Deploy a Geographically Redundant Replica Set
On this page
Overview
This tutorial outlines the process for deploying a replica set with members in multiple locations. The tutorial addresses three-member replica sets and five-member replica sets. If you have an even number of replica set members, add another data bearing member, if possible, to deploy an odd number of voting members. [1]
For more information on distributed replica sets, see Replica Sets Distributed Across Two or More Data Centers. See also Replica Set Deployment Architectures and see Replication.
| [1] | If circumstances prohibit another data bearing member and you have an even number of voting members, you can add an arbiter instead. For considerations when using an arbiter, see Replica Set Arbiter. |
Considerations
Architecture
In production, deploy each member of the replica set to its own machine and if possible bind to the standard MongoDB port of 27017.
See Replica Set Deployment Architectures for more information.
IP Binding
Use the bind_ip option to ensure that MongoDB listens for connections from applications on configured addresses.
Changed in version 3.6: Starting in MongoDB 3.6, MongoDB binaries, mongod and mongos, bind to localhost (127.0.0.1) by default. If the net.ipv6 configuration file setting or the --ipv6 command line option is set for the binary, the binary additionally binds to the IPv6 address ::1.
Previously, starting from MongoDB 2.6, only the binaries from the official MongoDB RPM (Red Hat, CentOS, Fedora Linux, and derivatives) and DEB (Debian, Ubuntu, and derivatives) packages bind to localhost by default.
When bound only to the localhost, these MongoDB 3.6 binaries can only accept connections from clients (including the mongo shell, other members in your deployment for replica sets and sharded clusters) that are running on the same machine. Remote clients cannot connect to the binaries bound only to localhost.
To override and bind to other ip addresses, you can use the net.bindIp configuration file setting or the --bind_ip command-line option to specify a list of ip addresses.
Warning
Before binding to a non-localhost (e.g. publicly accessible) IP address, ensure you have secured your cluster from unauthorized access. For a complete list of security recommendations, see Security Checklist. At minimum, consider enabling authentication and hardening network infrastructure.
For example, the following mongod instance binds to both the localhost and the sample ip address 198.51.100.1:
In order to connect to this instance, remote clients must specify the ip address 198.51.100.1 or the hostname associated with the ip address:
Connectivity
Ensure that network traffic can pass securely between all members of the set and all clients in the network .
Consider the following:
- Establish a virtual private network. Ensure that your network topology routes all traffic between members within a single site over the local area network.
- Configure access control to prevent connections from unknown clients to the replica set.
- Configure networking and firewall rules so that incoming and outgoing packets are permitted only on the default MongoDB port and only from within your deployment. See the IP Binding considerations.
Ensure that each member of a replica set is accessible by way of resolvable DNS or hostnames. You should either configure your DNS names appropriately or set up your systems’ /etc/hosts file to reflect this configuration.
Each member must be able to connect to every other member. For instructions on how to check your connection, see Test Connections Between all Members.
Configuration
Create the directory where MongoDB stores data files before deploying MongoDB.
Specify the mongod configuration in a configuration file stored in /etc/mongod.conf or a related location.
For more information about configuration options, see Configuration File Options.
Prerequisites
For all configurations in this tutorial, deploy each replica set member on a separate system. Although you may deploy more than one replica set member on a single system, doing so reduces the redundancy and capacity of the replica set. Such deployments are typically for testing purposes.
This tutorial assumes you have installed MongoDB on each system that will be part of your replica set. If you have not already installed MongoDB, see the installation tutorials.
Procedures
Deploy a Geographically Redundant Three-Member Replica Set
For a geographically redundant three-member replica set deployment, you must decide how to distribute your system. Some possible distributions for the three members are:
- Across Three Data Centers: One member to each site.
- Across Two Data Centers: Two members to Site A and one member to Site B. If one of the members of the replica set is an arbiter [#arbiter-alternative], distribute the arbiter to Site A with a data-bearing member.
Note
Distributing replica set members across two data centers provides benefit over a single data center. In a two data center distribution,
- If one of the data centers goes down, the data is still available for reads unlike a single data center distribution.
- If the data center with a minority of the members goes down, the replica set can still serve write operations as well as read operations.
- However, if the data center with the majority of the members goes down, the replica set becomes read-only.
If possible, distribute members across at least three data centers. For config server replica sets (CSRS), the best practice is to distribute across three (or more depending on the number of members) centers. If the cost of the third data center is prohibitive, one distribution possibility is to evenly distribute the data bearing members across the two data centers and store the remaining member in the cloud if your company policy allows.
Start each member of the replica set with the appropriate options.
For each member, start a mongod instance with the following settings:
Set
replication.replSetNameoption to the replica set name,If your application connects to more than one replica set, each set should have a distinct name. Some drivers group replica set connections by replica set name.
Set
net.bindIpoption to the ip or a comma-delimited list of ips, andSet any other settings as appropriate for your deployment.
In this tutorial, the three mongod instances are associated with the following hosts:
| Replica Set Member | Hostname |
|---|---|
| Member 0 | mongodb0.example.net |
| Member 1 | mongodb1.example.net |
| Member 2 | mongodb2.example.net |
The following example specifies the replica set name and the ip binding through the --replSet and --bind_ip command-line options:
Warning
Before binding to a non-localhost (e.g. publicly accessible) IP address, ensure you have secured your cluster from unauthorized access. For a complete list of security recommendations, see Security Checklist. At minimum, consider enabling authentication and hardening network infrastructure.
For <ip address>, specify the ip address or hostname for your mongod instance that remote clients (including the other members of the replica set) can use to connect to the instance.
Alternatively, you can also specify the replica set name and the ip addresses in a configuration file:
To start mongod with a configuration file, specify the configuration file’s path with the --config option:
In production deployments, you can configure a init script to manage this process. Init scripts are beyond the scope of this document.
Connect a mongo shell to one of the mongod instances.
From the same machine where one of the mongod is running (in this tutorial, mongodb0.example.net), start the mongo shell. To connect to the mongod listening to localhost on the default port of 27017, simply issue:
Depending on your path, you may need to specify the path to the mongo binary.
Initiate the replica set.
From the mongo shell, run rs.initiate() on replica set member 0.
Important
Run rs.initiate() on just one and only one mongod instance for the replica set.