Skip to content
Cyprien Devillez edited this page Aug 6, 2015 · 14 revisions

IPv4: 5.196.206.63 Virtual MAC: 02:00:00:EB:8A:D8 OS: Ubuntu 14.04

Configuration

Installed from VM-template

Configure network interface

$ vi /etc/network/interfaces

# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
auto eth0
iface eth0 inet static
   address 5.196.206.63
   netmask 255.255.255.255
   broadcast 5.196.206.63
   post-up route add 37.59.46.254 dev eth0
   post-up route add default gw 37.59.46.254
   pre-down route del 37.59.46.254 dev eth0
   pre-down route del default gw 37.59.46.254
   dns-nameservers 8.8.8.8 8.8.4.4

Change hostname

$ echo "mongo-test" | sudo tee /etc/hostname
$ sudo vi /etc/hosts

127.0.0.1       localhost
127.0.1.1       mongo-test
# The following lines are desirable for IPv6 capable hosts
::1     localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

Configure dedicated disk for MongoDB data

$ sudo fdisk /dev/vdb

Device contains neither a valid DOS partition table, nor Sun, SGI or OSF disklabel
Building a new DOS disklabel with disk identifier 0x3634e8ab.
Changes will remain in memory only, until you decide to write them.
After that, of course, the previous content won't be recoverable.

Warning: invalid flag 0x0000 of partition table 4 will be corrected by w(rite)

Command (m for help): n
Partition type:
   p   primary (0 primary, 0 extended, 4 free)
   e   extended
Select (default p): p
Partition number (1-4, default 1): 1
First sector (2048-16777215, default 2048): 
Using default value 2048
Last sector, +sectors or +size{K,M,G} (2048-16777215, default 16777215): 
Using default value 16777215

Command (m for help): t
Selected partition 1
Hex code (type L to list codes): 8e
Changed system type of partition 1 to 8e (Linux LVM)

Command (m for help): w
The partition table has been altered!

Calling ioctl() to re-read partition table.
Syncing disks.

$ sudo pvcreate /dev/vdb1
$ sudo vgcreate -s 16M mongo-vg /dev/vdb1
$ sudo lvcreate -l +100%FREE -n mongo-lv mongo-vg
$ sudo apt-get install xfsprogs xfsdump
$ sudo mkfs -t xfs /dev/mongo-vg/mongo-lv
$ sudo mkdir /opt/mongodb
$ sudo vi /etc/fstab

/dev/mongo-vg/mongo-lv /opt/mongodb auto defaults,noatime,nofail 0 2

$ sudo mount -a

Install and configure stunnel to secure MongoDB connexion

$ sudo apt-get install stunnel4
$ openssl genrsa 1024 | sudo tee /etc/stunnel/stunnel.key
$ sudo openssl req -new -key /etc/stunnel/stunnel.key -x509 -days 3650 -out /etc/stunnel/stunnel.crt
$ cat /etc/stunnel/stunnel.crt /etc/stunnel/stunnel.key | sudo tee /etc/stunnel/stunnel.pem
$ sudo vi /etc/stunnel/stunnel.conf

pid = /var/run/stunnel.pid
cert = /etc/stunnel/stunnel.pem
[mongodb] 
accept = 27018
connect = 27017

$ sudo vi /etc/default/stunnel4

ENABLED=1

$ sudo service stunnel4 start

Firewall

Managed via PVE interface:

  • Global configuration:
  • Input policy: Drop
  • Output policy: Accept
  • Proxmox server specific configuration
  • Input Accept SSH macro
  • Input Accept Protocol TCP on port 27018 (MongoDB SSL) from ipset donut-prod

Backup MongoDB

Mount OVH backup storage

$ apt-get install cifs-utils
$ mkdir /mnt/backup-ovh
$ vi /etc/fstab

//ftpback-rbx6-42.ovh.net/ns3000756.ip-37-59-46.eu/mongo01 /mnt/backup-ovh cifs rw,nounix,uid=root,gid=root,password=,file_mode=0600,dir_mode=0600

$ mount -a

Create backups directory

$ mkdir /mnt/backup-ovh/db

Create a simple script to dump all MongoDB databases

$ sudo mkdir /opt/mongodb/scripts
$ sudo vi /opt/mongodb/scripts/mongo-backup.sh

#!/bin/bash

BACKUP_DIR=/mnt/backup-ovh/db
LOCAL_DIR=/opt/mongodb/backups
BACKUP_NAME=$(date '+%Y%m%d-%H%M%S')
BACKUP_RET=70

mkdir $DEST

mongodump --out $LOCAL_DIR/$BACKUP_NAME
tar czf $BACKUP_DIR/$BACKUP_NAME.tar.gz -C $LOCAL_DIR $BACKUP_NAME
rm -rf $LOCAL_DIR/$BACKUP_NAME
rm $LOCAL_DIR/last.tar.gz
ln -s $BACKUP_DIR/$BACKUP_NAME.tar.gz $LOCAL_DIR/last.tar.gz

I=0
for BACKUP in $(ls -r "$BACKUP_DIR"); do
  ((I++))
  if [ $I -gt $BACKUP_RET ]; then
    find "$BACKUP_DIR/$BACKUP" -delete
  fi
done

$ sudo chmod +x /opt/mongodb/scripts/mongo-backup.sh

Add a crontab to launch backup script every hour

$ sudo ln -fs /opt/mongodb/scripts/mongo-backup.sh /etc/cron.hourly/mongo-backup

Clone this wiki locally