MongoDB

MongoDB Installation Procedure without HA mode

Community Version:

This section describes the procedure for installation of MongoDB with authentication and authorization configured for Community Edition.

Important note:

• Please ensure the ports that are to be used for MongoDB service is open for communication with the help of a windows administrator.
• During the installation procedure, whenever the MongoDB service is restarted, open the new command prompt to run further commands.

Installation steps

1. Download the file mongodb-win32-x86_64-2008plus-ssl-4.0.25-signed.mse from the Path mentioned in the source field of Table 15 – MongoDB Requirements for Community Version.

1. Double-click on mongodb-win32-x86_64-2008plus-ssl-4.0.25-signed.mse file and select installation option as Complete and click Next.

1. The option Install MongoDB as service would be checked by default.

1. Uncheck Install MongoDB as Service and click Next.

1. Wait till the MongoDB installation is complete.

Add MongoDB to the Path:

To add MongoDB to the PATH, please perform the below steps:

1. Go to the location where MongoDB was installed. For e.g., C:\Program Files\MongoDB .

1. Inside MongoDB, go to folder\Server\4.0\bin .
2. Go to Control Panel  System and SecuritySystem.
3. Select Advanced System Settings and click Environment Variables.

1. This will open a new dialog box.

1. Select the variable path in System Variables and add path of MongoDB. For e.g. - C:\Program Files\MongoDB\Server\4.0\bin .

Creation of Directory Structure:

1. Create a folder named mongo. It should not be in the same location where MongoDB is installed.

1. Inside the folder mongo, create a folder named data and then create three folders named as config, database and log as shown in Figure 32.

Creation of MongoDB Service

1. Go to the location where MongoDB is installed. Refer to the Path set in the PATH environment variable. For e.g., C:\Program Files\MongoDB .

1. Go to bin folder. for e.g., C:\Program Files\MongoDB\Server\4.0\bin.
2. Locate the file named mongod.cfg and copy the file.

1. Go to the mongo folder that was custom created earlier. Inside the directory data, go to the config folder. Paste the mongod.cfg file here.

1. Open the file mongod.cfg (preferably in Notepad++ or Sublime) and follow the below steps:

While editing the file, maintaining indentation in the file is very important.

1. In the storage header, change the following field:
   • dbPath: Add path till mongo\data\database.

1. In the systemLog, change the following field:
   • Path: Add path of mongo\data\log\mongod.log.

   Folder mongo\data\log doesn’t have Mongod.log. This will be created automatically when mongoDB service is created.

2. In the net, change the following fields:
   • Port: Enter the port for the installation of MongoDB.
   • bindIpAll: true.

   

1. Save the changes made in the file mongod.cfg.
2. Open the Command Prompt as Administrator and run the following command:

   Please make sure to provide correct path for config.

   mongod –config “<path of the mongoDB folder you created\mongo\data\config\mongod.cfg>" --install --serviceName "MongoDB"

   For e.g. mongod --config "C:\mongo\data\config\mongod.cfg" --install --serviceName "MongoDB"

3. MongoDB service with the name MongoDB will be created.

Start MongoDB Service

1. Press Windows+R, and type services.msc and press Enter.

1. Search for MongoDB service, then click on MongoDB service and click Start the service on the Left pane.

1. Go to the server that has MongoDB service installed. Open the Command Prompt as Administrator and execute the below commands by changing the respective IP and port of server.

mongo --host <IP> --port <port on which mongoDB service is running(mentioned in config file)>

for e.g. - mongo --host 10.1.1xx.x1 --port 27017

1. If the service is running successfully, the connection will be established without any error message.

Enable Authentication

To enable the authentication, perform the following steps:

1. Go to the server where MongoDB service has been installed. Open the Command Prompt as Administrator and execute the below command.

mongo --host x.x.xx.x1 --port 27017

1. Execute the below command.

MongoDB> use admin

1. Make the following changes in the values before execution:

user:<user-name >

pwd :<password>

(choose any password for the corresponding user for MongoDB authentication.)

MongoDB>> db.createUser(

{

user: "admin",

pwd: "comnet123",

roles: [ { role: "userAdminAnyDatabase", db: "admin" }, { role: "root", db: "admin" }, "readWriteAnyDatabase" ]

}

)

1. Make the following changes in mongod.cfg. Refer the screenshot below:

1. Restart the MongoDB service in the server.
2. Re-open the Command Prompt as Administrator and open the MongoDB terminal using the following command:

mongo --host <IP> --port <Port> -u <username> -p <password> --authenticationDatabase "admin"

For e.g. - mongo --host x.x.xx.x --port 27017 -u admin -p comnet123 --authenticationDatabase "admin"

1. Connection with MongoDB should be successfully established.

Test the Connection

To test the connection, perform the following steps:

Python 3.6 should be present. You should also have the BigFix Runbook AI installer package as it contains some resources to be used in subsequent steps.

1. Open the Command Prompt as Administrator and execute the following command to install pymongo:

pip install pymongo

1. Copy the file named “mongo_connection_community_Non-HA.py” present in the installer package under iAutomateInstaller  Resources  Resources.zip folder to any folder.
2. Open the file in Notepad and change the value of Server IP and Port where MongoDB service is running.

   import ssl

   from pymongo import MongoClient

   client = MongoClient('<IP of the server>:<Port>',

   username='<Username>',

   password='<Password>',

   ssl=False)

   db = client['DRYiCE_db']

   db_collection = db['DRYiCE_Collection']

   db_collection.insert({"name":"xyz"})

   print("Connection to Mongo Database successful")

3. Open the Command Prompt as Administrator mode. Change the current working directory to the folder that has code using the following command:

   cd <folder path>

4. Execute the code by using the following command.

   python <file_name.py>

5. If file executes without any error, then connection is successful.

Enterprise Version

This section describes the procedure for installation of MongoDB with authentication and authorization configured for Enterprise Edition.

• Please ensure the ports that are to be used for MongoDB service is open for communication with the help of windows administrator.
• During the installation procedure whenever the MongoDB service is restarted, open the new command prompt window to run the further commands.

Installation steps:

1. Download the file mongodb-win32-x86_64-enterprise-windows-64-4.0.25-signed.mse from the Path mentioned in the source field of Table 15 – MongoDB Requirements for Enterprise Version.

1. Double-click on mongodb-win32-x86_64-enterprise-windows-64-4.0.25-signed.mse file and select installation option as Complete and click Next.

Please ensure to note the location of the installation directory of MongoDB.

1. The option Install MongoDB as service would be checked by default.

1. Uncheck Install MongoDB as service and click Next.

1. Wait till the MongoDB installation is complete.

Add MongoDB to the Path

To add MongoDB to the PATH, please perform the below steps:

1. Go to the location where MongoDB was installed. For e.g., C:\Program Files\MongoDB .

1. Inside MongoDB, go to folder\Server\4.0\bin .
2. Go to Control PanelSystem and SecuritySecurity.
3. Select Advanced System Settings, click Environment Variables. This will open up a new dialog box.
4. Select the Variable Path in System Variables and add path of MongoDB. For e.g. - C:\Program Files\MongoDB\Server\4.0\bin .

Creation of Directory Structure

1. Create a folder named mongo. It should not be in the same location where MongoDB is installed.

1. Inside the folder mongo, create a folder named data.
2. Inside the folder data, create three folders named as config, database, and log.

Creation of MongoDB Service

1. Go to the location where MongoDB is installed. Refer to the Path set in the PATH environment variable. For e.g., C:\Program Files\MongoDB .

1. Go to bin folder. for e.g., C:\Program Files\MongoDB\Server\4.0\bin .
2. Locate the file named mongod.cfg and copy the file.

1. Go to the mongo folder that was created earlier. Inside the directory data, go to the config folder and paste the mongod.cfg file here.

1. Open the file mongod.cfg (preferably in Notepad++ or Sublime) and follow the below steps:

While editing the file, maintaining indentation in the file is very important.

1. In the storage header, change the following fields:
   • DBPATH: Add path till mongo\data\database

1. In the systemLog, change the following fields:
   • PATH: Add path of mongo\data\log\mongod.log

   Folder mongo\data\log doesn’t have Mongod.log. This will be created automatically when mongo service is created.

2. In the net, change the following fields:

• port: Enter the port you want to install MongoDB
• bindIpAll: true

1. Save the changes made in the file mongod.cfg.
2. Open the Command Prompt as Administrator and run the following command.

Please ensure to enter correct path of config).

mongod –config “<path of the mongoDB folder you created\mongo\data\config\mongod.cfg>" --install --serviceName "MongoDB"

For e.g. mongod --config "C:\mongo\data\config\mongod.cfg" --install --serviceName "MongoDB"

1. MongoDB service with the name MongoDB will be created.

Start MongoDB Service

1. Press Windows+R, type services.msc and press Enter.

1. Search for MongoDB service.
2. Click MongoDB service and click Start the service on the Left pane.

1. Go to the server that has MongoDB service installed.
2. Open the Command Prompt as Administrator and execute the below command by changing respective IP and port of server.

mongo --host <IP> --port <port on which mongoDB service is running(mentioned in config file)>

for e.g. - mongo --host 10.1.1xx.x1 --port 27017

1. If the service is running successfully, then connection will be established. If not, then follow the above steps again.

Enable Authentication

To enable the authentication, perform the following steps:

1. Go to the server where MongoDB service has been installed.

1. Open the Command Prompt as Administrator and execute the below command:

mongo --host x.x.xx.x1 --port 27017

1. Execute the below command:

MongoDB Enterprise> use admin

1. Make the following changes in the values before execution:

user:<user-name >

pwd :<password>

(choose any password for the corresponding user for MongoDB authentication.)

MongoDB Enterprise> db.createUser(

{

user: "admin",

pwd: "comnet123",

roles: [ { role: "userAdminAnyDatabase", db: "admin" }, { role: "root", db: "admin" }, "readWriteAnyDatabase" ]

}

)

1. Make the following changes in mongod.cfg and refer to the screenshot below.

1. Restart the MongoDB service in the server.
2. Re-open the Command Prompt as Administrator and open the MongoDB terminal using the following command:

mongo --host <IP> --port <Port> -u <username> -p <password> --authenticationDatabase "admin"

For e.g. - mongo --host x.x.xx.x --port 27017 -u admin -p comnet123 --authenticationDatabase "admin"

1. Connection with MongoDB should be successfully established.

Enable SSL Authentication

To enable SSL authentication, perform the following steps:

Please ensure that only one ca.pem should be generated. From the same ca.pem, server.pem for each server should be generated. From the same ca.pem, client.pem should be generated.

1. Generate the ca.pem, server.pem and client.pem by referring to the Generate ca.pem and server.pem and Generate client.pem.

1. After the ca.pem, client.pem and server.pem are generated, copy these files and paste them in the following path:

<MongoDB_installed_path>/MongoDB/Server/4.0/bin

For e.g. - C:\Program Files\MongoDB\Server\4.0\bin

1. Go to folder mongo/data/config, open the file mongod.cfg and make the following changes:

Please preserve the space and indentations as shown below. Ensure that editing is done in notepad++.

1. In the net header, enter the following values:

   ssl:

   mode: allowSSL

   PEMKeyFile: C:\Program Files\MongoDB\Server\4.0\bin\server.pem

   CAFile: C:\Program Files\MongoDB\Server\4.0\bin\ca.pem

   

2. Save the file for changes to be reflected.

1. Open the Command Prompt as Administrator on the server and execute the below command:

mongo --ssl --host <IP> --port <port> -u <username> -p <password> --authenticationDatabase "admin" --sslCAFile "<path of ca.pem>" --sslPEMKeyFile "<path of client.pem>"

for e.g. –

mongo --ssl --host x.x.x.x1 --port 27017 -u admin -p comnet123 --authenticationDatabase "admin" --sslCAFile "C:\Program Files\MongoDB\Server\4.0\bin\ca.pem" --sslPEMKeyFile "C:\Program Files\MongoDB\Server\4.0\bin\client.pem"

1. This will establish the connection with MongoDB.
2. Execute the below commands:

MongoDB Enterprise>db.adminCommand( { setParameter: 1, sslMode: "preferSSL" } )

MongoDB Enterprise> db.adminCommand( { setParameter: 1, sslMode: "requireSSL" } )

1. Restart the MongoDB service on the server.

Test the Connection

To test the connection, perform the following steps:

Python 3.6 should be present. You should also have the BigFix Runbook AI installer package as it contains some resources to be used in subsequent steps.

1. Open the Command Prompt as Administrator and execute the following command:

pip install pymongo

1. Copy the file named “mongo_connection_enterprise_Non-HA.py”, present in the installer package under iAutomateInstaller  Resources Resources.zip folder to any folder.
2. Open the file in Notepad and change the value of IP, port, username, password, path of pem files where MongoDB service is running.

import ssl

from pymongo import MongoClient

client = MongoClient('<IP of the server>:<Port>',

username='<Username>',

password='<Password>',

ssl=True,

ssl_certfile="<path of client.pem file>",

ssl_ca_certs="<path of ca.pem file>",

ssl_cert_reqs=ssl.CERT_REQUIRED)

db = client['DRYiCE_db']

db_collection = db['DRYiCE_Collection']

db_collection.insert({"name":"xyz"})

print("Connection to Mongo Database successful")

1. Open the Command Prompt as Administrator. Change the current working directory to the folder that has code using the following command:

cd <folder path>

1. Execute the code by using the following command:

python <file_name.py>

1. If the file executes without any error, the connection is successful.

MongoDB Installation Procedure – with HA mode

High Availability in MongoDB is enabled using concept of replica set where at least three MongoDB instances are used to configure clusters. For BigFix Runbook AI, we will have three MongoDB instances where one instance will be Primary and rest of them will be Secondary. HA in MongoDB works as per below guidelines.

1. If primary node is down, then one of secondary node will be promoted to become primary node.

1. If secondary is down, then system will work as it is.

Replication amongst nodes is handled by MongoDB itself.

Replication provides redundancy and increases . With multiple copies of data on different database servers, replication provides a level of fault tolerance against the loss of a single database server.

For MongoDB in HA, at least three servers are required. If more than three servers are to be configured, ensure that they are odd in number. Please make sure the ports that are going to be used for MongoDB are open for communication.

Community Version:

This section describes the procedure for installation of MongoDB with authentication and authorization configured for Community Edition in HA mode.

Important note:

• Please ensure the ports that are to be used for MongoDB service is open for communication with the help of Windows administrator.
• During the installation procedure whenever the MongoDB service is restarted, open the new command prompt to run the further commands.

Installation steps:

1. Download the file mongodb-win32-x86_64-2008plus-ssl-4.0.25-signed.mse from the Path mentioned in the source field of for Community Version.

1. Double-click on mongodb-win32-x86_64-2008plus-ssl-4.0.25-signed.mse file, then select installation option as Complete and click Next.

1. The option Install MongoDB as service would be checked by default.

1. Uncheck Install MongoDB as service and click Next.

1. Wait till the MongoDB installation is complete.

Add MongoDB to the Path:

To add MongoDB to the PATH, please perform the below steps:

1. Go to location where MongoDB was installed. For e.g., C:\Program Files\MongoDB .

1. Inside MongoDB, go to folder\Server\4.0\bin .
2. Go to Control Panel  System and Security Security.
3. Select Advanced System Settings and click Environment Variables. This will open up a new dialog box.
4. Select the variable Path in System Variables and add path of MongoDB. For e.g. - C:\Program Files\MongoDB\Server\4.0\bin .

Creation of Directory Structure:

1. Create a folder named mongo. It should not be in the same location where MongoDB is installed.

1. Inside the folder mongo, create a folder named data.
2. Inside the folder data, create three folders named as config, database, and log.

Creation of MongoDB Service

1. Go to the location where MongoDB is installed. Refer to the Path set in the PATH environment variable. For e.g., C:\Program Files\MongoDB .

1. Go to bin folder. for e.g., C:\Program Files\MongoDB\Server\4.0\bin .
2. Locate the file named mongod.cfg and copy the file.

1. Go to the mongo folder that was created earlier. Inside the directory data, go to the config folder and paste the mongod.cfg file here.

1. Open the file mongod.cfg (preferably in Notepad++ or Sublime) and follow the below steps:

While editing the file, maintaining indentation is very important.

1. In the storage header, change the following fields:
   • dbPath: Add path till mongo\data\database

1. In the systemLog, change the following fields:
   • path: Add path of mongo\data\log\mongod.log

   Folder mongo\data\log doesn’t have Mongod.log. This will be created automatically when mongo service is created.

2. In the net, change the following fields:
   • port: Enter the port you want to install MongoDB
   • bindIpAll: true

   Please do not user Port Number 27017 as it’s the default port.

3. In the replication, change the following fields:

• replSetName: Enter the name of replica set

1. Save the changes made in the file mongod.cfg.
2. Open Command Prompt as Administrator and run the following command.

Please ensure to enter the correct path of config file.

mongod –config “<path of the mongoDB folder you created\mongo\data\config\mongod.cfg>" --install --serviceName "MongoDB"

For e.g. mongod --config "C:\mongo\data\config\mongod.cfg" --install --serviceName "MongoDB"

1. MongoDB service with the name MongoDB will be created.

Start MongoDB Service

1. Press Windows+R, then type services.msc and press Enter.

1. Search for the MongoDB service and click MongoDB service.
2. Click Start the service on the Left pane.

These steps must be performed on all the servers which are part of the replica set.

1. Go to all the servers that have MongoDB service installed.
2. Open Command Prompt as Administrator and execute the below command by changing respective IP and port of server.

mongo --host <IP> --port <port on which mongoDB service is running (mentioned in config file)>

for e.g.

server 1: mongo --host x.x.xx.x1 --port 27017

server 2: mongo --host x.x.x.x2 --port 27017

server 3: mongo --host x.x.x.x3 --port 27017

1. If the service is running successfully, then connection will be established without any error message.

Configure Replica Set

Once the MongoDB service is up and running, perform the below steps to configure the replica set for MongoDB.

1. Go to one of the servers that is a part of the replica set.

1. Open the Command Prompt as Administrator and execute the below command to open the terminal.

mongo --host <IP> --port <in which MongoDB service is running. The one written in config >

for e.g. - mongo --host x.x.xx.x1 --port 27017

1. In the same terminal, execute the below commands:

MongoDB > rs.initiate( {

_id : "DRYiCEReplicaSet",

members: [

{ _id: 0, host: "<IP>:<PORT>" },

{ _id: 1, host: "<IP>:<PORT>" },

{ _id: 2, host: "<IP>:<PORT>" }

]

})

1. Here, add the hosts that are part of the replica set and mention the respective host IP and port on which MongoDB service is running. Ensure that the ports are open for communication.

MongoDB > rs.initiate( {

_id : "DRYiCEReplicaSet",

members: [

{ _id: 0, host: "10.1.1xx.x1:27017" },

{ _id: 1, host: "10.1.1xx.x21:27017" },

{ _id: 2, host: "10.1.1xx.x3:27017" }

]

})

1. Enter the below command to identify the Primary and Secondary server:

MongoDB >rs.status()

1. Execute the below command on the Secondary servers:

MongoDB >rs.slaveOk()

Enable Authentication

Authentication needs to be enabled only on the Primary server. All the secondary replica server will automatically be updated with the same.

To enable the authentication, perform the following steps:

1. Go to the Primary server in the replica set.

1. Open the Command Prompt as Administrator and execute the below command:

mongo --host x.x.xx.x1 --port 27017

1. Execute the below command:

MongoDB replicaTest:PRIMARY>use admin

1. Execute the below command. Make the following changes in the values before execution:

user:<user-name >

pwd :<password>

(choose any password for the corresponding user for MongoDB authentication.)

MongoDB replicaTest:PRIMARY> db.createUser(

{

user: "admin",

pwd: "comnet123",

roles: [ { role: "userAdminAnyDatabase", db: "admin" }, { role: "root", db: "admin" }, "readWriteAnyDatabase" ]

}

)

1. After this is successfully executed in the primary server of replica set, make the following changes in mongod.cfg of all the servers that are part of replica set. Refer the screenshot below:

1. Close the terminal and restart the MongoDB service of all servers in the replica set.
2. Re-open the Command Prompt as Administrator on all the servers in the replica set and connect to MongoDB using the below command:

mongo --host <IP> --port <Port>-u <username> -p <password> --authenticationDatabase "admin"

For e.g. –

mongo --host x.x.xx.x1 --port 27017 -u admin -p comnet123 --authenticationDatabase "admin"

mongo --host x.x.xx.x2 --port 27017 -u admin -p comnet123 --authenticationDatabase "admin"

mongo --host x.x.xx.x3 --port 27017 -u admin -p comnet123 --authenticationDatabase "admin"

1. Connection with MongoDB should be successfully established on both Primary and Secondary servers.

Test the Connection

To test the connection, perform the following steps:

Python 3.6 should be present. You should also have the BigFix Runbook AI installer package as it contains some resources to be used in subsequent steps.

1. Open the Command Prompt as Administrator and execute the following command to install pymongo.

pip install pymongo

1. Copy the file named “mongo_connection_community_HA.py”, present in the installer package under iAutomateInstaller  Resources  Resources.zip folder, to any folder.
2. Open the file in Notepad and change the respective IP, port, username, password where MongoDB service is running.

Please preserve spaces and indentation.

import ssl

from pymongo import MongoClient

client = MongoClient(['10.1X.1XX.XX:27017','10.1X.1XX.6X:27017','10.1X.1XX.XX:27017'],

username='admin',

password='comnet123',

ssl=False)

db = client['DRYiCE_db']

db_collection = db['DRYiCE_Collection']

db_collection.insert({"name":"xyz"})

print("Connection to Mongo Database successful")

1. Open the Command Prompt as Administrator mode and change the current working directory to the folder that has code using the following command:

cd <folder path>

1. Execute the code by executing the following command:

python <file_name.py>

1. If file executes without any error, then connection is successful.

Enterprise Version

This section describes the procedure for installation of MongoDB with authentication and authorization configured for Enterprise Edition in HA mode.

Important note:

• Please ensure the ports that are to be used for MongoDB service is open for communication with the help of Windows administrator.
• During the installation procedure whenever the MongoDB service is restarted, open the new command prompt to run the further commands.

Installation steps:

1. Download the file mongodb-win32-x86_64-enterprise-windows-64-4.0.25-signed.mse from the Path mentioned in the source field of Table 15 – MongoDB Requirements for Enterprise Version.

1. Double-click on mongodb-win32-x86_64-enterprise-windows-64-4.0.25-signed.mse file, select installation option as Complete and click Next.

1. Please ensure to note the location of the installation directory of MongoDB.
2. The option Install MongoDB as service would be checked by default.

1. Uncheck Install MongoDB as service and click Next.

1. Wait till the MongoDB installation is complete.

Add MongoDB to the Path:

To add MongoDB to the PATH, please perform the below steps:

1. Go to location where MongoDB was installed. For e.g., C:\Program Files\MongoDB .

1. Inside MongoDB, go to folder \Server\4.0\bin .
2. Go to Control Panel  System and Security Security.
3. Select Advanced System Settings, click Environment Variables. This will open a new dialog box.
4. Select the variable path in System Variables and add path of MongoDB. For e.g. - C:\Program Files\MongoDB\Server\4.0\bin .

Creation of Directory Structure:

1. Create a folder named mongo. It should not be in the same location where MongoDB is installed.

1. Inside the folder mongo, create a folder named data.
2. Inside the folder data, create three folders named as config, database, and log.

Creation of MongoDB Service

1. Go to the location where MongoDB is installed. Refer to the Path set in the PATH environment variable. For e.g., C:\Program Files\MongoDB .

1. Go to bin folder. For e.g., C:\Program Files\MongoDB\Server\4.0\bin .
2. Locate the file named mongod.cfg and copy the file.

1. Go to the mongo folder that was custom created earlier. Inside the directory data, go to the config folder. Paste the mongod.cfg file here.

1. Open the file mongod.cfg (preferably in Notepad++ or Sublime) and follow the below steps:

While editing the file, maintaining indentation in the file is very important.

1. In the storage header, change the following fields:
   • dbPath: Add path till mongo\data\database.

1. In the systemLog, change the following fields:
   • path: Add path of mongo\data\log\mongod.log.

   Folder mongo\data\log doesn’t have Mongod.log. This will be created automatically when mongo service is created.

2. In the net, change the following fields:
   • port: Enter the port you want to install MongoDB.
   • bindIpAll: True.

1. In the replication, change the following fields:

• replSetName: Enter the name of the replica set.

1. Save the changes made in the file mongod.cfg.
2. Open the Command Prompt as Administrator and run the following command.

mongod –config “<path of the mongoDB folder you created\mongo\data\config\mongod.cfg>" --install --serviceName "MongoDB"

For e.g. mongod --config "C:\mongo\data\config\mongod.cfg" --install --serviceName "MongoDB"

Ensure to enter the correct path of config file.

1. MongoDB service with the name MongoDB will be created.

Start MongoDB Service

1. Press Windows+R, type services.msc and press Enter.

1. Search for MongoDB service, then click on it and click Start the service on the Left pane.

These steps must be performed on all the servers that are part of the replica set.

1. Go to all the servers that have MongoDB service installed.
2. Open the Command Prompt as Administrator and execute the below command by changing respective IP and port of server.

Ensure that the port on which MongoDB service is running is open for communication.

mongo --host <IP> --port <port on which mongoDB service is running(mentioned in config file)>

for e.g.

server1: mongo --host x.x.x.x1 --port 27017

server2: mongo --host x.x.x.x2 --port 27017

server3: mongo --host x.x.x.x3 --port 27017

1. If the service is running successfully, then connection will be established without any error message.

Configure Replica Set

Once the MongoDB service is up and running, perform the below steps to configure the replica set for MongoDB.

1. Go to one of the servers that is a part of the replica set.

1. Open the Command Prompt as Administrator and execute the below command to open the terminal.

mongo --host <IP> --port <in which MongoDB service is running. The one written in config >

for e.g. - mongo --host x.x.xx.x1 --port 27017

1. In the same terminal, execute the below commands:

MongoDB > rs.initiate( {

_id : "DRYiCEReplicaSet",

members: [

{ _id: 0, host: "<IP>:<PORT>" },

{ _id: 1, host: "<IP>:<PORT>" },

{ _id: 2, host: "<IP>:<PORT>" }

]

})

For eg.,

MongoDB > rs.initiate( {

_id : "DRYiCEReplicaSet",

members: [

{ _id: 0, host: "10.1.1xx.x1:27017" },

{ _id: 1, host: "10.1.1xx.x21:27017" },

{ _id: 2, host: "10.1.1xx.x3:27017" }

]

})

1. Here, add the hosts that are part of the replica set. Also mention the respective host IP and port on which MongoDB service is running. Ensure that the ports are open for communication.
2. Enter the below command to identify the Primary and Secondary server.

MongoDB >rs.status()

1. Execute the below command on the Secondary servers.

MongoDB >rs.slaveOk()

Enable Authentication

Authentication needs to be enabled only on the Primary server. The Secondary servers are automatically updated as they are part of the replica set.

To enable the authentication, perform the following steps:

1. Go to the primary server in the replica set.

1. Open the Command Prompt as Administrator and execute the below command:

mongo --host x.x.xx.x1 --port 27017

1. Execute the below command:

MongoDB Enterprise replicaTest:PRIMARY>use admin

1. Execute the below command. Make the following changes in the values before execution:

user:<user-name >

pwd :<password>

(choose any password for the corresponding user for MongoDB authentication.)

MongoDB Enterprise replicaTest:PRIMARY>db.createUser(

{

user: "admin",

pwd: "comnet123",

roles: [ { role: "userAdminAnyDatabase", db: "admin" }, { role: "root", db: "admin" }, "readWriteAnyDatabase" ]

}

)

1. After this is successfully executed in the primary server of replica set, make the following changes in mongod.cfg of all the servers that are part of replica set. Refer the screenshot below:

1. Close the terminal and restart the MongoDB service of all the servers in the replica set.
2. On all the server’s part of the replica set, open the Command Prompt as Administrator and open the MongoDB terminal using the following command:

mongo --host <IP> --port <Port> -u <username> -p <password> --authenticationDatabase "admin"

For e.g.

mongo --host x.x.xx.x1 --port 27017 -u admin -p comnet123 --authenticationDatabase "admin"

mongo --host x.x.xx.x2 --port 27017 -u admin -p comnet123 --authenticationDatabase "admin"

mongo --host x.x.xx.x3 --port 27017 -u admin -p comnet123 --authenticationDatabase "admin"

1. Connection with MongoDB should be successfully established on both primary and secondary servers.

Enable SSL Authentication

To enable SSL authentication, perform the following steps:

Please ensure that only one ca.pem should be generated. From the same ca.pem, server.pem for each server should be generated. From the same ca.pem, client.pem should be generated.

If this is not done properly, it may result in failure of SSL Authentication and replica set server may become unreachable.

1. Generate the ca.pem, server.pem and client.pem by referring to the Generate ca.pem and server.pem and Generate client.pem.
2. After the ca.pem, client.pem and server.pem are generated, copy these files, and paste them in the path below:

<MongoDB_installed_path>/MongoDB/Server/4.0/bin

For e.g. - C:\Program Files\MongoDB\Server\4.0\bin

server.pem generated for the respective servers should be placed in the same server.

1. Go to folder mongo/data/config, then open the file mongod.cfg and make the following changes.

Please preserve the space and indentations as shown in the screen shot below. Ensure that editing is done in notepad++.

1. In the net header, edit the following:

ssl:

mode: allowSSL

PEMKeyFile: C:\Program Files\MongoDB\Server\4.0\bin\server.pem

CAFile: C:\Program Files\MongoDB\Server\4.0\bin\ca.pem

1. Save the file for changes to be reflected.
2. After making the changes in all the servers of the replica set, Restart the MongoDB services on all the servers.
3. Open Command Prompt as Administrator on all the servers and execute the below command:

mongo --ssl --host <IP> --port <port> -u <username> -p <password> --authenticationDatabase "admin" --sslCAFile "<path of ca.pem>" --sslPEMKeyFile "<path of client.pem>"

1. Add the respective IP, port, path of the pem file in all the servers.

for e.g. –

mongo --ssl --host 10.x.x.x1 --port 27017 -u admin -p comnet123 --authenticationDatabase "admin" --sslCAFile "C:\Program Files\MongoDB\Server\4.0\bin\ca.pem" --sslPEMKeyFile "C:\Program Files\MongoDB\Server\4.0\bin\client.pem"

1. This will help in establishing the connection with MongoDB.

1. Execute the below commands in all the servers of the replica sets.

MongoDB Enterprise replicaTest:PRIMARY>db.adminCommand( { setParameter: 1, sslMode: "preferSSL" } )

MongoDB Enterprise replicaTest:PRIMARY>db.adminCommand( { setParameter: 1, sslMode: "requireSSL" } )

1. Restart the MongoDB service on all the servers in the replica set.

Test the Connection

To test the connection, perform the following steps:

Python 3.6 should be present. You should also have the BigFix Runbook AI installer package as it contains some resources to be used in subsequent steps.

1. Open Command Prompt as Administrator and execute the following command:

pip install pymongo

1. Copy the file named “mongo_connection_enterprise_HA.py”, present in the installer package under iAutomateInstaller  Resources Resources.zip folder, to any folder.
2. Open the file in Notepad and change the value of IP, port, username, password, certificate path where MongoDB service is running.

import ssl

from pymongo import MongoClient

client = MongoClient([<IP of the server>:<Port>,<IP of the server>:<Port>,<IP of the server>:<Port>],username='<Username>',password='<Password>',ssl=True,

ssl_certfile="<path of client.pem file>",

ssl_ca_certs="<path of ca.pem file>",

ssl_cert_reqs=ssl.CERT_REQUIRED)

db = client['DRYiCE_db']

db_collection = db['DRYiCE_Collection']

db_collection.insert({"name":"xyz"})

print("Connection to Mongo Database successful")

1. Open Command Prompt as Administrator and change the current working directory to the folder that has code using the following command:

cd <folder path>

1. Execute the code by using the following command:

python <file_name.py>

1. If file executes without any error, then connection is successful.