Print runtime mongo configuration via mongo cli - mongodb

Was looking at this: How to check the current configuration of MongoDB
Tried it below:
use admin
switched to db admin
db.runCommand( { getCmdLineOpts: 1 } )
{ "argv" : [ "mongod" ], "parsed" : { }, "ok" : 1 }
My /etc/mongod.conf file:
user#mongo:/# cat /etc/mongod.conf
net:
bindIp: 127.0.0.1
port: 27017
Something I'm missing?

It is very likely that your mongod process is not running with the configuration file /etc/mongod.conf specified. If you are, you should be seeing the configuration file in the output of getCmdLineOpts(). For example:
{
"argv" : [
"/usr/bin/mongod",
"--config",
"/etc/mongod.conf"
],
"parsed" : {
"config" : "/etc/mongod.conf"
}
}
For more information see getCmdLineOpts command

Related

mongodb replica set error "...replSetHeartbeat requires authentication..." after running rs.initiate()

I have 2 virtual machines with mongodb running on both. I have created a user and roles and added data for testing. Everything works until I try to set up a Replica set. When I run rs.initiate() I get the "...replSetHeartbeat requires authentication... " error seen below. I can connect to the "hulk" server from "hawkeye" manually by passing --host "nodeserver-hulk:27017. Any Ideas?
system
Ubuntu Server 18.04.4 LTS
Mongod v.4.2.3
rs.initiate command
rs.initiate(
{
_id: "r1",
version: 1,
members: [
{ _id: 0, host : "nodeserver-hulk:27017"},
{ _id: 1, host : "nodeserver-hawkeye:27017"}
]
}
)
rs.initiate error
{
"ok" : 0,
"errmsg" : "replSetInitiate quorum check failed because not all proposed set members responded affirmatively: nodeserver-hawkeye:27017 failed with command replSetHeartbeat requires authentication",
"code" : 74,
"codeName" : "NodeNotFound"
}
mongod.conf file(same for both servers)
# mongod.conf
# for documentation of all options, see:
# http://docs.mongodb.org/manual/reference/configuration-options/
# Where and how to store data.
storage:
dbPath: /mnt/mongo/data
journal:
enabled: true
# engine:
# mmapv1:
# wiredTiger:
# where to write logging data.
systemLog:
destination: file
logAppend: true
path: /var/log/mongodb/mongod.log
# network interfaces
net:
port: 27017
bindIp: 0.0.0.0
# how the process runs
processManagement:
timeZoneInfo: /usr/share/zoneinfo
#security:
security:
authorization: 'enabled'
#operationProfiling:
#replication:
replication:
replSetName: 'r1'
#sharding:
## Enterprise-Only Options:
#auditLog:
#snmp:
show users command
> show users
{
"_id" : "admin.james",
"userId" : UUID("3ed97f2e-de49-4b98-84c8-566b34805863"),
"user" : "james",
"db" : "admin",
"roles" : [
{
"role" : "userAdminAnyDatabase",
"db" : "admin"
},
{
"role" : "dbOwner",
"db" : "admin"
},
{
"role" : "clusterAdmin",
"db" : "admin"
},
{
"role" : "readWriteAnyDatabase",
"db" : "admin"
}
],
"mechanisms" : [
"SCRAM-SHA-1",
"SCRAM-SHA-256"
]
}
You need to add a keyFile in your security config so that each node can authenticate against the others.
https://docs.mongodb.com/manual/tutorial/enforce-keyfile-access-control-in-existing-replica-set/
security:
keyFile: <path-to-keyfile>

MongoDB authentication restriction for database

I have a database called flowers in which I have the collection named flower. When I first created it in MongoDB, I had no authentication set to it (I would just connect to it using the default port:27017 and localhost).
Then I wanted to restrict the access to this database, in order to be accessed only with a set of username & password. First, I created an admin in the admin database:
> use admin
switched to db admin
> db.createUser(
... {
... user: "myUserAdmin",
... pwd: "abc123",
... roles: [ { role: "userAdminAnyDatabase", db: "admin" } ]
... }
... )
Successfully added user: {
"user" : "myUserAdmin",
"roles" : [
{
"role" : "userAdminAnyDatabase",
"db" : "admin"
}
]
}
> show users
{
"_id" : "admin.myUserAdmin",
"user" : "myUserAdmin",
"db" : "admin",
"roles" : [
{
"role" : "userAdminAnyDatabase",
"db" : "admin"
}
],
"mechanisms" : [
"SCRAM-SHA-1",
"SCRAM-SHA-256"
]
}
Then I exited mongo, I restarted the service. Then I created a user for my database:
> use flowers
switched to db flowers
> db.createUser(
... {
... user: "adminfl",
... pwd: "flower1",
... roles: [ "dbOwner", "readWrite"]
... }
... )
Successfully added user: { "user" : "adminfl", "roles" : [ "dbOwner", "readWrite" ] }
After this I exited mongo once again, restarted the service.... from Compass I tried to connect to database flowers using the username and password and specify the authentication database: flowers. Everything went well to this point.
My problem is: when I connect to mongo using the authentication I can see all the databases, and when I connect without authentication, I have the same result.
How can I make my database flowers visible only when I connect with a username & password?
Update: This is my mongod.cfg:
# mongod.conf
# for documentation of all options, see:
# http://docs.mongodb.org/manual/reference/configuration-options/
# Where and how to store data.
storage:
dbPath: C:\Program Files\MongoDB\Server\4.0\data
journal:
enabled: true
# engine:
# mmapv1:
# wiredTiger:
# where to write logging data.
systemLog:
destination: file
logAppend: true
path: C:\Program Files\MongoDB\Server\4.0\log\mongod.log
# network interfaces
net:
port: 27017
bindIp: 127.0.0.1
#processManagement:
#security:
#operationProfiling:
#replication:
#sharding:
## Enterprise-Only Options:
#auditLog:
#snmp:
Try adding below line if not added in your mongod.conf =>
security:
authorization: enabled
Then restart mongodb and you are good to go.
Ok looking at your mongo conf we can see there is space in your db and log path viz "Program Files" which can create issue.
Workaround is:
1) Make data, log and conf directory like C:\data\db, C:\data\log and C:\data\mongod.conf.
2) Make path changes in mongod.conf for dbpath and logpath.
3) Add security authorization: enabled in mongod.conf as suggested.
4) Remove mongod service if already installed and install service again.
5) Restart service. Hope this helps.

rs.initiate method not working on MongoDB

I'm running MongoDB 3.2.15 on Ubuntu 16.04 LTS
I can't execute rs.initiate();. It returns the following error
{
"ok" : 0,
"errmsg" : "assertion src/mongo/db/repl/replset_commands.cpp:275",
"code" : 8
}
opened mongo with the following arguments
mongod --config /etc/mongod.conf --replSet rs0
Configuration file :
storage:
dbPath: /var/lib/mongodb
journal:
enabled: true
systemLog:
destination: file
logAppend: true
path: /var/log/mongodb/mongod.log
net:
port: 27017
bindIp: 0.0.0.0
The log file :
2017-07-26T08:25:38.400+0000 I NETWORK [HostnameCanonicalizationWorker] Starting hostname canonicalization worker
2017-07-26T08:25:42.186+0000 I COMMAND [conn1] initiate : no configuration specified. Using a default configuration for the set
2017-07-26T08:25:42.186+0000 I - [conn1] Assertion failure h != "localhost" src/mongo/db/repl/replset_commands.cpp 275
Try this (success for me):
mongo
> config = {_id:"rs0", members:[ {_id:0, host:"127.0.0.1:27017"}]}
{
"_id" : "rs0",
"members" : [
{
"_id" : 0,
"host" : "127.0.0.1:27017"
}
]
}
> rs.initiate(config)
{ "ok" : 1 }
Reference: http://blog.csdn.net/Aegeaner/article/details/56277129

mongoDB service on ubuntu not repairing

I have an AWS ubuntu instance where I upgraded a) ubuntu version (to 16.04.2 from 16.04) and b) mongoDB version (to 3.4.3 from 3.2). However, when I did so, mongoDB unlinked to all my databases.
I was able to copy the database files to /data/db/, use sudo mongod --repair and in the mongo shell, access all the databases.
However, the service version of mongoDB, run when I execute sudo service start mongod is still using the original /var/lib/mongodb/ (where the data still exists). When I try to repair from within the shell using db.repairDatabase(), I get only { "ok" : 1 } but no added databases. I need to have the service mongod running so clients can access it.
Here is a readout of what the service mongod outputs:
> db.adminCommand("getCmdLineOpts")
{
"argv" : [
"/usr/bin/mongod",
"--quiet",
"--config",
"/etc/mongod.conf"
],
"parsed" : {
"config" : "/etc/mongod.conf",
"net" : {
"bindIp" : "127.0.0.1",
"port" : 27017
},
"storage" : {
"dbPath" : "/var/lib/mongodb",
"journal" : {
"enabled" : true
}
},
"systemLog" : {
"destination" : "file",
"logAppend" : true,
"path" : "/var/log/mongodb/mongod.log",
"quiet" : true
}
},
"ok" : 1
}
> db.repairDatabase()
{ "ok" : 1 }
> show databases
admin 0.000GB
local 0.000GB
How can I repair the service mongod databases?
I realized that I could use mongodump --archive={path} and dump to an archive from the local database that was working. Then I turned on the service and used mongorestore --archive={path}, which loaded everything to the correct database. It is functional again.

In MongoDB, can you see the commandline arguments from the shell?

I would like to be able to connect to a MongoDB instance using mongo.exe (or any shell) and somehow display the command-line / config startup options. AFAIK, this does not work, but this is what I'm thinking:
>startupOptions()
{
dbpath: d:\data\mongo,
logAppend: true,
master: false,
bindIp: 127.0.0.1,
/* ... */
}
Any ideas?
I'm not sure you can get the args for the shell you're running, but if you're looking for the args used to start the node you're connected to, you can do the following...
mongos> use admin
switched to db admin
mongos> db.runCommand("getCmdLineOpts")
This returns a BSONDocument which contains the arguments in both parsed and unparsed formats. You do not have to be connected to a mongos for this to work, but you do have to use the admin database.
Kander's answer is perfect, here is just some more info for everyone:
> use admin
switched to db admin
> db.runCommand("getCmdLineOpts")
{
"argv" : [
"D:\\MongoDB\\program\\mongod.exe",
"--config",
"d:\\MongoDB\\config\\mongodb.config",
"--service"
],
"parsed" : {
"bind_ip" : "127.0.0.1",
"config" : "d:\\MongoDB\\config\\mongodb.config",
"dbpath" : "D:\\data\\db",
"directoryperdb" : "true",
"logappend" : "true",
"logpath" : "D:\\MongoDB\\logs\\mongodb-service.log",
"rest" : "true",
"service" : true
},
"ok" : 1
}
Notice that you get both command-line arguments (argv) as well as the values from --config (parsed).