This playbook setup a MongoDB replicaset with
- user authentication / authorization
- secure communication between the nodes (using key file).
The inventory/ENVIRONMENT.ini file defines the hosts (primary and secondaries) used for the replicaset. On top the host decalration, some databasqe parameters are defined
[primary]
PRIMARY_IP
[secondary]
SECONDARY_1_IP
SECONDARY_2_IP
[primary:vars]
db_user_admin_username=USER_ADMIN_USERNAME
db_user_admin_password=USER_ADMIN_PASSWORD
db_cluster_admin_username=CLUSTER_ADMIN_USERNAME
db_cluster_admin_password=CLUSTER_ADMIN_PASSWORD
db_user_name=DB_USERNAME
db_user_password=DB_PASSWORD
db_name=DB_NAME
This first task initiates the server creating a user named mongors
-
mongors user will be given sudo right with no password needed when running sudo commands
-
current machine ssh key is copied over to the authorized_keys of the server that is beeing provisionned
-
root access is provided => root user needs to be used
Once the nodes are registered, the replicaset can be created using the following command:
ansible-playbook -i inventory/test.ini main.yml
$ mongo --host rs0/PRIMARY_IP,SECONDARY_1_IP,SECONDARY_2_IP
use DB_NAME
db.auth("DB_USERNAME", "DB_PASSWORD")
db.test.insert({ok:1})