoneInfo: /usr/share/zoneinfo

replication:
    oplogSizeMB: 2000
    replSetName: "handson-replicaset"
EOF

Start the MongoDB process.
```
sudo service mongod start
```

Step 6. Deploy MongoDB replicaset

Once MongoDB provisioning is complete on the handson-node-1, handson-node-2, and handson-node-3 instances, connect to one of the nodes to set up the replicaset.

Connect to the handson-node-1 instance and initiate the replicaset setup.

 Replicaset 생성 (Remote - handson-node-1)
mongosh --eval \
'rs.initiate( {
  _id : "handson-replicaset",
  members: [
    { _id: 0, host: "node1.rs.in:27017" },
    { _id: 1, host: "node2.rs.in:27017" },
    { _id: 2, host: "node3.rs.in:27017" }
  ]
})'

Verify the replicaset configuration created on the handson-node-1 instance.
Verify replicaset configuration
```
mongosh --eval \
'rs.config()'
```

Resource planning​

Virtual Machines​

Volumes​

Security Groups​

Inbound rules per security group​

Step 1. Create Bastion host​

Bastion host information​

Inbound rules for sg-bastion​

Step 2. Create MongoDB instances​

MongoDB host information​

Inbound rules for security group of sg-mongodb​

Step 3. Create volumes for MongoDB data storage​

MongoDB volume information​

Step 4. Update forwarding information​

Step 5. Set up the MongoDB environment​

Configure DNS​

Mount the volume​

Install MongoDB​

Step 6. Deploy MongoDB replicaset​