Provisioning MongoDB replicaset using Virtual Machine

카카오클라우드 VM서비스에서 MongoDB Replicaset을 구성하는 방법을 소개합니다.

Basic Information

Estimated time required: 60 minutes
User environment
- Recommended operating systems: MacOS, Ubuntu
- Region: kr-central-1, kr-central-2
Prerequisites
- Generate access key

About this scenario

MongoDB Replicaset provides high availability by replicating the same data set and ensuring service continuity. This scenario demonstrates how to build a Replicaset environment using KakaoCloud's VM service and volumes.

Key topics include:

Creating a Bastion host and accessing MongoDB instances by forwarding SSH requests using NGINX Proxy Manager
Creating three MongoDB instances, each with a 500GB volume for data storage
Configuring SSH port forwarding from the Bastion host to MongoDB instances

Before you start

Set up the network environment, including VPC, subnets, and security groups, and create the required instances as prework.

1. Create VPC and subnet

Before creating instances, set up the VPC and subnet where the instances will be deployed.
If no VPC or subnet exists, refer to the VPC Creation and Subnet Creation documents.

2. Configure security group

Go to KakaoCloud Console > VPC > Security Groups and configure security groups and inbound policies based on the following details:

Security Group: sg-bastion

Enter the security group name and description as follows:

Name Description
sg-bastion For Bastion host

Name	Description
sg-bastion	For Bastion host

Click the [+ Add] button, configure the inbound rules as follows, and click [Apply]:

How to check your public IP

Click the button below to find your current public IP address.

Inbound Rule to Add	Field	Value
bastion inbound policy 1	Protocol	ICMP
	Source	`{Your Public IP}/32`
	Port Number	`ALL`
	Policy Description (Optional)	ping-bastion
bastion inbound policy 2	Protocol	TCP
	Source	`{Your Public IP}/32`
	Port Number	`22`
	Policy Description (Optional)	ssh-bastion
bastion inbound policy 3	Protocol	TCP
	Source	`{Your Public IP}/32`
	Port Number	`81`
	Policy Description (Optional)	manage-bastion
bastion inbound policy 4	Protocol	TCP
	Source	`{Your Public IP}/32`
	Port Number	`10000-10010`
	Policy Description (Optional)	fowd-bastion

Security Group: sg-mongodb

Enter the security group name and description as follows:

Name Description
sg-mongodb For MongoDB nodes

Name	Description
sg-mongodb	For MongoDB nodes

Click the [+ Add] button, configure the inbound rules as follows, and click [Apply]:

How to check your public IP

Click the button below to find your current public IP address.

Inbound Rule to Add	Field	Value
mongodb inbound policy 1	Protocol	ICMP
	Source	`SUBNET_CIDR`
	Port Number	`ALL`
	Policy Description (Optional)	ping-mongo
mongodb inbound policy 2	Protocol	TCP
	Source	`BASTION_PRIVATE_IP/32`
	Port Number	`22`
	Policy Description (Optional)	ssh-mongo
mongodb inbound policy 3	Protocol	TCP
	Source	`SUBNET_CIDR`
	Port Number	`27017`
	Policy Description (Optional)	conn-mongo

3. Create VM instance and add volume

Create VM instance

The VM instances created in this step serve as the infrastructure for building the MongoDB Replicaset. The Bastion host facilitates port forwarding, network, and security group settings, preparing the environment for MongoDB node deployment and configuration in later steps.

Instance Name	Instance Type	Root Volume (GB)	Public IP	Image	Security Group
handson-bastion	m2a.large	30	Yes	Ubuntu 20.04	sg-bastion
handson-node-1	m2a.large	30	No	Ubuntu 20.04	sg-mongodb
handson-node-2	m2a.large	30	No	Ubuntu 20.04	sg-mongodb
handson-node-3	m2a.large	30	No	Ubuntu 20.04	sg-mongodb

Add volume

Adding volumes ensures sufficient storage capacity for the MongoDB database. Attach separate volumes to MongoDB instances to secure reliable and persistent storage for database data.

Volume Name	Attached Instance	Size (GB)
mongo-data-volume-1	handson-node-1	`500`
mongo-data-volume-2	handson-node-2	`500`
mongo-data-volume-3	handson-node-3	`500`

Getting started

Step 1. Create Bastion host

This document demonstrates how to implement a Bastion host by forwarding SSH requests to the configured host using NGINX PROXY MANAGER. Follow these steps to create the Bastion host:

In the KakaoCloud Console, navigate to Virtual Machine and create a virtual machine to serve as the Bastion host.

Category	Item	Configuration/Input Value	Notes
Basic Info	Name	handson-bastion
	Count	1
Image		Ubuntu 20.04
Instance Type		m2a.large
Volume	Root Volume	30GB
Key Pair		`{USER_KEYPAIR}`	⚠️ Ensure the key pair is stored securely upon creation. Lost keys cannot be recovered and must be reissued.
Network	VPC	tutorial
	Subnet	main (10.0.0.0/20)
	Security Group	sg-bastion, sg-mongodb

Open a terminal and execute the following commands to access the Bastion host via SSH.
```
ssh -i ${KEYPAIR_NAME}.pem ubuntu@${BASTION_PUBLIC_IP}
```

Run the following commands in the terminal to install Docker and Docker Compose, and start NGINX PROXY MANAGER.

curl -o install-bastion.sh https://raw.githubusercontent.com/kakaoenterprise/kc-handson-config/bastion-host/install-bastion.sh
bash install-bastion.sh

Access the NGINX PROXY MANAGER management page by entering http://${BASTION_HOST_PUBLIC_IP}:81 in a browser. Use the following default credentials to log in:

Field Value
Email address admin@example.com
Password changeme

Field	Value
Email address	admin@example.com
Password	changeme

Step 2. Create MongoDB instance

In the KakaoCloud Console, navigate to Virtual Machine to create virtual machines for MongoDB instances.

Category	Item	Configuration/Input Value	Notes
Basic Info	Name	handson-node
	Count	3
Image		Ubuntu 20.04
Instance Type		m2a.large
Volume	Root Volume	30GB
Key Pair		`{USER_KEYPAIR}`	⚠️ Ensure the key pair is stored securely upon creation. Lost keys cannot be recovered and must be reissued.
Network	VPC	tutorial
	Subnet	main (10.0.0.0/20)
	Security Group	sg-mongodb

Step 3. Create volumes for MongoDB data storage

It is recommended to use separate volumes for storing MongoDB data. Follow these steps to create volumes for MongoDB:

In the KakaoCloud Console > Virtual Machine, create volumes.

MongoDB Host Information

Volume Name Volume Type Volume Size
mongodb-data-volume-1 SSD 500
mongodb-data-volume-2 SSD 500
mongodb-data-volume-3 SSD 500
Refer to the Volumes tab in the instance details page to attach the volumes to the MongoDB instances.

Instance Volume Connection Info
handson-node-1 mongodb-data-volume-1
handson-node-2 mongodb-data-volume-2
handson-node-3 mongodb-data-volume-3

Volume Name	Volume Type	Volume Size
mongodb-data-volume-1	SSD	`500`
mongodb-data-volume-2	SSD	`500`
mongodb-data-volume-3	SSD	`500`

Instance	Volume Connection Info
handson-node-1	mongodb-data-volume-1
handson-node-2	mongodb-data-volume-2
handson-node-3	mongodb-data-volume-3

Step 4. Update forwarding information

Access MongoDB instances via specific ports on the Bastion host by setting up port forwarding. When SSH requests are made to specific ports on the Bastion host, they are forwarded to the respective internal MongoDB hosts.

Access the NGINX PROXY MANAGER management page by entering http://${BASTION_HOST_PUBLIC_IP}:81 in a browser.
In the NGINX PROXY MANAGER > Streams tab, click the [Add Stream] button to add streams.
- Adding internal hosts allows access to them via the Bastion host.
Incoming Port Forward Host Forward Port Protocol
10000 handson-node-1_PRIVATE_IP 22 TCP
10001 handson-node-2_PRIVATE_IP 22 TCP
10002 handson-node-3_PRIVATE_IP 22 TCP
Verify that the MongoDB instances can be accessed via the Bastion host's ports.
```
ssh -i ${KEY_FILE} ubuntu@${BASTION_PUBLIC_IP} -p ${PORT}
```
Example: When attempting to SSH to port 10000 on the Bastion host, you are connected to the mongodb-node-1 instance via SSH.
```
ssh -i ~/hands-on.pem ubuntu@aaa.bbb.ccc.ddd -p 10000
```

Incoming Port	Forward Host	Forward Port	Protocol
10000	handson-node-1_PRIVATE_IP	22	TCP
10001	handson-node-2_PRIVATE_IP	22	TCP
10002	handson-node-3_PRIVATE_IP	22	TCP

Step 5. Set up MongoDB environment

Install MongoDB and configure the environment. Access the MongoDB instances via SSH as created in the previous steps.

Configure DNS

Define domain names to use DNS hostnames instead of IP addresses for managing the Replicaset. Modify the /etc/hosts file to create custom domain names.

cat << EOF | sudo tee -a /etc/hosts

${HANDSON-NODE-1_PRIVATE_IP} node1.rs.in
${HANDSON-NODE-2_PRIVATE_IP} node2.rs.in
${HANDSON-NODE-3_PRIVATE_IP} node3.rs.in
EOF

Run the ping command to verify that the defined domain names resolve to the correct hosts.

ping node2.rs.in
# PING node2.rs.in (172.16.0.221) 56(84) bytes of data.
# 64 bytes from node2.rs.in (172.16.0.221): icmp_seq=1 ttl=64 time=2.18 ms
# 64 bytes from node2.rs.in (172.16.0.221): icmp_seq=2 ttl=64 time=0.752 ms
# ...

Mount volume

Mount the created volume to the data directory for storing data and logs.

Mount the /dev/vdb volume to the /data directory using the xfs file system.

cat <<EOF | sudo fdisk /dev/vdb
n
p
1


w
EOF
sudo mkfs -t xfs /dev/vdb1
sudo mkdir -p /data
sudo mount /dev/vdb1 /data

Verify that the volume is mounted to the directory for storing database data.

df -h
# Filesystem      Size  Used Avail Use% Mounted on
# ...
# /dev/vdb1       500G  3.6G  497G   1% /data
# ...

Install MongoDB

Install MongoDB on the instance.

sudo apt update
sudo apt install -y mongodb


```bash
sudo apt-get install gnupg
wget -qO - HTTPS://www.mongodb.org/static/pgp/server-6.0.asc | sudo apt-key add -

echo "deb [ arch=amd64,arm64 ] http://repo.mongodb.com/apt/ubuntu focal/mongodb-enterprise/6.0 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-enterprise.list

sudo apt-get update
sudo apt-get install -y mongodb-enterprise=6.0.3
sudo service mongod stop

Store MongoDB's data and logs on the separately created volume. Create directories for storing data and logs.
```
sudo mkdir -p /data/mongodb
sudo mkdir -p /data/log/mongodb
```
Set permissions to enable MongoDB to work with the created directories.
```
sudo chown -R mongodb:mongodb /data/*
```

Modify the configuration to store data in /data/mongodb and logs in /data/log/mongodb/mongod.log.

cat <<EOF | sudo tee /etc/mongod.conf
storage:
    dbPath: /data/mongodb

systemLog:
    destination: file
    logAppend: true
    path: /data/log/mongodb/mongod.log

net:
    port: 27017
    bindIp: 0.0.0.0

processManagement:
    timeZoneInfo: /usr/share/zoneinfo

replication:
    oplogSizeMB: 2000
    replSetName: "handson-replicaset"
EOF

Start the MongoDB process.
```
sudo service mongod start
```

Step 6. Deploy MongoDB replicaset

After completing MongoDB provisioning on handson-node-1, handson-node-2, and handson-node-3 instances, connect to one node to configure the replicaset.

Connect to the handson-node-1 instance and set up the replicaset.

Create Replicaset(Remote - handson-node-1)
mongosh --eval \
'rs.initiate( {
  _id : "handson-replicaset",
  members: [
    { _id: 0, host: "node1.rs.in:27017" },
    { _id: 1, host: "node2.rs.in:27017" },
    { _id: 2, host: "node3.rs.in:27017" }
  ]
})'

Verify the configuration of the replicaset created on the handson-node-1 instance.
Check replicaset configuration
```
mongosh --eval \
'rs.config()'
```

About this scenario​

Before you start​

1. Create VPC and subnet​

2. Configure security group​

3. Create VM instance and add volume​

Create VM instance​

Add volume​

Getting started​

Step 1. Create Bastion host​

Step 2. Create MongoDB instance​

Step 3. Create volumes for MongoDB data storage​

MongoDB Host Information​

Step 4. Update forwarding information​

Step 5. Set up MongoDB environment​

Configure DNS​

Mount volume​

Install MongoDB​

Step 6. Deploy MongoDB replicaset​