PMXBOT Log file Viewer

Help | Karma | Search:

#mongodb logs for Tuesday the 27th of November, 2018

(Back to #mongodb overview) (Back to channel listing) (Animate logs)
[00:23:26] <poboy> https://getyarn.io/yarn-clip/032afb6d-bfbf-4b6e-97fb-92643c5b4983
[14:59:32] <CDuv> Hello, in a 3-shard + replica set setup. Once I have prepared my .conf files for `mongos`, config_server `mongod`, shard0 `mongod`, shard1 `mongod`: Where should I connect to to create my users?
[15:00:04] <CDuv> s/prepared/prepared+started/
[15:00:14] <Derick> mongos host
[15:04:08] <CDuv> OK, thanks.
[16:48:49] <CDuv> Do I have to must set "net.ssl.mode" to "allowSSL" during initial configuration (db.createUser(), rs.initiate(), etc.) phase of a 3-shard + replica set? Or is there a way to configure it with "requireSSL" value?
[16:51:38] <CDuv> Right now I have no users, so if I connect to instance with `--ssl --sslCAFile --sslPEMKeyFile` I get "command replSetInitiate requires authentication"
[16:52:35] <CDuv> And without `--ssl` but with `--host localhost` I get "Error: network error while attempting to run command 'isMaster' on host 'localhost:xxxx'"
[16:52:54] <Derick> ssl has nothing to do with authentication
[16:53:08] <Derick> only with connecting
[16:53:17] <Derick> (auth happens after the connection is established)
[16:53:41] <Derick> I think there is a trick for adding users on a sharded platform, but I don't remember what it is
[16:54:16] <CDuv> Can I add user ((db.createUser()) prior to rs.initiate() ?
[16:54:58] <Derick> no, I don't think so. Let me dig a little
[16:56:16] <CDuv> I attempted to connect to localhost because I've read it bypasses auth (« The localhost interface is only available since no users have been created for the deployment »)
[17:00:02] <CDuv> I had found a trick to add users into a database but it was on a mongod-shard server: 1/ Stop mongod service 2/ Run `mongod --port 6666 --dbpath /var/lib/mongo &` 3/ Wait for it to be ready 4/ Connect via `mongo --port 6666` 5/ Run MongoDB commands `db.createUser()` 6/ kill mongod started in step 2 7/ Fix permissions on /var/lib/mongo (`chown ...`) 8/ Restart the "original" mongod service
[17:00:20] <CDuv> Don't know if still valid
[17:02:48] <Derick> there must be a right one :)
[17:03:41] <Derick> CDuv: did you try adding a user to the admin database?
[17:03:51] <Derick> that's what you can do during the "localhost" exception
[17:05:09] <CDuv> I cannot `mongo --host localhost`
[17:05:29] <Derick> on which machine is that though?
[17:05:40] <Derick> does that machine have a mongos instance?
[17:09:30] <Derick> i can't find more besides https://docs.mongodb.com/manual/core/security-users/
[17:10:45] <CDuv> According to https://docs.mongodb.com/manual/tutorial/deploy-shard-cluster/, I have to 1/ Start mongod configsvr and connect to it for `rs.initiate()` before any mongos is involved.
[17:11:08] <Derick> sure
[17:12:00] <CDuv> So now I only have 3 mongod configsvr running. Is that correct?
[17:12:25] <Derick> just the config servers? or also shard replicasets?
[17:12:31] <CDuv> (and they are complaining about "NotYetInitialized" in their logs :P)
[17:13:15] <CDuv> just the config server, no shard is running
[17:13:42] <Derick> I think you need to finish your sharding cluster set-up first
[17:14:46] <CDuv> Oh, so I stop mongod configsvr instances and start my mongod shardsvr instances?
[17:15:28] <Derick> no, you need all of them up
[17:19:02] <CDuv> OK, all (configsvr + shardsvr) up. I still cannot `mongo --host localhost` nor `rs.initiate()` (when using `mongo --ssl --sslCAFile --sslPEMKeyFile mongod-configsvr`)
[17:21:50] <CDuv> I feel like I am facing the « chicken or the egg causality dilemma » ;)
[17:35:26] <CDuv> Another comprehension question: The configsvr mongod only stores data-location related stuff (« On which shard this data must go »), no users?
[17:35:45] <Derick> right
[17:35:50] <Derick> that used to be different
[17:38:51] <CDuv> Then how can configsvr mongod respond with "command replSetInitiate requires authentication" if there is no users on it's database
[17:39:23] <Derick> yeah, I don't know that one either :-/
[17:39:25] <Derick> sorry
[17:39:30] <CDuv> No problem :)
[17:39:31] <Derick> try the google group mongodb-user ?
[17:40:00] <CDuv> I think I will (or a StackOverflow post)
[18:45:48] <troulouliou_div2> hi when find in a collection is it possible to define a filter like all value ? : something like sb.mycol.find({"type": ALL})