This repository showcases how one can setup a secure MongoDB replica set for development using Docker.
I have explained the details of the docker-compose.yml file in my blog post, link to which can be found at this link.
NOTE
This replica set is for educational and demonstration purposes ONLY.
Running multiple nodes of a Replica Set within a single machine is an anti-pattern, and MUST BE AVOIDED in Production.
Using this setup for local development though, is perfectly fine.
Most of the stuff here will work out-of-the-box, and the containers will be up and running once you run docker-compose up -d.
However, there are a few configuration steps that you would need to incorporate - which are mentioned below.
If you check the docker-compose.yml file, we are relying on .env file to populate the env variables for the compose.
A sample.env file is provided here, use it to create your own .env file.
For this we need to create a keyfile.
In Linux, the following are the commands:
openssl rand -base64 700 > file.key
chmod 400 file.key
sudo chown 999:999 file.keyI have kept a sample file in .docker/mongodb path, but you must follow the steps above to generate a new file.key.
Once the replica set is up, you will need to update hostnames in local /etc/hosts file.
Sample entry
127.0.0.1 localhost mongo1 mongo2 mongo3This change is needed to be done in all client machine, from where you would like to connect to this Replica Set.
So if you are running this replica set in your local development machine, and want to connect to it, you would have to update /etc/hosts file in your local dev machine ONLY.
However, if you want to connect to this replica set from a different machine, you would need to update the /etc/hosts file in that other machine as well.
Sample entry on a different machine
10.20.30.40 mongo1 mongo2 mongo3
Here, 10.20.30.40 is the public-ip of the machine where this replica set is running.
NOTE: In windows, the hosts file is located at C:\Windows\System32\drivers\etc\hosts
Once the MongoDB replica set is up and running, Once everything comes up, you can run docker-compose status, and see something like this:
To connect to the replica set, you can use mongo client.
Connect to replica set running on local machine
$ mongo "mongodb://localhost:30001,localhost:30002,localhost:30003/<MONGO_INITDB_DATABASE>?replicaSet=rs0" -u <MONGO_INITDB_USERNAME> --authenticationDatabase admin
Connect to replica set running on local or remote machine
$ mongo "mongodb://mongo1:30001,mongo2:30002,mongo3:30003/<MONGO_INITDB_DATABASE>?replicaSet=rs0" -u <MONGO_INITDB_USERNAME> --authenticationDatabase adminAs mentioned above, you MUST update the local hosts file in the client machine (running this command), to point to the public IP address of the machine where the replica set is running.
Remember to replace the <MONGO_INITDB_DATABASE> and <MONGO_INITDB_USERNAME> tags with appropriate values that you've put in the .env file.
Once connected you can use the more succinct db.isMaster() command to debug details like hosts of the replicaset a client must connect to, if the node is primary, etc.
db.isMaster()
Full documentation of the command is available at this link.